Comptia 1002 Pbq

The seven steps of the malware removal procedures are: (1) IDENTIFY [and research malware symptoms] (2) QUARANTINE [the infected systems] (3) DISABLE [System Restore (in Windows)] (4) REMEDIATE [the infected systems, update the anti-malware software, scan the system, and use removal techniques (safe mode, pre-installation environment)] (5) SCHEDULE [scans and run updates] (6) ENABLE [System Restore and create a restore point (in Windows)] (7) EDUCATE [the end user] I, Q, D, R, S, E, E (I question Dad's reading skills every evening)

RAID 0: striping (speed, no redundancy) RAID 1: mirroring (full redundancy, slow speed), wasted storage RAID 5 striping with parity (3 disks) RAID 10: striped mirrors (two RAID 1s)

- Open Disk Management application - Disk 0 is already fully used. 2 other unused extra disks (unallocated, Disk 1 & 2) - right click: new striped volume. Choose NTFS. It converts basic to dynamic disk. Format. - right click: new mirrored volume. Choose NTFS. It converts basic to dynamic disk. Format. - next, create a simple partition (simple volume). Select 250gb (600gb total to choose from), assign drive letter, volume label ("data"). NOW, other half is unallocated. We just created a primary and basic partition on Disk 1. - NOW, lets create an extended partition that spans Disk 1 and into Disk 2 (using the unallocated disk 1 space). Select New spanned volume. Select both disks, so we'll span what's left in first disk into all of second disk. (called 'S' for storage.

-Delete a task:right click, end task. This way, this malware call-out task beacon will stop. -create a full task (right bar): when will it run, what permissions, what will trigger it (certain day, a log on), delay it, make an action happen, -you might be asked to create a task, or stop/kill task

-in Network and Sharing utility, gateway to everything networking. Click on Ethernet 2. Click on Details. More info. Click bottom left Properties. Can update DHCP or DNS settings, make static configs, DHCP not enabled. OR alternative config, instead of APIPA you can assign a static IP to be ready. -set up a VPN connection. We'll choose Set up a new connection/network, connect to a workplace. Type in 'vpn.diontraining.com', create. Connect by Change adapter settings. Right click, connect. -ipconfig to look at network configs. Ipconfig /all , ipconfig /release (no connection), ipconfig /renew (ask DHCP). It refreshes internet connection. Ipconfig /flushdns, clears your cache, it'll go out to DNS server to relearn.

(1) Seven steps of malware removal process (2) Symptoms of malware - popups - web browser redirects - security alerts - slow performance - some internet connectivity issues - app crashing - Windows crashing - files disappearing - hijacked email - spam - invalid certificates (3) Verify malware is gone - after using anti-malware tool (like -defender) - w/in internet options- to make sure that no malware has modified our proxy or homepage. Control panel> Network&Sharing center> Internet Options. Change homepage (if needed). In Connections tab, Lan Settings> proxy server settings are active (clear it), this will cause browser redirects. - stop a malware/bad service from starting when computer boots up. Msconfig utility. Services tab- shows any malicious service (ex. A virtual box). Disable it. OR go to startup tab in Task Manager.

- wireless configs or connections ///// - WEP / IV (initialization vectors) - WPA / PSK - WPA2 / AES - WPA/WPA2 / TKIP

- (ex. Using iPad) Settings. Troubleshoot why it's not connected to wifi. Turn off airplane mode. Go to Passcode, to set a passcode. Require on startup, wrong attempts, and auto lock. VPN is under Generals tab. - (using android) configure email. Manual configurations)

- list our files in a directory (dir) Change directory into the desktop (cd) - (..) is parent directory (what's above you at the moment) - ping is for internet connectivity troubleshooting. How long connection takes. - (tracert) path between you and 'destination' - (netstat) network statistics. All active connections. - (nslookup) DNS. Will let you know the IP address of destination - net use (make a connection to a server) \\servername\folder - (diskpart) Disk Management utility in command line - bootrec /fixmbr - bootrec /fixboot - taskkill

-in Linux Terminal - pwd (present working directory)- shows where we are (Windows is dir) - ls (list what's in the directory), ls -la shows MORE including hidden files and permissions - chmod (change permissions) - cd (move up and down directory), press . Or .. - cat [data.txt]- shows what's in a file - grep (search tool) - touch [name.txt] (creates a blank/new file) - mv [name.txt] [renameit.txt]- moves in same directory, same file, renamed file. OR move file to new directory. - cp (copies a file and you an rename it) - mkdir (make directory) - (ex) mv *.txt data (-the directory) - rm (remove/delete) - chmod (change permissions). Use ls -la (to look at permissions first). Chmod 755. (RWX, RX, RX) - man ____ (learn more about a command) - chown (change ownership) - iwconfig (wireless connections) - ifconfig (like ipconfig) - ps (list processes running on system) - kill (end a process using PID) - vi (text editor) - apt-get (package getter, download app) - sudo (super user do)- run command as super user - su (switch time root user)- a dangerous place to be in, an admin - shutdown (power down computer)

- you may see tickets (2 or 3), a generic help desk system, with different priorities - do urgent first! - URGENT- close the browser, as it's a malware hoax, choose drop down menu of what you did. - HIGH- can't log in, invalid password. Password reset procedure - MEDIUM- can't access internet, ipconfig (APIPA), no proper DHCP server. Say what issue and what resolution is.