A+ Preparation Guide for Computer Hardware and Software

A+ Preparation
APLSC-14
A+ Preparation
APLSC-14
Compiled by: Brendon Gouws
Quality assured by: Storm Leibbrandt and Juan Pierre Pretorius
Edited by: Ali Parry and Norman Baines
Version 1.0
January 2014 CTI Education Group
TABLE OF CONTENTS
Introduction to A+
How this study guide is arranged

Conventions and icons
Module prerequisites
A+ 801 Suggested study schedule
Required equipment and materials
How to approach this module
Study tactics
Learning outcomes and assessment criteria
Taking the CTI A+ examinations
External CompTIA A+ examination
Additional and required reading material
Introduction to computer hardware and software
Introduction to networking
Internet and Web technologies
Social networking and social media
Artificial intelligence
2
2
4
4
5
6
7
8
8
9
10
11
19
21
22
23
A+ 801
24
Unit 1 Staying Safe
24
Unit 2 Cases, Motherboards and Power Supplies
31
Unit 3 I/O, Multimedia and Expansion Bus
90
1.1
1.2
1.3
1.4
2.1
2.2
2.3
2.4
2.5
3.1
3.2
3.3
3.4
3.5
3.6
3.7
3.8
3.9
3.10
3.11
3.12
3.13
3.14
3.15
3.16
3.17
3.18
Health and safety laws

Safety guidelines
Avoiding Electrostatic Discharge (ESD)
Exercises
Cases
Disassembling a computer
Motherboards
Power supplies
Additional exercises
Understanding signalling
Numbering systems
Data representation
Ports and connectors
Modern ports
Display connectors and cable types
Audio connectors
Basic input devices
Touch screens and digitisers
Gesture recognition
System resources
Basic principles to supporting I/O devices and ports
Expansion bus slots
Expansion cards
Display devices
Display characteristics, coating and power
Video adapters
Installing a monitor
24
26
28
30
31
34
39
74
89
91
93
97
101
104
114
120
122
129
132
133
134
136
141
145
154
156
175
3.19 Sound devices

3.20 Multimedia input devices
3.21 Additional exercises
176
186
191
Unit 4 Storage, Memory and Processing
192
Unit 5 BIOS and CMOS Setup
288
Unit 6 Custom Configuration and Gaming
312
Unit 7 Portable and Wearable Computers
324
Unit 8 Printers, Scanners and Bar Code Readers
359
Unit 9 Preventive Maintenance
393
Unit 10 Soft Skills and Incident Response
405
4.1
4.2
4.3
4.4
4.5
5.1
5.2
5.3
5.4
6.1
6.2
6.3
6.4
6.5
7.1
7.2
7.3
8.1
8.2
8.3
8.4
8.5
8.6
8.7
8.8
8.9
8.10
8.11
9.1
9.2
9.3
9.4
9.5
9.6
Storage devices
Memory
Processors
Verifying your work done
CMOS Setup program

Updating firmware
Monitoring and diagnostics programs
Evaluating parts
Computers for business use
Computers for home use
Virtual and augmented reality
Gaming trends
Portable computing devices
Laptops
Wearable computers
Printers
Printer types
Paper
Printer connections
Printer support and research
Basic local print installation process
Upgrading printers
Printer maintenance
Scanners
Barcode and RFID readers
Additional exercise
Environmental controls
Protecting against power problems
MSDS documentation
Throwing away and recycling components
Compliance with laws
Additional exercise
10.1 Job roles and responsibilities

10.2 Professionalism and communication skills
10.3 Incident response and documentation
193
237
256
286
287
288
307
310
311
312
313
316
322
323
324
326
356
359
362
375
376
378
379
379
381
387
391
392
393
396
401
402
404
404
405
406
416
Unit 11 Local and Wireless Networking
420
Unit 12 Internet Connectivity
540
A+ 801 Lab Completion Form
570
Introduction to A+ 802
571
A+ 802
573
11.1 Network building blocks

11.2 Network topologies
11.3 Networking models
11.4 Introduction to Ethernet
11.5 Basic network hardware
11.6 Common network cables and connectors
11.7 Ethernet specifications and speeds
11.8 Structured cabling
11.9 TCP/IP essentials
11.10 Exploring wireless networks
12.1 The Internet
12.2 Connecting to the Internet
12.3 Phone connections
12.4 Broadband Internet
12.5 Sharing an Internet connection
12.6 Testing Internet connection speeds
12.7 Using a firewall for protection
12.8 NAT
12.9 Using proxy servers
12.10 Port forwarding
12.11 Port triggering
12.12 Understanding DMZs
12.13 Voice over IP (VoIP)
12.14 Unified communications (UC) and PBXs
12.15 Mobile collaboration
12.16 Basic QoS
12.17 Cloud computing
12.18 Big Data
A+ 802 study schedule

Required material
Additional reading material
Unit 1 Operating System Installation and Upgrade

1.1
1.2
1.3
1.4
1.5
1.6
1.7
1.8
1.9
1.10
1.11
1.12
1.13
What is an OS?
Choosing an OS
32-bit vs. 64-bit and RAM considerations
Windows operating systems
Verify hardware and software compatibility
Back up data and settings
Choosing an installation method
Automating the installation
Recovering and repairing installations
Upgrade paths
Preparing a hard drive for installation
Windows 7 installation process
Performing an attended Windows 7 installation
420
426
428
435
436
449
460
464
470
519
540
541
542
545
555
556
557
558
559
560
562
563
564
566
567
567
568
569
571
572
572
573
573
575
575
576
588
589
590
597
604
606
609
610
614
1.14 Post installation tasks

1.15 Upgrading Windows Vista to Windows 7
1.16 Upgrading to Windows 8/8.1
618
622
622
Unit 2 Operating System Administration
624
Unit 3 Account Management
678
Unit 4 Storage and File System Management
689
Unit 5 File and Folder Management
719
Unit 6 Applications and Services
745
Unit 7 Device and Power Management
769
Unit 8 System and Performance Monitoring
798
2.1
2.2
2.3
2.4
2.5
2.6
2.7
2.8
3.1
3.2
3.3
4.1
4.2
4.3
5.1
5.2
5.3
5.4
6.1
6.2
6.3
6.4
6.5
6.6
6.7
6.8
7.1
7.2
7.3
7.4
7.5
7.6
7.7
7.8
7.9
7.10
8.1
8.2
Navigating the Windows 7 Desktop

Application windows and dialog boxes
User Account Control (UAC)
Common GUI administration tools
Understanding files, folders and drives
Directory structure and common file locations
Command prompt
Shutdown options
User Accounts
Group accounts
Creating and managing users and groups
Partitioning and formatting disks
File systems
Disk management tools
Windows Explorer
Folder Options
Recycle Bin
File and directory commands
Installing and uninstalling software

Program compatibility
RemoteApp and desktop connections
Configure services
System Configuration (msconfig)
Task Manager
Task command line tools
Time, region and language settings
Configure hardware
Device Manager
Safely removing hot-swappable devices
Display Settings
Tablet PC Settings, Pen And Input Devices
Mouse and keyboard settings
Gamepad and joystick settings
Sound settings
Hardware profiles
Managing power
System tools
Performance tools
624
632
635
638
647
648
651
670
678
680
682
689
695
701
719
725
729
730
745
754
756
757
760
762
767
768
769
772
780
782
788
789
790
791
793
794
798
801
8.3
8.4
Advanced system properties

Performance benchmark software
808
813
Unit 9 Maintenance and Backup
814
Unit 10 Troubleshooting Systems
830
Unit 11 Network Configuration and Troubleshooting
909
9.1
9.2
9.3
9.4
9.5
10.1
10.2
10.3
10.4
10.5
10.6
Maintaining disks
Scheduling tasks
Updating systems
Data backups
Shadow Copy (Previous Versions)
Troubleshooting theory
Understanding the boot process
Repair environments and boot errors
Troubleshooting the registry
Troubleshooting applications and Windows errors
Troubleshooting system components
11.1 Network adapter properties

11.2 Creating network connections
11.3 SOHO security
11.4 Workgroups and domains
11.5 Browsing the network and mapping drives
11.6 File sharing and share permissions
11.7 Permissions and attributes
11.8 Offline files
11.9 Remote access
11.10 Internet connections
11.11 Configuring the web browser
11.12 Windows Firewall
11.13 Troubleshooting networks
814
814
816
822
828
830
836
839
865
866
877
909
915
938
939
946
950
962
970
972
979
991
997
1004
Unit 12 Printer Configuration and Troubleshooting
1027
Unit 13 Computer and Network Security
1063
Unit 14 Mobile Devices
1112
12.1
12.2
12.3
12.4
Windows printing
Installing local printers
Configuring printers
Troubleshooting printers and print devices
13.1 Security fundamentals

13.2 Access control
13.3 Authentication
13.4 Accounting
13.5 Malware
13.6 Symptoms of a malware infection
13.7 Malware research, tools, prevention and recovery
13.8 Social engineering
13.9 Workstation security
13.10 Data security
13.11 User education
14.1 Mobile device hardware

14.2 Mobile operating systems and applications
1027
1032
1040
1056
1063
1064
1070
1076
1077
1085
1087
1100
1102
1104
1111
1112
1118
14.3
14.4
14.5
14.6
Mobile networking
Data synchronisation
Mobile Security
Mobile device resets
1125
1135
1137
1143
Unit 15 - Virtualisation
1144
1216
Unit 16 Theory and Practical Examination
1217
Bibliography
1219
A+ Preparation Evaluation Form
1220
15.1 Virtualisation basics

15.2 Virtual networking
15.3 Purpose of virtualisation
15.4 Virtualisation security
15.5 Working with virtualisation
15.6 Running a VM
15.7 Installing Windows 8.1 on a VM
15.8 Exploring Windows 8.1 in a VM
15.9 VM guest additions and viewing modes
15.10 VM closing states
15.11 Snapshots
15.12 Removing VMs
16.1 Theory examination

16.2 Practical examination
1144
1150
1151
1152
1153
1178
1182
1188
1209
1211
1212
1214
1214
1217
1217
Introduction to A+
Welcome to the A+ Preparation module. The level of
education and type of training needed for many jobs in the
Information Technology (IT) industry vary from employer to
employer, but there is always a need for qualified computer
technicians and other related support roles. As technology
changes and advances, companies are increasingly looking
for qualified people with technical certifications to manage
new technologies and support older ones.
A computer technician (also known as a techie) must be a jack-of-all-trades:
a hardware expert in everything ranging from motherboards to the latest
mobile devices; a software expert in various operating systems and
applications; a troubleshooter; a communicator to handle the occasional
irrational/computer illiterate user; a good listener to gather computer
symptoms from customers; a counsellor to make customers feel good about
their computers and confident in the computer technicians skills; and a juggler
who can manage his or her time and priorities. These skills do not come
overnight and not all of them can be taught, but you can continuously develop
and fine-tune them.
Being a computer technician involves having the knowledge to build a
computer from scratch, manage software, develop problem-solving techniques,
run tests and diagnostics, do installations and give technical support. A
computer technician is responsible for carrying out high quality repair on the
equipment for which he or she is responsible and for keeping that equipment in
good running condition.
A computer technicians work means that he or she must be up to speed with
the latest technological developments while supporting older technologies that
are still in use. Even after qualifying, computer technicians must regularly
attend training workshops to update their knowledge and skills since
technology is always changing. This training will continue throughout your
career.
Furthermore, computer technicians need to be able to understand and be
responsive to the customers needs and requirements. You need to
communicate openly, effectively and honestly with customers regarding the
repairs you have done, and keep them fully informed of any unresolved or
outstanding problems.
The aim of this module is to give you the knowledge to build, install, configure
and upgrade personal computers (PCs), laptops, mobile devices, printers,
virtual machines and other IT hardware and software, as well as to solve
common computer problems. It will take you from the just-a-user level to the
I-can-fix-this level so that you can become an entry level computer technician
or occupy another IT support role.
A+ Preparation | V1.0 Jan 2014
Page 1 of 1229
Once you have completed this module, you will understand and be able to
explain how all the internal components of a computing device work, how to
take the device apart and put it back together, install and work with software,
solve common problems by following common methodologies and, using
system programs and problem-solving software, create a network of
computers so that they can communicate with one another, and perform steps
to extend the lifespan of the computer and other devices.
Hands-on, practical labs and exercises will test your ability to work with and
keep the computer in good working order, as well as upgrade it, and will also
help you to develop computer- and network-related problem-solving skills.
Furthermore, you will learn how to communicate with customers in a
professional manner and how to handle complaints.
How this study guide is arranged

This study guide is divided into two sections:
A+ 801 tests technical understanding of the computer, portable printer

hardware, networking, communication skills and professionalism.
A+ 802 tests understanding of software, operating systems, system and
management programs, maintenance procedures, virtualisation,
troubleshooting, security, networking and mobile devices.
Conventions and icons

The following conventions might be used in this study guide:
e.g. means for example.

i.e. means that is or in other words.
etc. means and so on.
via means by way of.
Bullet lists list learning outcomes and feature lists. Might also list tasks
to complete (for example, in lab exercises).
Number lists give steps for outlining a concept or for completing tasks
(for example, in lab exercises).
Bolded or italicised words show important concepts or terms that you
need to know. Terms whose meaning you must understand are shown in
bold.
Commands commands that need to be entered using a keyboard are
shown in the Courier New font. For example, type ping 192.168.2.2. To
run a command, you must press the <ENTER> key on the keyboard after
typing in the command at the command prompt. If you attempt to run the
command and receive an error for some reason, investigate the problem;
otherwise, ask a lecturer for assistance.
Navigation commands in lab exercises, files, applets, dialog boxes and
other information displayed on the screen are shown in bold. For example,
click Start and then choose Computer, and so on.
Page 2 of 1229
Sequences of commands sequences of steps to follow are shown in

bold with arrows. For example, click Start > Control Panel > System
means click Start, click Control Panel from the Start menu and then click
System from the Control Panel.
Mouse usage when asked to click and double-click, use the primary
mouse button; when asked to right-click, use the secondary mouse button.
Note
Information specific to the topic that you should take note of is placed
in this note box, which might also be a tip or caution box. A note box
provides information that should be taken into account, a tip box
provides a tip about a topic relevant to the section, and a caution box
provides very important safety or warning information that should be
noted and adhered to.
The following icons are used in this study guide:
IS/MLM unit icon.
IS/MLM sub-unit icon.
Outcomes at the beginning of each unit. The outcomes indicate

what you are going to learn in each unit.
Additional supplementary reading for you to do to further your

understanding of a topic or for extra research.
Review questions. These refer to questions at the end of each

unit in the GTS A+ Certificate Support Skills Study Notes
(G183eng) and (G185eng) textbooks, respectively.
Practical lab exercises to be done on the computer. Exercises

refer to labs in this study guide and those in the GTS A+
Certificate Support Skills Labs and References (G183eng) and
(G185eng) guides, respectively. If this icon is not shown in this
study guide, it means that you will not be tested on that
exercise in the practical examination. However, it is strongly
recommended that you go through all exercises on your own as
they cover the role of a computer technician.
Page 3 of 1229
Bibliography
Module prerequisites
It is recommended that you have the following knowledge and skills before
starting this module:
Using a keyboard and mouse

Starting and shutting down a computer
Navigating the Windows 7 operating system desktop
Using Windows Explorer to create folders and manage files
Browsing the Web to view websites
A+ 801 Suggested study schedule

You have a total of 30 days (for full-time students) in which to complete your
studies as well as complete both A+ examinations and one practical
examination. Do not go over the time limit, as it may cause you to fall behind
in your qualification schedule. The suggested study schedule in Table 0.1
shows the recommended time (in days) that you should spend on each unit in
section 801 only.
Table 0.1 A+ 801 suggested study schedule
Unit
Units 1 and 2
Unit 3
Unit 4
Units 5 and 6
Unit 7
Unit 8
Units 9 and 10
Unit 11
Unit 12
A+ 801 Theory Examination
Total
Note
Days
1 day
2 days
2 days
1 day
1 day
1 day
1 day
2 days
1 day
1 day
13 days
Part-time students have double the number of days specified in the

table above in which to complete the A+ Preparation module, i.e. 60
days for the total A+ Preparation module. For section 801, they have
26 days.
Page 4 of 1229
Required equipment and materials

Table 0.2 lists the equipment and software needed to complete the exercises in
this study guide and the lab books:
Table 0.2 Computer requirements
Recommended hardware requirements
Two computers with the following specifications for each:
IDE/SATA Hard Drive
1x 80 GB or more hard drive
System Memory
2 GB RAM (4 GB is preferred to run virtual machines)
Processor
2.0 GHz 64-bit capable of running a virtual machine
Windows 8.1 requires a CPU with PAE, NX and SSE2. Additionally,
ensure your CPU supports CMPXCHG16b, Prefetch and LAHF/SAHF to
install a 64-bit OS on a 64-bit computer.
Power Supply Unit
1 x PSU
Graphics
A standard graphics card or on-board graphics to support Windows 7
and Windows 8.1
Microsoft DirectX 9 graphics device with WDDM driver
Motherboard
A standard motherboard
DVD-ROM Drive
A standard DVD drive
Some of the components for PC2 must be in component form.
A second IDE/SATA 20 GB or more hard drive
1 x additional memory module
Additional hardware requirements for each computer
1 x network card
Drive and power cables
1 x monitor with support for XGA graphics
1 x keyboard
1 x mouse
1 x CAT 5e or CAT 6 UTP network cable
1 x PC toolkit
Anti-ESD service kit (optional)
Multimeter (optional)
Software requirements
Drivers for graphics cards and network cards
Windows XP Professional with SP2/SP3
Windows Vista Ultimate edition
Windows 7 Professional OS (64-bit) edition
Windows 8.1 Professional OS (64-bit) edition
A resource disc or USB drive with additional software (provided by the
campus)
Page 5 of 1229
Note
Unless otherwise stated, the majority of the exercises are based on

