220-1202 Software Troubleshooting Study Guide for the CompTIA A+ Core Series Exam

General Information

When software is deficient, so is the system that uses it. That results in processes slowing, stopping, or coming under threat. To be skilled in software troubleshooting, you must be knowledgeable in all types of PC and mobile device software issues. These include things like operating system issues, malware use, and security threats. Of the questions on the CompTIA A+ 1202 test, 23% of them concern these types of concepts. Obviously, software troubleshooting requires a lot of thinking on your feet, so all the questions about this topic begin with a scenario.

Troubleshooting in Windows OS

Many organizations use Microsoft Windows™ as their operating system (OS) of choice. This means that, as a tech, you should be able to troubleshoot issues with the Windows OS and quickly identify common problems. Questions in this area will be scenario-based.

Blue Screen of Death (BSOD)

A blue screen, more commonly known as a BSOD, is a proprietary crash screen on the Windows OS. A BSOD that occurs during the initial boot sequence could be caused by bad hardware, drivers, or applications. Since various factors can cause a BSOD, technicians need to research the specific error message provided by the BSOD.

Degraded Performance

Sluggish or degraded performance is one of the most commonly reported problems with the Windows OS and may be caused by a wide variety of issues. Troubleshooting should start by identifying the component most affected by the slowdown, such as the central processing unit (CPU), random access memory (RAM), hard drive, network, or graphics. You should begin by launching the Task Manager, which will provide insight into the performance of the various components in real time.

Boot Issues

The booting process of a computer occurs when the hardware transfers control of the computer to the OS. A failure to boot occurs when the computer is unable to load the OS. Troubleshooting begins by collecting as much information as possible. The Recovery Console or Windows Recovery Environment (WinRE) provides this information as well as options to allow Windows to repair itself via the Startup Repair option.

Frequent Shutdowns

Frequent shutdowns are most often caused by faulty hardware or faulty drivers, but power settings may also cause them. To begin troubleshooting, open the Event Viewer, then click on Windows Logs and System to view the Kernel-Boot or Kernel-General logs. These logs will let you know if the OS is shutting down properly or due to a lack of power. If you suspect a hardware problem, the first step is to reinstall the drivers before swapping for known working components.

Services Not Starting

Services are the backbones of our computers. Sometimes, necessary services do not start when the computer loads. Services can be stopped, started, and restarted in the Services menu and can also be viewed from Task Manager. When a service associated with a specific application won’t start, it might be time to consider reinstalling it.

Applications Crashing

It is not uncommon for applications to crash on a computer, and there are many different causes for these crashes. When an application crashes, the user may see the application close unexpectedly or simply freeze. If the application freezes rather than closes when it crashes, it may be necessary to end the task in Task Manager.

Low Memory Warnings

RAM is where the OS stores the data it is currently using. If the RAM on a computer fills up, it will move some of the working data into the page (or paging) file. A low memory warning occurs when there is not enough room in the page file for RAM to move data to it. The available space in the page file can be configured to auto-allocate space by the Windows OS via the Control Panel.

Universal Serial Bus (USB) Controller Resource Warnings

The USB controller provides power and a data path to connected devices. USB ports located in the back of the device provide a direct connection to the motherboard, commonly resulting in higher performance than USB ports connected to the front of the device. Most 2.0 ports can accommodate five concurrent loads of 100 milliamperes (mA), while 3.0 ports can accommodate six concurrent loads of 150 mA. If the connected device draws more power than the USB controller can handle, the USB controller resource warning will appear. The simplest way to address this problem is to relocate some USB-connected devices to other USB ports.

System Instability

System instability can cause application crashes. The first step to take is to look for uninstalled updates or patches for the application or the OS. The Reliability Monitor is also a helpful user-friendly tool that provides information on application crashes as well as the dates when updates and patches were installed. The Events Viewer in the Reliability Monitor provides extensive detailed technical information and insight into applications, error codes, and logged events.

No OS Found

The “No OS found” message indicates a specific type of failure to boot. It occurs when the computer is unable to locate OS files. This can be either because the storage devices do not contain any OS files or the boot configuration loader is pointing to the wrong partition.

