Show Menu
Cheatography

CompTIA ITF+ Exam Objectives Cheat Sheet by

This cheatsheet is organised according to the exam objectives/map from the CompTIA website

1.1 Compare and contrast notational systems.

Binary
Data type support 1-bit storage, repres­­enting FALSE and TRUE
 
Boolean logic is a statement that resolves to a true or false condition and underpins the branching and looping features of computer code.
Hexade­­cimal
Notational system with 16 values per digit. Values above 9 are repres­­ented by the letters A,B,C,­­D,E,F.
 
Hex is a compact way of referring to long byte values, such as MAC and IPv6 addresses.
Float
Data type supporting storage of floating point numbers (decimal fracti­­ons).
ASCII
7-bit code page mapping binary values to character glyphs
 
Standard ASCII can represent 127 charac­­ters, though some values are reserved for non-pr­­inting control charac­­ters.
Unicode
Extensible system of code pages capable of repres­­enting millions of character glyphs, allowing for intern­­at­ional alphabets.

1.2 Data types and their charac­ter­istics

Char
Data type supporting storage of a single character.
String
Data type supporting storage of a variable length series of charac­­ters.
Integer
Data type supporting storage of whole numbers.
Float
Data type supporting storage of floating point numbers (decimal fracti­­ons).
Boolean
Data type support 1-bit storage, repres­­enting FALSE and TRUE
 
Boolean logic is a statement that resolves to a true or false condition and underpins the branching and looping features of computer code.

1.3 Basics of computing and proces­sing.

Input
the computer receives data entered by the user through peripheral devices, such as mice, keyboards, scanners, cameras, and microp­hones.
Processing
the data is written to memory and manipu­lated by the CPU, acting on instru­ctions from the operating system and applic­ations software.
Output
the processed data is shown or played to the user through an output device, such as a monitor or loudsp­eaker system.
Storage
the data may be written to different types of storage devices, such as hard disks or optical discs, because data stored in most types of system memory is only preserved while the computer is powered on.
Additi­onally, most computers are configured in networks, allowing them to exchange data. You can think of networking as a special class of input and output, but it is probably more helpful to conceive of it as a separate function.

1.4 Vallue of data and inform­ation

Data and inform­ation as assets
For organi­sat­ions, computer data can be considered an asset
 
An asset is something of commercial value
Investing in security
A mechanism designed to protect an inform­ation asset or processing system is called a security control
 
they are designed to prevent, deter, detect, and/or recover from attempts to view or modify data without author­iza­tion.
 
can be costly, both in terms of purchasing hardware and software and in terms of more complex procedures and staff training.
Return on Security Investment (ROSI)
This is the calcul­ation made for the case of investing in security.
 
This is done by performing risk assess­ments to work out how much the loss of data would cost and how likely it is that data loss might occur.
 
The use of security controls should reuce the impact and likelihood of losses, justifying the investment made
Security Controls
Backup
ensure that you maintain copies of your data and that these copies can be quickly and easily accessed when necessary.
Access control
The control of access to stored data via:
 
Permis­sions
assign permis­sions on data files to users and groups of users.
 
Usage restri­ctions
use rights management software to control what users can do with data files
 
Data encryption
data is encoded in some way that only a person with the correct key can read it

1.5 Common units of measure.

Data storage Units
The fundam­­ental unit of data storage is the bit (binary digit) which can represent 1 or 0
 
Bit
basic unit of computer data
   
can represent two values (zero or one)
 
Byte
8 bits
   
The first multiple of bits
 
Double byte
16 bits
 
KiloByte (KB)
1000 bytes
   
(or 103 or 101010 bytes)
   
Small files are often measured in KB.
 
MegaByte (MB)
1000 KB
   
1000*1000 bytes
   
(or 1,000,000 bytes)
   
Many files would be measured in megabytes.
 
GigaByte (GB)
1000 MB
   
100010001000 bytes
   
(1,000­,00­0,000 bytes)
   
Gigabytes are usually used to talk about disk capacity.
 
TeraByte (TB)
1000 GB
   
(1,000­,00­0,0­00,000 bytes)
   
ome individual disk units might be 1 or 2 terabytes but these units are usually used to describe large storage networks.
 
PetaByte (PB)
1000 TB
   
or 1015 bytes (1,000­,00­0,0­00,­000,000 bytes)
   
The largest storage networks and cloud systems would have petabytes of capacity.
Throughput Rate Units/­Tra­nsfer Rate
rate that a particular connection can sustain is measured in bits per second (bps)
 
The amount of data that can be transf­­erred over a network connection in a given amount of time, typically measured in bits or bytes per second (or some more suitable multiple thereof).
 
described variously as data rate, bit rate, connection speed, transm­­ission speed, or (sometimes inaccu­­ra­tely) bandwidth or baud
 
often quoted as the peak, maximum, theore­­tical value; sustained, actual throughput is often consid­­erably less.
 
Kbps (or Kb/s)
1000 bits per second
   
Older computer peripheral interfaces (or buses) and slow network links would be measured in Kbps.
 
Mbps (or Mb/s)
1000Kbps
   
1,000,000 bits per second.
   
Many internal computer interfaces have throug­hputs measured in Mbps
   
Wireless networks and reside­ntial Internet links also typically have this sort of throug­hput.
 
Gbps (or Gb/s)
1000Mpbs
   
1,000,­000,000 bits per second
   
The latest PC bus standards and networks can support this higher level of throug­hput.
 
Tbps (or Tb/s)
1000Gbps
   
1,000,­000­,00­0,000 bits per second
   
This sort of capacity is found in major teleco­mmu­nic­ations links between data centers, cities, and countries.
Throughput units are always base 10.
Processing Speed Units
A computer's internal clock and the speed at which its processors work is measured in units of time called Hertz (Hz). 1 Hz represents one cycle per second.
 
Megahertz (MHz)
1 million (1,000­,000) cycles per second.
   
Older PC bus interfaces and many types of network interfaces work at this slower signaling speed.
 
Gigahertz (GHz)
1000 million (1,000­,00­0,000) cycles per second.
   
Modern CPUs and bus types plus fiber-­optic network equipment work at these much faster speeds.

1.6 Explain the troubl­esh­ooting method­ology.

Troubl­esh­ooting is a process of problem solving. It is important to realize that problems have causes, symptoms, and conseq­uences. For example:
CompTIA Troubl­esh­ooting Model
1. Identify the problem:
Gather inform­ation.
 
Duplicate the proble­m(o­bserve as it occurs. via remote desktop, lab system or VM)
 
Question users (how, when, who, changes)
 
Identify symptoms.
 
Determine if anything has changed.
 
Approach multiple problems indivi­dually. - if problems related, treat each as a separate case. if related, check for outsta­nding support or mainte­nance tickets.)
2. Research knowledge base/I­nternet
observe in operation via remote desktop or in-person
 
View system, applic­ation, or network log files.
 
Monitor other support requests to identify similar problems
Unders­tanding the Problem
determine a theory of probable cause from analysis of the symptoms
3. Establish a theory of probable cause
Question the obvious.
 
Step through the process of using the system or applic­ation making sure that you verify even the simplest steps by questi­oning the obvious
 
Consider multiple approa­ches.
 
Divide and conquer( Using tests to helps you more quickly identify probable causes.)
 
Workar­ounds (provides a way for the user to continue to work with the system)
4. Test the theory to determine cause.
Once the theory is confirmed (confirmed root cause), determine the next steps to resolve the problem.
 
If the theory is not confirmed, establish a new theory or escalate.
 
establish a root cause for the problem
5. Establish a plan of action to resolve the problem and identify potential effects.
establish a plan of action to eliminate the root cause without destab­ilizing some other part of the system.
 
Repair
you need to determine whether the cost of repair­/time taken to reconf­igure something makes this the best option.
 
Replace
often more expensive and may be time-c­ons­uming if a part is not available. There may also be an opport­unity to upgrade the device or software.
 
Ignore
as any software developer will tell you, not all problems are critical. If neither repair nor replace is cost-e­ffe­ctive, it may be best either to find a workaround or just to document the issue and move on.
6.Implement the solution or escalate as necessary.
Your plan of action should contain the detailed steps and resources required to implement the solution. As well as these practical steps, you have to consider the issue of author­ization
 
If applying the solution is disruptive to the wider network, you also need to consider the most approp­riate time to schedule the reconf­igu­ration work and plan how to notify other network users.
7. Verify full system functi­onality and, if applic­able, implement preventive measures.
identify the results and effects of the solution
 
Ensure that you were right and that the problem is resolved
 
Restate what the problem was and how it was resolved then confirm with the customer that the incident log can be closed.
 
To fully solve the root cause of a problem, you should try to eliminate any factors that may cause the problem to recur.
6. Document findin­gs/­lessons learned, actions and outcomes.
it is important that inform­ation about the problem, tests performed, and attempted resolu­tions are recorded
 
when a problem is resolved, a complete record exists docume­nting the symptoms, possible causes invest­igated, and the ultimate resolution

2.1 types of input/­output device interfaces

Networking
Wired
RJ (Regis­­tered Jack) Connector
Ethernet Connector
used for twisted pair cabling. 4-pair network cabling uses the larger RJ-45 connector.
 
Modem/­­te­l­e­phone
2=pair cabling uses the RJ-11 connector.
Wireless
Bluetooth
Short-­­range radio-­­based techno­­logy, working at up to 10m (30 feet) at up to 1 Mbps used to connect periph­­erals (such as mice, keyboards, and printers) and for commun­­ic­ation between two devices (such as a laptop and smartp­­hone).
 
The advantage of radio-­­based signals is that devices do not need line-o­­f-­s­ight, though the signals can still be blocked by thick walls and metal and can suffer from interf­­erence from other radio sources operating at the same frequency (2.4 GHz)
 
Bluetooth Low Energy (BLE) is designed for small batter­­y-­p­o­wered devices that transmit small amounts of data infreq­­uently
 
BLE is not backwa­­rd­s­-­co­­mpa­­tible with "­­cl­a­s­si­­c" Bluetooth though a device can support both standards simult­­an­e­o­usly.
RFID (Radio Frequency Identi­­fi­c­a­tion)
A chip allowing data to be read wirele­­ssly.
NFC (Nearfield Commun­­ic­a­t­ions)
Standard for peer-t­­o-peer (2-way) radio commun­­ic­a­tions over very short (around 4") distances, facili­­tating contac­­tless payment and similar techno­­lo­gies.
 
NFC is based on RFID.
Peripheral devices
USB (Universal Serial Bus)
USB permits the connection of up to 127 different periph­­erals. A larger Type A connector attaches to a port on the host; Type B and Mini- or Micro- Type B connectors are used for devices.
 
USB 1.1 supports 12 Mbps while USB 2.0 supports 480 Mbps and is backward compatible with 1.1 devices (which run at the slower speed).
 
USB devices are hot swappable.
(Hot swappable: a device that can be added or removed without having to restart the operating system)
 
A device can draw up to 2.5W power.
 
USB 3.0 defines a 4.8 Gbps SuperSpeed rate and can deliver 4.5W power.
Firewire (IEEE 1394 Standard)
This serial SCSI bus standard supports high data rates (up to 400 Mbps) and this in turn, makes it attractive for applic­­ations requiring intensive data transfer (such as video cameras, satellite receivers, and digital media players).
 
Firewire is the brand name for the IEEE standard 1394.
Thunde­­rbolt
interface was developed by Intel and is primarily used on Apple workst­­ations and laptops.
 
can be used as a display interface (like Displa­­yPort) and as a general peripheral interface (like USB 3).
Graphic Devices
VGA (Video Graphics Array) Connector
A 15-pin HD connector has been used to connect the graphics adapter to a monitor since 1987.
HDMI (High Definition Multimedia Interface)
High-s­­pe­c­i­fi­­cation digital connector for audio-­­video equipment.
Digital Visual Interface (DVI)
high-q­uality digital interface designed for flat-panel display equipment.
 
Single- or dual-l­ink­—du­al-link makes more bandwidth available. This may be required for resolu­tions better than HDTV (1920x­1200).
 
Analog and/or digita­l—DVI-I supports analog equipment (such as CRTs) and digital. DVI-A supports only analog equipment, and DVI-D supports only digital.
 
DVI has been superseded by HDMI and Displa­yPo­rt/­Thu­nde­rbolt but was very widely used on graphics adapters and computer displays.
Displa­yPort
royalt­y-free standard intended to "­com­ple­men­t" HDMI.
 
uses a 20-pin connector.
 
A DP++ port allows a connection with DVI-D and HDMI devices (using a suitable adapter cable)
mini Displa­yPort format (MiniDP or mDP)
developed by Apple and licensed to other vendors.
 
uses the same physical interface as Thunde­rbolt

2.2 Set up periph­erals

Plug-a­­nd­-Play (PnP)
A Plug-a­­nd­-Play system (compr­­ising a compatible BIOS, operating system, and hardware) is self-c­­on­f­i­gu­­ring.
Mouse
A mouse can be interfaced using a PS/2, USB, or wireless (IrDA or Bluetooth) port.
 
Optical mouse—this uses LEDs to detect movement over a surface.
 
Laser mouse—this uses an infrared laser, which gives greater precision than an optical mouse.
 
essential device to implement a WIMP GUI, a mouse simply controls the movement of a cursor that can be used to select objects from the screen.
 
also feature a scroll wheel.
 
All Windows mice feature two click buttons, which are configured to perform different actions.
 
A standard mouse does not need a special driver installing and basic settings can be configured using the Mouse applet in Control Panel/­Set­tings
 
many different designs and layouts for different countries. Some keyboards feature special keys.
Keyboard
Desktop keyboards can have PS/2, USB, or wireless (IrDA or Bluetooth) interf­­aces
 
to access and configure extra buttons on some mice you will need to install the manufa­ctu­rer's driver.
 