Windows 7 Professional. It will be stated which exercise to complete
on Windows 8.1 Professional. Any additional equipment and software
that is required will be provided by the campus.
How to approach this module

1. Begin each unit by reading through the outcomes and relevant content of
this study guide.
2. Make sure that you are comfortable with basic industry terms, definitions
and concepts, and that you can identify the different computer, laptop,
network and mobile device and printer components.
3. Make sure that you are comfortable with the Windows desktop, and that
you are familiar with the different menus and functions.
4. Make sure that you complete the review questions at the end of each
chapter of the GTS books and the hands-on lab exercises.
5. If you still feel that you need further information on the topics covered in
the A+ module, you can ask your lecturer for help. You can also visit the
following websites:
o www.webopedia.com: Webopedia is a great online dictionary of computer
and Internet terms.
o www.techterms.com: Another online dictionary of computer and Internet
terms.
o www.wikipedia.org: Wikipedia is a huge, user-written online
encyclopaedia. A lot but not all of the information is technically
correct.
o www.howstuffworks.com: This site has general information about many
types of technologies: computers, cars, electronics, science and more.
There are several websites that will be referred to throughout this study guide,
some of which you will access frequently when working as a computer
technician while others are also very helpful. Two helpful websites for Windows
products are:
technet.microsoft.com: The Microsoft TechNet website has technical

information about all of Microsofts products.
support.microsoft.com: The Microsoft Help and Support website has
many articles that show you how to configure Windows and troubleshoot
Windows problems. To configure something means to set up or make
changes to that item.
Here are the websites to go for official certification information:
www.microsoft.com/learning/mcp: Microsoft certifications

www.comptia.org: CompTIA certifications, including A+,
Security+, Cloud+ and Mobility+.
www.ibm.com/certify: For IBM certifications
Network+,
Page 6 of 1229
www.cisco.com/certification: For Cisco certifications

www.vmware.com/certification: The place to go for information about
virtualisation certification in VMware tools
The following websites are general resources for researching anything IT:
reviews.cnet.com: CNETs reviews section offers reviews on all types of

computer hardware, software, mobile devices and networking.
www.hardwarecentral.com: Hardware Central is a good source of general
computer hardware information, reviews and advice.
www.tomshardware.com: Toms Hardware Guide is the place to go if you
want detailed information about the latest in computer and mobile device
components.
Search engines are often the first places to go when you are trying to solve a
problem and need information fast:
www.google.com: Google is a popular search website on the Internet, with

a huge database of websites that is continuously updated. Google has a
powerful keyword search feature that lets you improve your search.
www.yahoo.com: One of the best places to go if you want to browse
categories rather than search for keywords.
Note
Websites have a tendency to either disappear or drop information that

was once relevant to a topic. If any of the links in this study guide are
no longer available or do not seem to have relevant information, you
may need to conduct your own research. As always, practise safe web
surfing.
Study tactics
Perhaps it has been a while since you have studied for a test. Here is a trick
that law and medical students use who have to memorise lots of information:
write it down.
The act of writing something down can help you remember important
information, even if you never look at the information again. Try taking
separate notes on the material to help memorise the information. Additionally,
make flash cards with questions and answers on difficult topics. Take your
notes to bed and read them just before you go to sleep. Many people find they
really do learn while they sleep! Also, the more times you go through the
information, the more likely it will remain in memory.
Page 7 of 1229
Learning outcomes and assessment criteria

Assessment for pass:
A pass is awarded for the unit on the achievement of all the pass assessment
criteria.
Learning outcomes
Assessment criteria for pass

To achieve each outcome a student
must demonstrate the ability to:
LO1
Be able to manage hardware
devices
1.1
1.2
1.3
Identify hardware functions

Perform hardware installations
Configure hardware devices
LO2
Be able to manage software
2.1
2.2
2.3
Identify software functions

Perform software installations
Configure software
LO3
Be able to perform support
functions
3.1
Use techniques to approach

troubleshooting
Solve problems
Perform maintenance tasks
Communicate in a professional
manner
LO4
Be able to manage networks
4.1
4.2
4.3
4.4
3.2
3.3
3.4
Identify network functions

Perform network installations
Configure networked systems
Secure systems
Taking the CTI A+ examinations

At the end of each section, a theory examination has to be completed for that
section. At the end of the 220-801 section, you must complete one 220-801
CTI theory examination. At the end of the 220-802 section, one 220-802
CTI theory examination must be completed.After successfully completing
both CTI theory examinations, you will need to complete only one practical
examination covering both sections. Both theory examinations contribute
70% towards your total mark and the practical examination contributes 30%.
Page 8 of 1229
Note
This study guide must be studied thoroughly. 100% of the CTI

theory examinations will examine you on the content of this
study guide only. To prepare for the CTI practical examination, you
must go through the practical lab exercises covered in this study
guide as well as those covered in both the A+ Certificate Support
Skills Labs and References GTS books. Some exercises in this study
guide and the GTS lab books overlap each other, resulting in your
doing the same task or a similar task twice. This gives you plenty of
practice so you can say you are competent in performing that
particular task.
Table 0.3 Examination breakdown
Component
A+ 220-801 Theory Examination
40
A+ 220-802 Theory Examination
30
A+ Practical Examination
30
Total
Note
100
To complete the CTI A+ Preparation module, you must pass both the
internal CTI A+ 220-801 and A+ 220-802 examinations. The study
guide will prepare you for CTIs internal examinations.
Please visit the following links on the GTS website for practice examinations on
both sections of the A+ Preparation module:
220-801: www.gtssupport.com/flower27/220-801/index.htm
220-802: www.gtssupport.com/flower27/220-802/index.htm
External CompTIA A+ examination

CompTIA is a provider of professional certifications for the IT industry. To
achieve the CompTIA A+ certification, you must pass two examinations. The
first examination is the CompTIA A+ 220-801 examination and the second is
the CompTIA 220-802 examination.
The CompTIA A+ 220-801 and 220-802 exams measure necessary
competencies for an entry level IT professional with the equivalent knowledge
of at least 12 months of hands-on experience in the lab or field. Students will
have the knowledge required to assemble components based on customer
requirements; install, configure and maintain devices, computers and software
for end users; understand the basics of networking and security/forensics; and
properly and safely diagnose, resolve and document common hardware and
software issues while applying troubleshooting skills.
Page 9 of 1229
Successful candidates will also provide appropriate customer support; and

understand the basics of virtualisation, desktop imaging and deployment.
CompTIA A+ syllabus
Several CompTIA examinations now include performance-based questions. This
means that when you start such a question, you will be required to perform a
task or solve a problem within a simulated environment, such as in a command
prompt or the Windows environment, to answer the question.
For more information about the CompTIAs A+ examination objectives and the
CompTIA-approved course material, please visit www.comptia.org. The
examination domain objectives for each of the CompTIA examinations have
been included in the GTS textbooks. Be sure that you familiarise yourself with
the objectives so that you know what to concentrate on when you review your
work.
Additional and required reading material

You will receive four GTS textbooks in total.
The following two textbooks are for additional reading purposes only. They
are based on CompTIAs A+ examination objectives. The CTI theory
examinations will not examine you on the content in these two books, but
should you wish to write the CompTIA A+ examinations, it is recommended
that you study the following A+ 801 and A+ 802 GTS books:
A+ 801
GTS A+ Certificate 801 Support Skills Study Notes (G183eng)
A+ 802
The following two GTS lab books are required. You must complete the
exercises in these two books in preparation for the practical examination:
A+ 801
GTS A+ Certificate 801 Support Skills Labs and References
(G183eng)
A+ 802
GTS A+ Certificate 802 Support Skills Study Notes Labs and
References (G185eng)
Page 10 of 1229
The following textbook, which may be borrowed from the campus library, as
additional, supplementary reading so that you can deepen your
understanding of the topics in this module:
Prowse, L.D. 2013. Authorized Exam Cram CompTIA A+ 220801 220-802. 6th edition. Pearson Education, Inc.
It would also be beneficial to your studies if you do additional research using

resources such as the Internet (with many websites listed in this guide to help
you on your way) and to consult your lecturer on the topics that you might be
finding difficult to understand.
Introduction to computer hardware and software

The rest of this unit aims to introduce some of the basic computer and
networking concepts to those who may be unfamiliar with them.
Note
This unit does not need to be studied for the examinations. It

is for introductory purposes only.
Computer literacy means knowing about and understanding how computers

and other IT devices work, together with their uses. It is an important skill for
any computer technician. A computer is an electronic device, activated by
instructions, that can accept data (input), process that data according to rules
(processing) into useful information (output), and store that information for
future use (storage).
Data and information: Although the terms data and information are
commonly used interchangeably, data is technically speaking any kind of
information, such as numbers, letters and symbols, that the computer
processes in the form of electrical signals as binary 1s and 0s. When data is
processed in a way that it is meaningful to people, it becomes information.
A computer technician should also understand binary. Although people use the
decimal number system (0 to 9) for everyday mathematics, computers use the
binary number system (1 and 0 binary digits or bits) to store and perform all
counting and calculations on data. A bit is represented by two states: 0 and 1,
and a combination of these two states represents everything displayed on
screen, including letters, numbers and videos.
A computer is made of up of hardware, software and firmware:
Hardware
Hardware refers to those components that you can see and touch. The physical
computer and the components inside it, as well as input and output devices,
are examples of hardware.
Page 11 of 1229
An input device is any hardware device that can be used to enter data and
instructions into the computer and select commands. Some commonly used
input devices are:
o Keyboard has keys to enter data into the computer.
o Mouse a small hand-operated device that controls the movement of a
small symbol, called a pointer or cursor, on the screen to make
selections.
o Microphone allows you to speak into the computer.
o Webcam a digital camera that allows you to take pictures and create
videos and store them on the computer.
o Scanner converts paper-based material so that it can be used by the
computer.
An output device is any hardware component that allows information to

be shown or provided to the user. Three commonly used output devices
are:
o Printer transfers information onto a physical medium such as paper.
o Monitor a display unit that displays text, graphics and videos on its
screen.
o Speaker plays sounds such as music.
An input/output device that is not installed on the motherboard is known as a

peripheral device. Printers, scanners and external drives are examples of
peripheral devices. Figure 0.1 shows common components of a personal
computer (PC).
Computer case
Monitor
Mouse
Keyboard
Figure 0.1 A PC
PC: A PC is a standalone computer that is usually used by a person at
home, school or in an office.
A laptop is a portable computer that has similar components to a full-size
computer but it is smaller and has different specifications. A smartphone is a
mobile device that has advanced computing capabilities beyond making phone
calls, such as email, web browsing and so on.
Page 12 of 1229
Smartphones have touch screens that you can touch with your fingers to
perform tasks. Touch screens are both input and output devices, and are
common in portable computers, mobile phones, tablets and in wearable
computing devices, such as glasses and smart watches.
Figure 0.2 Computing technologies

Software
Software is programs that give the step-by-step instructions that tell computer
hardware what to do. Unlike hardware, software cannot be touched. A set of
instructions is called a program. Once the program is installed, you run (or
launch) the program and the computer loads it by copying it from storage to
memory where the computer can carry out, or execute, the programs
instructions so that you can use it. Programs can be stored on chips or as
program files.
People that create and change programs are called programmers or
developers. A programmer creates a program by writing or coding the
programs instructions using a programming language. The language is
made up of a unique set of words and other characters as well as special
syntax (rules) for organising instructions. A programmer might also use a
program development tool that provides him or her with a user-friendly way
of creating programs. The set of instructions written in a particular
programming language is known as source code. Figure 0.3 shows
programming instructions for the Hello World window.
private void btnPressMe_Click(object sender, EventArgs e)
{
// Message displayed on a label
lblHelloWord.Text = "Hello There!";
// message displayed on a button
btnPressMe.Text = "Press Me!";
}
Page 13 of 1229
Figure 0.3 Using program instructions (top) to create a program

window (bottom)
Although source code is easy for people to read, understand and create
programs with, the computer cannot understand it. Therefore, for the
computer to be able to execute instructions, the program must first be turned
into machine language (binary 1s and 0s). The process of translating source
code into machine language is carried out by programs called assemblers,
interpreters and compilers.
Software falls into two sub-categories:

o System software takes control of the computer when it starts and
plays a central part in controlling everything that happens after that. An
Operating System (OS) belongs to this sub-category. Examples of
computer operating systems include Windows, Mac OS X and Linux. A
mobile OS is a type of OS used with mobile devices such as
smartphones, tablets and wearable computing devices. Examples
include Android, IOS, Symbian OS, Blackberry and Windows Phone.
Utility software is system software that users with an advanced level
of computer knowledge can use to configure and manage the computer
and its components. Examples of utility software include backup
software, disk checkers, file managers, network analysers and so on.
These are also known as tools.
User and user interface: A user or end user is a person who uses the
computer directly or uses the information it provides. The user interface is
the way the user interacts with the computer or device, in particular through
the use of input devices, gestures and software.
o The two main types of user interface that are available are:
Graphical user interface (GUI) pronounced gooey, it allows
you to interact with the computer by pointing to and selecting
graphical objects that represent programs and other items on the
screen. See Figure 0.4.
Page 14 of 1229
Figure 0.4 Windows 7 GUI (left) and Windows 8 GUI (right)
Command line interface a user interface to a computers OS or

an application that allows you to type in commands on a specified
line (or prompt) to perform specific tasks. Figure 0.5 shows the
output of the command ping 127.0.0.1 entered at the Windows
command prompt application.
Figure 0.5 Running a command at the command prompt

Command: An instruction to the computer to do one or more tasks by
means of typing in characters at the command line interface or making
choices from a menu.
o
Application software used to perform specific tasks on a computer,

such as typing out a letter or browsing websites. Examples include word
processing, presentation and web browser software. An application is
installed on an OS.
Firmware
Firmware is software programmed into a hardware chip. It is known as
software on a chip, and the softwares job is to control the hardware to which
the chip is attached.
Page 15 of 1229
BIOS: Short for Basic Input/Output System, the BIOS is a firmware chip
that includes software code that gives the computer basic instructions for it
to start. BIOS programming is referred to as bootstrap programming while
starting a computer is known as booting the computer. The BIOS works
with Complimentary Metal-Oxide Semiconductor (CMOS) memory,
which stores BIOS hardware parameters that you can see and change using
a program.
Information processing cycle
Some people refer to the input, processing, output and storage activities of a
computer as the information processing cycle. Figure 0.6 shows an
example of this cycle.
Figure 0.6 Information processing cycle

Using the four stages to master how the computer works and to become a
great computer technician requires understanding all of the pieces of
hardware, software and firmware involved, and how they work together to
make up the various stages. In addition to these four stages or primary
functions, computers also perform communication functions, such as sending
or receiving data from other devices.
Platform and system: Platform generally refers to specific hardware or
software or a combination of the two that allows other software like a video
game to work. The term system is also commonly used to convey the same
meaning, but a system can include almost anything, including people.
A computer technician must know what computer components do and how
they work together. The best place to start is with an actual computer and its
components:
Computer case
This is a housing unit for the internal components of a computer.
Motherboard
The motherboard is a large circuit board that holds and electrically
interconnects many of the components the computer requires to work
properly. Figure 0.7 shows an example of a motherboard.
Page 16 of 1229
Figure 0.7 A motherboard

Adapter: An adapter is circuitry built into the motherboard (called onboard) or a circuit board that is plugged into slots on the motherboard. An
adapter that comes in the form of a circuit board is called an adapter card
or expansion card. The slots on the motherboard that expansion cards are
plugged into are known as expansion slots.
Central processing unit (CPU)
Known as the brain of the computer, the CPU or processor is a chip on the
motherboard that processes data and does calculations for the computer. The
machine language mentioned previously is the instructions that the CPU
executes to process data.
Chip: Another name for an integrated circuit (IC), a chip consists of a
number of circuitry and circuit elements packed together into one unit.
Memory
There are two main types of memory used by computers: RAM and ROM. RAM
(random access memory) or system memory is used by the CPU to
temporarily store program instructions and data while it is processing it. RAM
is volatile, which means that the data stored inside its chips is lost when
power to the computer is switched off. RAM memory chips can be found on a
circuit board called a memory module which can be plugged into RAM
expansion slots on the motherboard. Figure 0.8 shows a memory module.
Figure 0.8 RAM module

ROM (read-only memory) is non-volatile memory because data remains
inside the chip even when the computer is turned off. Traditional ROM normally
can only be read from and not written to. However, modern flash ROM and
RAM can be read from and written to.
Page 17 of 1229
Hard disk drive (HDD)

A hard disk drive is a storage device that stores data and instructions
permanently or semi-permanently. Figure 0.9 shows an internal hard disk
drive.
Figure 0.9 Internal hard disk drive
Optical discs and drives

