220-1102 Software Troubleshooting Study Guide for the CompTIA A+ Core Series Exam

Malware Removal

Malware can spread rapidly and cause severe damage to a PC. Discovering malware is just the first step. It’s vital that you can remove the malware quickly without causing further damage. Be sure to follow these steps in order. Questions in this area will be scenario based.

1. Investigate and Verify Malware Symptoms

Malware is not often as obvious as strange error messages and odd security warnings. It may be as subtle as a slight slowdown of the system or unexplained files appearing. If malware is suspected, the first step is to identify the type of malware being used. Antivirus and anti-malware software can be used to identify known threats. Also, various online resources are dedicated to identifying malware and its signatures.

2. Quarantine Infected Systems

Any system suspected of being infected by malware should immediately be quarantined. This is so that the malware doesn’t spread across the network to other devices. The easiest way to quarantine a device is to simply pull out the network cord or disconnect it from Wi-Fi. Maintain all the files on the machine, and don’t attempt to move them to another system.

3. Disable System Restore in Windows

The next step after quarantine is disabling System Restore in Windows. You do not want the virus to infect your restore points.

4. Remediate Infected Systems

When you have identified the type of malware and ensured that it can’t spread to other devices, remediation can begin.

a. Update Anti-Malware Software

The first step is to ensure you have an updated antivirus/anti-malware application with a new engine and signature files.

b. Scanning and Removal Techniques

Once the anti-malware software is updated, restart the system in Safe Mode, the pre-installation environment, and run a virus scan. While some viruses are more complicated and may require further remediation techniques, this will be able to remove most basic malware infections.

5. Schedule Scans and Run Updates

When a virus is removed, set the antivirus software to automatically update the signature files and schedule scans to prevent future infections.

6. Enable System Restore and Create a Restore Point in Windows

The next step is to re-enable System Restore and create Windows restore points.

7. Educate the End User

Users are the last line of defense when it comes to computer security. There is no antivirus or spam filter program that is 100% accurate, so even with these items in place, the user should be educated on proper email and internet usage to avoid getting a malware infection on their device.

Mobile OS and Application Issues

Portable devices are common in the workplace, so you will need to become familiar with the following items related to the support of these devices. Questions in this area will be scenario based.

Common Symptoms

Like operating systems, mobile operating systems and applications may suffer from common symptoms. While the following is not an exhaustive list, these are some of the issues you may encounter on the CompTIA A+ exam.

Application Fails to Launch

When an application fails to launch, it may be because the application was not shut down completely and is still running in the background. Another potential cause of a failure to load is a corrupted application cache. When troubleshooting application failures to launch, first try to force quit the application, then clear the application cache if allowed, and, finally, delete and reinstall the application if the first two options do not remedy the issue.

Application Fails to Close/Crashes

An application may intermittently fail to close or it may crash. If this occurs, attempt to recreate the scenario that caused the issue, which may help narrow down what is causing the failure. Remediation is the same as for a failure to launch. Force quit the application, clear the cache if possible, then uninstall and reinstall the application.

Application Fails to Update

Most application updates are controlled by the Google Play Store or the Apple App Store, which automatically update applications. If an application fails to update, the first step is to try to manually update the application. Make sure that the phone is compatible with the current version of the application as well. If this does not work, force quit the application and reboot the device. You may also need to temporarily disable antivirus or anti-malware on the device. Finally, uninstall and reinstall the application.

Slow to Respond

Slow performance or response time is typically related to RAM. RAM usage on a mobile device works like it does on a standard computer. If the device is slow, free up RAM space by closing applications and currently running processes.

OS Fails to Update

When the OS fails to update on a mobile device, it may be caused by multiple conditions that require similar troubleshooting steps as a desktop OS. First, reboot the system to clear up RAM space, then check the specifications for the updated OS to ensure device compatibility, check storage space, and check network connectivity.

Battery Life Issues

A mobile device battery, like all batteries, has a life span. To increase the life of the battery or to reduce how quickly the battery drains, make sure applications are closed when not in use, limit background applications, allow the device to dim automatically, turn off location services, and disconnect peripherals and Wi-Fi when not in use.

Random Reboots

Random reboots of a mobile device may be indicative of a hardware problem within the device that may be difficult to diagnose. To troubleshoot, check the most common culprits, including battery health, storage capacity, needed updates, overload of running applications, or auto-restart options.

Connectivity Issues

Connectivity issues for mobile devices may include local connectivity issues or broader provider connectivity issues. If, after rebooting the device, the connectivity issue is determined to be a provider issue, contact the provider for support. However, local connectivity issues may be troubleshot.

Bluetooth

To troubleshoot Bluetooth connectivity issues, first check to make sure Bluetooth is enabled and the device is not set to airplane mode. If Bluetooth is enabled, check to ensure the desired device is paired. If not currently paired, pair the device by allowing the mobile device to scan for peripherals within range.

Wi-Fi

Wi-Fi connectivity issues can be troubleshot the same way as Bluetooth issues. Make sure Wi-Fi is enabled, make sure the device is not in airplane mode, check to see if a wireless access point (WAP) is within range, and connect to it.