When a hardware device is added or removed, the operating system detects the change and automa­­ti­cally installs the approp­­riate drivers
 
use the Keyboard applet in Control Panel to configure it.
Keyboard Region­ali­zation
can vary from country to country
 
type of keyboard layout is configured through the Language applet in Control Panel/­Setting
 
key combo (START­+SP­ACEBAR in Windows 10) can be used to switch between the different layouts(if enabled)

2.3 Internal computing components

Mother­­board
provides the basic foundation for all of the computer's hardware including the processor, RAM, BIOS, and expansion cards.
BIOS (Basic Input/­­Output System)
The BIOS is firmware that contains programs and inform­­ation relating to the basic operation of PC components such as drives, keyboard, video display, and ports.
 
It also contains specific routines to allow set-up config­­ur­ation to be viewed and edited and it contains the self-d­­ia­g­n­ostic Power-On Self-Test (POST) program used to detect fundam­­ental faults in PC components
 
BIOS can also be used to secure components not protected by the OS by specifying a supervisor password (to prevent tampering with BIOS settings) and a user password (to boot the PC).
RAM (Random Access Memory)
Random Access Memory is the principal storage space for computer data and program instru­­ctions
 
RAM is generally described as being volatile in the sense that once power has been removed or the computer has been rebooted, data is lost.
ARM (Advanced RISC Machines)
Designer of CPU and chipset archit­­ec­tures widely used in mobile devices.
 
RISC stands for Reduced Instru­­ction Set Computing.
 
RISC microa­­rc­h­i­te­­ctures use simple instru­­ctions processed very quickly
 
This contrasts with Complex (CISC) microa­­rc­h­i­te­­ctures, which use more powerful instru­­ctions but process each one more slowly.
32-bit versus 64-bit
Processing modes referring to the size of each instru­­ction processed by the CPU. 32-bit CPUs replaced earlier 16-bit CPUs and were used through the 1990s to the present day, though most CPUs now work in 64-bit mode.
 
The main 64-bit platform is called AMD64 or EM64T (by Intel)
 
This platform is supported by 64-bit versions of Windows as well as various Linux distri­­bu­tions
 
Software can be compiled as 32-bit or 64-bit. 64-bit CPUs can run most 32-bit software but a 32-bit CPU cannot execute 64-bit software.
HDD (Hard Disk Drive)
High capacity units typically providing persistent mass storage for a PC (saving data when the computer is turned off).
 
Data is stored using platters with a magnetic coating that are spun under disk heads that can read and write to locations on each platter (sectors)
 
A HDD installed within a PC is referred to as the fixed disksA HDD installed within a PC is referred to as the fixed disks
 
HDDs are often used with enclosures as portable storage or as Network Attached Storage (NAS).HDDs are often used with enclosures as portable storage or as Network Attached Storage (NAS).
SD (Secure Digital) CardSD (Secure Digital) Card
One of the first types of flash memory card.
Solid State Drive (SSD)
use a type of transi­sto­r-based memory called flash memory and are much faster than HDDs.
Cooling Device
A CPU generates a large amount of heat that must be dissipated to prevent damage to the chip
 
Generally, a CPU will be fitted with a heatsink (a metal block with fins) and fan
 
Thermal compound is used at the contact point between the chip and the heatsink to ensure good heat transfer.
 
The PSU also incorp­­orates a fan to expel warm air from the system.
 
Modern mother­­boards have temper­­ature sensors that provide warning of overhe­­ating before damage can occur.
 
Very high perfor­­mance or overcl­­ocked systems or systems designed for quiet operation may require more sophis­­ti­cated cooling systems, such as liquid cooling.
 
Cooling systems that work without electr­­icity are described as passive; those requiring a power source are classed as active.
Liquid Cooling System
Using water piped around the PC and heatsinks for cooling.
 
This is more efficient and allows for fewer fans and less noise.
Graphics Processing Unit (GPU)
display functions are often performed by a dedicated processor
 
Displays high-r­eso­lution images that requires a lot of processing power, especially if the image changes rapidly, as with video, or uses compli­cated 3D and texture effects, as with computer games.
Video Card
Provides the interface between the graphics components of the computer and the display device.
 
A number of connectors may be provided for the display, including VGA, DVI, and HDMI.
 
Graphics adapters receive inform­­ation from the microp­­ro­c­essor and store this data in video RAM.
 
An adapter may support both analog and digital outputs or analog­­/d­i­gital only (as most LCDs use digital inputs the use of analog outputs is declin­­ing).
 
Most adapters come with their own processor (Graphics Processing Unit [GPU]) and onboard memory.
Network Adapter (NIC [Network Interface Card])
The network adapter allows a physical connection between the host and the transm­­ission media
 
A NIC can address other cards and can recognize data that is destined for it, using a unique address known as the Media Access Control (MAC) address
 
The card also performs error checking. Network cards are designed for specific types of networks and do not work on different network products.
 
Different adapters may also support different connection speeds and connector types.

2.4 Internet service types.

Fiber Optic
perform much better over long distances and are not affected by noise in the way that electrical signals over copper cable are.
Fiber to the Home (FTTH)
providing a fiber cable all the way to customer premises
 
requires substa­ntial investment by the telecom providers and is not widely available.
Fiber to the Curb (FTTC)
a compromise solution widely deployed in urban and some rural areas.
 
provider has installed a fiber network termin­ating at a cabinet somewhere in a nearby street
 
Each residence is connected to the fiber network over the ordinary copper telephone cabling using Very High Bit Rate DSL (VDSL)
Very High Bit Rate DSL (VDSL)
VDSL supports a downlink of up to 52 Mbps and an uplink of 16 Mbps at a distance of up to about 300m.
 
VDSL2 also specifies a very short range (100m/300 feet) rate of 100 Mbps (bi-di­rec­tio­nal).
 
The VDSL Internet modem/­router is connected in much the same way as an ADSL modem/­router.
Cable (Hybrid Fiber Coax)
usually provided as part of a Cable Access TV (CATV) service
 
These networks are often described as Hybrid Fiber Coax (HFC) as they combine a fiber optic core network with coax links to customer premises equipment
 
Coax is another type of copper cable but manufa­ctured in a different way to twisted pair.
 
The cable modem or modem/­router is interfaced to the computer through an Ethernet adapter and to the cable network by a short segment of coax, terminated using an F-conn­ector.
 
Cable based on the Data Over Cable Service Interface Specif­ication (DOCSIS) version 3.0 supports downlink speeds of up to about 1.2 Gbps.
Digital Subscriber Line (DSL)
one of the most popular SOHO Internet service types.
 
works over an ordinary telephone line, providing the line is of sufficient quality
 
modem/­router is connected to the telephone line using a cable with RJ-11 connectors between the WAN port on the router and the telephone point
 
Data is transf­erred over the line using the high frequency ranges that voice calls don't need to use.
ADSL (Asymm­etric DSL)
the uplink (up to about 1.4 Mbps) is slower than the downlink (up to about 24 Mbps)
 
The speeds achievable rely heavily on the quality of the telephone wiring and the distance to the local telephone exchange.
 
The maximum supported distance is about three miles.
RF (Radio Frequency)
Radio waves propagate at different freque­ncies and wavele­ngths.
 
Wi-Fi network products typically work at 2.4 GHz or 5 GHz
Satellite
System of microwave transm­issions where orbital satellites relay signals between terres­trial receivers or other orbital satell­ites.
 
Satellite internet connec­tivity is enabled through a reception antenna connected to the PC or network through a DVB-S modem.
Cellular Radio
data connec­tions use radio transm­issions but at greater range than Wi-Fi.
 
more closely associated with Internet access for cell phones and smartp­hones than with computers.
 
makes a connection using the nearest available transm­itter (cell or base station).
 
ach base station has an effective range of up to 5 miles (8 km)
 
The transm­itter connects the phone to the mobile and public switched telephone networks (PSTN)
 
Cellular radio works in the 850 and 1900 MHz frequency bands (mostly in the Americas) and the 900 and 1800 MHz bands (rest of the world).
LTE (Long Term Evolution)
LTE is the cellular providers (3GPP) upgrade to 3G techno­logies such as W-CDMA and HSPA
 
LTE Advanced is designed to provide 4G standard network access.
 
developed in two competing formats, establ­ished in different markets:
GSM (Global System for Mobile Commun­ica­tio­n)-­allows subscr­ibers to use a SIM (Subsc­riber Identity Module) card
   
TIA/EIA IS-95 (cdmaO­ne)­-based handsets. managed by the provider not the SIM. CDMA adoption is largely restricted to the telecom providers Sprint and Verizon.

2.5 Storage types.

Volatile Memory
stores data and computer programs that the CPU may need in real-time, and it erases them once a user switches off the computer.
 
Dynamic RAM
 
RAM(Random Access Memory)
 
Cache
Non-Vo­latile Memory
Static memory - remains in a computer even after a user switches it off.
 
HDD
 
SSD
Local Storage Types:
RAM (Random Access Memory)
Random Access Memory is the principal storage space for computer data and program instru­ctions.
 
RAM is generally described as being volatile in the sense that once power has been removed or the computer has been rebooted, data is lost.
DRAM (Dynamic RAM)
Dynamic RAM is a type of volatile memory that stores data in the form of electronic charges within transi­­stors
 
Due to the effects of leakage and the subsequent loss of electrical charge, DRAM has to be refreshed at regular intervals.
 
Memory refreshing can be performed when the data bits are accessed regularly, but this periodic access slows down the operation of this memory type.
 
Standard DRAM is the lowest common denomi­­nator of the DRAM types.
 
Modern PCs use a DRAM derivative to store data (currently DDR2/3 SDRAM).
DDR SDRAM (Double Data Rate SDRAM)
Standard for SDRAM where data is transf­erred twice per clock cycle (making the maximum data rate [64+64] x the bus speed in bps).
 
DDR2/DDR3 SDRAM uses lower voltage chips and higher bus speeds
Flash Memory
Flash RAM is similar to a ROM chip in that it retains inform­ation even when power is removed, but it adds flexib­ility in that it can be reprog­rammed with new contents quickly.
 
has found a popular role in USB thumb drives and memory cards.
 
These tiny cards can provide removable, megabyte or gigabyte storage for devices such as digital cameras.
 
Other evolving uses of flash memory are in Solid State Drives (SSD), designed to replicate the function of hard drives, and hybrid drives (standard hard drives with a multig­igabyte flash memory cache).
Blu-ray (Optical)
Latest generation of optical drive techno­logy, with disc capacity of 25 GB per layer
 
Transfer rates are measured in multiples of 36 MBps.
CD-ROM (Compact Disc - Read Only Memory) (Optical)
optical storage technology
 
The discs can normally hold 700 MB of data or 80 minutes of audio data
 
useful for archiving material
 
Unlike magnetic media, the data on the disc cannot be changed (assuming that the disc is closed to prevent further rewriting in the case of RW media)
 
This makes them useful for preserving tamper­-proof records
UDF (Universal Disk Format)
File system used for optical media, replacing CDFS (ISO 9660).
Removable Media
In order to share files and programs, computers can either be connected to each other (across a direct link or via a network) or must be able store and retrieve files from an interim storage medium
 
The most common types of removable media are floppy disks and optical discs
 
However the term "­rem­ovable media" also covers tape drives, high capacity disks, and removable hard drives
HDD (Hard Disk Drive)­(St­atic)
High capacity units typically providing persistent mass storage for a PC (saving data when the computer is turned off)
 
Data is stored using platters with a magnetic coating that are spun under disk heads that can read and write to locations on each platter (sectors)
 
A HDD installed within a PC is referred to as the fixed disks. HDDs are often used with enclosures as portable storage or as Network Attached Storage (NAS)
SSD (solid­-state drive)
non-vo­latile storage media stores persistent data on solid-­state flash memory
 
signif­icantly faster
 
With an SSD, the device's operating system will boot up more rapidly, programs will load quicker and files can be saved faster.
 
has no moving parts to break or spin up or down. The two key components in an SSD are the flash controller and NAND flash memory chips.
 
read and write data to an underlying set of interc­onn­ected flash memory chips. These chips use floating gate transi­stors (FGTs) to hold an electrical charge, which enables the SSD to store data even when it is not connected to a power source. Each FGT contains a single bit of data, designated either as a 1 for a charged cell or a 0 if the cell has no electrical charge.
NAS (Network Attached Storage)
a storage device with an embedded OS that supports typical network file access protocols (TCP/IP and SMB for instance).
 
These may be subject to exploit attacks (though using an embedded OS is often thought of as more secure as it exposes a smaller attack "­foo­tpr­int­").
 
The unauth­orized connection of such devices to the network is also a concern.
File Server
In file server based networks, a central machine(s) provides dedicated file and print services to workst­ations.
 
Benefits of server­-based networks include ease of admini­str­ation through centra­liz­ation.
Cloud Computing
Any enviro­nment where software (Software as a Service and Platform as a Service) or comput­er/­network resources (Infra­str­ucture as a Service and Network as a Service) are provided to an end user who has no knowledge of or respon­sib­ility for how the service is provided.
 
provide elasticity of resources and pay-pe­r-use charging models.
 
Cloud access arrang­ements can be public, hosted private, or private (this type of cloud could be onsite or offsite relative to the other business units).
Cloud-­based Storage
There are also busine­ss-­ori­ented solutions, such as DropBox and Amazon
 
These services are typically operated with a browser or smartp­hon­e/t­ablet app.
 
In Windows 10, a cloud storage client (OneDrive) is built into the OS and can be accessed via File Explorer.

2.6 Computing devices and their purposes

Mobile Device
Portable phones and smart phones can be used to interface with workst­­ations using techno­­logies such as Bluetooth or USB.
 
As such, they are increa­­singly the focus of viruses and other malware
 
Portable devices storing valuable inform­­ation are a consid­­erable security risk when taken offsite.
Tablet
A type of ultra-­­po­r­table laptop with a touchs­­creen
 
usually based on form factors with either 7" or 10" screens
 
A phablet is a smaller device (like a large smartp­­hone).
Laptop­­/N­o­t­ebook
portable computer offering similar functi­­on­ality to a desktop computer
 
comes with built-in LCD screens and input devices (keyboard and touchpad)
 
can be powered from building power (via an AC Adapter) or by a battery
 
Peripheral devices can be connected via USB, PCMCIA, or Expres­­sCard adapters.
Workst­ation
type of PC is housed in a case that can sit on or under a desk
 
often referred to as desktop PCs or just as desktops
Server
provides shared resources on the network and allows clients to access this inform­ation.
 