An optical disc is a generic term for a flat, round, portable disc that stores
data. Compact Discs (CDs), Digital Versatile Discs (DVDs) and Blu-ray discs
are types of optical discs. The drives that use optical discs are generically
called optical drives.
Disc and disk: Both components are used to store data and in many
contexts, the two are used interchangeably. For this study guide, know
that a disc refers to optical media such as a DVD and a disk refers to
magnetic media such as a hard disk drive.
Flash storage
Flash memory refers to non-volatile memory chips that store data. It can be
built into the computer or into a storage medium, and can be erased and
rewritten to using an electrical process. A flash drive is an example of a device
that uses flash memory. A flash drive is a removable storage device that has
a connector that you can plug into a computers Universal Serial Bus (USB)
port. Once a flash drive is plugged into the computers port, data can be
transferred to/from the computer. The flash drive can then be removed from
the computer using the proper removal procedure.
Figure 0.10 Flash drive
Page 18 of 1229
Power supply unit (PSU)

Computers and other electronic devices need electricity to function. The power
supply unit is a power converter that takes the standard electricity from the
wall outlet (alternating current) and converts it into the type of electricity
needed by the computer to function (direct current).
Figure 0.11 PSU
Cables
There are two types of cables used inside the case:
Data cable this connects components to each other so that they can
transfer data.
Power cable supplies electricity to a component.
IT infrastructure
Although it has different definitions, IT infrastructure generally refers to a
set of hardware, components, systems, software, networks, facilities and
everything else that supports the flow and processing of information for a
company. It generally does not include people and documentation.
Introduction to networking
A computer network is a group of computers and devices connected to one
another in order to share information. The simplest network has two computers,
the connectivity media such as a cable or over the air wireless signals, and
the network adapter that works as the computers connection to the network.
Common networking terms
Computer networking has its own language. You should understand the
following terms before starting this module:
Communication sending data from one device to another.
Client a computer that allows you to access the network and take
advantage of the resources and services available on it. Generically, a client
can also refer to any application that you use to access a network server.
Page 19 of 1229
Server a computer that gives clients access to the network as well as

resources and services that they have requested. An example is a file server
that stores files for users on the network.
Protocol refers to rules for how computers should communicate with
each other.
Network administrator the caretaker of the network who controls
access to and manages the entire network. The network administrator is
part of the IT department.
Mobile user a person who works on a computer or mobile device while
away from the companys office. Working away from the office but still often
communicating with the office is known as telecommuting.
Account the means by which the computer or network knows who the
user is and what rights the user has on it. Rights define what the user can
and cannot do with resources. A user cannot log on to the computer,
network or resource without an account. An account is normally a
combination of a username and password (a secret set of characters).
Log on (or log in) the process of identifying who the user is to the
computer or network.
Log out (or log off) the process of leaving the network. When the user
logs out, any network resource the user was connected to becomes
unavailable to the user.
Online and offline when a computer is turned on and can access the
network, it is said to be online. When the computer cannot access the
network, it is said to be offline.
Share/shared resource a resource that is made available to users on
the network. Examples of resources include hard drives, files, applications
and printers.
LAN stands for Local Area Network and is a network made up of a group
of computers and other devices connected at one location, such as in a
home, office or building.
WAN stands for Wide Area Network and is a large network made up of a
collection of LANs that are spread out over an extensive area, such as
across a city or country.
Local and network resources

Local resources are items such as hard disk drives and optical drives and
files that are directly attached to a computer, and are only available to the
user when the user accesses the computer when sitting in front of it. Network
resources are resources on a computer or device that have been made
available over the network for other users to access from their own devices.
Resource and routine: In general, a resource is any hardware or
software that can be accessed on the local computer or across the network,
including a computer. In many operating systems, the term resource refers
specifically to data or routines that are available to programs. A routine is
a section of program code that might be called upon and run anywhere
within a program to perform a particular task. It is also known as a
function, procedure or subprogram. A system resource is used by the
processor and other parts inside the computer to communicate.
Page 20 of 1229
IP address
An Internet Protocol (IP) address is a number assigned to each computer
participating in a network that allows them to communicate.
Proprietary vs. standard
The term proprietary means any process or way of doing something that
works only on one vendors or manufacturers equipment. A standard, on
the other hand, is any way of doing something that the industry has agreed
upon.
Authorised vs. unauthorised access
Unauthorised access occurs when someone gains access to a computer or
network resource without permission, typically by hacking into the resource.
Unauthorised use involves using a computer resource for unauthorised
activities.
Internet and Web technologies

The Internet, simply referred to as the Net, is a worldwide network that
connects millions and billions of networks, computers and other devices
together for various purposes. The Web, short for World Wide Web
(WWW), is a library of information that is available to everyone connected to
the Internet. The Web has interactive documents called web pages with
information on topics such as books, music and games that are displayed to
users in the form of multimedia content such as text, pictures, sound,
animation and video. Animation is the process of creating moving pictures
using computer software. Web pages often contain embedded programs that
cause them to function like the software that users install on their computers.
Web pages also often have hyperlinks that users can click to go to other
related web pages.
Figure 0.12 The Internet

A website is a location, such as a computer or server running web software,
connected to the Internet that stores one or more web pages and makes them
available to users connected to the Internet or even the local network. The
application that allows users to search the Web to find websites and access
web pages and other information is called a web browser.
Page 21 of 1229
Figure 0.13 shows a web browser displaying the CTI web page accessed from
the www.cti.ac.za website.
Figure 0.13 A web browser showing the CTI web page
Social networking and social media

Also known as a virtual community, the technical definition of a social
network is a social structure made up of users or companies called nodes that
are connected by friendship, relationship, family, common interest, business,
knowledge, or like or dislike. The type of relationship and sharing of
information over social networks is often referred to as social media.
Figure 0.14 Social Media
Page 22 of 1229
Artificial intelligence
Artificial Intelligence (AI) is the area of computer science that focuses on
making systems and software think and behave like humans and reason with
the world around it. Software that suggests music you might like to hear or
restaurants you might like to eat at are examples of AI.
Figure 0.15 Artificial Intelligence
Page 23 of 1229
A+ 801
Welcome to the A+ 801 section of the A+ Preparation module. In the units of
this section you will learn about safety and preventative measures; computer,
portable, and printer hardware; communication skills and professionalism;
networking; and Internet connectivity.
Unit 1 Staying Safe

Safety first! As a computer technician, you will be giving a hands-on service,
repairing, maintaining and upgrading users computers and other equipment.
Safety is very important and you need to be aware of some general safety tips.
At the end of this unit, you will be able to:
Understand safety procedures when dealing with the dangers

associated with computer support.
Work with computer components by following the correct
procedures and using the correct tools to reduce the risk of
electrostatic damage.

Module 1 Unit 1 (p. 310)

Review Questions:
o Safety Procedures (p.10)

(G183eng):
o Lab 1: Implementing an Anti-ESD Service Kit (if available)
1.1 Health and safety laws

When dealing with health and safety, two terms are often used: compliance
and regulation. Compliance means obeying a rule or law while regulation is
a rule designed to control the behaviour of people to whom it applies. While
thinking about safety, you must obey the regulations of the local government
authorities, which might mean wearing protective gear or taking extra safety
steps when working in the workplace.
Page 24 of 1229
Compliance often relates to what software the computer technician can or

cannot install on the customers or users computer. Check with management
or the local governments website for more information.
Regulations that typically affect computer maintenance include:
Health and safety laws designed to keep the workplace safe from
danger (hazards).
Building codes designed to ensure the health, safety and protection of
people when it comes to how the building is built, and who makes use of
and works in it. Building code rules ensure that fire prevention and
electrical systems are not damaged and are safe to use.
Environmental regulations rules on how to correctly throw away old or
unused equipment, since throwing away equipment affects the
environment.
Although the rules about workplace safety are determined by local government
authorities in different areas and may vary widely from country to country,
keeping the workplace environment safe is generally the responsibility of
employers and employees who need to work together to keep it safe:
Employers are responsible for providing a safe and healthy working

environment for the persons (employees) that work for them.
Employees are responsible for obeying company rules concerning
workplace equipment, installing devices/software, wearing protective gear,
not interfering with safety equipment, and reporting any dangers and
accidents.
The companys health and safety procedures should be set out in a handbook
that is given to all staff. These procedures should:
Explain what to do when there is a fire or another emergency.

Identify the people who are responsible for health and safety, such as first
aiders and fire marshals.
Identify dangerous areas and safety steps to take when entering those
areas.
Describe best practices for using and taking care of the workspace and
equipment.
Create incident reporting steps for finding and removing hazards and
accidents.
In an emergency situation, you should:

1) Keep calm and not act irrationally.
2) Raise the alarm and contact emergency services, giving them details about
the emergency and your location.
3) Make the scene safe, e.g. when faced with a fire, make sure you have an
escape route, or when faced with an electrical shock, disconnect the power
(if possible).
Page 25 of 1229
4) Only if you have training and it is safe to do so, do what you can to
neutralise the emergency, e.g. give first aid or use fire fighting equipment
to extinguish the fire.
1.2 Safety guidelines

Guidelines help to ensure that proper procedures are followed and precautions
are taken. Here are some important guidelines that you should follow when
working in a computer environment:
The first thing to know about electricity is that your body conducts
electricity, which means that electricity will pass through your body. This
can give you an electric shock, which can cause several symptoms from
muscle spasms to severe burns, to a heart attack and even death. Broken,
faulty or incorrectly installed electrical equipment can give you an electric
shock as well. Always keep this in mind every time you work on any type of
electrical equipment!
The second thing to know is that computer equipment uses electricity.

Always turn off the power by shutting down the computer properly, switch
off the power at the wall outlet, unplug the computer from the wall outlet
and hold down the power button for a few seconds to drain power from
certain components. In addition, before you open the chassis of a laptop,
remove its power adapter and battery.
Do not open and work inside computer power supply units, monitors and
laser printers unless you have been trained to do so. These components
store power for periods of time after being switched off and unplugged. You
should follow any warning signs printed on these systems.
Faulty electrical equipment and failure to respect electricity can lead to a

fire risk. Every computer workbench needs a fire extinguisher, but make
sure that you use the correct one to tackle the type of fire. For electrical
and computer fires, the best type of fire extinguisher to use is a carbon
dioxide (CO2) gas fire extinguisher. However, you must be careful when
using it in confined spaces as the CO2 and the smoke from the fire will
quickly replace the available oxygen in the room, making it difficult for you
to breathe. Although dry powder extinguishers can also be used for
electrical/computer fires, you must be careful because they can damage
the electronic equipment. Although there are many other types of
extinguishers, such as water and foam, these should not be used for
electrical/computer fires.
Be sure to read the instructions on the fire extinguisher before you use it.
Although theory is great, there is no substitute for hands-on safety training,
which might be available in your company. Here is a basic run down on how to
use a fire extinguisher.
Page 26 of 1229
You can use the memory aid P-A-S-S to help you remember this:
P: Pull the safety pin from the fire extinguishers top handle.
A: Aim the hose at the bottom of the fire, not at the flames.
S: Squeeze the top handle to release the substance from the
extinguisher.
S: Sweep the hose from side to side at the base of the fire until
the fire is completely extinguished.
It is important for electrical equipment to be tested regularly by a

qualified electrician to ensure that the equipment is safe to use.
Electrical equipment must be fitted with a fuse of the correct rating

according to the instructions on the equipment. A fuse is a safety
component that stops too much electricity from damaging electrical wiring
and equipment. When too much electricity flows through the fuse or more
than it can handle (its rating), it blows and cuts off the electricity supply.
Once the fuse is blown, it must be replaced with another one. Most
computer equipment is rated at 3A or 5A (amps). A fuse that is rated too
low will blow too easily and one that is rated too high may not blow when
it should.
Electrical equipment, including computer and equipment racks, must be

grounded. Grounding is a safety measure that protects people from
electric shock, safeguards against fire and protects equipment from
damage. By its nature, electricity always seeks the path of least resistance
to the ground. Computer equipment is connected to the building ground
by way of a ground plug.
Ensure that there are enough power outlets available. Do not overload
power outlets, as this could be a potential fire hazard. You can use an
appropriate power strip (an extension lead with multiple sockets) when
you need to plug multiple devices into one power outlet.
Electricity can pass through metal and most liquids, so keep these items
away from electrical equipment.
Take note of the following when using tools and

cables:
Insulated handle
o Always use properly insulated tools and

cables
o Never hold tools by their metal parts
o Touch only insulated handles of tools and
cables
o Only use tools for their intended purpose
Always test live parts with a multimeter. A multimeter is useful for

measuring various electrical properties.
Page 27 of 1229
Avoid touching visible electrical contacts with any part of your skin.
Do not work with electricity in wet surroundings, especially on wet floors.
Keep your hands and the surrounding area clean and dry.
Remove your watch and other jewellery, and secure loose clothing before
handling equipment.
Immediately replace or isolate damaged equipment or cables that could
be dangerous.
Cables can be a trip hazard. Use proper cable management products, such
as cable ties, to tie up multiple cables on the floor and inside the
computer box, and do not run cables across walkways.
Do not leave any equipment in walkways or at the edge of a desk.
When lifting and moving objects:
o Never pick up heavy objects with your back. Rather bend your knees
and then lift with your legs to avoid injuring your back. Reverse this
process when putting the object down.
o Make sure that you have a tight grip on the object before picking it up.
o Keep your back straight when carrying the object.
o Make sure that the path you take to carry the object is clear.
o Be careful when handling large, awkward or hot objects or objects with
sharp or rough edges. If necessary, wear protective gear, such as
gloves, for these objects.
o For objects that are too heavy or awkward to carry, ask another
person for help or use a trolley truck to move the object.
1.3 Avoiding Electrostatic Discharge (ESD)

Electrostatic discharge (ESD) is simply the discharge of static electricity
that happens when two differently charged objects come into contact with each
other. Some parts of the computer are much more sensitive to ESD than other
parts. The processor and RAM memory are very sensitive to ESD. If you touch
the metal parts of the processor or RAM memory and they have any amount of
charge on them, you can destroy these components because you will have a
different charge.
There are several ways of protecting computer equipment against ESD
damage:
Firstly, drain your body and clothing of static electricity before working on
the equipment.
Page 28 of 1229
Touch an unpainted metal part of the computer do this before

handling any sensitive component to drain any electrical charge from you.
Although this is the least effective way to ground yourself, it is a good habit
to get into if you do not have an anti-ESD wrist strap.
Use an anti-ESD wrist strap also known as an anti-static wrist strap,

this is a more effective way of avoiding ESD and grounding yourself. It
conducts static electricity from your body to the ground. The strap comes
with a grounding cable that has on one end a grounding plug or crocodile
clip that you attach to a grounded point or to the metal frame of the
computer case. On the other end the cable has a small metal plate that you
wrap around your wrist using an elastic strap. See Figure 1.1.
Figure 1.1 Anti-ESD wrist strap in use

Caution
Use an anti-ESD service mat also known as an anti-static mat. The

moment you take a component out of the computer, it no longer has
contact with the grounded system and may pick up static charge from
other sources. Therefore, use an anti-ESD mat to place those sensitive
components on.
Note
Do not attempt to connect an anti-ESD wrist strap to the wall

outlet. If the wall outlet is not wired properly, you could be
electrocuted.
Anti-ESD wrist straps and mats use resistors devices that stop the
flow of electricity to stop static charges from running through a
component. These resistors fail over time, so it is always a good idea
to read the documentation that comes with the anti-ESD tools to see
how to test the resistors properly. Tests should be done on a daily
basis.
Use anti-ESD bags for parts almost all computer components come in
anti-static bags when you buy them. Hold onto these bags! When installing
or removing any electrical component, keep it inside the bag until you are
ready to work with it.
Page 29 of 1229
Figure 1.2 Expansion card inside an anti-ESD bag
Avoid working on a carpeted area (if possible).

Always ensure that the computer is powered off and unplugged before
working inside it.
Note
A good computer technician keeps track of the weather conditions

since the weather affects the likelihood of ESD. ESD is more common
in dry, cool environments when the humidity level is low. Humidity is
the measurement of the amount of water vapour in the air.
1.4 Exercises
Complete the following exercise in the GTS A+ Certificate 801

Support Skills Labs and references (G183eng) book if the kit is
available from the campus:
o Lab 1: Implementing an Anti-ESD Service Kit (p.9)
Page 30 of 1229
Unit 2 Cases, Motherboards and Power

Supplies
Identify different types of computer cases.

Take the computer apart.
Identify the different types and features of motherboards.
Explain the purpose of various motherboard components.
Understand how to choose, install and remove a motherboard
safely and correctly.
Explain how electricity is measured and identify various
electrical properties.
Explain how the power supply unit works and identify what
connectors it has.
Choose and install a power supply unit for a given computer.
GTS A+ Certificate Support Skills Study Notes (G183eng)

Module 1 Unit 2 and 3 (p.1133)

Review Questions:
o Motherboard Components (p.24)
o Power Supplies (p.33)

(G183eng):
o Lab 2: Identifying PC Components (p.10)
2.1 Cases
A desktop computer is one that is designed to be used at a single location,
such as on top of a desk. The system case, also known as the chassis, is the
metal and plastic box where the internal components, such as the
motherboard, power supply unit and hard disk drives, are stored. There are
different types of cases, sizes and colours. The three basic types of cases are:
Desktop sits horizontally on a flat surface and is wider than it is tall.