Slow Profile Load

A profile that takes a long time to load can be a result of having too many applications load at startup. It could also be a result of insufficient hard drive space or memory.

Time Drift

Time drift occurs when the real-time clock (RTC) on the motherboard begins to shift, causing the computer to run either faster or slower. Time drift on an OS running on a hypervisor experiences this issue more drastically due to the fact that the hypervisor has to emulate the RTC rather than be in direct communication with the motherboard. Time drift can cause authentication problems as well as invalidated certificates.

Troubleshooting Personal Computer (PC) Security

Some computer issues are related to security. To address them, you should be able to spot the signs of particular problems and know the tools available to render a solution. Questions in this area will be scenario-based.

Common Symptoms

While symptoms of PC security issues can be highly intricate and complicated, you will need to be familiar with at least some of the more common symptoms that may indicate a security-related problem.

Unable to Access the Network

The inability to access the network can be caused by various conditions, both security-related and not, such as a faulty network interface controller (NIC), IP addressing failure resulting in local connections only, or improperly installed network software. Security-related inability to access the network can be caused by malware, which can redirect network settings or force the connection to go through a proxy that may attempt to steal data.

Desktop Alerts

An operating system infected with malware may produce a desktop alert that is designed to look like a legitimate OS alert. These alerts are typically intended to scare the user into taking action, such as calling a specified number. When the number is dialed, a threat actor may attempt to sell a product or garner information from the user.

False Alerts Regarding Antivirus Protection

One of the most common false alerts is designed to imitate antivirus protection. These alerts tell the end user that their system is at risk and immediate action is required. The main goal of such alerts is to sell a product or collect information from the user.

Altered System or Personal Files

Indicators of a security issue can also be evident in the files stored on the computer. Malware may rename or delete files as well as alter the permissions on a file, locking the user out. Common malware that can affect files includes the rootkit, which gains embedded privileged access to the OS, and ransomware, which holds files or the entire system hostage until a set amount is paid.

Missing/Renamed Files

If an OS is infected with malware, a threat actor may move or rename files or replace the files with malicious files. However, renaming a file or moving a file also changes the path of the file. If the file is needed to run an application or program, changing the path of the file can render the program useless.

Inability to Access Files

The inability to access files on a PC may be indicative of the presence of malware that is causing file corruption. Although, it may also be caused by restricted access, security configurations, faulty hard drives, corrupted file data, or connection problems to the hardware containing the files.

Unwanted Notifications Within the OS

Unwanted notifications within the OS may also be a sign of malware infection. These OS notifications may attempt to coax the user into installing additional malicious programs, possibly in the form of a trojan horse, a program hidden behind a legitimate program.

OS Updates Failures

If an OS won’t install updates, this could be a symptom of a virus. Malware in general can interfere with regular OS updates.

Browser-Related Symptoms

Security issues can also be evident in a web browser. Since they are so frequently used, the web browser is the easiest avenue for a threat actor to infect a system.

Random/Frequent Pop-Ups

While pop-ups occur for a variety of reasons, including some legitimate reasons, if you click on the wrong pop-up, it may expose you to malware. Pop-ups that occur randomly should be addressed with a malware cleaner.

Certificate Warnings

If you are browsing the internet and receive a security alert that a site has an invalid certificate, that could indicate the site is malicious and should be avoided. However, it may simply be that the site has an incorrect PC clock setting, causing its site certificate date to differ from your PC’s date. If you do receive a certificate warning, it is best to take caution unless you know for certain the site is safe.

Redirection

If you find your default browser has been changed or the results of a search come from a third-party site, it is likely that your browser has been redirected by malware. An anti-malware cleaner may or may not address the issue. You may want to restore your system from a known good backup.

Degraded Browser Performance

Degraded browser performance may be caused by issues with the browser itself or by the hardware running the browser. Browser-related causes include too many open and active tabs, an overloaded cache, malware or adware infection, or an outdated browser. The site hosting the browser may also cause performance degradation if an excessive number of requests or traffic is received or if it is overloaded with pop-ups and ads. Hardware-related causes of degraded browser performance include poor connection to the internet, outdated or overextended computing hardware, and malware or adware infection.