The advantage of a server­-based system is that resources can be admini­stered and secured centrally.
 
must be kept secure by careful config­uration (running only necessary services) and mainte­nance (OS and applic­ation updates, malwar­e/i­ntr­usion detection, and so on).
 
Where a network is connected to the Internet, servers storing private inform­ation or running local network services should be protected by firewalls so as not to be accessible from the Internet.
Gaming Consoles
contains many of the same components as a workst­ation.
 
have powerful CPUs and graphics proces­sors, plus Ethernet and Wi-Fi for wired and wireless home networking and Internet connec­tivity
 
Web cameras and microp­hones are also available as periph­erals
 
The main difference to a workst­ation is that a console is designed to be operated by a gaming pad rather than a keyboard and mouse, though these are often also available as options. A gaming console would use an HD (High Defini­tion) TV for a display.
Internet of Things (IoT)
a world in which many different types of things are embedded with processing and networking functi­onality
 
Processing and networking functi­onality can be provis­ioned by very small chips, so the "­thi­ngs­" can range from motor vehicles and washing machines to clothing and birthday cards.
 
The global network of personal devices (such as phones, tablets, and fitness trackers), home applia­nces, home control systems, vehicles, and other items that have been equipped with sensors, software, and network connec­tivity.
Home Automation
from a clock to an alarm system or a refrig­erator can be controlled over the Internet by home automation software
 
sitting at the heart of this automa­tion, is a smart hub to which other devices connect
 
usually controlled using voice recogn­ition systems and smartphone apps.
 
specific home automation product categories include:
Thermo­sta­ts—­monitor and adjust your home or office Heating, Ventil­ation, and Air Condit­ioning (HVAC) controls from an app installed on your phone.
   
Security system­s—m­onitor and control alarms, locks, lighting, and videophone entry systems remotely.
   
IP camera­s—often used for security, these devices connect to Internet Protocol (IP)-based networks such as the Internet and support direct upload and sync to cloud storage for remote monito­ring.
   
Home applia­nce­s—check the contents of your refrig­erator from your smartphone while out shopping or start the washing machine cycle so that it has finished just as you get back to your house.
   
Streaming media—play content stored on a storage device through any smart speaker or TV connected to the home network.
 
Medical devices
class of devices where use of electr­onics to remotely monitor and configure the appliance is expanding rapidly.
   
hospitals and clinics but includes portable devices such as cardiac monito­rs/­def­ibr­ill­ators and insulin pumps.
   
allow doctors and nurses to remotely monitor a patient and potent­ially to adjust dosage levels or other settings without the patient having to visit the care provider.

2.7 Basic networking concepts

IP (Internet Protocol)
Network (internet) layer protocol in the TCP/IP suite providing packet addressing and routing for all higher level protocols in the suite
Packet Transm­iss­ion­/Packet Switching Network
Packet switching introduces the ability for one computer to forward inform­ation to another.
 
To ensure inform­ation reaches the correct destin­ation, each packet is addressed with a source and destin­ation address and then transf­erred using any available pathway to the destin­ation computer
 
A host capable of performing this forwarding function is called a router.
 
described as "­rob­ust­" because it can automa­tically recover from commun­ication link failures.
 
It re-routes data packets if transm­ission lines are damaged or if a router fails to respond. It can utilize any available network path rather than a single, dedicated one.
 
As well as the forwarding function and use of multiple paths, data is divided into small chunks or packets.
 
Using numerous, small packets means that if some are lost or damaged during transm­ission, it is easier to resend just the small, lost packets than having to re-tra­nsmit the entire message.
DNS (Domain Name System)
This industry standard name resolution system provides name to IP address mapping services on the Internet and large intranets.
 
DNS is a hierar­chical, distri­buted database. DNS name servers host the database for domains for which they are author­ita­tive.
 
Root servers hold details of the top-level domains. DNS servers also perform queries or lookups to service client requests
 
The DNS protocol defines the mechanisms by which DNS servers and clients interact
 
The DNS protocol utilizes TCP/UDP port 53.
URL (Uniform Resource Locato­r/I­den­tifier)
Applic­ati­on-­level addressing scheme for TCP/IP, allowing for human-­rea­dable resource addressing
 
For example: protoc­ol:­//s­erv­er/­file, where "­pro­toc­ol" is the type of resource (HTTP, FTP), "­ser­ver­" is the name of the computer (www.m­icr­oso­ft.c­om), and "­fil­e" is the name of the resource you wish to access.
 
The term URI (Uniform Resource Indicator) is preferred in standards docume­ntation but most people refer to these addresses as URLs.
A URL consists of the following parts:
Protocol
this describes the access method or service type being used. URLs can be used for protocols other than HTTP/H­TTPS. The protocol is followed by the characters ://
 
Host location
this could be an IP address, but as IP addresses are very hard for people to remember, it is usually repres­ented by a Fully Qualified Domain Name (FQDN).
   
DNS allows the web browser to locate the IP address of a web server based on its FQDN.
 
File path
specifies the directory and file name location of the resource, if required
   
Each directory is delimited by a forward slash.
   
The file path may or may not be case-s­ens­itive, depending on how the server is config­ured.
   
If no file path is used, the server will return the default (home) page for the website.
WAN (Wide Area Network)
A Wide Area Network is a network that spans a relatively large geogra­phical area, incorp­orating more than one site and often a mix of different media types and protocols.
 
Connec­tions are made using methods such as telephone lines, fiber optic cables, or satellite links
LAN (Local Area Network)
A type of network covering various different sizes but generally considered to be restricted to a single geographic location and owned/­managed by a single organi­zation.
IP Address
Each IP host must have a unique IP address.
 
This can be manually assigned or dynami­cally allocated (using a DHCP server).
 
In IPv4, the 32-bit binary address is expressed in the standard four byte, dotted decimal notation: 10.0.5.1. In IPv6, addresses are 128-bit expressed as hexade­cimal (for example, 2001:d­b8:­:0b­cd:­abc­d:e­f12­:1234).
 
IPv6 provides a much larger address space, stateless autoco­nfi­gur­ation (greatly simpli­fying network admini­str­ation), and replaces ineffi­cient broadcast transm­issions with multicast ones.
MAC (Media Access Control) Address
A MAC is a unique hardware address that is hard-coded into a network card by the manufa­cturer
 
This is required for directing data frames across a network and for allowing the network card to compare destin­ation addresses (coded into the data frame) and its own unique MAC address.
 
A MAC address is 48 bits long with the first half repres­enting the manufa­ctu­rer's Organi­zat­ionally Unique Identifier (OUI)
HTTP
The protocol (HyperText Transfer Protocol) used to provide web content to browsers.
 
HTTP uses port 80. HTTPS provides for encrypted transfers, using SSL and port 443
POP (Post Office Protocol)
TCP/IP applic­ation protocol providing a means for a client to access email messages stored in a mailbox on a remote server.
 
The server usually deletes messages once the client has downloaded them. POP3 utilizes TCP port 110.
IMAP (Internet Message Access Protocol)
TCP/IP applic­ation protocol providing a means for a client to access email messages stored in a mailbox on a remote server.
 
Unlike POP3, messages persist on the server after the client has downloaded them.
 
IMAP also supports mailbox management functions, such as creating subfolders and access to the same mailbox by more than one client at the same time. IMAP4 utilizes TCP port number 143.
SMTP (Simple Mail Transfer Protocol)
The protocol used to send mail between hosts on the Internet. Messages are sent over TCP port 25
Modem (Modul­ato­r/D­emo­dul­ator)
Modems are devices that are used to convert the digital signals from a computer into the approp­riate analog signal that is required for transm­ission over public phone lines - this is called modulation
 
The reverse process, demodu­lation, occurs at the receiving computer
 
Modems are available in internal and external forms for different computer expansion slots and vary in terms of speed and data handling capabi­lities.
Router
Routers are able to link dissimilar networks and can support multiple alternate paths between locations based upon the parameters of speed, traffic loads, and cost.
 
A router works at layer 3 (Network) of the OSI model. Routers form the basic connec­tions of the Internet.
 
They allow data to take multiple paths to reach a destin­ation (reducing the likelihood of transm­ission failure)
 
Routers can access source and destin­ation addresses within packets and can keep track of multiple active paths within a given source and destin­ation network.
 
TCP/IP routers on a LAN can also be used to divide the network into logical subnets
Switch
Ethernet (or LAN) switches perform the functions of a specia­lized bridge.
 
Switches receive incoming data into a buffer then the destin­ation MAC address is compared with an address table.
 
The data is then only sent out to the port with the corres­ponding MAC address.
 
In a switched network, each port is in a separate collision domain and, therefore, collisions cannot occur. This is referred to as micros­egm­ent­ation.
 
Advanced switches perform routing at layers 3 (IP), 4 (TCP), or 7 (Appli­cat­ion).
 
Switches routing at layer 4/7 are referred to as load balancers and content switches.
AP (Access Point)
Device that provides connec­tivity between wireless devices and a cabled network.
 
APs with Internet connec­tivity located in public buildings (cafes, libraries, airports for instance) are often referred to as hotspots.
Firewall
Hardware or software that filters traffic passing into or out of a network (for example, between a private network and the Internet)
 
A basic packet­-fi­ltering firewall works at Layers 3 and 4 (Network and Transport) of the OSI model.
 
Packets can be filtered depending on several criteria (inbound or outbound, IP address, and port number).
 
More advanced firewalls (proxy and stateful inspec­tion) can examine higher layer inform­ation, to provide enhanced security

2.8 Set up a wireless network

Wireless networking
generally understood to mean the IEEE's 802.11 standards for Wireless LANs (WLAN), also called Wi-Fi.
802.11n standard
an use either frequency band and deliver much improved data rates (nominally up to 600 Mbps)
802.11a and 802.11b,
supported data rates of 54 Mbps and 11 Mbps respec­tively.
802.11g
acted as an upgrade path for 802.11b, working at 54 Mbps but also allowing support for older 802.11b clients
802.11a
not as widely adopted but does use a less crowded frequency band (5 GHz) and is considered less suscep­tible to interf­erence than the 2.4 GHz band used by 802.11b/g.
802.11ac
latest standardis now widely supported. 802.11ac access points can deliver up to 1.7 Gbps throughput at the time of writing. 802.11ac works only in the 5 GHz range with the 2.4 GHz band reserved for legacy standards support (802.1­1b/­g/n).
Most SOHO routers support 802.11g/n or 802.11­g/n/ac. This means that you can have a mix of client devices. For example, you might have a new router that supports 802.11ac but computers and tablets with wireless adapters that only support 802.11n. You can use the access point in compat­ibility mode to allow these devices to connect.
Config­uring an Access Point
connect a PC or laptop to one of the LAN ports on the SOHO router.
 
The SOHO router should assign the computer's adapter an Internet Protocol (IP) address using a service called the Dynamic Host Config­uration Protocol (DHCP).
 
Look at the SOHO router's setup guide to find out the router's IP address. Open a web browser and type the router's IP address into the address bar. This should open a management page for you to log on. Enter the user name and password listed in the router's setup guide. Most routers will invite you to complete the config­uration using a wizard, which guides you through the process.
 
Use the System page to choose a new admin password. The admin password is used to configure the router. It is vital that this password be kept secret and secure. You must choose a strong password that cannot be cracked by passwo­rd-­gue­ssing software. Use a long, memorable phrase of at least 12 charac­ters.
 
(Use the System page to choose a new admin password. The admin password is used to configure the router. It is vital that this password be kept secret and secure. You must choose a strong password that cannot be cracked by passwo­rd-­gue­ssing software. Use a long, memorable phrase of at least 12 charac­ters.)
 
Use the Wireless settings page to configure the router as an access point. Having checked the box to enable wireless commun­ica­tions, you can adjust the following settings from the default.
 
SSID (Service Set ID) - a name for the WLAN. This is usually set by default to the router vendor's name. It is a good idea to change the SSID from the default to something unique to your network. Remember that the SSID is easily visible to other wireless devices, so do not use one that identifies you personally or your address. The SSID can be up to 32 charac­ters.
 
Wireless mode—e­nable compat­ibility for different 802.11 devices.
Config­uring Wireless Security
To prevent snooping, you should enable encryption on the wireless network. Encryption scrambles the messages being sent over the WLAN so that anyone interc­epting them is not able to capture any valuable inform­ation. An encryption system consists of a cipher, which is the process used to scramble the message, and a key. The key is a unique value that allows the recipient to decrypt a message that has been encrypted using the same cipher and key. Obviously, the key must be known only to valid recipients or the encryption system will offer no protec­tion.
 
under Encryp­tion, you would select the highest security mode supported by devices on the network.
 
WEP (Wired Equivalent Privac­y)—this is an older standard. WEP is flawed and you would only select this if compat­ibility with legacy devices and software is impera­tive.
 
Wi-Fi Protected Access (WPA)—this fixes most of the security problems with WEP. WPA uses the same weak RC4 (Rivest Cipher) cipher as WEP but adds a mechanism called the Temporal Key Integrity Protocol (TKIP) to make it stronger.
 
WPA2—this implements the 802.11i WLAN security standard. The main difference to WPA is the use of the AES (Advanced Encryption Standard) cipher for encryp­tion. AES is much stronger than RC4/TKIP. The only reason not to use WPA2 is if it is not supported by devices on the network. In many cases, devices that can support WPA can be made compatible with WPA2 with a firmware or driver upgrade.
attenu­ation
The distance between the wireless client (station) and access point determines the attenu­ation (or loss of strength) of the signal
interf­erence
Radio signals pass through solid objects, such as ordinary brick or drywall walls but can be weakened or blocked by partic­ularly dense or thick material and metal. Other radio-­based devices and nearby Wi-Fi networks can also cause interf­erence
Captive Portal
A web page or website to which a client is redirected before being granted full network access
 
The portal might allow limited network browsing, provide an authen­tic­ation mechanism, or provide resources, such as access to patches or signature updates to allow the device to become compliant with network access policies. It can also function as a secondary authen­tic­ation mechanism for open access points.
 