There are two basic sizes:
Standard
Slimline
Page 31 of 1229
Tower sits upright on a flat surface and is taller than it is wide. It comes
in three sizes:
o Full-tower often used for servers, this case has extra internal space
for additional drives, expansion cards and backup power supplies.
o Midi-tower used for high-end user computers and office computers,
this case has space for extra devices and cards, but not as much space
as the full-tower case.
o Mini-tower used for office and home computers, this case has limited
room for additional devices and cards.
Full-tower
Midi-tower
Mini-tower
Small form factor (SFF) a semi-portable or super slimline case that can
only hold a limited number of components. It is typically used as a media
centre entertainment system.
2.1.1 Looking at parts of a tower case

The case for a tower computer has a front, back (rear) and two side panels.
Page 32 of 1229
Front Panel
You will most likely find the following on

the front panel of the computer:
Back Panel
Most of the connections are found on the

computers back panel. Here you will most
likely find:
Power switch for turning the
computer on and off.

Reset switch for restarting the
computer.
Light emitting diodes (LEDs)
show power status and drive
activity.
Removable media drives the
doors for accessing removable media
drives.
Input/output (I/O) area some
computers
have
built-in
I/O
connections on the front of the case
so that you can plug in a device that
uses
any
of
the
available
connections.
a) Two removable media drive bays

(5 inch) for Blu-ray and DVD discs.
b) USB port for a media card reader.
c) Media slot for a media card reader.
d) Power on/off switch with LED.
e) Media card reader slot.
f) Hard drive activity LED.
g) FireWire ports.
h) USB ports.
i) Headphone or speaker jack.
j) Microphone jack.
Power supply unit (PSU) this is

almost always found at the top of the
case, with its cooling fan, power plug
and on/off switch. Note that some
PSUs do not have a power on/off
switch.
Input/output (I/O) area has all of
the on-board connections coming from
the motherboard.
Expansion area has slots for
expansion cards. Expansion cards are
installed in slots on the motherboard
and their connectors face outside the
case.
a) PSU with its power plug.

b) PSU fan.
c) I/O on-board motherboard
connection area
d) Expansion area with slots for
expansion cards and blanking
plates. A blanking plate or slot
cover is a metal strip that covers
empty expansion slots to help keep
dirt and dust out of the case and to
ensure proper air flow. Use them
for unused slots.
e) Two side panel screws.
f) Certificate of Authenticity (CoA)
label providing an identification
number for the OS.
g) Chassis fan/back vent. Fans help
stop components from overheating.
Page 33 of 1229
2.1.2 Choosing a case

When you build a computer or replace its components, the motherboard, PSU
and case must all be compatible with each other. Some factors to consider
when choosing a case include:
Carefully choose a case. Cases come in different sizes and with many
different options. You also get specialised cases such as those for gaming
and entertainment systems.
The type of motherboard you choose determines the type of case that can
be used. The size and shape of the motherboard must match the case. A
quick test fit of the motherboard in the case saves a lot of return trips to
the vendor.
You can typically but not always buy a case that comes with a PSU
already installed. You must match the power rating and connection type of
the PSU to the type of motherboard you choose.
The design of the case may limit the number and size of the components
that can be added.
The external or internal drive places are called drive bays. A drive bay is a
rectangular metal box that holds hard drives and optical drives. Other bays
hold card readers and ports. An external bay is one that allows you to
access openings in the bay from outside of the case. Optical disc drives are
installed in external bays. An internal bay is one housed entirely inside the
case. Hard disk drives are installed in internal bays.
If a computer has many components, it needs more room for air flow to
keep the system cool.
The position of the power and reset switches and other lights and indicators
are found on the front panel, but the exact position depends on the design
of the case.
Vents are often found at the back and sometimes on the side panels to
allow cooling fans to be mounted to the case.
2.2 Disassembling a computer

To assemble means to build a computer, one component at a time. To
disassemble means to take the computer apart, one component at a time. A
field replaceable unit (FRU) is the technical term for a component that can
be easily removed from the computer and replaced with a new component
onsite without having to send the component back to the repair centre. You
need to do several things before you start taking the computer apart:
Back up hard drives to protect important data. To back up means to make

an extra copy of data and to store that data somewhere safe.
Make sure that your workspace is clean, organised and properly lit.
Gather all the necessary tools and equipment. A notepad is useful for taking
down notes and drawing diagrams, and a digital camera is handy for
recording the layout of components.
Page 34 of 1229
Use a computer technicians toolkit. Many technicians do not go on a repair

call with a full set of tools. You can buy toolkits with the following tools
(which are used for many repairs, but do not hesitate to add additional tools
to this list that you might find useful):
o Phillips (X shaped), flat-head and Torx (6-point star-shaped)
screwdrivers Phillips and flat-head screwdrivers for taking care of most
disassemble and reassemble jobs and Torx for some models. Nonmagnetic screwdrivers are preferred to prevent electric shocks.
o Non-magnetic Hex driver for opening and closing cases and securing and
removing cards and motherboards.
o Small diagonal cutters great for removing cable ties without cutting the
cables or damaging components.
o Needle nose pliers good for getting discs or disc parts out of disc
drives, straightening bent pins and for other tasks.
o Tweezers for removing and replacing jumpers and other small parts.
o 3-claw parts retrieval or extractor tool for removing loose items inside
the case.
o Penlight or flashlight for seeing in dark places.
o Magnifier which makes small parts and labels easier to read.
o Jewellers screwdriver set to remove small screws, such as those used in
laptops.
Figure 2.1 Computer technicians toolkit
Have various containers handy to hold the various screws, parts and clips
that you remove.
Power off and disconnect the computer from the mains power supply (AC
wall outlet).
Unplug the monitor, mouse, keyboard and all other external cables
attached to the computer.
Take ESD precautions and use an anti-static wrist strap and mat. Use antistatic bags of various sizes to store the different computer components.
Remember to take your time and follow the correct procedures for handling
cables and components!
Page 35 of 1229
There are other tools that should be taken on a repair job every time, including
a pen to complete the repair documentation and a bootable disc with the
computer technicians favourite repair programs on it for the different
operating systems.
2.2.1 Opening the case

A computer case has a cover. The three most common fasteners
that secure the cover to the computer are:
Screw case is held with screws.

Thumbscrew case is held with tool-free screws that can be tightened
and loosened with your fingers. These screws might have indents that allow
them to work with tools if needed.
Clips case is held only with tool-free clips.
Note
There are different methods for opening cases. Examine the case
before attempting to open it.
Most tower cases have panels on both sides of the case that can be removed.
It is usually necessary to remove only one side panel to see the motherboard
and the other parts connected to it. Generally, you will only need to remove
both side panels if you have to remove parts such as internal storage drives,
which are usually fastened to a drive bay on both sides of the bay. The front
panel is removed to install or replace parts such as the power switch,
removable media drives, front I/O panel connections, lights and so on.
As a computer technician, you need to be comfortable with taking the
computer apart and putting it back together again. To start off, go through the
following steps which show you how to remove the cover from a tower
computer. First prepare the workspace before opening the case. Small
containers can be used to hold screws and other parts as you remove them.
1. With the computer turned off and all external cables removed from the
computer, press and hold down the power button for a few seconds to drain
power from the system.
2. Knowing which side panel to remove is easy. All you need to do is see
where the on-board motherboard connections are on the back panel of the
case. The connections in Figure 2.2 are on the left side of the case (as
indicated by the white square), which means that the bottom of the
motherboard is facing the left side of the case. Therefore, you must remove
the right side panel in Figure 2.2 to see the top of the motherboard.
Page 36 of 1229
Figure 2.2 Choose the side panel for removal

3. Work on a flat, stable surface.
4. Lie the case down gently so that the connections are facing downwards, as
shown in Figure 2.3. The side panel that you are going to open must be
facing you or upwards.
5. There should be screws/clips that hold the side panels in place as well as
other screws for the power supply, case fan and other components. Find
and undo the screws/clips that hold the side panel in place. Be careful not
to undo any screws beside these.
6. After the screws/clips have been removed, slide the panel backwards and
lift it off the case as shown in Figure 2.3.
Figure 2.3 Slide the panel to the back and lift it off the case
7. Some cases need you to remove the front panel before removing the side
panels. Look for hinges at the top of the panel and a lever at the bottom.
Squeeze the lever to release the front panel and lift it off the case. Then
remove the screw and slide the side panel to the front and lift it off the
case. Remember that some cases have tool-free clips, which means you will
only need to unclip the panel to remove it.
Page 37 of 1229
Figure 2.4 Remove the front panel of the case

Once the case is open, take a look inside. You will see the computers metal
framework and possibly cables, a motherboard, metal compartment for the
PSU, and a number of metal drive bays for different drives. Figure 2.5 shows
you an example of what is inside the case. Do not forget to wear an anti-ESD
wrist strap (attaching it to any handy metal part of the chassis) or to touch the
metal chassis occasionally to prevent ESD.
This would be the best time to take notes and draw diagrams or take a video
recording of all the cables and connections running to and from the
motherboard, expansion cards and drives. This will help you assemble the
computer when the time comes.
2
1
1.
Power supply unit

(PSU)
2.
Power cables
3.
Optical disc drive
4.
Case fan
5. On-board motherboard
outward facing
ports/connections
7
8
9
6.
CPU fan
7.
Memory slots
8.
Hard drives
9.
Blanking plates
10. Expansion card

11. Empty expansion slot
10
11
12
13
12. Data cable for hard

drive
13. Data cable for another
hard drive
Figure 2.5 Looking inside an assembled computer
Page 38 of 1229
2.3 Motherboards
The motherboard is the component that makes all other components work
together to make the computer functional. Also called the main board or
system board, the motherboard is a printed circuit board (PCB) that holds
the CPU, chipset, memory and expansion slots in place. Every piece of
hardware is directly or indirectly plugged into the motherboard. The
motherboard has electrical wires called traces that make up the buses of the
system, and it distributes the power from the PSU to many components.
When buying a motherboard, it normally comes with a printed manual or an
electronic version of the manual on a disc that gives instructions and
information about the layout, installation and configuration of the motherboard
and various other components that connect to it. You can also download the
manual from the motherboard manufacturers website.
2.3.1 Form factor

The form factor determines the size, shape and the general location of
components and ports on the motherboard (its physical layout). Form factors
enable motherboards to work with cases and PSUs. Remember to install the
motherboard in the appropriate case so that the ports and slot openings on the
back panel fit correctly. Also, the PSU and motherboard need matching
connectors. Different form factors define different connections.
Although you will encounter many different form factor designs, including older
ones that the industry has dropped over the years, the form factors that you
should know about to make recommendations to customers are listed in Table
2.1.
Table 2.1 Common form factors
Form
factor
ATX, full
size
Micro-ATX
(ATX)
Mini-ITX
Size
Description
Up to 12" wide by 9.6" deep

(30.5 cm x 24.4 cm)
Not all ATX boards have the
exact same physical size.
Up to 9.6 wide by 9.6 deep
(24.4 cm x 24.4 cm)
Not all micro-ATX boards are
the exact same size.
6.7 wide by 6.7 deep
(170 mm x 170 mm)
A commonly used motherboard

that has many revisions. It
supports up to seven expansion
slots.
It has up to four expansion slots
and fits into a standard ATX case
or the smaller Micro-ATX case.
A small form factor (SFF) board. A

small amount of power is needed
to support SFF boards. Lower
power usage creates less heat.
The lack of fan noise makes these
boards ideal for media centre
computers.
Page 39 of 1229
Form
factor
Nano-ITX
Size
Description

(120 mm x 120 mm)
These small boards are designed

for smaller devices.
Pico-ITX

(10 cm x 7.2 cm)
These very small boards can be

built into different types of mobile
devices.
Note
Remember that each form factor needs its own case, that is, ATX
motherboards go into ATX cases. You cannot replace one form factor
with another without buying a new case, with the exception that you
can mount most micro-ATX and mini-ITX boards into ATX cases.
Proprietary boards
There are several manufacturers that make their own proprietary
motherboards that will only work with their own cases. Be aware that
replacement parts can cost more for these proprietary boards than for nonproprietary boards and are usually not readily available.
Note
Visit www.formfactors.org for specifications and more information on

the various form factors.
2.3.2 Motherboard layout and components

Figure 2.6 shows an example of a motherboard and its on-board components.
You will not find all of these components on every motherboard or in exactly
the same location.
Figure 2.6 An example of a motherboard
Page 40 of 1229
You can identify the motherboard manufacturer and model number as follows:
Documentation information can be found in the computer

documentation or motherboard manual.
Visual identification every motherboard should have the name of its
model and manufacturer printed somewhere on it. Refer to Figure 2.6.
CPU-Z a program that you can download from www.cpuid.com that
displays information about the main computer components, including the
motherboard, BIOS, CPU and memory. You can find information about your
motherboard by selecting the Mainboard tab.
System Information this Windows program provides information about
hardware and software on your computer. To open it in Windows 7, click
Start > All Programs > Accessories > System Tools > System
Information. On the System Summary page you will find the
motherboard manufacturer (System Manufacturer) and motherboard
model (System Model).
Note
Be aware that the model number for OEM computers might be the
model number of the computer and not the motherboard. If this is the
case, refer to the technical documentation for the model of the OEM
computer, which you can download from the computer manufacturers
website.
Figure 2.7 shows where to find the motherboard manufacturers name and
model number from the System Information program. You can also find this
information using the CPU-Z program.
Figure 2.7 System Information
Page 41 of 1229
OEM: Stands for original equipment manufacturer and refers to a

company that typically buys hardware and software from other companies
of original hardware and software, and adds the hardware and software to
their own computer products for purchase.
2.3.2.1 Front panel connectors
When assembling a computer, it is important to plug the wire connectors for
the lights (Light Emitting Diodes [LEDs]), buttons and ports coming from the
front panel into the correct headers on the motherboard. Figure 2.8 shows you
how the wire connectors are plugged into the headers located at the corner of
this motherboard.
Wire connectors
Headers
Figure 2.8 Front panel connectors
You will typically find the following components with wire connectors on the
front panel:
Power/reset button (soft power)

turns the computer on/off or
restarts the computer. A feature called soft power works through the
power button to allow the computer to perform various power-related tasks
depending on how long the button is pressed. You can normally configure
soft power through the BIOS or OS. The power switch simply tells the
computer it has been pressed and the BIOS or OS routine turns the
computer on. Some older computers have a separate reset button that will
also need to be connected.
Power light there might be a separate LED for the power/reset button,
although the LED is usually part of the button.
Audio allows headphones and microphones to be connected to the
computer.
Speaker used to make beep noises you hear from the computer when it
tests basic hardware during the boot process. No speaker or a faulty
speaker means no sound and no beeps!
Hard drive activity light this indicates the internal hard drive is being
accessed. External drives with removable media, such as optical drives,
have their own activity light on the front of the drive (its faceplate).
USB port to connect one or more USB peripherals to the computer.
FireWire to connect one or more FireWire peripherals to the computer.
Page 42 of 1229
There are several ways of determining which connector plugs into which
header:
When removing the motherboard, draw a diagram or take a digital photo

before removing connectors from headers. Track each wire from each
header to the LED/button/port to determine what the wire is used for.
Refer to the motherboard manual for the correct header location and pin
layout configuration. Figure 2.9 shows an example of what you can expect
to find in the motherboard manual.
Look at the labels printed on the wire connectors (as shown in Figure 2.8)
and the markings on the motherboard.
Figure 2.9 Documentation for front (system) panel headers
2.3.2.2 Hardware configuration using DIP switches and jumpers

Dual Inline Package (DIP) switch older motherboards/expansion cards
store setup information using a DIP switch, which can be turned on or off to
enable a setting or feature on the motherboard. To know what on/off
combination to set, refer to the motherboard manual.
Page 43 of 1229
Figure 2.10 DIP switches on a motherboard

Jumper motherboards have a variety of pins that can be shorted
(connected) with a jumper for different purposes. See Figure 2.11. When the
jumper is placed over the pins, the metal strips inside the jumper make
contact with the metal pins on the motherboard to create an electrical
connection (or complete a circuit), which activates a setting or feature on the
motherboard or other component.
For example:
On older motherboards, the CPU speed and other CPU settings were often
configured by setting jumpers.
Many modern motherboards have a jumper setting called clear CMOS that
when set, resets all of the BIOS parameters to the factory default.
Many modern motherboards allow you to set a supervisor password to
control access to the BIOS Setup program and a user password that locks
access to the computer. If you forget both passwords, you will not be able
use the computer unless you use a jumper to clear the passwords.
BIOS firmware might need updating to solve a problem or to use a new
motherboard feature. If updating the BIOS fails, jumpers can be set to undo
the update.
Some documentation may refer to setting jumpers to on, off, closed or open.
In general, to set a jumper to on or the closed position, place the jumper over
the desired pair of pins; to turn it off or the open position, simply remove the
jumper from the pins or leave the clip on one pin only. To set jumpers
correctly, always read the manual.
Figure 2.11 shows the connections to clear a password, with one jumper
removed and lying to the left of the pins. The directions are printed directly on
the bottom left of this motherboard, and for clarity, the pins are labelled. To
clear the password for this motherboard, the jumper must be connected to
pins 1 and 2. By default, this jumper is connected to pins 2 and 3.
Figure 2.11 Motherboard outline jumper

Page 44 of 1229
Caution
Do not set jumpers or DIP switches on any component that has

power. It could damage the component.
2.3.2.3 Power and fan connections

A motherboard usually has a 24-pin block connection point to receive power
from the PSU. This power is used by the components that receive their power
from sockets, slots and ports off the motherboard. There are various smaller
connection points for plugging in power connectors to power case fans (known
as system fan connectors).
Additionally, almost all motherboards have power connection points to power
the CPUs fan (known as CPU fan connector). Both the CPU fan and system
fan connectors have a monitoring connection to provide fan speed information
to the monitoring feature built into the BIOS. Refer to Figure 2.6 to get an idea
of what the power and fan connectors look like for that motherboard.
2.3.2.4 Bus architecture
If you look at the top and bottom of the motherboard, you will find many tiny
lines or wires called traces that run between components. These traces are
circuits that are part of the motherboards bus structure. A bus is a common
collection of wires that carry data, power and other signals from one
component to another. See Figure 2.12.
One bus wire
Figure 2.12 A collection of bus wires

A bus carries:
Data the actual bits of data and instructions being processed.