Troubleshooting in Mobile OS and Applications

Portable devices are common in the workplace, so you will need to become familiar with the following items related to the support of these devices. Like a Windows OS, mobile OSs and applications may suffer from common symptoms. While the following is not an exhaustive list, these are some of the issues you may encounter on the CompTIA A+ exam. Questions in this area will be scenario-based.

Application Fails to Launch

When an application fails to launch, it may be because the application was not shut down completely and is still running in the background. Another potential cause of a failure to load is a corrupted application cache. When troubleshooting application failures to launch, first try to force quit the application. Then, try clearing the application cache, if allowed. If those first two options do not remedy the issue, delete and reinstall the application.

Application Fails to Close/Crashes

An application may intermittently fail to close, or it may crash. If this occurs, attempt to recreate the scenario that caused the issue, which may help narrow down the cause of the failure. The remediation process is the same as for a failure to launch. Force quit the application, clear the cache if possible, then uninstall and reinstall the application.

Application Fails to Update

Most application updates are controlled by the Google Play Store or the Apple App Store, which automatically update applications. If an application fails to update, the first step is to try to update the application manually. Make sure that the phone is compatible with the current version of the application as well. If this does not work, force quit the application and reboot the device. You may also need to disable antivirus or anti-malware on the device temporarily. Finally, if the other options don’t work, uninstall and reinstall the application.

Application Fails to Install

Failure of an application to install on a mobile device may be due to multiple issues, including a lack of available storage space, network connection issues, incompatibility with the underlying OS, or security restrictions, among others. To troubleshoot, verify available storage space, the network connection, security settings, and device compatibility, and then restart the installation process.

Slow to Respond

Slow performance or response time is typically related to RAM. RAM usage on a mobile device works similarly to how it does on a standard computer. If the device is slow, free up RAM space by closing applications and currently running processes.

OS Fails to Update

When the OS fails to update on a mobile device, it may be caused by multiple conditions that require similar troubleshooting steps to those for a desktop OS. First, reboot the system to clear up RAM space. After that, check the specifications for the updated OS to ensure device compatibility, check storage space, and check network connectivity.

Battery Life Issues

A mobile device battery, like all batteries, has a life span. To increase the life of the battery or to reduce how quickly the battery drains, make sure applications are closed when not in use, limit background applications, allow the device to dim automatically, turn off location services, and disconnect peripherals and Wi-Fi when not in use.

Random Reboots

Random reboots of a mobile device may be indicative of a hardware problem within the device that may be difficult to diagnose. To troubleshoot, check the most common culprits, including battery health, storage capacity, needed updates, overload of running applications, or auto-restart options.

Connectivity Issues

Connectivity issues for mobile devices may include local connectivity issues or broader provider connectivity issues. If, after rebooting the device, the connectivity issue is determined to be a provider issue, contact the provider for support. Local connectivity issues, on the other hand, may be troubleshot.

Bluetooth®

To troubleshoot Bluetooth connectivity issues, first check to make sure Bluetooth is enabled and the device is not set to airplane mode. If Bluetooth is enabled, check to ensure the desired device is paired. If not currently paired, pair the device by allowing the mobile device to scan for peripherals within range.

Wi-Fi®

Wi-Fi connectivity issues can be troubleshot the same way as Bluetooth issues. Make sure Wi-Fi is enabled, ensure the device is not in airplane mode, check if a wireless access point (WAP) is within range, and connect to it.

Near-Field Communication (NFC)

Connectivity issues with NFC, most commonly used for hands-free/tap payment, may be caused by the distance from the reader, having airplane mode enabled, a phone case, or a faulty reader. You can also log out of the payment system and log back in, which will verify the device’s credentials.

Screen Does Not Autorotate

Autorotate is the process of switching automatically between landscape and portrait mode on a screen. If the screen does not autorotate, the autorotate function is most likely disabled. If it is enabled but the screen still does not rotate, the application may be frozen. Force quit the application or reboot the device. If none of these work, it may be a hardware sensor issue.

Troubleshooting Mobile OS and Application Security

The following are concerns and symptoms you need to be familiar with when dealing with mobile devices. Many of the security concerns of mobile OSs and applications are similar to desktop OSs and applications. Questions in this area will be scenario-based.