On connec­ting, the user's browser is redirected to a server to enter creden­tials (and possibly payment for access).

3.1 Purpose of operating systems.

Applic­ation
a program, or group of programs, that allow users to perform different tasks, such as web browsing, email, and word processing
 
With an OS, applic­ation software developers do not need to worry about writing routines to access the hard disk or send a document to a printer; they simply "­cal­l" functions of the OS that allow them to do these things.
 
This allows applic­ation software designers to concen­trate on applic­ation functions and makes the computer more reliable
 
One conseq­uence of this is that there are relatively few operating systems, as it takes a lot of work to produce software applic­ations that will work with different systems
 
Applic­ation vendors have to decide which operating systems they will support.
Hardware
Each hardware component requires a driver to wor
 
OS software is built from a kernel of core functions with additional driver software and system utility applic­ations
 
The OS is respon­sible for identi­fying the components installed on the PC and loading drivers to enable the user to configure and use them.
SOHO (Small Office Home Office)
Typically used to refer to network devices designed for small-­­scale LANs (up to 10 users).
Kernel
All operating systems have a kernel
 
which is a low-level piece of code respon­­sible for contro­­lling the rest of the operating system
 
Windows uses a multip­­ro­c­essor aware, pre-em­­ptive multit­­asking kernel.
Mobile device OS
designed for handheld devices, such as smartp­hones and tablets.
Android
Mobile (smart­phone and tablet) OS developed by the Open Handset Alliance (primarily sponsored by Google). Android is open source software.
iOS
Mobile OS developed by Apple for its iPhone and iPad devices
OS X
Operating system designed by Apple for their range of iMac computers, Mac workst­­at­ions, and MacBook portables
 
OS X is based on the BSD version of UNIX
 
OS X is well supported by applic­­ation vendors, especially in the design industry (Adobe­­/M­a­c­ro­­media).
Chrome OS
derived from Linux, via an open source OS called Chromium
 
Chrome OS itself is propri­­etary
 
developed by Google to run on specific laptop (chrom­­eb­ooks) and PC (chrom­­eb­oxes) hardware.
Linux
An open-s­­ource operating system supported by a wide range of hardware and software vendors
Microsoft
world's foremost supplier of operating system and Office produc­­tivity software
 
dominated the PC market since the develo­­pment of the first IBM compatible PCs running MS-DOS.
Workst­ation OS
runs a tradit­ional desktop PC or laptop. Examples include Microsoft Windows, Apple OS X/macOS, Linux, and Chrome OS.
 
The general workst­ation OS types are:
Enterprise client­—de­signed to work as a client in business networks
   
Home client­—de­signed to work on standalone or workgroup PCs and laptops in a home or small office. This will also allow each client to run some basic peer-t­o-peer network services, such as file sharing.
Network Operating System (NOS), or server OS
designed to run on servers in business networks
 
A server OS, such as Windows Server, Linux, or UNIX, is often based on similar code to its workst­ation OS equiva­lent.
 
For example, Windows 10 and Windows Server 2016 are very similar in terms of the OS kernel.
 
A server OS is likely to include software packages (or roles) to run network services and use different licensing to support more users.
 
A server OS is also likely to have a simpler comman­d-line interface, rather than a GUI, to make it more secure and reliable.
Embedded OS
a computer or appliance designed for a very specific function.
 
hese systems can be as contained as a microc­ont­roller in an intrav­enous drip-rate meter or as large and complex as an industrial control system managing a water treatment plant.
 
Embedded systems are typically static enviro­nments. A PC is a dynamic enviro­nment
Firmware
refers to software instru­ctions stored semi-p­erm­anently (embedded) on a hardware device (BIOS instru­ctions stored in a ROM chip on the mother­board for instance).
Hypervisor
also known as a virtual machine monitor or VMM
 
software that creates and runs virtual machines (VMs)
 
allows one host computer to support multiple guest VMs by virtually sharing its resources, such as memory and proces­sing.
Hypervisor Type 1
“bare metal”
 
acts like a lightw­eight operating system and runs directly on the host's hardware
Hypervisor Type 2
runs as a software layer on an operating system, like other computer programs
Disk Management
Disk management • Process manage­men­t/s­che­duling (Kill proces­s/end task) • Memory management • Access contro­l/p­rot­ection
 
The Disk Management snap-in displays a summary of any fixed and removable drives attached to the system. The top pane lists drives; the bottom pane lists disks, showing inform­ation about the partitions created on each disk plus any unpart­itioned space. You can use the tool to create and modify partit­ions, reformat a partition, assign a different drive letter, and so on.
 
one of the snap-ins included with the default Computer Management console
 
you can open the tool directly from the Windows+X menu (or run diskmg­mt.m­sc).
Partitions
allows a single disk to be divided into multiple different logical areas, each of which can be accessed via the OS as a separate drive.
 
A disk must have at least one partition for the OS to use it.
 
each partition must be formatted with a file system so that the OS can read and write files to the drive.
Process
When a program starts (either because it has been scheduled to do so by the OS or opened by a user), the applic­ation code executes in memory as a process
Task Manage­r(t­askmgr)
allows the user to shut down processes that are not respon­ding.
 
An ordinary user can end unresp­onsive applic­ations, but admini­str­ative rights are required to end processes that were started by the system rather than the signed in user
 
This protects the system as things like malware cannot disable anti-virus software
 
In addition to this functi­ona­lity, Task Manager can be used to monitor the PC's key resources.
 
There are various ways to run Task Manager, including pressing CTRL+S­HIF­T+ESC, right-­cli­cking the taskbar, right-­cli­cking the Start button, or pressing Windows+X.
taskkill
Termin­ating a process like this (rather than using the applic­ation's Close or Exit function) is often called "­kil­lin­g" the process.
 
The command line option for doing this in Windows is indeed called taskkill
 
Always try to close or end a task normally before attempting to "­kil­l" it.
Service
a Windows process that does not require any sort of user intera­ction and thus runs in the background (without a window).
 
provide functi­onality for many parts of the Windows OS, such as allowing sign in, browsing the network, or indexing file details to optimize searches
 
may be installed by Windows and by other applic­ations, such as anti-v­irus, database, or backup software.
 
use this snap-in to check which services are running and to start and stop each service or configure its proper­ties, such as whether it starts automa­tically at system boot time.
Task Scheduler
sets tasks to run at a particular time.
 
Tasks can be run once at a future date or time or according to a recurring schedule
 
A task can be a simple applic­ation process (including a command with any options if necessary) or a batch file, also called a script (a file that contains commands).
 
accessed via its own console and can also be found in the Computer Management console.
 
In Linux, the cron utility is often used to run tasks or scripts at a particular time.
Memory Management
When a process executes, it takes up space in system memory.
 
If the system runs out of memory, then processes will be unable to start, and running processes may crash because they cannot load the data they need.
 
There is not a lot to configure in terms of memory manage­ment.
 
Badly written programs and malware can cause a memory leak, where the process keeps claiming memory addresses without releasing them
 
If the system keeps running out of memory, you would use Task Manager or another monitoring program to find the offending process and disable it from running.
Access control
means that a computing device (or any inform­ation stored on the device) can only be used by an authorized person, such as its owner.
 
on workst­ation operating systems is usually enforced by the concept of user accounts
 
Each user of the device is allocated an account and uses a password (or other creden­tial) to authen­ticate to that account.
 
The OS can restrict the privileges allocated to an account so that it is not able to reconf­igure settings or access certain data areas.
Admini­strator account
When the OS is first installed, the account created or used during setup is a powerful local admini­strator account
 
you should only use this account to manage the computer (install applic­ations and devices, perform troubl­esh­ooting, and so on).
Standard users group
You should create ordinary user accounts for day-to-day access to the computer
 
cannot change the system config­uration and are restricted to saving data files within their own user profile folder or the Public profile.
Least privilege principle
users should have only sufficient permis­sions required to perform tasks and no more.
User Account Control (UAC)
Windows' solution to the problem of elevated privileges
 
In order to change important settings on the computer (such as installing drivers or software), admini­str­ative privileges are required.
Device management
Primary interface for config­uring and managing hardware devices in Windows.
 
Device Manager enables the admini­strator to disable and remove devices, view hardware properties and system resources, and update device drivers.
 
You can open Device Manager via the Windows+X menu, locate the device, then right-­click and select Uninstall
 
Or via the Computer Management Console

3.2 Components of an operating system

Services
See 3.1
Processes
See 3.1
Task Scheduler
The Task Scheduler enables the user to perform an action (such as running a program or a script) automa­tically at a pre-set time or in response to some sort of trigger.
Computer Management Console
The Computer Management Console provides tools for admini­stering the local computer, including Device Manager, Event Viewer, Disk Manage­ment, Services, and Perfor­mance Monitor
Command Line Interfaces
The Computer Management Console provides tools for admini­stering the local computer, including Device Manager, Event Viewer, Disk Manage­ment, Services, and Perfor­mance Monitor.
 
represents an altern­ative means of config­uring an OS or applic­ation to a GUI
 
To access the console, alt-click (My) Computer and select Manage.
 
displays a prompt, showing that it is ready to accept a command.
 
When you type the command plus any switches and press ENTER, the shell executes the command, displays any output associated with the execution, and then returns to the prompt.
GUI (Graphical User Interface)
A GUI provides an easy to use, intuitive interface for a computer operating system
 
m. Most GUIs require a pointing device, such as a mouse, to operate efficientl
Device Driver
A small piece of code that is loaded during the boot sequence of an operating system.
 
This code, usually provided by the hardware vendor, provides access to a device, or hardware, from the OS kernel.
 
. Under Windows, a signing system is in place for drivers to ensure that they do not make the OS unstable.
Plug-a­nd-Play (PnP)
A Plug-a­nd-Play system (compr­ising a compatible BIOS, operating system, and hardware) is self-c­onf­iguring
 
When a hardware device is added or removed, the operating system detects the change and automa­tically installs the approp­riate drivers.
Driver update
Device Manager provides the interface for config­uring and managing hardware devices in Windows.
 
In the Device Manager, the admin can disable and remove devices, view hardware properties and systems resources, and update device drivers
 
Windows ships with a number of default drivers and can also try to locate a driver in the Windows Update website
 
third-­party drivers should be obtained from the vendor's website
 
To update, you download the driver files and install them using the supplied setup program or extract them manually and save them to the hard disk. You can then use the device's property dialog in Device Manager to update the driver. You can either scan for the update automa­tically or point the tool to the updated version you saved to the hard disk.
TWAIN
Standard "­dri­ver­" model for interf­acing scanner hardware with applic­ations software.
WIA (Windows Image Acquis­ition)
Driver model and API (Appli­cation Progra­mming Interface) for interf­acing scanner hardware with applic­ations software on Windows PCs
File System
When data is stored on a disk, it is located on that medium in a partic­ular, standa­rdized format.
 
This allows the drive and the computer to be able to extract the inform­ation from the disk using similar functions and thus data can be accessed in a predic­table manner
 
r. Examples of file systems include FAT16, FAT32, and NTFS (all used for hard disks) and CDFS (ISO 9660) and UDF (Universal Disk Format), used for optical media such as CD, DVD, and Blu-ray.
Partition
A discrete area of storage defined on a hard disk using either the Master Boot Record (MBR) scheme or the GUID Partition Table (GPT) scheme.
 
Each partition can be formatted with a different file system, and a partition can be marked as active (made bootable).
NTFS (New Technology Filing System)
The NT File System supports a 64-bit address space and is able to provide extra features such as file-b­y-file compre­ssion and RAID support as well as advanced file attribute management tools, encryp­tion, and disk quotas
FAT (File Allocation Table)
When a disk is formatted using the FAT or FAT32 file system a File Allocation Table (FAT) is written in a particular track or sector
 
r. The FAT contains inform­ation relating to the position of file data chunks on the disk; data is not always written to one area of the disk but may be spread over several tracks.
 
The original 16-bit version (FAT16, but often simply called FAT) was replaced by a 32-bit version that is almost univer­sally supported by different operating systems and devices.
 
A 64-bit version (exFAT) was introduced with Windows 7 and is also supported by XP SP3 and Vista SP1 and some versions of Linux and OS X.
Hierar­chical File System (HFS+)
Apple Mac workst­ations and laptops use the extended Hierar­chical File System (HFS+)
 
the latest macOS version is being updated to the Apple File System (APFS)
ext
Most Linux distri­butions use some version of the ext file system to format partitions on mass storage devices.
 
ext3 is a 64-bit file system with support for journa­ling, which means that the file system tracks changes, giving better reliab­ility and less chance of file corruption in the event of crashes or power outages
 
Support for journaling is the main difference between ext3 and its predec­essor (ext2).
 
ext4 delivers signif­icantly better perfor­mance than ext3 and would usually represent the best choice for new systems.
exFAT
can be used where the NTFS file system is not a feasible solution (due to data structure overhead), but require a greater file size limit than the standard FAT32 file system (i.e. 4 GiB).
 
exFAT has been adopted by the SD Card Associ­ation as the default file system for SDXC cards larger than 32 GiB
 
Along with most of the features of NTFS, less overhead means faster processing for the exFAT file system, making it partic­ularly suitable for flash drives.
Compre­ssion Software
To send or store a file it often needs to be compressed in some way, to reduce the amount of space it takes up on the storage media or the bandwidth required to send it over a network
 
There are a number of compre­ssion utilities and formats
Compre­ssion Formats
zip
this format was developed for the PKZIP utility but is now supported "­nat­ive­ly" by Windows, Mac OS X, and Linux.
   
"­Nat­ive­ly" means that the OS can create and extract files from the archive without having to install a third-­party applic­ation
 
tar
this was originally a UNIX format for writing to magnetic tape (tape archive) but is still used with gzip compre­ssion (tgz or .tar.gz) as a compressed file format for UNIX, Linux, and macOS.
   
A third-­party utility is required to create and decompress tar files in Windows.
 
rar
this propri­etary format is used by the WinRAR compre­ssion program.
 