Near-Field Communication (NFC)

Connectivity issues with NFC, most commonly used for hands-free/tap payment, may be caused by the distance from the reader, having airplane mode enabled, a phone case, or a faulty reader. You can also try to log out of the payment system and log back in, which will verify the device’s credentials.

AirDrop

AirDrop is Apple™ proprietary software and allows for the transfer of data, such as files and pictures, to other Apple users within a certain proximity of the sender. AirDrop uses both Bluetooth and Wi-Fi to transfer data between devices. Make sure the devices are not in airplane mode and have Bluetooth and Wi-Fi enabled and working properly. Also, check the AirDrop settings on the device to ensure it allows for discoverability as well as transfer.

Screen Does Not Auto-Rotate

Auto-rotate is the process of switching automatically between landscape and portrait mode on a screen. If the screen does not auto-rotate, the auto-rotate function is most likely disabled. If auto-rotate is enabled, but the screen still does not rotate, the application may be frozen. Force quit the application or reboot the device. If none of these work, it may be a hardware sensor issue.

Mobile OS and Application Security Issues

The following are concerns and symptoms you need to be familiar with when dealing with mobile devices. Many of the security concerns of mobile OSs and applications are similar to desktop OSs and applications. Questions in this area will be scenario based.

Security Concerns

While many security concerns of mobile OSs and applications are similar to desktop devices, there are some security issues that are unique to mobile devices.

Android Package (APK) Source

Unlike an Apple device, Android devices are not proprietary and are open-source. Most applications that a user may download are obtained through the Google Play Store, which verifies and monitors the APK of the application for malicious or inappropriate content. However, if an application is installed via an untrusted source, it poses the risk of being malicious.

Developer Mode

Developer mode is a function that allows a user to connect to a device via USB. Developer mode allows increased access to the functionality of the device. The Android OS still offers developer mode, while the latest Apple iOS offers the Xcode application, which limits the range of access for a developer while still allowing for the development of iOS applications.

Root Access/Jailbreak

Root access on an Android device allows the user to function as a superuser on the device, with access to the entire OS and device. With root access, the user can flash the device and install different OSs. Once a device is flashed, it will no longer be connected to the manufacturer, meaning it will no longer auto-update or patch the device and OS. Jailbreaking is most commonly associated with Apple devices and is similar to rooting an Android device, allowing access to the device’s OS.

Bootleg/Malicious Application

A bootleg application, typically in the form of an APK, is a premium application that has had the digital rights management removed. Bootleg applications often contain malicious software. Only download applications from a trusted source and check the permissions that the application has on the device.

Application Spoofing

Application spoofing is a security concern for both Apple and Android devices and occurs when an application imitates a legitimate application. Application spoofing acts similarly to a Trojan horse, where malicious software is installed when the user intends to install a legitimate application.

Common Symptoms

Security problems with a mobile OS or application may be evident in common symptoms that the security-related issue may cause, including high resource utilization, connectivity issues, pop-ups or ads, and missing or altered files or data.

High Network Traffic

High network traffic can indicate that data is being removed from the device or being sent through the device. To troubleshoot high network traffic, begin opening and closing applications one at a time and look for a usage spike beyond the norm for the application.

Sluggish Response Time

Sluggish response time may be indicative of a security problem. First, check to ensure the slow performance is not due to too many applications running at once, and then check individual applications for excessive CPU and RAM usage, which may indicate the application is infected with malware.

Data-Usage Limit Notification

A data-usage limit notification occurs when a device has reached its data limit for a set period. When a data-usage limit notification is sent, the first step is to view typical usage patterns for the device to see if usage is out of the ordinary. If the data usage is atypical, malicious software may be exfiltrating data from the device or using the device as a bot to send information through.

Limited Internet Connectivity

Limited internet connectivity is not necessarily a sign of a security issue, as it can be caused by proximity to WAPs or problems with the transceivers or firmware. However, if these potential causes have been ruled out, the limited connectivity may be caused by malicious software using the majority of the bandwidth on the connection.

No Internet Connectivity

No internet connectivity, like limited internet connectivity, is not necessarily a security-related problem. However, if all other likely scenarios have been exhausted, there are some malicious programs that will stop connectivity completely. To prevent connectivity issues, it is best to use a firewall or anti-malware software.

High Number of Ads

Like a desktop OS, a mobile device can become infected with adware, which spams the device with unwanted or unsolicited ads. Adware is typically installed when it is attached to an application. One way to isolate the malicious application is to uninstall and reinstall suspected applications until the ads stop. If this does not work, you may have to perform a factory reset on the device.

Fake Security Warnings

Fake security warnings on a mobile device are another symptom of malware infection. If this occurs, factory reset the device and install anti-malware before reinstalling applications.

Unexpected Application Behavior

Unexpected application behavior is not always a sign of malware. Sometimes applications just glitch. However, if a freshly installed application behaves in an unexpected manner, this is a likely sign of a security breach. Run a malware scan on the device and factory reset the device if an application is flagged.

Leaked Personal Files/Data

If a device is infected with malware, there is the potential for leaked files and data. To prevent and limit the impact of a data breach, layer security techniques. Install antivirus or anti-malware software, use a mobile firewall, and employ MFA, data encryption, and remote wipe.