Security Concerns

While many security concerns of mobile OSs and applications are similar to those of desktop devices, some security issues are unique to mobile devices.

Application Source/Unofficial Application Stores

Unlike an Apple device, Android devices are not proprietary and are open source. Most applications that a user may download are obtained through the Google Play Store, which verifies and monitors the Android Package (APK) of the application for malicious or inappropriate content. However, if an application is installed via an untrusted source, it poses the risk of being malicious.

Developer Mode

Developer mode is a function that allows a user to connect to a device via USB. Developer mode allows increased access to the device’s functionality. The Android OS still offers developer mode, while the latest Apple iOS offers the Xcode application, which limits the range of access for a developer while still permitting the development of iOS applications.

Root Access/Jailbreak

Root access on an Android device allows the user to function as a superuser on the device, with access to the entire OS and device. With root access, the user can flash the device and install different OSs. Once a device is flashed, it will no longer be connected to the manufacturer, meaning it will no longer auto-update or patch the device and OS. Jailbreaking is most commonly associated with Apple devices and is similar to rooting an Android device, allowing access to the device’s OS.

Unauthorized/Malicious Application

An unauthorized application, typically in the form of an APK, is a premium application that has had the digital rights management removed. Unauthorized applications often contain malicious software. Only download applications from a trusted source and check the permissions that the application has on the device.

Application Spoofing

Application spoofing is a security concern for both Apple and Android devices and occurs when an application masquerades as a legitimate one. Application spoofing acts similarly to a trojan horse, where malicious software is installed when the user intends to install a legitimate application.

Common Symptoms

Security problems with a mobile OS or application may be evident in common symptoms that the security-related issue may cause, including high resource usage, connectivity issues, pop-ups or ads, and missing or altered files or data.

High Network Traffic

High network traffic can indicate that data is being removed from the device or being sent through the device. To troubleshoot high network traffic, begin opening and closing applications one at a time and look for a usage spike beyond the norm for the application.

Degraded Response Time

Degraded response time may be indicative of a security problem. First, check to ensure the slow performance is not due to too many applications running at once. If that is not the issue, check individual applications for excessive CPU and RAM usage, which may indicate the application is infected with malware.

Data-Usage Limit Notification

A data-usage limit notification occurs when a device has reached its data limit for a set period. When a data-usage limit notification is sent, the first step is to view typical usage patterns for the device to see if usage is out of the ordinary. If the data usage is atypical, malicious software may be exfiltrating data from the device or using the device as a bot to send information through.

Limited Internet Connectivity

Limited internet connectivity is not necessarily a sign of a security issue, as it can be caused by proximity to WAPs or problems with the transceivers or firmware. However, if these potential causes have been ruled out, the limited connectivity may be caused by malicious software using the majority of the bandwidth on the connection.

No Internet Connectivity

No internet connectivity, like limited internet connectivity, is not necessarily a security-related problem. However, if all other likely scenarios have been exhausted, it is possible malicious programs are stopping connectivity completely. To prevent connectivity issues, it is best to use a firewall or anti-malware software.

High Number of Ads

Like a desktop OS, a mobile device can become infected with adware, which spams the device with unwanted or unsolicited ads. Adware is typically installed when it is attached to an application. One way to isolate the malicious application is to uninstall and reinstall suspected applications until the ads stop. If this does not work, you may have to perform a factory reset on the device.

Fake Security Warnings

Fake security warnings on a mobile device are another symptom of malware infection. If this occurs, factory reset the device and install anti-malware before reinstalling applications.

Unexpected Application Behavior

Unexpected application behavior is not always a sign of malware. Sometimes applications just glitch. However, if a freshly installed application behaves in an unexpected manner, this is a likely sign of a security breach. Run a malware scan on the device and factory reset the device if an application is flagged.

Leaked Personal Files/Data

If a device is infected with malware, there is the potential for leaked files and data. To prevent and limit the impact of a data breach, layer security techniques. Install antivirus or anti-malware software, use a mobile firewall, and employ multi-factor authentication (MFA), data encryption, and remote wipe.