7z
this type of archive is created and opened using the open-s­ource 7-Zip compre­ssion utility
 
gz
this type of archive is created and opened by the gzip utility, freely available for UNIX and Linux computers.
   
A number of Windows third-­party utilities can work with gzip-c­omp­ressed files.
 
iso
this is a file in one of the formats used by optical media. The main formats are ISO 9660 (used by CDs) and UDF (used by DVDs and Blu-Ray Discs)
   
Many operating systems can mount an image file so that the contents can be read through the file browser.
 
vhd/vmdk
these are disk image file formats used with Microsoft Hyper-V and VMware virtual machines respec­tively.
   
A disk image is a file containing the contents of a hard disk, including separate partitions and file systems
   
Like an ISO, such a file can often be mounted within an OS so that the contents can be inspected via the file browser.
 
dmg
this is a disk image file format used by Apple macOS.
Encryption
Scrambling the characters used in a message so that the message can be seen but not understood or modified unless it can be deciphered
 
Encryption provides for a secure means of transm­itting data and authen­tic­ating users.
 
It is also used to store data securely
 
Encryption systems allow for different levels of security (128-bit encryption is currently considered secure).
Key (Encry­ption)
An encryption cipher scrambles a message (plain­text) using an algorithm
 
The algorithm is given a key so that someone interc­epting the message could not just reverse the algorithm to unscramble the message; they must also know the key. In symmetric encryp­tion, the same key is used for encryption and decryption
 
In asymmetric encryp­tion, different keys are used (one key is linked to but not derivable from the other key).
Full device encryption
Provided by all but the early versions of mobile device OS for smartp­hones and tablets, such as Android and iOS
iOS 5 (and up) Levels of Encryption
All user data on the device is always encrypted, but the key is stored on the device. This is primarily used as a means of wiping the device. The OS just needs to delete the key to make the data inacce­ssible rather than wiping each storage location.
 
Email data and any apps using the "Data Protec­tio­n" option are also encrypted using a key derived from the user's passcode (if this is config­ured). This provides security for data in the event that the device is stolen. Not all user data is encrypted; contacts, SMS messages, and pictures are not, for example.
Data Protection encryption
iOS
 
enabled automa­tically when you configure a password lock on the device
 
In Android, you need to enable encryption via Settings > Security. Android uses full-disk encryption with a passco­de-­derived key. When encryption is enabled, it can take some time to encrypt the device.
Permis­sions
To access files and folders on a volume, the admini­strator of the computer will need to grant file permis­sions to the user (or a group to which the user belongs)
 
File permis­sions are Page 9/16 supported by NTFS-based Windows systems
AAA
Authen­tic­ation, Author­iza­tion, and Accounting - the principal stages of security control. A resource should be protected by all three types of controls.
ACL (Access Control List)
The permis­sions attached to or configured on a network resource, such as folder, file, or firewall
 
The ACL specifies which subjects (user accounts, host IP addresses, and so on) are allowed or denied access and the privileges given over the object (read only, read/w­rite, and so on).
Group Account
A group account is a collection of user accounts
 
These are useful when establ­ishing file permis­sions and user rights because when many indivi­duals need the same level of access, a Page 15/16 group could be establ­ished containing all the relevant users
 
The group could then be assigned the necessary rights.
MAC (Mandatory Access Control)
Access control model where resources are protected by inflex­ible, system defined rules
 
Resources (objects) and users (subjects) are allocated a clearance level (or label)
 
Resources (objects) and users (subjects) are allocated a clearance level (or label)
File naming rules
Naming rules depend on the version of Windows and the file system
 
A file name can be up to 255 characters long and can contain letters, numbers, and unders­cores.
 
The operating system is case-s­ens­itive, which means it distin­guishes between uppercase and lowercase letters in file names. Therefore, FILEA, FiLea, and filea are three distinct file names, even if they reside in the same directory.
 
File names should be as descri­ptive and meaningful as possible.
 
Direct­ories follow the same naming conven­tions as files.
 
Certain characters have special meaning to the operating system. Avoid using these characters when you are naming files. These characters include the following:
/ \ " ' * ; - ? [ ] ( ) ~ ! $ { } &lt > # @ & | space tab newline
 
A file name is hidden from a normal directory listing if it begins with a dot (.). When the ls command is entered with the -a flag, the hidden files are listed along with regular files and direct­ories.
Directory
A file system object used to organize files
 
Direct­ories can be created on any drive (the directory for the drive itself is called the root) and within other direct­ories (subdi­rec­tory)
 
Different file systems put limits on the number of files or direct­ories that can be created on the root or the number of subdir­ectory levels.
 
In Windows, direct­ories are usually referred to as folders.
File
Data used by a computer is stored by saving it as a file on a disk
 
Files store either plain text data or binary data
 
Binary data must only be modified in a suitable applic­ation or the file will be corrupted
 
A file is created by specifying a name
 
Files usually have a three character extension (the last 3 characters in the file named preceded by a period)
 
The file extension is used to associate the file with a particular software applic­ation
 
Files have primary attributes (Read-­Only, System, Hidden, and Archive) and other properties (date created or modified for instance)
 
Files stored on an NTFS partition can have extended attributes (access control, compre­ssion, and encryp­tion).
8.3 Filenames
The DOS file naming standard - an eight-­cha­racter ASCII name followed by a three-­cha­racter file extension (which identifies the file type).
 
Windows supports long file names but can also generate a short file name, based on DOS 8.3 naming rules.
 
. This provides backwards compat­ibility for older applic­ations.
File Permis­sions
supported by NTFS-based Windows systems.

3.3 Purpose and proper use of software

Produc­tivity software
Word processing
applic­ations that help users to write and edit documents
   
will come with features enabling the user to edit, format, and review text quickly.
 
Spread­sheet
A spread­sheet consists of a table containing rows, columns, and cells
   
When values are entered into the cells, formulas can be applied to them, enabling complex calcul­ations to be carried out.
 
Presen­tation
Presen­tation software enables users to create sophis­ticated business presen­tations that can be displayed as an on-screen slide show or printed onto overhead projector transp­are­ncies.
 
Browser
A web browser is software designed to view HTML pages.
   
Browsers must be configured carefully and kept up to date with system patches to make them less vulnerable to Trojans and malicious scripting.
   
As well as the browser itself, plug-in applic­ations that enable use of particular file formats, such as Flash or PDF, may also be vulner­able.
 
Visual diagra­mming
Diagrams are an important means of commun­icating or recording ideas or config­ura­tions clearly
   
software assists the creation of these by providing templates and shapes for different kinds of diagram.
   
user does not have to worry about creating icons or shapes; they can just drag shapes from the template (or stencil) into the diagram and use the software tools to connect them approp­ria­tely.
Collab­oration software
Email client
The email client software works in conjun­ction with an email server, which handles the business of actually transm­itting the messages over the network.
   
often coupled with a Personal Inform­ation Manager (PIM). PIM software provides features for storing and organizing inform­ation, such as contacts and calendar events and appoin­tments.
 
Online Workspaces and Document Storag­e/S­haring
where a file is hosted on a network, and users can sign in to get access to it.
   
Different users might be assigned different permis­sions over the document. For example, some users may be able to view or print the document or add comments to it; others may be able to edit it.
   
The client software provides the user with the tools to view and edit the document.
 
Remote Desktop and Screen Sharing Software
allows a user to connect to a computer over a network.
   
The remote desktop server runs on the target computer.
   
The user starts a remote desktop client applic­ation and enters the connection inform­ation.
   
When the connection is establ­ished, the user can operate the remote computer's desktop via a window on their local computer
   
also used by IT support staff to login to a user's computer to provide support and assistance without having to travel to the user's location.
   
Remote connection utilities can also be used in a "­rea­d-o­nly­" type of mode to facilitate screen sharing. the remote user can view the host's desktop but cannot interact with it. This mode is often used for software demons­tra­tions and for product support.
 
Instant Messaging
Instant Messaging (IM) software allows users to commun­icate in real time. Unlike with email, there is (virtu­ally) no delay between sending and receiving a message. Basic IM software allows for the transfer of text messages and can also be used for file attach­ments.
 
VoIP Software
packages voice commun­ica­tions as data packets, transmits them over the network, then reasse­mbles the packets to provide two-way, real-time voice commun­ica­tion.
   
"­Rea­l-t­ime­" applic­ations such as IM are sensitive to latency, which is the delay in seconds that a packet of data takes to travel over a network
   
IM voice and video calling also requires sufficient bandwidth
   
These factors might be contro­llable on a private network, but on the Internet, where a packet might traverse many different networks to reach its final destin­ation, link quality is more difficult to guarantee.
 
Video Confer­encing
Video confer­encing or Video Teleco­nfe­rencing (VTC) software allows users to configure virtual meeting rooms, with options for voice, video, and instant messaging. Other features often include screen sharing, presen­tat­ion­/wh­ite­board, file sharing, and polls and voting options.
   
Most confer­encing suites also provide a fallback teleco­nfe­rence option, to be used in conjun­ction with the presen­tation features, in case some partic­ipants cannot get a good enough connection for an IP voice or video call.
 
Telepr­esence
a term used to refer to partic­ularly sophis­ticated video confer­encing solutions
   
partic­ipants have a real sense of being in the same room
   
can be achieved by a number of video techno­logies, including HD or 4K resolu­tions, large and/or curved flat-s­creens, and 3D. Emerging techno­logies might make use of virtual reality headsets, holograms, and robotics.
Business Software
Desktop Publishing (DTP
similar to word processing but with more emphasis on the formatting and layout of documents than on editing the text. DTP software also contains better tools for preparing a document to be printed profes­sio­nally.
 
Graphic Design
Often used in conjun­ction with DTP and web design software
 
Computer Aided Design (CAD)
makes technical drawings and schematics easier to produce and revise.
   
Drawings can be rotated or viewed in 3D and easily transm­itted to a client for feedback
   
often linked to Computer Aided Manufa­cturing (CAM) which enables the data produced in CAD drawings to be loaded into a machine which then manufa­ctures the part.
 
Project Management
involves breaking a project into a number of tasks and assigning respon­sib­ili­ties, resources, and timescales to ensure the completion of those tasks
   
also involves identi­fying depend­encies between tasks.
   
Software such as Microsoft Project or Smartsheet assists with this process by visual­izing task timelines and depend­encies and recording inform­ation about task properties and progress.
 
Database
enable the user to store, organize, and retrieve inform­ation.
   
can search through thousands of records very quickly and display data in a format specified by the user
   
can be used to store many different types of inform­ation, such as timeta­bles, customer details, and patient records.
   
The XML (eXten­sible Markup Language) format is also increa­singly important for data storage, as it allows for a high level of integr­ation between different types of systems.
 
Busine­ss-­spe­cific
A company may also commission custom­-made software to implement specific Line of Business (LOB) functions
   
LOB applic­ations would cover functions that cannot be performed by "­off­-th­e-s­hel­f" software.
   
This might include product design and manufa­ctu­ring, fulfilment and inventory control, plus marketing and sales.

3.4 App archit­ecture & delivery models

Applic­ation Delivery Methods
Locally installed
Network not required, Applic­ation exists locally, Files saved locally
   
A tradit­ional PC-type software applic­ation is installed locally to the computer's hard drive.
   
When launched it executes within the computer's memory and is processed by the local CPU.
   
Any data files manipu­lated by the applic­ation can also be stored on the local disk, though usually in a user folder rather than the applic­ation folder.
   
or security reasons ordinary users should not be able to modify applic­ation folders.
   
A locally installed applic­ation such as this does not need network access to run, though obviously the network has to be present if the applic­ation makes use of network features.
 
Local network hosted
Network required, Internet access not required
   
applic­ation installed to a network server and executed on that server.
   
client workst­ations access the applic­ation using a remote terminal or viewer.
   
The most successful example of this kind of applic­ation virtua­liz­ation model is Citrix XenApp. Locating the applic­ation and its data files on a server is easier to secure and easier to backup.
   
This model also does not require that client hosts be able to access the Internet
   
The drawback is that if there is no local network connection or the local network is heavily congested, users will not be able to use the applic­ation.
 
Cloud hosted
Internet access required, Service required, Files saved in the cloud
   
very similar to the local network model except that clients connect to the applic­ation servers over the Internet.
   
provides a lot of flexib­ility in terms of provis­ioning the app to clients located in different regions
   
As with local network applic­ations, user-g­ene­rated data files would normally be saved in the cloud too, with the same benefits for creating security access controls and backing up easily.
   
The drawback is that clients and cloud service must both have a reliable Internet connec­tion. Outages on either side can cause serious produc­tivity problems.
Applic­ation archit­ecture models
One tier(s­tan­dalone)
front-end and processing logic and the database engine are all hosted on the same computer
 
Two-tier
separates the database engine, or back-end or data layer, from the presen­tation layer and the applic­ation layer, or business logic
   
The applic­ation and presen­tation layers are part of the client applic­ation.
   
The database engine will run on one server (or more likely a cluster of servers), while the presen­tation and applic­ation layers run on the client.
 
Three-tier
the presen­tation and applic­ation layers are also split
   
The presen­tation layer provides the client front-end and user interface and runs on the client machine
   
The applic­ation layer runs on a server or server cluster that the client connects to.
   
When the client makes a request, it is checked by the applic­ation layer, and if it conforms to whatever access rules have been set up, the applic­ation layer executes the query on the data layer which resides on a third tier and returns the result to the client.
   
The client should have no direct commun­ica­tions with the data tier.
 
n-tier
used to mean either a two-tier or three-tier applic­ation, but another use is an applic­ation with a more complex archit­ecture still
   
For example, the applic­ation may use separate access control or monitoring services.

3.5 Configure & use web browsers

Cachin­g/c­learing cache
privacy issue is that the browser can be set to store inform­ation typed into forms, including passwords, and retains a history of browsed pages
 
Any user using a publicly accessible computer should be trained to check these settings and to clear the browser cache before logging off.
 
This is done from the browser's settings dialog or config­uration page.
Private Browsing Mode
the browser doesn't store cookies or temporary files and doesn't add pages to the history list
 
does allow the creation of cookies but only ones that are directly connected to the URL you are visiting. It also deletes the cookies when you close the page. Third-­party cookies are not accepted.
 