Address information about where to find data in RAM memory so that
data can be transferred to and from RAM memory.
Power to power chips and expansion cards.
Timing/Control signals to coordinate the activity on the bus to make
sure that everything happens at the right time so that all components
connected to the bus stay synchronised.
Binary data is placed on a wire of a bus by placing voltage on that wire.

Voltage is the force that pushes electricity through the wires on the bus.
Components see and read the voltage or no voltage on each wire as binary 0s
or 1s. 0 means no voltage and 1 means voltage.
Page 45 of 1229
Figure 2.13 shows an 8-bit bus running between the CPU and RAM with the
capital letter R (binary 01010100) being transmitted between them. All bits of
a byte (8 bits) are placed on their bus wires at the same time. To pass the
letter R on the bus, voltage is placed on only three wires in Figure 2.13, while
the other five wires do not have any voltage. Also, a ninth error checking bit
might be used to verify that the data read by a component is the same data
written to the bus.
The bus in the figure is only 8 bits wide. Todays buses are much wider: 16,
32, 64, 128 and 256 bits.
0 = No voltage
1 = Voltage
Data Bus
0
1
0
1
0
1
0
0
The letter R in binary on the data bus between

memory and the CPU
Figure 2.13 Data bus operation example
The location and orientation of a bus will vary depending on the type of form
factor used. One way to categorise types of bus is to divide them into internal
and external:
Internal also known as the local bus or system bus, it connects

internal components such as the CPU, RAM and system controllers.
External also known as the expansion bus, it allows additional devices
to be attached to the computer to extend its capabilities or add new
functions to it. These components could be peripheral devices, such as USB
devices or expansion cards plugged into expansion slots.
System clock
The system clock synchronises all computer operations and provides the CPU
with a basic timing signal. Timing oscillation signals (ticks/pulses) are created
and carried by traces over the motherboard buses to ensure every component
stays synchronised.
Each tick of the clock is called a clock cycle and it is the smallest unit of time
in which any operation can occur. While components such as the CPU do two
or more operations on one tick, others only do one operation on each tick.
How fast the clock ticks is called the clock speed and it is measured in the
number of cycle ticks per second (technically called the clock frequency).
Clock frequency is measured in Hertz (Hz) and multiples thereof.
Page 46 of 1229
One Hertz is one tick of the system clock per second, one Megahertz (MHz) is a
million ticks of the clock per second, and one Gigahertz (GHz) is a billion ticks
of the clock per second.
The system clock is provided by one or more oscillator crystals on the
motherboard or chipset that vibrate at specific frequencies when voltage is
applied. The output is a sine wave that alternates at a specific frequency, such
as 66 MHz or 100 MHz.
The system clock has a clock generator that creates the timing signal and
clock multipliers that take the signal and apply a multiplication factor to it to
create different timing signals for different types of bus. For example, if a
crystal creates a 100 MHz signal and the motherboard uses a two time (2X)
multiplier, the output is 200 MHz.
Parallel and serial bus types
Components communicate over a bus by sending control, data and address
bits as electrical signals to each other. These bits are sent over the bus in one
of the following ways:
Parallel bits of data are sent over multiple wires at the same time. This
can be one-way and two-way.
Serial bits of data are sent over a single wire, one after the other. This
can be one-way and two-way.
Bus performance
A motherboard can have more than one bus, each having a different width and
each running at a different speed and so on. Bus performance is measured by
its bandwidth (also known as the data transfer rate), which is the amount
of data that can be sent over the bus at a given time. The factors that
determine the bus bandwidth, depending on whether it is a serial or parallel
bus, are:
Clock speed the speed at which the clock signal oscillates, measured in
Hz. Although many users often use the term speed when referring to the
CPU and motherboard bus, it is technically more accurate to use the term
frequency. Motherboard buses are most often measured in frequencies of
Hz.
Width the number of bits that can be sent over the bus at a given time.
For example, a 32-bit bus can carry 32 bits of data at a time and a 64-bit
bus can carry 64 bits of data at a time. The width of the data bus is called
the data path size.
Encoding mechanism the mechanism that is used to electrically
represent binary information as signals so that they can be sent over the
bus.
Note
The width of the parallel bus (32-bit or 64-bit, for instance) and the
clock speed give you its bandwidth, while the clock speed and
encoding mechanism determine the data rate for serial
communication.
Page 47 of 1229
2.3.2.5 CPU socket

The CPU executes the instructions of programs by performing the basic
mathematical, logical and input/output (I/O) operations. The two main CPU
manufacturers are Intel and Advanced Micro Devices (AMD). Intel CPUs use a
package type called land grid array (LGA) and AMD uses pin grid array
(PGA). The package type defines how the CPU looks and how it electrically
connects to the motherboard.
Every CPU package type has a number of versions, and each one is designed
to fit into a particular connection called a socket found near the memory slots
on the motherboard. Sockets are flat and have several rows of holes/contacts
or pins arranged in a square or nearly square shape. Modern sockets either
have a lever or a metal cover and a lever (as illustrated by the white square in
Figure 2.14) that locks the CPU in place.
Figure 2.14 An empty processor socket with lever and metal cover
Note
The CPU socket and the motherboards chipset determine the list of
CPUs a particular motherboard supports, since each motherboard can
only support a limited number of CPU models. Also, many
motherboards accept CPUs with different speeds. Refer to the manual
or manufacturers website to find this information.
When installed, the CPU is either covered by a heatsink or a heatsink and fan
assembly that takes heat away from it. Heat can damage the CPU and
motherboard, and therefore the CPU requires a cooling system.
2.3.2.6 Chipset
The chipset is one or more chips on the motherboard that work together to
control the flow of data and instructions between the CPU and other
components. The chipset extends the data bus and address bus to every
computer component.
Note
The chipset determines the type and speed of the CPU,

multiprocessing support, the type and amount of RAM, and the kind of
internal and external devices the motherboard supports.
Page 48 of 1229
To transfer data between the CPU and various devices, the chipset consists of
memory, video, sound, network, drive, keyboard, mouse and I/O controllers.
Note
Each component has a controller, which is circuitry responsible for

controlling access to a specific piece of hardware. For example, the
memory controller controls access to memory, the USB controller
controls access to USB and so on.
For a long time chipsets on traditional motherboards were split into two
functional groups:
Northbridge one or more chips working as the system memory controller

that handles the faster communication needs of the motherboard. This
includes connecting the CPU to RAM and communicating with the graphics
card slot (Peripheral Component Interconnect Express [PCIe] on modern
motherboards). The trend for modern motherboards is for the CPU to take
on the role of both the video and memory controller so that there is no
longer a Northbridge, or the CPU takes on the role of memory controller and
just communicates with the graphics card.
Note
Communication between the CPU and RAM used to occur over what
was known as the front side bus (FSB), which ran between them.
The original FSB architecture has been replaced by newer
architectures, such as HyperTransport or Intel QuickPath Interconnect
and Direct Media Interface (DMI).
Southbridge usually a single chip that controls input/output functions for

slower technologies such as USB, serial, system BIOS, peripheral
component interconnect (PCI) bus, disk controller, and on-board sound and
video adapters. The Southbridge is connected to the CPU through the
Northbridge. Older motherboards have a separate Super I/O chip that
work with chipsets to handle functions for older technologies such as floppy
drives and parallel ports. The Super I/O chip includes a universal
asynchronous receiver transmitter (UART) chip that translates data
between serial and parallel connections.
Figure 2.15 shows the configuration for one type of modern chipset. Many
modern motherboards using both Intel and AMD CPUs use one chipset and
have moved the functionality of the Northbridge to the CPU.
Page 49 of 1229
Figure 2.15 Newer chipset configuration

Note
Chipset manufacturers do not always use the terms Northbridge and

Southbridge. Some use the term memory controller hub (MCH) or
input/output hub (IOH) for the Northbridge, and input/output
controller hub (ICH) or fusion controller hub (FCH) for the
Southbridge. Regardless of the official name, Northbridge and
Southbridge are still commonly used terms in the industry.
Chipsets generate heat. To take heat away from the chipset, it can be either
passively cooled with a heatsink on top, such as with the Southbridge, or
actively cooled with both a heatsink and a fan assembly on top, such as with
the Northbridge. Chipset heatsinks are considered part of the motherboard,
and depending on the motherboard you should never have to install or replace
one. However, some motherboards have an optional fan assembly that is
installed on top of the Northbridge (IOH) to keep it cool.
Tip
As a computer technician, it is not only good to know the details of the

chipset because it defines almost every motherboard feature, but also
the differences between one chipset and another.
Chipsets have a name and model number. There are different ways to identify
a chipset:
Motherboard manual
Visual identification if you do not have a motherboard manual, open

the case and look at the name and model of the installed motherboard.
With this information you can visit the motherboard manufacturers website
for online documentation or download a software program that determines
the computer motherboards chipset.
Page 50 of 1229
Device Manager you can find chipset information under the System
devices category in Device Manager on a Windows computer. In Windows
7, click the Start button. In the Search box, type Device Manager and in
the program list, click Device Manager. Device Manager is a Windows
program that lets you view and configure hardware devices installed on or
connected to your computer. You will only see information in Device
Manager if the chipset drivers are installed correctly.
Driver: A program written for a particular type of device that tells the OS
how to communicate with that device.
CPU-Z you can find information about the chipset on the Mainboard tab
of the CPU-Z program, as illustrated in Figure 2.16.
Figure 2.16 Chipset information in CPU-Z
2.3.2.7 Memory slots and cache

The categories of computer memory that you should know about are RAM,
cache and ROM:
Random Access Memory (RAM)
The motherboard generally has multiple slots that accept circuit boards called
memory modules that make up system memory or RAM. RAM is the CPUs
workspace its chips store program instructions waiting to be executed by the
CPU and applications and data while the CPU is processing them.
Page 51 of 1229
Tip
The type of slots together with the chipset determine the type of RAM
you can install on the motherboard, while the capabilities of the
memory controller and the number of slots determine how much
memory you can add to it.
There are different types of RAM and each type needs its own kind of slot.
Memory is addressed in banks. The motherboard can have one or more banks,
with each bank having one or more slots. A bank must be filled completely,
that is, if a bank has two slots for example, the RAM installed in those two
slots must be identical in every way.
Although each motherboard has a different number of slots, the slots look
similar. To identify RAM slots on a motherboard, look for the following:
Colour coding depending on the memory architecture, the slots are

usually colour coded in black or another colour to help you install modules,
indicating that the pairs of slots must be filled together to get the best
performance or to even work at all. When installing memory in pairs on a
motherboard that supports dual-channel memory for example, make sure
you install the two modules into the same coloured slot to take advantage
of this memory architecture.
Metal pins in the bottom of each slot make contact with metallic contacts on
each module.
Each slot has locking tabs/clips on each side that lock the installed module
in place.
The module has notches at the bottom that align with keys in the slot that
prevents it from being inserted incorrectly or into an incompatible
motherboard. The most common type of module used is DIMM (Dual Inline
Memory Module). The motherboard can take only one type of DIMM and you
must know the type so that you can add or replace RAM when needed.
Figure 2.17 shows what empty RAM DIMM slots look like on a modern
motherboard.
RAM
slots
Figure 2.17 RAM slots on the motherboard
Page 52 of 1229
Motherboards, operating systems and CPUs have memory limits. You can
check the motherboard manual to see what specific type, speed and amount of
RAM the motherboard supports and the location of the slots and how the
modules must be fitted.
Cache
To speed up operations, manufacturers can add cache memory between the
CPU and RAM. Cache is a very fast kind of memory that improves performance
by predicting what data and instructions the CPU will ask for next and prefetches and temporarily stores that information before being asked. Because
only current or predicted information is stored, cache is smaller in size than
RAM.
2.3.2.8 ROM BIOS and POST
The CPU does not automatically know how to communicate with a device and
therefore needs the Basic Input/Output System (BIOS) for this. The BIOS
is complex firmware (programs coded into a chip) that allows the CPU to
communicate with fundamental computer devices.
Figure 2.18 shows two different BIOS chips. Older motherboards used a readonly memory (ROM) BIOS chip or several iterations of ROM. On modern
motherboards, the BIOS chip is a flash ROM chip called the System ROM. To
communicate with hardware, the BIOS needs many programs collectively
known as the System BIOS. ROM chips are non-volatile and do not lose their
contents when power is switched off. Also, because the BIOS is a flash ROM
chip, its contents can be changed through a process called flashing the ROM
or flashing the BIOS. This is done using software and overwriting the program
code.
Figure 2.18 A ROM BIOS chip (left) and Dual BIOS chips (right)
Note
Because firmware works with both hardware and software, changes in

either one can cause it to become outdated, which can lead to device
or system failure or even data loss. Also, the BIOS is manufacturerspecific and therefore cannot be swapped between motherboards.
Some motherboards support Dual BIOS and have two physical BIOS chips:
one chip functions as the main BIOS that the computer primarily uses during
boot up while the other functions as a backup that can automatically take over
during boot up when the main one fails.
Page 53 of 1229
The BIOS supports the following parts and features:
Configuration of memory, built-in ports and video, network and sound

adapters, and selection of storage devices.
Selection and configuration of special motherboard features, such as
memory error correction and fast memory access.
Support for different CPU types, speeds and special features.
Power management.
Hardware monitoring, such as CPU temperature, fan performance and so
on.
Real Time Clock (RTC) that keeps track of the current time and date.
A setup program stored in CMOS RAM where hardware configuration
parameters can be changed.
Support for OS features, such as networking and plug-and-play.
Plug-and-Play (PnP): PnP is an OS feature that detects a device as soon

as you plug it in, and automatically installs its driver and configures
resources and updates the OS registry. The registry is a system of
databases in Windows that have all the information about the computer. All
modern operating systems are PnP compatible.
The BIOS performs two other important functions POST and OS detection:
POST when the computer boots or reboots, the BIOS runs a program
called the Power-on Self-Test (POST) which runs tests to see if all the
basic hardware needed to successfully boot the computer is working
properly. If the system is working properly, POST will not report any errors.
However, when POST does encounter an error, the system will simply stop
the boot process and will inform you by either making a series of beep
sounds that represent beep codes or display numeric or text error
messages on screen. Each BIOS manufacturer has its own set of beep
codes that can be created, so it is important to look up the meaning of the
beep code for a specific motherboard by reading its manual or by visiting
the manufacturers website. If the computer is working properly and POST
has successfully completed with no errors detected, the computer will make
either one short beep (sometimes two, depending on the manufacturer)
or on many systems, no beep. You can only hear beep codes on systems
with built-in speakers that are connected and working.
Tip
Some motherboards actually talk to you when there is a problem

during POST. To use this feature on these motherboards, simply plug
in speakers or headphones into the on-board sound adapter or card
and listen to the POST voice message.
The BIOS also searches for a list of places where it can find the operating
system to which it hands over control of the system. Examples include the
hard drive, optical drive, USB drive or network.
Page 54 of 1229
You can find the name of the BIOS manufacturer, version number and date in
any one of the following ways:
BIOS screen by booting or rebooting the computer. When the initial

startup screen or BIOS screen is displayed, the BIOS type and version are
displayed. It is typically at or near the top of the screen. Figure 2.19 shows
this screen.
Chip identification the chip on the motherboard might have the name of
the BIOS manufacturer and usually the word BIOS printed on it. Cloned
chips usually have a sticker from one of the major BIOS manufacturers
stuck on them.
System Information using the System Information (msinfo32)
program on a Windows computer. To open this program in Windows 7, type
System Information in the Search box in the Start menu. The System
Information program lists information about your computers hardware
configuration, components and software. The type, version number and
date of the BIOS are shown under System Summary.
CPU-Z displays the brand, version and date of the BIOS on the
Mainboard tab.
Figure 2.19 BIOS information shown during POST

Figure 2.20 shows where to find the BIOS manufacturers brand name, version
number and date written using the System Information program. You can also
find this information using the CPU-Z program (as shown in Figure 2.16).
Page 55 of 1229
2.3.2.9 CMOS RAM and Setup program

The BIOS has a program called BIOS Setup or CMOS Setup that you can use
to view and change various hardware configuration parameters, such as the
systems date and time, on-board port configuration, boot order, and drive
detection and configuration. These parameters are stored in a small amount of
RAM called CMOS (Complimentary Metal-Oxide Semiconductor) that is
either on the System ROM chip on most motherboards or on a separate chip.
Note
During boot, the BIOS looks to these parameters to find out what
hardware it should expect to find.
CMOS is volatile RAM and uses a battery on the motherboard that gives it the
charge it needs to store its contents, including keeping track of the date and
time when the computer is off. Although the battery comes in different shapes
and sizes, it is generally a round coin cell battery like the one shown in Figure
2.21. The battery recharges itself when the power supply supplies the
motherboard with power. This allows the battery to usually last for years.
Figure 2.21 CMOS battery on motherboard