Private mode does not stop the browser from sending some inform­ation to the website. You cannot avoid the website discov­ering your IP address for instance. For fully "­ano­nym­ous­" browsing, you have to use some sort of Virtual Private Network (VPN) or proxy.
 
You can usually open a private browser tab by pressing CTRL+S­HIFT+P (in Firefox) or CTRL+S­HIFT+N (in Chrome).
Deactivate Client­-side Scripting
Most sites will use server­-side scripting, meaning that code runs on the server to display the page you are looking at.
 
Many sites also depend on client­-side scripting, so there is no way to disable this.
 
This means that code is placed in the page itself and runs within the browser to change the way it looks or provide some other functi­ona­lity.
 
Deacti­vating client­-side scripting tends to break most of the websites published on the Internet because they depend very heavily on the functi­onality that scripting allows.
 
Scripting can be disabled in some browsers by config­uring settings, but others, Micros­oft's new Edge browser for instance, do not allow scripts to be disabled.
 
It is also possible to install a script blocker add-on. This provides more control over which websites are allowed to run scripts.
Browser add-on­s/e­xte­nsions
Add-ons come in several different types:
Extens­ion­s—these can add functi­onality to the browser. They might install a toolbar or change menu options. They can run scripts to interact with the pages you are looking at.
   
Plug-i­ns—­these are designed to play some sort of content embedded in a web page, such as Flash, Silver­light, or other video/­mul­timedia format. The plug-in can only interact with the multimedia object placed on the page, so it's more limited than an extension
   
Themes­—these change the appearance of the browser using custom images and color schemes.
 
You can view installed add-ons and choose to remove or enable­/di­sable them using the browser settings button or menu.
 
All extensions and plug-ins should be digitally signed by the developer to indicate that the code is as-pub­lished. You should be extremely wary of installing unsigned add-ons.
 
about:­addons allows you to add, remove, enable­/di­sable addons
Proxy settings
a network firewall is likely to be deployed to monitor and control all traffic passing between the local network and the Internet. On networks like this, clients might not be allowed to connect to the Internet directly but forced to use a proxy server instead
 
The proxy server can be configured as a firewall and apply other types of content filtering rules.
 
Some proxy servers work transp­arently so that clients use them without any extra config­uration of the client applic­ation
 
Other proxies require that client software, such as the browser, be configured with the IP address and port of the proxy server.
 
This inform­ation would be provided by the network admini­str­ator.
Certif­icates (Valid, Invalid)
When you browse a site using a certif­icate, the browser displays the inform­ation about the certif­icate in the address bar:
 
If the certif­icate is valid and trusted
a padlock icon is shown
   
Click the icon to view inform­ation about the certif­icate and the Certif­icate Authority guaran­teeing it.
 
f the certif­icate is highly trusted
the address bar is colored green
   
High assurance certif­icates make the website owner go through a (even) more rigorous identity validation procedure
 
If the certif­icate is untrusted or otherwise invalid
the address bar is colored maroon and the site is blocked by a warning message
   
If you want to trust the site anyway, click through the warning.
pop-up
a "­sub­-wi­ndo­w" that appears over the main window
 
can be implem­ented using scripts or add-ons
 
can be opened automa­tically by a script running on the page or in response to clicking a link
 
Aggressive use of pop-up windows is associated with spyware and adware
 
These spawn pop-ups when you open the browser, on every site you visit, and when you try to close the browser. They may even re-spawn when you try to close them
Popup blockers
You can control the use of cookies by the websites you visit using browser settings.
 
You can also choose to prevent sites from creating pop-up windows and configure exceptions for this rule. Note that this will not block all types of overlay pop-ups or advert­ising.
 
If you want to have closer control over advert­ising on a site you need to install a suitable browser extension.
Compatible Browser
It is often the case that you will need to have more than one browser installed on your computer.
 
This is not ideal in security terms, as it is better to install as few applic­ations as possible, but circum­stances may demand it.
 
Compat­ibility aside, your choice of browser is largely down to personal prefer­ence.
 
Do make sure you choose a browser whose developer is active in monitoring security issues and providing software updates to fix them.

3.6 General applic­ation concepts & uses

Licensing
Terms governing the instal­lation and use of operating system and applic­ation software
A license may cover use on a single computer or by a number of devices or concurrent users at a site.
 
When you buy software, you must read and accept the license governing its use, often called the End User License Agreement (EULA).
 
terms of the license will vary according to the type of software
Single use
the basic restri­ction is usually that the software may only be installed on one computer
Group use/site license
the company can install the software on an agreed number of computers for an unlimited number of employees to use at the same time
Concurrent license
the company can allow only a set number of users access to it at any one time.
 
It is important to monitor usage of the software to ensure that the permitted number of host-i­nstalls or concurrent users is not exceeded.
Client Access Licenses (CAL)
software bought under license can be installed onto a network server so that all authorized users can access it without it being installed on each individual computer
One-time purchases
give perpetual use of the software, though subsequent upgrades would normally involve a new license fee
 
This model is being replaced by subscr­ipt­ion­-based licensing
Subscr­ipt­ion­-based licensing
organi­zations pay a per-user monthly fee to get access to the software.
 
upgrades are provided as part of the subscr­iption
Open Source
Open source means that the progra­mming code used to design the software is freely available.
 
other progra­mmers can invest­igate the program and make it more stable and usefu
 
An open source license does not forbid commercial use of applic­ations derived from the original, but it is likely to impose the same conditions on further redist­rib­utions.
Shareware
software that you can install free of charge so that you can evaluate it for a limited period
 
If you decide to continue using the software after this period, you must register it, usually for a fee.
 
When you register the software, you often become entitled to extra features and support.
Freeware
software that is available free of charge
product key
A product key is often used to authen­ticate the use of a software package and may be required to activate the software for use.
 
a long string of characters and numbers printed on the box or disk case
 
The product key will generate a different product ID or serial number, which is often used to obtain technical support
Reading Instru­ctions and Docume­ntation
Before you try to install an applic­ation, make sure you are following software instal­lation best practices
 
Read the accomp­anying docume­ntation to verify:
That the software is compatible with your operating system.
   
That your computer hardware meets the applic­ation's recomm­ended system requir­ements.
   
Any special instal­lation instru­ctions or known issues.
   
That you have a valid agreement or license to install and use the product.
Advanced Options Advanced Options
Most software installer packages offer a choice between a default instal­lation and a custom (or advanced options) instal­lation.
 
A custom instal­lation allows you to choose specific settings, such as where to install the software and what icons or startu­p/a­utorun options to configure
 
A custom instal­lation may also involve the selection of specific feature sets or modules within the software package.
Software Agreement
how any data gathered and processed by the software is used, stored, and retained by the software vendor.
Single­-pl­atform Software
this model produces software that is optimized for a particular platform, it can perform better and be simpler to check for errors than cross-­pla­tform software.
 
The drawback is that "­por­tin­g" the software to a different platform (from Windows OS to Android for instance) can be very difficult
Cross-­pla­tform Software
any software applic­ation that works on multiple operating systems or devices, often referred to as platforms
 
you can use the same program, whether on a Windows PC or logging in from your laptop or smartphone
 
you'll be more productive and be able to use a software product you're familiar with regardless of the operating system or device you choose
 
your files can be moved much more easily between your devices and can use the software with whatever device you have with you
 
Using a cloud connec­tion, there's a way to keep all of your work in sync across your devices.
 
Compat­ibility issues can also affect web applic­ations as different browser vendors can make slightly different interp­ret­ations of open standards that result in applic­ations not working correctly in particular browsers or browser versions.

4.1 Progra­mming language categories

Assembly Language
A compiled software program is converted to binary machine code using the instru­ction set of the CPU platform.
 
typically specific to a particular hardware archit­ecture.
 
Assembly language is this machine code repres­ented in humanr­eadable text
 
This is in contrast to compiled, interp­reted, and query languages which you can use to write code that can be run on a number of platforms, assuming you have an approp­riate compiler or interp­reter.
Markup Language
System of tags used to structure a document.
 
not a progra­mming language but a means of making data in a document accessible to a program
 
Examples include HyperText Markup Language (HTML) and eXtensible Markup Language (XML).
Pseudocode
Writing out a program sequence using code blocks but without using the specific syntax of a particular progra­mming language.
Interp­reted Progra­mming Languages
When you write code with an interp­reted language, you do not need to compile the program
 
It runs within the context of an interp­reter, which converts the code into machine code at runtime.
 
This means that the program probably runs more slowly but also means it is likely that you can run the program on any platform for which you have an interp­reter.
 
Examples of interp­reted languages include scripting languages, such as JavaSc­ript, Perl, and Python.
Query Languages
Code written in a query language, such as Structured Query Language (SQL), is designed to retrieve specific records from a dataset.
 
The code does not need to be compile
Compiled Progra­mming Languages
you must transform the code to an executable binary before it can run
 
Compiling converts the source code that you wrote to machine code
 
Machine code is the instru­ctions converted to strings of ones and zeros for the CPU to process
 
A compiled program generally runs quickly (compared to interp­reted code). However, a compiled program tends to be platform (CPU) specific; to run on other platforms, you must recompile the source code for the new platform.
 
The following languages are compiled: C++, C#, COBOL, PASCAL

4.2 Progra­mming & interpret logic

Program Sequence
A program is just a sequence of instru­ctions for your computer to perform.
 
In designing a program, we have to consider how input, proces­sing, and output are all clearly defined.
Example: add two user-e­ntered numbers together and display the sum on the screen
1 Clear the current display.
 
2. Output to the screen the instru­ctions for the operation.
 
3. Ask the user for the first number
 
4. Verify that the entered value is a number:
a. If it is, proceed.
   
b. If it is not, remind the user what the valid range is and prompt again.
 
5. Store that number for subsequent use.
 
6. Ask the user for the second number.
 
7. Verify that the entered value is a number
a. If it is, proceed.
   
b. If it is not, remind the user what the valid range is and prompt again.
 
8. Store that number for subsequent use.
 
9. Retrieve the two stored numbers and add them together.
 
10. Display the result.
Using a Flow Chart
As this restat­ement of the program is getting signif­icantly more complex, it might help to visualize it. You could view the sequence as a graphical flow chart to help understand the processes.
 
With the steps shown visually in a diagram, it is easier to see that the program is not completely linear
 
here are branches and loops
 
Also notice that the program contains some duplicate steps; specif­ically, the verifi­cation steps and the display instru­ctions steps
 
We can use the diagram to analyze the sequence of instru­ctions and write better code to support that sequence.
Pseudocode
Writing out a program sequence using code blocks but without using the specific syntax of a particular progra­mming language.
Pseudocode keywords:
subrou­tines
he main routine calls some subrou­tines
   
Each routine is completed by an "End Routin­e" statement
   
This means (for example) when the program reaches the last step of the main routine, it closes rather than flowing through to try to execute the first subrou­tine.
 
return
When a subroutine completes, it can return to the point in the main routine from where it was called, and the main routine continues execution
   
Note that when we use structures such as this, we have to be very careful not to create infinite loops in the code by mistake.
 
condit­ional statem­ent­/br­anching (IF)
There is a condit­ional statement (IF) that means part of the code only executes when certain conditions are true or false.
   
a branch is an instru­ction to your computer to execute a different sequence of instru­ctions.
 
Loops
similar to branches in as much as they deviate from the initial program path according to some sort of logic condition.
   
However, with a loop, you instruct your computer to perform, or repeat, a task until a condition is met.
   
As well as "­For­" struct­ures, loops can also be implem­ented by "­Whi­le" statem­ents:
 
variables
store data input by the user.
 
functions
(such as "­sum­" and "­wri­te") that we can assume are provided as features of the progra­mming language.
   
We don't need to code how to add two numbers together or write output to the display screen.
 
user interface
the program interacts with (prompting for input and displaying output).
 
comments
preceded by the ' character.
   
Comments are part of the progra­mming code that are not executed by the computer but that help the developer read and maintain the code.
 
branch
this is an instru­ction to your computer to execute a different sequence of instru­ctions.
Operators
Looping and branching structures depend on logical tests to determine whether to continue the loop or the branch to follow.
 
A logical test is one that resolves to a TRUE or FALSE value.
 
These tests can be performed with operators, which are used to perform arithm­etic, compar­ison, or logical operations on variables and values.
 
Arithmetic operators include simple calcul­ations, such as addition (+), subtra­ction (-), multip­lic­ation (*), division (/), etc.

4.3 Progra­mming concepts

basic comparison operators:
==
equal to (returns TRUE if both conditions are the same).
 
!=
is not equal to.
 
<
less than
 
>
greater than
 
<=
less than or equal to
 
>=
greater than or equal to
logical operators
AND
if both conditions are TRUE, then the whole statement is TRUE.
 
OR
if either condition is TRUE, then the whole statement is TRUE.
 
XOR
if either condition is TRUE but not both, then the whole statement is TRUE.
 
NOT
negation operator that reverses the truth value of any statement.
Identi­fiers
An identifier is used in a program to access a program element, such as a stored value, class, method, or interface.
 
In essence, an identifier is a label for something within your program. If your identifier stores data, then it will be either a variable or a constant.
Variables
A variable contains a value that can change during the execution of the program. This value might be a text string, a number, or any other data type.
 
Important: Variables are usually declared, defined as a particular data type, and given an initial value at the start of the routine in which they are used. It is often possible to use undeclared variables, but this can make code harder to read and more prone to errors.
Constants
a specific identifier that contains a value that cannot be changed within the program.
 
For example, you might want to store the numerical value for the screen dimensions or resolu­tion.
Contai­ner­s(A­rra­ys,­Vec­tors):
a term for a special type of identifier that can reference multiple values (or elements)
 
For example, say that you want your program to store a list of user names who have logged on to the computer in the last 24 hours.
 
Arrays cannot be resized
 
Vectors can grow or shrink in size as elements are added or removed
procedures and functions
enable you to create segments of code that you will reuse
 
function can return a value while a procedure cannot
Attributes
values and data types that define the object.
 
The attributes are stored within the object as fields or private variables.
 
Other programs cannot access or change the fields directly.
 
They must call a particular method (see below) to do that
Methods
defines what you can do to an object
Properties
represent an altern­ative way of accessing a field publicly
 
Using a method might be regarded as quite a "­hea­vyw­eig­ht" means of doing this, so properties allow external code to ask the object to show or change the value of one of its fields.

5.1 Database concep­ts/­purpose

Database
an organized collection of inform­ation.
 
The inform­ation is stored in a structured manner for easier access
 
Typically, a database consists of tables of inform­ation, organized into columns and rows.
 
Each row represents a separate record in the database, while each column represents a single field within a record.
Usage of database
Creation
this step involves defining what inform­ation the database will store, where it will be hosted, and how it will be accessed by clients.
 
Import­/input
once the database has been created, it must be populated with data records.
   
Records can either be input and updated manually, usually using some type of form, or data might be imported from another source, or both.
 
Queries
it is possible in theory to read the inform­ation in each table manually, but in order to view inform­ation effici­ently, a query is used to extract it.
   
A query allows the user to specify criteria to match values in one or more fields and choose which fields to display in the results so that only inform­ation of interest is selected.
 
Reports
a query might return a large number of rows and be just as difficult to read as a table
   
A report is a means of formatting and summar­izing the records returned by a query so that the inform­ation is easy to read and interpret.
Flat File Systems
Spread­sheets and Comma Separated Values­(CSV) are an example of a flat file data storage and access system rather than a database.
Benefits of Database
Variety of data
Databases can enforce data types for each column and validate inform­ation entered as fields and records, conseq­uently they can support a wider variety of data formats.
 
Multiple concurrent users
Databases can support tens, hundreds or thousands, or even millions of users concur­rently
   
A single file-based data storage solution does not offer high enough speed for the volumes of transa­ctions (adding and updating records) on enterp­ris­e-level systems.
 
Scalab­ility
able to expand usage without increasing costs at the same rate
   
Database archit­ecture means that extra capacity can be added later with much less invest­ment.
   
For example, in a non-sc­alable system, doubling the number of users would also double the costs of the system.
 
Complex schemas
can manage multiple tables and link the fields in different tables to create complex schemas. In a flat file, all the inform­ation is stored within a single table.
 
Speed
Databases provide access controls to protect inform­ation from unauth­orized disclosure and backup­/re­pli­cation tools to ensure that data can be recovered within seconds of it being committed.
Storage (data persis­tence)
databases are often used with applic­ations
 
While an applic­ation processes variables and other temporary data intern­ally, this inform­ation is lost when the applic­ation is termin­ated.
 
A database represents a way for an applic­ation to store data persis­tently and securely.

5.2 Database structures

Structured
When you store your inform­ation in a relational database, it is stored in a structured way
 
enables you to more easily access the stored inform­ation and gives you flexib­ility over exactly what you access
 
For example, you can access all fields or only certain fields. Each field has a defined data type, meaning that software that unders­tands the database language (SQL), can parse (inter­pret) the content of a field easily.
Unstru­ctured
provides no rigid formatting of the data
 
mages and text files, Word documents and PowerPoint presen­tations are examples of unstru­ctured data.
 
Unstru­ctured data is typically much easier to create than structured data.
 
Documents can be added to a store simply and the data store can support a much larger variety of data types than a relational database can.
Semi-s­tru­ctured
Sits somewhere between structured and unstru­ctured
 
Strictly speaking, the data lacks the structure of formal database archit­ecture
 
But in addition to the raw unstru­ctured data, there is associated inform­ation called metadata that helps identify the data.
 
Email data, as well as markup languages such as XML, are forms of semi-s­tru­ctured data
Relational Databases
a highly structured type of database
tables
Inform­ation is organized in tables (known as relations)
fields
A table is defined with a number of fields, repres­ented by the table columns
 
Each field can be a particular data type.
row
Each row entered into the table represents a data record.
primary key
used to define the relati­onship between one table and another table in the database
 
Each row in the table must have a unique value in the primary key field
foreign key.
When a primary key in one table is referenced in another table, then in the secondary table, that column is referred to as a foreign key.
schema
The structure of the database in terms of the fields defined in each table and the relations between primary and foreign keys
Constr­aints
It is very important that the values entered into fields are consistent with what inform­ation the field is supposed to store.
Garbage In, Garbage Out (GIGO)
 
When defining the properties of each field, as well as enforcing a data type, you can impose certain constr­aints on the values that can be input into each field
 
A primary key is an example of a constr­aint. The value entered or changed in a primary key field in any given record must not be the same as any other existing record.
 
Other types of constr­aints might perform validation on the data that you can enter
 
Constr­aints can be applied at different levels. As well as applying rules to fields, they can be used at the table and schema levels too.
Non-re­lat­ional databases
sometimes referred to as “NoSQL,” which stands for Not Only SQL
 
main difference between these is how they store their inform­ation.
 
A non-re­lat­ional database stores data in a non-ta­bular form, and tends to be more flexible than the tradit­ional, SQL-based, relational database struct­ures.
 
It does not follow the relational model provided by tradit­ional relational database management systems.
key–value database
a data storage paradigm designed for storing, retrie­ving, and managing associ­ative arrays, and a data structure more commonly known today as a dictionary or hash table
 
Dictio­naries contain a collection of objects, or records, which in turn have many different fields within them, each containing data.
 
hese records are stored and retrieved using a key that uniquely identifies the record, and is used to find the data within the database.
Document databases
a type of nonrel­ational database that is designed to store and query data as JSON-like documents
 
make it easier for developers to store and query data in a database by using the same docume­nt-­model format they use in their applic­ation code.

5.3 Database Interface Methods

Relational Methods
Database interfaces are the processes used to add/update inform­ation to and extract (or view) inform­ation from the database
 
In an RDBMS, the use of Structured Query Language (SQL) relational methods is critical to creating and updating the database
Data Definition Methods:
Data Definition Language (DDL) commands refer to SQL commands that add to or modify the structure of the database.
CREATE
this command can be used to add a new database on the RDBMS server (CREATE DATABASE) or to add a new table within an existing database (CREATE TABLE).
 
The primary key and foreign key can be specified as part of the table definition
Alter Table
This allows you to add, remove (drop), and modify table columns (fields), change a primary key and/or foreign key, and configure other constr­aints.
 
There is also an ALTER DATABASE command, used for modifying properties of the whole database, such as its character set.
DROP
used to delete a table (DROP TABLE) or database (DROP DATABASE).
 
Obviously, this also deletes any records and data stored in the object.
CREATE INDEX
specifying that a column (or combin­ation of columns) is indexed speeds up queries on that column.
 
The tradeoff is that updates are slowed down slightly (if the column is not suitable for indexing, updates may be slowed down quite a lot.
 
The DROP INDEX command can be used to remove an index.
INSERT INTO TableName
adds a new row in a table in the database.
UPDATE TableName
changes the value of one or more table columns.
 
This can be used with a WHERE statement to filter the records that will be updated
 
If no WHERE statement is specified, the command applies to all the records in the table.
DELETE FROM TableName
—deletes records from the table
 
As with UPDATE, this will delete all records unless a WHERE statement is specified.
SELECT
enables you to define a query to retrieve data from a database.
Permis­sions:
SQL supports a secure access control system where specific user accounts can be granted rights over different objects in the database (tables, columns, and views for instance) and the database itself.
 
When an account creates an object, it becomes the owner of that object, with complete control over it.
 
The owner cannot be denied permission over the object
 
The owner can be changed however, using the ALTER AUTHOR­IZATION statement.
Database Access Methods:
Database access methods are the processes by which a user might run SQL commands on the database server or update or extract inform­ation using a form or applic­ation that encaps­ulates the SQL commands as graphical controls or tools.
Direct­/Manual Access:
Admini­str­ators might use an admini­str­ative tool, such as phpMyA­dmin, to connect and sign in to an RDBMS database.
 
Once they have connected, they can run SQL commands to create new databases on the system and interact with stored data.
 
This can be described as direct or manual access.
Query/­Report Builder
There are many users who may need to interact closely with the database but do not want to learn SQL syntax
 
A query or report builder provides a GUI for users to select actions to perform on the database and converts those selections to the SQL statements that will be executed
Progra­mmatic Access
A software applic­ation can interact with the database either using SQL commands or using SQL commands stored as procedures in the database.
 
Most progra­mming languages include libraries to provide default code for connecting to a database and executing queries.
User Interf­ace­/Ut­ility Access:
:An applic­ation might use a database in the background without the user really being aware of its presence.
 
Altern­ati­vely, the applic­ation might prov dinary users to add and search records.
Backups and Data Expor
As with any type of data, it is vital to make secure backups of databases.
 
Most RDBMS provide stored procedures that invoke the BACKUP and RESTORE commands at a database or table level.
 
It may also be necessary to export data from the database for use in another database or in another type of program, such as a spread­sheet.
Database dump
A dump is a copy of the database or table schema along with the records expressed as SQL statem­ents.
 
These SQL statements can be executed on another database to import the inform­ation.
Exporting
Most database engines support exporting data in tables to other file formats, such as Comma Separated Values (.CSV) or native MS Excel (.XLS)

6.1 confid­ent­ial­ity­/in­teg­rit­y/a­vai­lab­ility

Confid­ent­iality concerns
Security is the practice of contro­lling access to something
 
Security must be balanced against access­ibi­lity: if a system is completely secure, then no one has access to it, and it is unusable.
Confid­ent­iality
the inform­ation should only be known to authorized users.
Integrity
the inform­ation is stored and transf­erred as intended and that any modifi­cation is author­ized.
Availi­ability
the inform­ation is accessible to those authorized to view or modify it.
Security Threats- Confid­ent­iality Concerns
Confid­ent­iality means that inform­ation is only revealed to authorized people. This can be compro­mised in a number of ways:
 
Snooping
this is any attempt to get access to inform­ation on a host or storage device (data at rest) that you are not authorized to view
   
An attacker might steal a password or find an unlocked workst­ation with a logged-on user account, or they might install some sort of spyware on the host.
 
Eavesd­rop­pin­g/w­ire­tapping
this is snooping on data or telephone conver­sations as they pass over the network.
   
Snooping on traffic passing over a network is also often called sniffing.
   
It can be relatively easy for an attacker to "­tap­" a wired network or intercept unencr­ypted wireless transm­issions
   
Networks can use segmen­tation and encryption to protect data in-tra­nsit.
 
Social engine­eri­ng/­dum­pster diving
this means getting users to reveal inform­ation or finding printed inform­ation.
Integrity Concerns
Integrity means that the data being stored and transf­erred has not been altered without author­iza­tion.
 
Some threats to integrity include the following attacks:
 
On Path attack
where a host sits between two commun­icating nodes, and transp­arently monitors, captures, and relays all commun­ica­tions between them.
 
Replay
where a host captures another host's response to some server and replays that response in an effort to gain unauth­orized access.
   
Replay attacks often involve exploiting an access token generated by an applic­ation
 
Impers­onation
—a common attack is where a person will attempt to figure out a password or other creden­tials to gain access to a host.
Availa­bility Concerns
Availa­bility means keeping a service running so that authorized users can access and process data whenever necessary.
 
Availa­bility is often threatened by accidents and oversights as well as active attacks.
 
Denial of Service (DoS
—this is any situation where an attacker targets the availa­bility of a service.
   
A DoS attack might tamper with a system or try to overload it in some way.
 
Power outage
if you lose power, then clearly your computers cannot run.
   
Using standby power can help mitigate this issue
   
Using an Uninte­rru­ptible Power Supply (UPS) can provide a means to safely close down a server if building power is interr­upted.
 
Hardware failure
if a component in a server fails, then the server often fails
   
A hard disk contains moving parts and will eventually fail
   
If a disk fails, you will likely lose access to the data on the failed disk and quite possibly lose the data.
   
You can compensate against hardware failure by provis­ioning redundant components and servers. The service is then config
 
Destru­ction
the loss of a service or data through destru­ction can occur for a number of reasons.
   
At one extreme, you might lose a data center through a fire or even an act of terrorism.
   
Either way, putting your servers in a physically secure room and contro­lling access to that room can help protect against these issues.
 
Service outage
any of the situations above can lead to service unavai­lab­ility.
   
Many organi­zations use online, cloud-­based apps and services these days
   
You need to consider how third-­party service failures may affect your data processing systems.
   
When you decide which cloud provider to use, consider the options they provide for service availa­bility and fault tolerance.
Authen­tic­ation, Author­iza­tion, and Accounting
To guard against these threats to confid­ent­iality and integrity, data and data processing systems are protected by access controls
 
An access control system normally consists of one or more of the following types of controls:
 
Authen­tic­ation
means one or more methods of proving that a user is who they say they are and associates that person with a unique computer or network user account.
 
Author­ization
means creating one or more barriers around the resource such that only authen­ticated users can gain access
   
Each resource has a permis­sions list specifying what users can do.
   
Resources often have different access levels, for example, being able to read a file or being able to read and edit it
 
Accounting
means recording when and by whom a resource was accessed.

6.2 Device securi­ty/best practices

Host Firewall
A firewall restricts access to a computer or network to a defined list of hosts and applic­ations.
 
Basic packet filtering firewalls work on the basis of filtering network data packets as they try to pass into or out of the machine.
Windows Defender Firewall
it is enabled on all network connec­tions by default unless it has been replaced by a third-­party firewall.
Safe Browsing Practice
Using Free/Open Networks can be interc­epted by anyone else connected to the network and by the person that owns the network.
 
To mitigate this, use a securi­ty-­enabled protocol (SSL/TLS) that encrypts the link between your client and the web or mail server.
Device hardening
refers to a set of policies that make mobile and workst­ation computers and network appliances more secure
 
many options for hardening mobile devices, config­uring a screen lock out and encrypting data for instance, were discussed earlier.
Hardening policies
Anti-v­iru­s/a­nti­-ma­lware
malware is software that aims to damage a computer or steal inform­ation from it.
   
malware is software that aims to damage a computer or steal inform­ation from it.
 