Page 56 of 1229
If the battery runs out of charge, gets disconnected or fails, all the information
in CMOS will be lost. When this happens, the computer cannot be used until
the battery is replaced with a new, equivalent one and the configuration
parameters are re-entered in the CMOS Setup program. Therefore, record
important information before the information gets lost. A good indication that
the battery is starting to fail is when the computer starts to lose its time or a
CMOS battery-related error message appears on screen.
When you start the computer, the first screen of text that appears on the BIOS
screen provides you with instructions on how to enter the CMOS Setup
program. These instructions, usually found at the bottom of the screen, tell
you what key or key sequence to press on the keyboard to enter the program.
You can also find these instructions in the system or motherboard manual.
Replacing the CMOS battery
The CMOS battery is considered a field replaceable unit. If you encounter a
CMOS battery-related error, if the clock resets itself every time you reboot, if
the time is incorrect, or if the system loses its CMOS parameters when
unplugged, then the motherboard battery is losing or has already lost its
charge and needs to be replaced. The steps in this demonstration exercise
show you how to replace the battery:
Note
This exercise is for demonstration purposes only. You will not

be tested on it in the practical examination.
Step1: Take ESD precautions and find the CMOS battery

See Figure 2.22 for an example.
Figure 2.22 Find the CMOS battery

Note
On most motherboards, the battery holder lies flat on the

motherboard and has a small metal tab that holds the battery in
place.
Step 2: Gather information about the battery

Unfortunately, many manufacturers do not list the exact type and model of the
CMOS battery; therefore, once you find the battery, write down as much
information about it as you can, such as its voltage, chemistry, packaging and
so on.
Page 57 of 1229
Step 3: Remove the battery

Take ESD precautions and see Figure 2.23. Do not bend the tab to get the
battery out.
Figure 2.23 Remove CMOS battery

Note
If the motherboard does not use a coin cell battery and you do not
know how to remove and replace it, then go to your motherboard or
system documentation or search online for help.
Step 4: Insert new battery

Double check that the new battery is an exact match of the old one before
proceeding with the installation. Take ESD precautions. Push the metal tab
away from the centre of the holder. Do not bend the tab.
Now press the battery into the battery holder keeping the positive (+) side
facing upwards. The new battery just clips into place as shown in Figure 2.24.
Figure 2.24 Insert the new CMOS battery

Step 5: Enter CMOS configuration
Once the battery is replaced, access the CMOS Setup program and enter all
the needed parameters, and save your changes before exiting the program.
2.3.2.10 Motherboard drive connections
Hard drives store data until needed and optical drives allow the insertion of
removable discs which themselves store data until needed. To access data on a
drive or disc, the drives must be connected to the motherboard via a built-in
(on-board) header or via an expansion card (off-board). The connection is
more technically known as the host bus adapter. Before buying a drive, you
need to be aware of what type of drives the motherboard supports by visually
inspecting the host bus adapter on the motherboard or by looking in the
manual or searching the manufacturers website.
Page 58 of 1229
The types of drive host bus adapters (standards) you should know include:
PATA (Parallel Advanced Technology Attachment)
The PATA host adapter allows internal PATA hard and optical drives to be
connected to the motherboard. A motherboard might have one or more PATA
headers. PATA is also known as IDE (Integrated Drive Electronics). Figure
2.25 shows two IDE headers on the motherboard that accept IDE drive data
cables.
Figure 2.25 IDE motherboard connectors

SATA (Serial Advanced Technology Attachment)
SATA has mostly replaced PATA and connects internal hard drives and optical
drives to the motherboard. Compared to PATA, SATA is faster, has smaller
data cables and supports hot swapping, which allows drives to be added and
removed while the computer is running. Figure 2.26 shows eight SATA
motherboard headers that accept SATA drive data cables. In addition to having
internal SATA drives, you can also connect external SATA drives to the
computer through eSATA (External SATA) ports.
Figure 2.26 SATA motherboard connectors

SCSI (Small Computer System Interface)
Another standard for drives and other devices is SCSI. SCSI can be used by
many internal and external devices, including hard drives, optical drives,
printers and scanners. Very few regular computers use SCSI but you might see
SCSI devices in network servers.
Floppy
The floppy drive header connects a floppy disk drive (FDD) to the
motherboard. The drive reads and writes data to and from a removable floppy
disk. Floppy drives have all but disappeared from modern computers, except
for troubleshooting purposes. Figure 2.27 shows the FDD data motherboard
header.
Page 59 of 1229
Figure 2.27 FDD motherboard connector

Internal drives receive power directly from the power supply by way of a power
cable and data by way of a data cable. The one end of the data cable is
plugged into the motherboard header and the other into the drive.
Note
External drives might use a USB, FireWire, or eSATA connection and

might be powered by the power supply or have their own external
power supply.
2.3.2.11 Expansion slots

All motherboards have expansion slots, which are openings (gaps) where
expansion cards can be inserted to add new functionality or extend the existing
functionality of the computer, such as with a graphics card.
Every device whether soldered to the motherboard or plugged into a socket,
slot or port connects to the data and address bus by way of the chipset.
Exactly where on the chipset (Southbridge or Northbridge) depends on the
system. The slots, their wires and support chips are called the expansion
bus. Many motherboards will have more than one type of expansion bus, and
the slots for each type will either connect to the Northbridge or Southbridge.
There are different types of expansion slots and their size and shape depend
on the kind of bus the slot uses. Each slot accepts a specific kind of expansion
card and the cards connector must match the type of expansion slot. The
types of slots that you will most likely work with are:
PCI (Peripheral Component Interconnect) is an older slot for many

types of cards, including network, video and input/output.
AGP (Accelerated Graphics Port) is an older slot for graphics cards only.
PCIe (PCI Express) is a modern slot that replaces both PCI and AGP slots.
It comes in several lengths and types and is used for high-speed cards,
such as network and graphics cards.
Page 60 of 1229
2
3
1.
2.
3.
4.
5.
6.
AGP slot
PCIe slot
PCIe slot
PCIe slot
PCI slot
PCI slot
5
6
Figure 2.28 Types of expansion slots
On-board (I/O) ports, shield and connector modules
Motherboards have a variety of on-board input/output (I/O) ports for
connecting various peripheral devices to the computer. Ports coming directly
off the motherboard are known as on-board or integrated ports and face the
back of the case when the motherboard is installed inside the case. Figure 2.29
shows on-board I/O ports coming off the back of one type of motherboard.
Page 61 of 1229
S/PDIF port
for surround
speaker
system
Standard video
graphics
adapter port
for monitor
Bluetooth module
allowing wireless
data transfer with
Bluetooth devices
Network port for

network cable
PS2 mouse
& keyboard
combo port
Audio ports
for speakers
microphone,
and other
audio sources
Wireless
network
antenna
port
USB ports for

various
devices
USB ports
for various
devices
HDMI port for

video and sound
devices
DVI port for

digital monitor
and TVs
eSATA port
for external
SATA drives
Figure 2.29 A modern mini-ITX motherboard with common I/O ports

When you buy a motherboard, the package should include an I/O shield. See
Figure 2.30. The shield provides the appropriate cut-outs for the
motherboards on-board I/O ports and also stops dust from getting inside the
case. The size of the shield is designed for the cases form factor and the cutouts are positioned to accept the appropriate ports.
Figure 2.30 I/O shield that fits the motherboard ports to the case
Note
You might have to install drivers that come with the motherboard disc
before some of the ports will work. The motherboard manual will
show you a diagram of the motherboard with a description of each
port and connector.
Some motherboards come with connector modules (also known as slot

plates) that provide additional ports. Figure 2.31 shows you an example of a
USB slot plate and installation instructions from a motherboard manual. To use
the ports on the module, install the module in an empty slot and connect its
cable to the USB header (pins on the motherboard).
Page 62 of 1229
Figure 2.31 USB slot plate
2.3.2.12 Additional motherboard features

Additional features that you will find on certain types of motherboard only
include:
On-board switches switches that turn on or restart the motherboard

when the case is open. This makes it easier to add and remove
components, such as memory modules, without having to close the case.
See Figure 2.32.
Figure 2.32 Power and reset switches on the motherboard
Clear CMOS button a button that clears the contents of CMOS memory.
Optical drive audio connector allows the motherboard to receive audio
input from sound sources, such as optical drives.
Page 63 of 1229
Chassis intrusion you can install an intrusion detection switch or sensor

inside the case, connect it to a motherboard header and enable the chassis
intrusion feature in CMOS Setup. Then, the next time the case is opened,
the BIOS will notify you with an alert during boot up. If you see such an
alert, know that someone has opened your computers case. As the panels
are properly tightened, you can reboot your computer so that the alert
goes away. Intrusion detection devices are not recommended as false
alerts do occur and can be annoying. Also, criminals generally know how to
get inside the case without triggering the alert.
Motherboard power LED this lights up to show when the motherboard

has power on or no power off. It reminds you to wait until the light is off
before attempting to add or remove a component.
RAID support RAID stands for redundant array of independent (or

inexpensive) disks (or devices) and allows multiple hard drives to work
together to improve performance or storage space, or to provide safety
against data loss, or all of these.
2.3.3 Motherboard manual

All motherboards come with a technical manual, better known as the
motherboard manual or book. It is your primary source of critical
information about the motherboard and components that connect to it. If there
is no book, visit the manufacturers website to download a copy.
2.3.4 Motherboard disc and drivers

Most motherboards come with a disc containing chipset drivers and extra
software and documentation. Although the OS will most likely have its own
drivers for these on-board components, if you do have trouble with an onboard component or if you want to use a feature that is not working, install the
chipset drivers for that component or feature.
Manufacturers update drivers from time to time. For a motherboard that is
unstable or has an on-board component, such as a video and network adapter,
which is not recognised, try downloading and installing updated drivers for the
chipset. Have the make and model number of the motherboard at hand when
downloading chipset drivers.
Figure 2.33 shows the manufacturer download page for a particular Gigabyte
motherboard. Here you can download BIOS software, drivers, manuals and
other software.
Page 64 of 1229
Figure 2.33 Chipset driver download page
2.3.5 Removing a motherboard

To access the motherboard, you have to remove a few components and cables
beforehand. It is good to get into the habit of properly storing, labelling and
taking videos of every component you remove from the computer, including
screws. You can buy labels for cables or buy blank address labels and custom
make your own.
Note
Only stick labels on the protective parts of cables. Do not stick labels
on a circuit board, connector or electrical contact of any kind.
This exercise will show you how to remove a motherboard. For safety, it is best
to remove the motherboard before upgrading the CPU:
Page 65 of 1229
Note

1. With the computer placed on an anti-static mat on the work bench, turn the
computer off and unplug it from the wall outlet and remove the power
cable.
2. Unplug all other external cables and place a sticker with the cable name on
each cable (that is, only if you do not know where they get plugged back
into).
3. Open the case and take ESD precautions (including wearing an anti-static
wrist strap).
4. Disconnect all internal cables attached to any expansion cards after labelling
them for easy reconnection.
5. Disconnect all data cables from all drives and motherboard headers and
label each cable for easy reconnection, including its orientation.
6. Disconnect all power cables from all drives and label each one for easy
reconnection.
7. Label every expansion card, remove every card by unscrewing it from the
slot bracket, handle each card by its edges, and store each one in its own
anti-static bag.
8. Disconnect all power supply cables from the motherboard, including the
power connectors for the motherboard itself, CPU fan, PSU fan sensor
connector, case fans and expansion card connections. The new motherboard
must use the same PSU connections as the current motherboard or
otherwise a new PSU might be needed.
9. Disconnect all wire connectors and their wires leading to and from the frontand back-mounted ports and other switches, and label each one before
disconnecting them. Use the manual as a reference to properly label these
wires.
10. Remove the heatsink/fan and CPU before removing the motherboard and
place them in their own anti-static bags. Removing these parts helps to
prevent too much flexing of the motherboard and makes it easier to
remove the motherboard. However, skip this step if removing the
heatsink/fan needs a lot of downward pressure and the motherboard is
not well supported around the heatsink area.
11. Depending on your system, you might have to remove other components
to ensure that you have more than enough space to lift the motherboard
out of the case. Double check that there are no components blocking the
path for easy removal. Are any drives or drive bays in the way? Is the PSU
in the way? Remove anything that could block you from removing the
motherboard or could cause you to bump important attached components
(such as RAM modules or the CPU fan) when removing the motherboard.
The motherboard is securely mounted to the case with screws and, depending
on the case design, there might be small plastic or metal spacers as well. Also
known as standoffs or standouts, spacers separate the motherboard from
the case so that the bottom of the motherboard does not touch the case. If the
motherboard were to touch the case, it would cause an electrical short and
could damage the motherboard and power supply. Spacers help to ground the
motherboard and therefore you should use them. Figure 2.34 shows you
different types of spacers and their location at the bottom of an empty case.
Page 66 of 1229
The screws go into the spacers to hold the motherboard in place. Cases that do
not use spacers have screw holes that are elevated to prevent the bottom of
the motherboard from touching the case. For these cases, you only need to
use screws to secure the motherboard to the case.
Figure 2.34 Spacers (left) and motherboard mounting hole (right)

12. Find and remove all the screws holding the motherboard to the frame of
the case. Be careful with the screwdriver when doing this. There will be
multiple screws, which may also have small washers that help prevent
them from being over-tightened during the installation of the
motherboard. Unscrew the screws and remove the washers (if present)
and store them in a labelled container for reuse. Make sure all screws
have been removed.
Note
Remember to handle the motherboard just as you would any circuit

board: gently and by its edges.
13. Lift the motherboard up and out of the case and place it in a large antistatic bag. See Figure 2.35.
Figure 2.35 Remove motherboard

14. Remove any spacers from the frame of the case using needle-nose pliers
and store them in a labelled container.
15. Remove the I/O shield from the case. Some shields pop out easily while
others are best removed using a flat screwdriver to disengage them.
Page 67 of 1229
Some shields are removed from the back of the case and others by pushing
them into the case. Examine your shield to decide how best to proceed. Be
careful when pushing the shield out because it often has sharp edges.
2.3.6 Choosing a new motherboard

There are several approaches that you can follow in choosing a motherboard:
Choose one that provides the most room for expansion so that devices can
be easily exchanged.
Choose one that best suits the computers current configuration, knowing
that when it comes time to upgrade, a new motherboard will most likely be
needed.
Choose one that best meets the customers current needs with little to
moderate room for expansion.
The following checklist will help you choose a motherboard. A motherboard

might not have every item listed below since motherboards differ. The items at
the top of the list are the most important:
Chipset: The motherboard should have a high performance chipset that

supports the latest RAM, expansion slots, hard drive connections and so on.
The chipset is the backbone of a motherboard and is perhaps the single
most important component to consider.
CPU: Determine what CPU choices you have and get one that is suitable for
the computers intended use, for example, a network server, gaming PC or
desktop computer.
CPU sockets: For maximum upgradeability and performance, use a socket
that supports that latest CPU.
Motherboard speed: Make sure the motherboard runs at the speed
necessary to support the CPU you plan to install.
Cache memory: All modern motherboards use CPUs with built-in cache.
RAM: The chipset determines the type of RAM that can be used, so choose
a motherboard with a chipset that accepts the type, speed and amount of
RAM you want to use. Many high performance motherboards support one or
more pairs of multi-channel memory. Mission-critical systems should use
error correction memory and the motherboard must fully support error
correction operation.
Bus type: PCIe slots. Examine the layout of the slots. Motherboards
without on-board video should have one PCIe x16 slot for video cards.
BIOS: The motherboard should use an industry standard BIOS, one that
can be easily updated. Look for a BIOS recover jumper or mode setting.
Form factor: For maximum flexibility, performance, reliability and ease-ofuse, the ATX form factor (including micro-ATX) is a good choice.
Built-in ports: Consider what on-board ports the motherboard has.
On-board hard drive connections: Most modern motherboards come
with a SATA header but might feature other hard drive headers as well.
Power management: The motherboard should fully support the latest
power management standard.
Documentation: Good technical documentation is a must.
Page 68 of 1229
Technical support: Good online technical support includes driver and BIOS
updates, updated tables of CPU and RAM compatibility, frequently asked
questions (FAQs), and monitoring programs. Also, make sure the vendor
can be contacted by email, phone or by other means.
2.3.7 Preparing the motherboard for installation

When you buy a motherboard, the package includes the motherboard, I/O
shield, documentation, a disc with drivers and other software, various screws,
cables and connectors, and possibly fans.
Figure 2.36 New motherboard package

1. Read every page of the manual to become familiar with what the
motherboard has to offer, its layout, how to configure its parts and features,
and how each header and jumper is used.
Many technicians install the CPU, heatsink/fan assembly and RAM modules into
the motherboard before installing the motherboard in the case. This helps in
several ways:
It allows you to make certain that the CPU and RAM work well with the
motherboard.
Installing these components beforehand prevents bending or what is known
as flexing the motherboard.
It can be much easier to attach the CPU fan to the CPU with the
motherboard placed on a work bench rather than trying to do it inside the
case.
2. Install the supported amount and type of RAM.

3. Install a supported type of CPU and its heatsink/fan assembly.
4. Configure the CPU speed, type and voltage settings on the motherboard if it
needs you to use jumpers to do this. Most modern motherboards have BIOS
parameters for this instead.
Page 69 of 1229
2.3.8 Installing a new motherboard

Installing the motherboard is mostly a matter of being careful and methodical
(that is, following a step-by-step process). When doing the installation, it is
handy to use a notepad to check off the assembly steps as you go along. The
general steps for installing the motherboard in the case are:
Note

1. Take ESD precautions (including wearing an anti-static wrist strap).

2. Install the I/O shield. A case might come with a standard I/O shield already
in place and will most likely have to be removed to accommodate the new
motherboards I/O shield. You can test this by holding the motherboards
I/O ports up to the shield to find out if the ports will fit into the shields cutouts. Orientation is important when installing the new shield. Orientation is
determined by the motherboards I/O ports.
Figure 2.37 Install I/O shield

Note
When you insert the new motherboard, do not assume that you will
put the screws and spacers in the same place as they were in the old
motherboard. When it comes to the placement of screws and spacers,
follow the anywhere it fits rule. Just make sure the location of the
spacers or elevated screw holes match the screw holes on the
motherboard and the I/O ports of the motherboard align with the
installed I/O shield.
3. If spacers are used, move them to the correct positions as needed to

accommodate the holes in the motherboard and secure them to the case.
Caution
Pay attention to the location of the spacers if you are swapping a

motherboard. If you leave a screw-type spacer beneath a spot on
the motherboard where you cannot add a screw and then apply
power to the motherboard, you run the risk of causing an electrical
fault that prevents the system from starting.
4. Place the motherboard inside the case and carefully line it up with the I/O
shield and the spacers or elevated screw holes.
Page 70 of 1229
Figure 2.38 Insert motherboard

5. Secure the motherboard in place with the mounting screws. Use as many
screws as there are holes in the motherboard.
Figure 2.39 Secure motherboard

Caution
Leaving a loose screw inside the case and failing to fasten any slot
cover or card in place are common causes of electrical faults. If
metal parts touch live components on the motherboard, the system
will stop working. Remove or secure any loose metal parts inside
the case.
6. Once the motherboard has been mounted to the case, with the CPU and
RAM properly installed, it is time to connect the wire connectors for the
LEDs, buttons and ports on the front panel to the motherboard headers. The
wire connectors have specific header connections to the motherboard. There
is no clear rule for finding out what the function of each wire is; often the
function is printed on the wire connector. If not, track each wire to the
LED/port/button to find out what it is used for.
You can follow a few rules when installing these wire connectors:
1st rule the LEDs have a positive side and a negative side. If they do not
work one way, turn them around and try them the other way.
2nd rule when in doubt, test each connection by guessing. Incorrect
installation only results in the component not working; it will not damage the
motherboard.
Page 71 of 1229
3rd rule with the exception of the speaker and power button, which must be
connected for the computer to power up, you initially do not have to plug in
the other connectors for the computer to work. Although many technicians
ignore the other wire connectors, it is not a best practice and should only be
done when testing.
Figure 2.40 Connect front panel connectors to headers

Note
If the power wire connector is plugged into the wrong pins on the
motherboard, the system will not start and you will not see an error
message. Check the wire connectors, motherboard or motherboard
manual to find out what the correct pinouts and installation are.
7. Connect the data cables to the hard drive and optical drive and to their
appropriate host adapters on the motherboard, respectively. Follow the
correct configuration and orientation instructions found in the motherboard
manual.
8. Connect the power cables. Follow the correct configuration and orientation
instructions found in the motherboard manual.
Depending on the power connectors the motherboard supports, you will
typically need to connect power cables for most of the following:
Hard drive and optical drive power cables coming from the PSU to the
hard drive and optical drive.
Motherboard a motherboard will always need a main power connector.
Processor motherboards will most likely need a power connector for the
CPU.
Case fans connect the power cables coming from the case fans to the
pins on the motherboard labelled Fan Header or Chassis Fan. Case fans
plugged into the motherboard can be monitored and controlled in the
Windows OS. Alternatively, some case fans use a connector coming
directly from the PSU, which cannot be monitored by the OS.
CPU fan every motherboard has a CPU fan power connector that
accepts a power cable from the CPU fan to the pins on the motherboard
labelled processor Fan or CPU Fan Header.
PCIe power some motherboards have additional power connections to
accept power connectors from the PSU to provide power to one or more
PCIe expansion cards.
Power fan connector some motherboards have a power fan connector
used for monitoring and regulating the speed of the PSU.
Page 72 of 1229
Figure 2.41 Connect motherboard power (left) and case fan power
(right)
9. After you install the motherboard and connect all wires and cables, install
the graphics card (if no on-board video exists or if you are required to do
so).
Note
If inserting any expansion cards you removed from an old

motherboard, make sure that the existing cards do not duplicate any
features (such as sound) found on the new motherboard. If there are
duplicate features and you want to use the card, you must disable the
corresponding feature on the motherboard or in the BIOS.
10. Perhaps the most important step is to double check that all of the
connectors and cards are properly seated and connected where they are
supposed to be connected! If something is wrong, it is better to find it
now than after you have powered up.
11. If you are using a working computer that you previously stripped apart,
you can now replace the side panel and fasten it.
12. Plug the keyboard and monitor back in, plug the power cable back in, and
finally turn on the computer.
Assuming that you have done everything correctly, the computer will boot up
normally. See if the BIOS information shows up on the BIOS screen and
observe POST with no errors. If there is a problem during POST, read the
motherboard manual to see where you made a mistake. If you receive no
power at all, make sure all the necessary power connectors are plugged in. If
the fans power up but there is nothing on the screen, you could have several
problems. The CPU, RAM or graphics card might not be connected to the
motherboard properly. The only way to find the problems is to test.
Tip
Check the easy connections first (RAM and video) before removing
and reseating the CPU.
Once everything is working correctly, POST has completed successfully and the
OS loads (assuming the OS is already installed on the hard drive), log into the
OS desktop and insert the motherboard disc and run the setup program. Follow
the on-screen steps to install any chipset drivers, which might include drivers
for on-board devices such as video, network, sound and USB.
Page 73 of 1229
2.4 Power supplies

Computers run on electricity. As a computer technician, you might need to
troubleshoot a computer with a faulty PSU or even replace a PSU. With that in
mind, you need to have a basic understanding of electricity and PSUs.
2.4.1 Measurements and properties of electrical circuits

Electricity is the controlled flow of negatively charged electrons that move
through a conductor. Table 2.2 lists the electrical terms and characteristics you
need to know about.
Table 2.2 Terms and characteristics of electrical supply
Term
Circuit
Current
Voltage
Resistance
Power
Energy
Definition
A complete and closed path through which current can flow.
Current is the flow of electrons through a circuit when a force is
applied and is measured in Amps (I) (or amperes). Electricity
can either be:
Direct Current (DC) electrons always flow in one direction
only around a continuous circuit. DC is the type of current that
most electronic devices, including computers, use.
Alternating Current (AC) electrons flow in both directions;
first one way then the other, around a continuous circuit. Wall
outlets supply AC.
A measurement of the potential difference between two points
in a circuit. It can be seen as the pressure that pushes
electrons through a circuit, or the pressure behind the power to
the device. Voltage is measured in Volts (V). Anything other
than the proper voltage is dangerous for the device.
The conductivity of the media the force that limits the flow of
electrons in a circuit. Increased resistance results in a decrease
in the amount of current that will flow through a conductor.
Resistance is measured in Ohms ( or R).
You can think of power as the amount of work done or energy
used up to move electrons in a given period of time. Power is
measured in Watts (W) (or wattage). Think of wattage as a
bucket of power that the attached device can take and use. A
bigger bucket simply holds more power, but does not force the
power on the device like voltage does. Power is equal to voltage
multiplied by current (W= V x I).
The amount of power that a system uses over time. This is
measured in Watt-hours or Kilowatt-hours (kWh).
It is also important to understand the basic computer electrical components

and how they work:
Conductor allows electricity to flow through it more easily. Examples

include copper, gold and aluminium. Conductors are used for wires and
contacts.
Page 74 of 1229
Insulator stops the flow of electricity. Examples include rubber, glass

and plastic. Insulators are used as sheaths for wires to prevent short
circuits and electric shocks. A short circuit is a low resistance connection
between two points in a circuit, typically causing too much current.
Semiconductor material, such as silicon, that can work as both a
conductor and an insulator. It provides switch-like functionality, opening
and closing a circuit to represent binary (on/off) values.
Resistor a component that limits the amount of current flowing through
it. A resistor protects a circuit from overload and controls the current.
Diode a valve that allows current to flow through it in one direction only
and blocks the flow in the opposite direction. It is used in PSUs and other
devices and as a form of protection for components.
Fuse a safety component that is designed to stop too much current from
flowing through a circuit. Electricity creates heat. A fuse has a wire. When
too much current begins to flow, the wire melts under the heat, breaks the
circuit and stops the current. Many devices have a fuse that can be replaced
when damaged.
Transistor an on/off switch for an electrical signal to create the binary 0s
and 1s the computer uses to communicate. A normal transistor has a source
that allows electrons to enter and the drain where electrons flow out. A gate
lies between the source and drain that blocks the flow. When the gate is
closed, it shuts off the electron flow and the transistor is off and stores a 0.
When the gate is open, electrons flow through and the transistor is on and
stores a 1. See Figure 2.42. A type called Field Effect Transistor (FET) is
used to make chips for CPUs and memory.
Figure 2.42 One type of FET transistor for a CPU
Capacitor stores an electrical charge for some time and releases it when
needed. When power is given to the capacitor, it charges up; when power is
switched off, the capacitor lets go of its charge very slowly. Therefore, the
capacitor can still keep its charge long after power to it has been cut off.
Figure 2.43 shows a type of capacitor on a motherboard.
Page 75 of 1229
Figure 2.43 Capacitors on a motherboard

Another term you should take note of is ground (or earth), which refers to
the path to the earth or some other conductor that is connected to earth. A
properly grounded system will cause out-of-control current to flow into the
earth and not back to the power station. Grounding serves as an escape route
for out-of-control electricity, preventing damage to systems and protecting
people from electrical shocks.
Note
An electrical wall outlet must have a ground to be suitable for

computer and other electronic device use.
2.4.2 Power Supply Unit (PSU)

The power supply unit or simply power supply changes and conditions
incoming AC power from the wall outlet to DC power to power the motherboard
and other components.
It also steps down high 110-120 or 220-240 AC voltage to several low DC
voltages (3.3V, 5V and 12V) used by the different computer components. In
addition, the PSU provides cooling and helps manage air flow through the case.
Figure 2.44 A typical PSU

Note
The PSU must deliver a good, steady supply of DC power so the

computer can work properly.
The PSU has many parts, including:
Transformers to step the voltage down to the appropriate lower voltage

level.
Page 76 of 1229
Rectifiers to convert AC to DC.

Filters and regulators to achieve steady voltage or clean output.
Caution
A PSU has capacitors that store charges for long periods after being
unplugged from the wall outlet. Therefore, a PSU is not userserviceable. Thus, do not attempt to open and work on a PSU
unless you have the necessary knowledge, training, tools and
experience to do so. The PSU is a field replaceable unit; it should
be replaced and recycled when it goes bad.
The PSU gets plugged into the AC wall outlet using a suitable power cable. The
plug on the power cable must be fitted with a working fuse of the correct
rating (typically 3A or 5A) and it must be suited to the country you are in. The
power cable gets plugged into the PSUs standard connector. South African
voltage requirements are 220-240V.
2.4.2.1 Choosing a PSU
Consider the following PSU features and power characteristics when choosing a
PSU:
Form factor
The form factor of the PSU determines its compatibility with the motherboard
by the type and number of power connectors it provides, and the case in terms
of how much space it needs plus the location of screw holes and fans. When
choosing a PSU, match the form factor (size and shape) to the case and
motherboard.
Most PSUs are based on the ATX form factor. The most common standard size
is 150 mm wide x 86 mm high x 140 mm deep for ATX PSUs.
The demand for smaller and quieter computers has led to the development of a
number of smaller form factor (SFF) PSUs that use standard ATX connectors
but differ in size and shape from the standard ATX PSU and cannot give the
same amount of power as the standard ATX PSU. Here are some of the
common speciality types of PSUs:
Micro-ATX an SFF primarily used for micro-ATX cases. Micro-ATX is

similar to ATX for compatibility, that is, it uses the same standard ATX
power connector and standard ATX I/O panel, and thus a micro-ATX
motherboard will fit in a full-size ATX case. However, it typically has fewer
power connectors than ATX PSUs.
TFX12V (Thin Form Factor with 12V connector) an SFF primarily
used for micro-ATX systems.
SFX12V (Small Form Factor with 12V connect) an SFF primarily used
for micro-ATX systems.
On/Off switch
Many ATX PSUs have an On/Off switch on the back that ensures no power is
being sent to the components. If you really need the computer to shut down
with no power to the motherboard, use this switch. See Figure 2.45.
Page 77 of 1229
When this switch is turned off, the computer cannot be turned on with the
power button on the front panel.
Power cable connection
Voltage selector switch
On/Off switch
Figure 2.45 A typical power supplys switches and connections
Caution
Unless the PSU is disconnected from the AC wall outlet or is

turned off using the On/Off switch, a small amount of power (5V)
still runs to the motherboard and through the system. This means
that the PSU is always on even when powered down. Do not work
inside the computer unless you disconnect the AC power cable or
turn off the PSU.
Soft power
The power button on the computers front panel simply tells the computer
whether it has been pressed. The BIOS or OS takes over from there and
handles the task of turning the computer on or off. This is called soft power
and it prevents the computer from being turned off before the OS has shut
down properly. It also enables the computer to use power-saving modes that
put the computer to sleep or wake it up and to shut it down if pressed long
enough. The most important parameter for ATX soft power resides in CMOS
Setup. Boot into CMOS and look for a Power Management screen.
Note
The communication between the computer and PSU is called

advanced configuration and power interface (ACPI).
Voltage selection
It is vital that the PSU is set to the correct input voltage according to the
country. Some PSUs come with a voltage selector switch (often a red
switch), as shown in Figure 2.45, that you can use to adjust the voltage level.
Some are auto switching (auto-sensing) and can detect the incoming
voltage and automatically switch to that voltage accordingly, while others can
only accept one type of input voltage (fixed).
Page 78 of 1229
Caution
Adjusting the voltage selector switch to the wrong voltage can

cause all kinds of problems, from preventing the computer from
starting up to damaging the PSU. In the worst case, it could lead to
a fire. Although you should check the switch to ensure that it is set
to the correct voltage before powering up a new or recently
relocated computer, be careful not to adjust it to the incorrect
voltage setting.
Power distribution and rails

All of the power to the computer generally comes from a transformer that
takes the AC from the wall outlet and converts it into DC that is split into three
primary DC voltage rails: 12V, 5V and 3.3V. A rail is wire that provides current
at a specific voltage. Each rail has a maximum amount of power that it can
provide, and the power sent over each rail is known as power distribution.
Groups of wires run from each of the voltage rails to the various connectors.
When choosing a PSU, pay attention to the output rating of the +12V rail as
this is the most heavily used rail, particularly in high performance gaming PCs
by CPUs and PCIe graphics cards.
Some PSUs list as being dual or triple (or tri) rail. A dual rail PSU has two
+12V output lines, one of which is used for the CPU. A triple rail PSU simply
has three +12V output lines for devices.
The computer uses 12V to power motors on hard drives, optical drives and
fans, and 5V and 3.3V for on-board electronics. A component that runs on a
voltage other than these must be indirectly powered through the
motherboards on-board voltage regulator modules (VRMs) with the
correct voltage coming from the PSU.
Connector keying
Most connectors are keyed, that is, they are designed to fit into a component
only one way, although it might be possible to force a connector into a port or
header backwards. To avoid destroying or damaging components, it is best to
look for the key and ensure you plug in the connector correctly. Figure 2.46
shows some common keyed connector examples.
Figure 2.46 Connector keying examples
Page 79 of 1229
PSU ratings and calculations

Every component requires a certain amount of wattage to function. The
wattage is the maximum amount of power output (power rating) available
from the PSU, measured in watts. The higher the watts, the more power the
computer can take from the PSU. Most computers need PSUs in the 200-500
watt range with SFF usually rated at 300W or less, standard desktop
computers rated up to 300W, servers and tower computers rated at or over
500W and gaming PCs over 500W with 1000W for very high-end gaming PCs.
Note
Many manufacturers offer PSU models that range from 300 watts to
over 1000 watts.
Wattage information can be found in the PSU documentation, at the PSU

manufacturers website and on the sticker on the PSU. See Figure 2.47.
PSU rating
AC input voltage levels
DC output voltage
levels by type
3.3V, 5V and 12V max
load
Hazard warnings
Product certifications
Figure 2.47 A typical power supply sticker