Patchi­ng/­updates
OS files, driver software, and firmware may be exploi­table by malware in the same way as applic­ations software.
   
It is important to keep computers and other devices configured with up-to-date patches and firmware
 
Enabling passwords
most operating systems allow the use of an account without a password, PIN, or screen lock, but this does not mean it is a good idea to do so
   
All computing devices should be protected by requiring the user to input creden­tials to gain access.
 
Defaul­t/weak passwords
network devices such as wireless access points, switches, and routers ship with a default management password, such as "­pas­swo­rd,­" "­adm­in,­" or the device vendor's name
   
These should be changed on instal­lation.
   
the password used should be a strong one—most devices do not enforce complexity rules so the onus is on the user to choose something secure.
 
Disabling unused features
any features, services, or network protocols that are not used should be disabled.
   
This reduces the attack surface of a network device or OS.
   
Attack surface means the range of things that an attacker could possibly exploit in order to compromise the device.
 
Removing unwant­ed/­unn­ece­ssary software
new computers ship with a large amount of pre-in­stalled software, often referred to as bloatware.
   
These applic­ations should be removed if they are not going to be used
Device use best practices
When installing new software applic­ations or drivers, it is important to obtain the setup files from a legitimate source.
Reputable sources include
Vendor app stores (for example, Windows Store, Google Play Store, Apple App Store).
 
Merchant app stores, such as Amazon Appstore.
 
Authorized resellers, Original Equipment Manufa­cturer (OEM) vendors, and managed service providers. If in any doubt, check the reseller or OEM's accred­itation
Third Party Sites
If you need to use a driver from a site such as this, try to research it as much as you can.
 
Search for references to the site on the web to find out if anyone has posted warnings about it.
 
If you trust this site, check for a forum where other users might have tried a specific driver package and indicated whether it is legitimate or not
 
Check that it is protected by a valid digital certif­icate and that its downloaded over a secure HTTPS connec­tions.

6.3 Behaviour security concepts

Expect­ations of privacy:
type of privacy consid­eration should also affect your choice of Internet Service Provider (ISP) and web search engine
 
Your browsing and search history reveal an enormous amount of very personal inform­ation
 
While the actual content of what you view or send to a site might be protected by encryp­tion, the URL or web address of the site is not
 
Privacy issues do not just affect websites, social media sites, ISPs, and search providers. It is also possible that this type of data will be collected from mobile apps and desktop software. It is typical for software such as Windows or Office to prompt you to allow usage and troubl­esh­ooting data to be sent back to the vendor (Micro­soft) for analysis for example.
Written Policies and Procedures
As a vital component of a company's IT infras­tru­cture, employees must understand how to use computers and networked services securely and safely and be aware of their respon­sib­ilities
 
To support this, the organi­zation needs to create written policies and procedures to help staff understand and fulfill their respon­sib­ilities and follow best practices
 
The value of a compre­hensive policy is that it removes any uncert­ainty that employees may have about what to do in a given situation.
Handling Confid­ential Inform­ation:
Passwords
Users must keep their work passwords known only to themse­lves.
   
This means not writing down the password, not telling it to anyone else, and not using it to authen­ticate to any other services or websites.
 
Personally Identi­fiable Inform­ation (PII
The rise in consci­ousness of identity theft as a serious crime and growing threat means that there is an increasing impetus on govern­ment, educat­ional, and commercial organi­zations to take steps to obtain, store, and process Personally Identi­fiable Inform­ation (PII) more sensit­ively and securely.
   
Staff should be trained to identify PII and to handle personal or sensitive data approp­ria­tely.
   
This means not making unauth­orized copies or allowing the data to be seen or captured by any unauth­orized people
 
Company Confid­ential Inform­ation
Any of the business inform­ation used to run a company could be misused in the wrong hands
   
This sort of inform­ation includes product designs or plans, marketing plans, contracts, procedures and workflows, diagrams and schema­tics, and financial inform­ation.
   
This inform­ation must not be disclosed to unauth­orized people and should always be stored on media that are subject to network access controls and/or encrypted.
   
Paper or electronic copies of this sort of inform­ation that are no longer needed should be destroyed rather than discarded

6.4 AAA & non-re­pud­iation

AAA
Authen­tic­ation, Author­iza­tion, and Accounting - the principal stages of security control. A resource should be protected by all three types of controls
Accounting
The accounting part of the access control system provides an audit log of how users have authen­ticated to the network and used their access privileges
 
Accounting is usually provided for by logging events.
 
Accounting is an important part of ensuring non-re­pud­iation
Non Repudi­ation
the principle that the user cannot deny having performed some action. Apart from logging, several mechanisms can be used to provide non-re­pud­iation:
 
Video
survei­llance cameras can record who goes in or out of a particular area.
 
Biometrics
strong authen­tic­ation can prove that a person was genuinely operating their user account and that an intruder had not hijacked the account.
 
Signature
similarly, a physical or digital signature can prove that the user was an author of a document (they cannot deny writing it)
 
Receipt
issuing a token or receipt with respect to some product or service is proof that a user requested that product and that it was delivered in a timely manner.
Multif­actor Authen­tic­ation
Strong authen­tic­ation is multi-­factor
 
r. Authen­tic­ation schemes work on the basis of something you know, something you have, or something you are.
 
These schemes can be made stronger by combining them (for example, protecting use of a smart card certif­ication [something you have] with a PIN [something you know]).
PIN (Personal Identi­fic­ation Number)
Number used in conjun­ction with authen­tic­ation devices such as smart cards; as the PIN should be known only to the user, loss of the smart card should not represent a security risk.
Token
A token contains some sort of authen­tic­ation data. Software tokens are generated by logon systems, such as Kerberos, so that users do not have to authen­ticate multiple times (Single Sign-on).
 
A hardware token can be a device containing a chip with a digital certif­icate but is more usually a device that generates a one-time password.
 
This can be used in conjun­ction with an ordinary user name and password (or PIN) to provide more secure two-factor authen­tic­ation
Permis­sions
To access files and folders on a volume, the admini­strator of the computer will need to grant file permis­sions to the user (or a group to which the user belongs). File permis­sions are Page 9/16 supported by NTFS-based Windows systems
Access Control
Creating one or more barriers around a resource such that only authen­ticated users can gain access.
 
Each resource has an Access Control List (ACL) specifying what users can do. Resources often have different access levels (for example, being able to read a file or being able to read and edit it).
ACL (Access Control List)
The permis­sions attached to or configured on a network resource, such as folder, file, or firewall. The ACL specifies which subjects (user accounts, host IP addresses, and so on) are allowed or denied access and the privileges given over the object (read only, read/w­rite, and so on).
Least Privilege
Least privilege is a basic principle of security stating that something should be allocated the minimum necessary rights, privil­eges, or inform­ation to perform its role
User Account
Each user who wishes to access a Windows computer will need a logon ID, referred to as a user account
 
Each user will normally have a local profile, containing settings and usercr­eated files. Profiles are stored in the "­Use­rs" folder
Group Account
A group account is a collection of user accounts. These are useful when establ­ishing file permis­sions and user rights because when many indivi­duals need the same level of access, a Page 15/16 group could be establ­ished containing all the relevant users. The group could then be assigned the necessary rights
MAC (Mandatory Access Control)
Access control model where resources are protected by inflex­ible, system defined rules. Resources (objects) and users (subjects) are allocated a clearance level (or label)
 
There are a number of privilege models, such as Bell-L­aPa­dula, Biba, and Clark-­Wilson providing either confid­ent­iality or integrity.
DAC (Discr­eti­onary Access Control)
Access control model where each resource is protected by an Access Control List (ACL) managed by the resource's owner (or owners).

6.5 Password best practices

Length
a longer password is more secure. Around 9–12 characters is suitable for an ordinary user account
 
Admini­str­ative accounts should have longer passwords (14 or more charac­ters).
Complexity
improve the security of a password
 
No single words—­better to use word and number­/pu­nct­uation combin­ations, no obvious phrases etc.
Memora­bility
artificial complexity makes a password hard to remember, meaning users write them down or have to reset them often
 
Use longer phrases etc.
Maintain confid­ent­iality
do not write down a password or share it with other users.
Histor­y/e­xpi­ration
change the password period­ically
 
Many systems can automa­tically enforce password expira­tion, meaning users have to choose a new password.
Reuse across Sites
Users must be trained to practice good password manage­ment, or at the very least not to re-use work passwords for web accounts.
password reset
allows a user who has forgotten a password to self-s­elect a new one.

6.6 Encryption

Encryption
an ancient technique for hiding inform­ation
 
Someone obtaining an encrypted document, or cipher text, cannot understand that inform­ation unless they possess a key.
Plain text (or clear text
this is an unencr­ypted message.
Cipher text
an encrypted message.
Cipher
this is the process (or algorithm) used to encrypt and decrypt a message
Data States
Data can be described as being at rest or in transit
Data at rest
this state means that the data is in some sort of persistent storage media.
 
In this state, it is usually possible to encrypt the data using techniques such as whole disk encryp­tion, mobile device encryp­tion, database encryp­tion, and file- or folder­-level encryp­tion.
File-level encryption
useful as a method on large-­volume storage devices
Disk encryption
sometimes used in conjun­ction with filesy­ste­m-level encryption with the intention of providing a more secure implem­ent­ation
 
generally uses the same key for encrypting the whole drive, all of the data can be decrypted when the system runs
 
However, some disk encryption solutions use multiple keys for encrypting different volumes.
Mobile devices
smartp­hones and tablets have encryption options that will also provide protection of storage.
 
it’s not typically a disk but is still just storage that’s encrypted and accessed using some key
Data in transit (or data in motion)
this is the state when data is transm­itted over a network, such as commun­icating with a web page via HTTPS or sending an email
 
In this state, data can be protected by a transport encryption protocol, such as Secure Sockets Layer (SSL)/­Tra­nsport Layer Security (TLS).
Virtual Private Network (VPN)
connects the components and resources of two private networks over another public network or connects a remote host with an Internet connection to a private local network.
 
A VPN is a "­tun­nel­" through the Internet or any other network.
Email encryption
encryption of email messages to protect the content from being read by entities other than the intended recipients
 
may also include authen­tic­ation.
 
Email is prone to the disclosure of informatio
 
Most emails are currently transm­itted in the clear form
 
All emails sent using Gmail or Outlook are encrypted by default.
Hypertext Transfer Protocol Secure (HTTPS)
provides for encrypted transfers, using SSL and port 443.

6.7 Business continuity

Business Continuity Plan (BCP)/­Con­tinuity of Operations Plan (COOP)
A business continuity plan is designed to ensure that critical business functions demons­trate high availa­bility and fault tolerance.
 
Typically, this is achieved by allowing for redundancy in specifying resources.
 
Examples include cluster services, RAID disk arrays, UPS. Business continuity plans should not be limited to technical elements however; they should also consider employees, utilities, suppliers, and customers.
 
Associated with business continuity is the disaster recovery plan, which sets out actions and respon­sib­ilities for foreseen and unforeseen critical incidents.
 
e vulner­abi­lities can be mitigated by creating contin­gency plans and resources that allow the system to be resilient to failures and unexpected outage
 
Most contin­gency plans depend on providing redundancy at both the component and system leve
 
If a component or system is not available, redundancy means that the service can failover to the backup either seamlessly or with minimum interr­uption.
Fault Tolerance
protect against losing access to a computer system when a component fails
 
systems that contain additional components to help avoid single points of failure
Data Redundancy
Combining hard disks into an array of disks can help to avoid service unavai­lab­ility due to one or more disks failing.
Redundant Array of Indepe­ndent Disks (RAID) standard
evolved to offer a variety of fault tolerant solutions. Different RAID solutions are defined in numbered levels.
Network Redundancy
Without a network connec­tion, a server is not of much use
 
As network cards are cheap, it is common­place for a server to have multiple cards (adapter fault tolerance)
 
Multiple adapters can be configured to work together (adapter teaming)
 
This provides fault tolera­nce—if one adapter fails, the network connection will not be lost—and can also provide load balancing (conne­ctions can be spread between the cards).
 
Network cabling should be designed to allow for multiple paths between the various servers, so that during a failure of one part of the network, the rest remains operat­ional (redundant connec­tions)
 
Routers are great fault tolerant devices, because they can commun­icate system failures and IP packets can be routed via an alternate device
Power Redundancy
means deploying systems to ensure that equipment is protected against these events and that network operations can either continue uninte­rrupted or be recovered quickly.
Replic­ation
between multiple data centers to guard against risks
 
Replic­ation is the process of synchr­onizing data between servers and potent­ially between sites.
 
This replic­ation might be real-time or bundled into batches for periodic synchr­oni­zation.
Disaster Recovery
creates workflows and resources to use when a specific disaster scenario affects the organi­zation
 
A disaster could be anything from a loss of power or failure of a minor component to man-made or natural disasters.
 
For each high-risk scenario, the organi­zation should develop a plan identi­fying tasks, resources, and respon­sib­ilities for responding to the disaster
Priori­tiz­ation
disaster recovery plans should identify priorities for restoring particular systems first
 
This process has to be condit­ioned by depend­encies between different systems.
 
The servers running the website front-end might not be able to operate effect­ively if the servers running the database are not available
Data Restor­ation
If a system goes down, there may be data loss
 
Data can either be restored from backup or by switching over to another system to which data has been replic­ated. It is vital that the integrity of the data be checked before user access is re-ena­bled.
Restoring Access
Once the integrity of the failover or restored system has been verified, you can re-enable user access and start processing transa­ctions again.
 

Comments

No comments yet. Add yours below!

Add a Comment

Your Comment

Please enter your name.

    Please enter your email address

      Please enter your Comment.

          Related Cheat Sheets

          PHP Syntaxe & Fondamentaux - FR Cheat Sheet
          Security+ 601 Exam Cheat Sheet

          More Cheat Sheets by Bayan.A

          Networks - Physical Layer Cheat Sheet
          Java Mastery - Part 2 Cheat Sheet
          Java Mastery - Fundamentals Cheat Sheet