The power efficiency rating of a PSU is the ratio of output power to input
power and is shown as a percentage (%). It measures how much energy is
converted and used relative to how much energy goes into the PSU. Common
efficiency values range from 65% or more for PSUs. The remaining 35% or
less is turned into heat during the AC to DC conversion process.
If the PSU cannot provide enough power, the computer will not function
properly. What happens if you connect devices that need more power than the
PSU can give? A common result of not enough power is called overload
which can cause computer symptoms such as overheating, sudden rebooting
and even complete failure.
Note
Components only take what they need from the PSU and no more.
Therefore, if you buy a 500W PSU and install it into a computer that
only needs 250W, the PSU will only supply 250W to the computer.
Therefore, buying an efficient, higher wattage PSU has two benefits: running a
PSU at less than 100% load helps it live longer and gives the computer plenty
of extra power for any additional components to the computer.
Page 80 of 1229
When building a computer, you need to work out the precise wattage needed
for everything connected to the computer, with an extra 30% or more wattage
to spare. You can find out the wattage rating you need for your PSU in one of
the following ways:
Use a wattage calculator program. It is available at the PSU or

motherboard manufacturers website. See Figure 2.48. This program allows
you to choose computer components, and based on what you have chosen,
recommends the wattage you need for your PSU.
Use your own calculator. This requires that you look through the
technical documentation or go to the support website for every component
connected to the computer that uses the PSU to gather the individual power
demands of each one, and then add those numbers together and add extra
wattage on top of that.
Note
If you have amperage ratings instead of wattage ratings, multiply the

amperage by the voltage to see what the wattage is and then start
adding up.
Page 81 of 1229
Figure 2.48 PSU wattage calculator

Protection and PFC
PSUs might have short circuit protection, overpower (overload) protection,
overvoltage protection, undervoltage protection, over current protection and
over temperature protection.
Overvoltage occurs when the output voltage from the wall outlet is over the
rated amount. Overvoltage is harmful because too much DC voltage destroys
electronic circuits. Undervoltage occurs when the voltage falls below the
needed AC volts. If the voltage is too low, the PSU cannot provide enough
power to power all components.
Page 82 of 1229
Power Factor Correction (PFC) is another factor to consider when choosing

a PSU. PFC is circuitry inside the PSU that protects against voltage fluctuations
and electrical irregularities that affect the efficiency of the PSU. The types of
PFC include: Active PFC, which provides the best protection, Passive PFC,
which provides good protection, and non-PFC, which provides the worst.
Connectors
When choosing a PSU, consider the type and number of power cables and
connectors the PSU provides. Some newer PSUs do not have connectors for
older components, so make sure the connectors provided by the PSU connect
to the motherboard, drives, expansion cards that need dedicated power, and
other internal components that will use the PSU.
Although most connectors are shaped in a way that stops them from being
plugged in the wrong way, there are connectors that can be plugged in the
wrong way which can destroy a component. Table 2.3 lists the types of ATX
connectors, their pin count and what they are used for.
Table 2.3 PSU connectors
Connector
Usage and pin count

A 20-pin P1 main power connector to power older and
modern motherboards.
A 24-pin P1 main power connector to power modern

motherboards. To avoid problems, you should not use a
20-pin P1 power connector on a 24-pin motherboard.
A P1 20-pin connector with separate 4 pins (20+4) is
available to provide compatibility with a 20-pin P1 and
24-pin motherboard.
A 4-pin connector to power older processors. Also known

as an ATX12V or P4 connector.
Many modern ATX motherboards feature an 8-pin

processor connector to help support processors that
demand a lot of power. This connector is known by
several names, including EPS12V, EATX12V and ATX12V
2x4. The 8-pin can accept the ATX12V 4-pin connector as
long as it is plugged into the correct pins. Many PSUs
come with a 4+4 pin 12V cable which is compatible with
the 4-pin and 8-pin CPU connector.
Page 83 of 1229
Connector
Usage and pin count

A 4-pin mini-Molex (or Berg) connector that is used to
power the older floppy drive. It is also used as an
auxiliary power cable for AGP graphics cards.
A 4-pin Molex connector used to power PATA hard and
optical drives and for case fans that do not plug directly
into the motherboard. The connector is shaped so that it
only fits in one way and needs a firm push to plug in
properly.
A 15-pin connector that is used to power SATA hard and
optical drives. SATA connectors are L shaped so that they
can only be plugged into a SATA drive the correct way.
Auxiliary 6-pin PCIe power connector used by high
performance PCIe graphics cards that need additional
voltage.
PCI Express version 1 uses a 6-pin connector.
PCI Express version 2 uses an 8-pin connector.
A 6-pin with a separate 2-pin connector is available to
provide compatibility for PCI Express version 1 and 2.
PSUs designed for dual card systems will feature two
PCIe connectors.
If the PSU does not have a connector that you need, there are adapters
available to convert one type of connector to another type. Figure 2.49
illustrates a Molex-to-SATA adapter (left) and an adapter that converts two
Molex cables to a single 6-pin PCIe connector (right).
Figure 2.49 Power conversion adapters

While many PSUs come with all their cables fixed in one place, others that are
based on a modular design enable you to choose the type and number of
power connectors you need and to plug them into a connector on the PSU.
Additionally, you can get PSUs that support both modular and fixed cable
designs, as shown in Figure 2.50.
Page 84 of 1229
Figure 2.50 Modular PSU

Temperature
Room and operating temperature affect how the PSU performs. If the PSU is
operating at room temperature, it will create a slightly higher wattage than if
it is operating at a temperature above room temperature (called operating
temperature). Therefore, a PSU might have two ratings:
Peak rating wattage rating for room temperature

Actual rating continuous operation at operating temperature
If the PSU only has one rating, assume that it is the peak rating. To calculate
the actual rating, take the peak rating and subtract between 10% and 15%
from it.
Cooling
There are many parts inside the PSU that work to convert AC to DC and they
create a lot of heat. This is why most PSUs have one or more fans inside them
while others use heatsink technology.
Fans can be mounted on the back or bottom of the PSU. You can even find
quiet PSUs with fan sensors that react to the temperature inside the computer,
which either causes the fans to speed up when necessary or run slowly and
silently when not. The fan sensor connector plugs directly into the
motherboard as shown in Figure 2.51.
Figure 2.51 3-wire fan sensor connector

Noise can be a problem when fans are involved. Some manufacturers have
made PSUs that use passive cooling and are without any fans and other
moving parts, making them silent. These fanless PSUs have heatsinks.
Page 85 of 1229
Warranty
Consider the warranty and the overall quality of the PSU, that is, form factor,
wattage rating, cabling, connectors, cooling and protection.
Tip
Consider the aspects covered in this section when choosing a power

supply.
2.4.2.2 Replacing the PSU

When a PSU needs to be replaced, make sure that the new PSU meets the
following criteria:
It has the same PSU connectors and pinouts as the original so that it is
compatible with the motherboard and other components.
It has the same or compatible form factor (shape, size and switch location).
It has the same or higher wattage rating. A higher rating is highly
recommended.
It supports any special features needed by the motherboard, CPU, graphics
card and so on.
2.4.2.3 Removing and installing the PSU

Removing and installing a PSU are essential skills for any computer technician.
Caution
A PSU never turns off. As long as that PSU stays connected to a

wall outlet, it will continue to supply voltage to the motherboard.
Always unplug it before you do any work! Also, do not wear an
anti-static wrist strap when replacing the PSU.
This exercise will show you how to remove and install a PSU:
Note

1. Shut down the computer. If the PSU has an On/Off switch, turn it off as
well.
2. Disconnect the AC power cable from the PSU and remove all external
cables.
3. Place the case upright on a flat surface.
4. Open the case to see the PSU, which might be as simple as removing the
cover or as involved as removing both of the side panels, front panel and
case lid. Look at the documentation that came with the computer or PSU to
see how to find and remove the PSU.
5. Disconnect the PSU from the motherboard. To do this, the catch securing
the PSU connector must be released to allow the connector to be removed.
6. Disconnect the PSU from all drives and cards.
7. Disconnect the PSU from the case and CPU fans. Ensure that all other PSU
cables are disconnected.
A typical PSU is attached to the case by several screws that attach the PSU to
the back panel of the case. See Figure 2.52. The PSU might also be supported
by a shelf inside the case with screws securing it to the case.
Page 86 of 1229
Figure 2.52 PSU mounting screws

8. Remove the PSU screws from the back of the case. Remove any screws
holding the PSU in place inside the case. If there is a shelf, it will also need
to be removed.
9. While supporting the PSU with your hand, slide it out of the case as shown
in Figure 2.53.
Figure 2.53 Remove PSU

Caution Never open the PSU!
To install the PSU:
1. Check the voltage setting on the PSU. Change it to match the local power
voltage.
2. Lower the PSU into the case and position it so that it fits the case correctly,
with the screw holes facing the back panel.
3. Attach the PSU to the back of the case, and line up the holes in the PSU
carefully with the holes on the outside of the case.
4. Fasten the PSU to the back of the case with the screws provided.
Page 87 of 1229
Figure 2.54 Tighten PSU

5. Connect the power cables (you can read the motherboard manual for any
special instructions):
Connect the main power connector (20-pin or 20-pin + 4-pin or 24-pin

depending on the ATX version) to the motherboard.
The PSU might also be equipped with a fan signal connector (usually a 3pin connector) that connects to one of the fan connectors on the
motherboard. This connector allows you to monitor the fan speed of the
PSU through the CMOS Setup program or through monitoring software
that comes with the motherboard.
Connect the 4-pin or 8-pin CPU power connector to the appropriate CPU
motherboard connector.
Connect the power connectors to the hard and optical drives. This might
be Molex or SATA power connectors, or both.
Connect the PCIe power connector to the graphics card and any graphics
card fan power connectors (if needed).
Connect the case fan connectors to the motherboard (if needed).
Connect the CPU fan connector to the motherboard.
Figure 2.55 Connect power cables to components

Your first task after installing the PSU is to verify that it has power:
6. Make sure the monitor, keyboard and mouse are attached to the computer.
7. Plug the power cable into the socket on the back of the PSU.
8. Make sure the power cable is plugged into a wall outlet and turn the power
on at the wall outlet.
9. Turn the switch on the PSU to the ON position (if it has an On/Off switch).
10. Power up the computer and watch the boot process.
Page 88 of 1229
11. Check that all hard and optical drives are working (missing the power to
an optical or second drive might not immediately be obvious after a boot).
When working on an ATX PSU, you may find using the power button
inconvenient because you are not using a case or you have not bothered to
plug the power buttons wire connector into the motherboard header. In such a
situation, you can use a screwdriver to jump short the two power wire
headers on the motherboard momentarily to start the system. It will not
damage the motherboard if done correctly because this is what the power
button wire connector does. You can also short the same two headers
momentarily to power down the motherboard.
Figure 2.56 Shorting the motherboard without a power button

Support Skills Labs and references (G183eng) book:
o Lab 2: Identifying Computer Components (p.10)
Page 89 of 1229
Unit 3 I/O, Multimedia and Expansion Bus

Understand what signalling is and how signalling methods

differ from each other.
Explain what a parallel bus and a serial bus are and how
they differ from each other.
Explain how the different numbering systems used in the
computer work.
Understand data representation.
Explain how data is measured and identify different
measurement terms and properties.
Describe the functions and capabilities of connection
interfaces, including USB, SCSI, FireWire, serial, parallel,
VGA, DVI, HDMI, network and sound.
Identify the types of cables and connectors used with
connection interfaces.
Describe the functions and capabilities of input devices,
including keyboards, mouses, KVMs, game pads, biometric
devices and touch screens.
Install and configure peripheral devices.
Identify expansion bus slots and cards, and describe the
features of the different bus standards.
Install expansion cards.
Distinguish between display technologies and understand
display characteristics.
Install and set up graphics cards and monitors.
Install and set up sound cards, microphones and speakers.
Understand speech recognition.
Describe the functions and capabilities of multimedia
devices, including tuner/capture cards, digital cameras and
webcams.

Module 1 Units 4, 5 and 6 (p.34-86)

Review Questions:
o Connection Interfaces (p.49)
o Peripherals and Expansion Slots (p.66)
o Output and Multimedia Devices (p.84)
Page 90 of 1229

(G183eng):
o Lab 3: Identifying Computer Ports (p.11)
o Lab 4: Connecting Peripheral Devices (p.12-14)
3.1 Understanding signalling

A signal is a means of sending data using electricity or another source, such
as radio waves or light. A computer sends data using electrical signals and
stores it using two state switches called transistors (for 0 and 1). The
electrical pathway along which signals are sent and received between
computer components or through cabling is known as a bus. There are
different signalling methods used in computer buses:
Single ended signalling each signal travels on one wire while another
wire functions as a common ground. This method is not good at dealing
with any electrical interference and is used by older bus types, such as
serial, PS/2 mouse and keyboard ports or video graphics array (VGA)
display ports.
Differential signalling signals are sent as the difference between
voltages on a pair of wires, and the two wire voltages are compared at the
receiving end. This helps reduce or prevent electrical interference from
anything that disrupts of changes the signal, and it allows the use of lower
voltages, reducing power consumption and heat. This method is used by
newer buses, such as USB, Firewire and PCIe.
3.1.1 Serial and parallel bus communication

There are many different bus technologies used to build computers. In general,
a bus can be one wire (serial) or a group of wires working together (parallel)
that carry signals from one point to another. Figure 3.1 shows the differences
between serial and parallel signal communication.
Parallel
3
4
5
Serial
1
Figure 3.1 Parallel and serial communication
Page 91 of 1229
Parallel sends multiple data bits over multiple wires at the same time
(one wire for each bit). Keeping with the 8 bits = 1 byte nature of
computer data, most parallel bus types use multiples of 8, such as 32 bits
and 64 bits. Parallel communication is used by older bus technologies.
Serial sends data one bit at a time, one bit after the other, working at a
higher frequency (speed). Serial communication is used by modern bus
technologies.
3.1.2 Hertz
Hertz (Hz) measures the transmission frequency (or speed) of signals in cycles
per second (or electrical changes each second). It is commonly used to
measure various speeds, including the CPUs clock speed. Megahertz (MHz) is
equal to 1000 Hz, and Gigahertz (GHz) is one million Hz or 1000 MHz. Table
3.1 shows the most common multiples of Hertz used.
Table 3.1 Hertz
Abbreviation
Name
Multiples of
Hz
KHz
MHz
GHz
THz
Hertz
Kilohertz
Megahertz
Gigahertz
Terahertz
One
One
One
One
thousand
million
billion
trillion
Number of cycles per

second
1
1 000
1,000,000
1,000,000,000
1,000,000,000,000
3.1.3 Analogue and digital signalling

Signalling can be either analogue or digital:
Analogue a signal that changes continuously in time and can take on

many different values. Analogue information is created by real events, such
as a signal representing the sound waves created by someone speaking or a
band playing music.
Digital computers process data using digital signals as individual off and
on pulses in the electrical signal to represent binary 0s and 1s. A 0 or 1
represents the absence or presence of a pulse (rise and fall of voltage) and
the computer is able to recognise this absence or presence.
Digital signal
Analogue signal
Figure 3.2 Digital and analogue signals

Page 92 of 1229
Note
Since computers only process digital data, they need digital input.
Therefore, the computer needs to translate between analogue and
digital signals for some types of communication.
3.2 Numbering systems

Numbers are represented using different numbering systems. The
characteristic that distinguishes one numbering system from another is called
the base of the numbering system. In simple terms, the base is the number of
symbols in a system.
Decimal numbering system this system is used by people for everyday

mathematics. Just look at your hands as an example. If you put both of
your hands together and count your fingers starting from 0-9, the total
would be 10. To represent a number greater than 9, you can add more
fingers from other peoples hands; for example, 9 + 1 = 10. This system is
referred to as base 10. Hard drive storage sizes are often quoted in terms
of decimal measurements.
Base 10 systems use the powers of 10 formula as follows:
o
o
o
o
101 = 10
102 = 10 x 10 = 100
103 = 10 x 10 x10 = 1000
And so on.
Binary numbering system computers use this system to store and

process data. Look at your hands as an example. One hand represents 0
and the other 1, for a total of 2. Hence, binary systems use two values: 1
and 0. This system is referred to as base 2. One binary value is a bit (1 or
0) and 8 bits equal one byte. File sizes and memory capacity (the amount
of data it can store) are given in binary measurements.
Base 2 systems use the powers of 2 formula as follows:
o
o
o
o
21 = 2
22 = 2 x 2 = 4
23 = 2 x 2 x 2 = 8
And so on
Hexadecimal numbering system this system organises bits into groups

of four and is referred to as base 16. Two spiders that you want to count
will be used for this example. The numbers 0-7 represent the one spiders
legs and the numbers 8-9 and letters A-F represent the other spiders legs,
to reach a total of 16. Hexadecimal numbering is convenient because it can
be difficult for people to read long binary numbers, and the 2 byte (16-bit)
or 4 byte (32 bit) memory addresses that computers use are long.
Page 93 of 1229
The most typical uses for hexadecimal numbering are:

o Memory addresses
o Input/output addresses
o Network addresses
Table 3.2 summarises the three numbering systems.
Table 3.2 Summary of numbering systems
Numbering system
Binary
Decimal
Hexadecimal
Base
2
10
16
Values
0 and 1
0, 1, 2, 3, 4, 5, 6, 7, 8, 9
0, 1, 2, 3, 4, 5, 6, 7, 8, 9, A, B, C, D, E, F
3.2.1 Converting binary to decimal

People use and understand decimal numbers, but the CPU can only understand
binary numbers. Therefore, it is necessary to convert from one numbering
system to another.
To convert binary into decimal is very simple and can be done as shown below:
1. To convert an 8-bit value of 10011101 into a decimal value, use the formula
below:
Decimal
Binary (8 bits)
128
64
32
16
As you can see, the numbers 1, 2, 4, 8, 16, 32, 64 and 128 are placed in the
reverse numerical order, and then the binary value is written below it. 1, 2, 4,
8, 16, 32, 64 and 128 are called the powers of 2 because you multiply the
number 2 by itself. Binary values are read from right to left and the positions
represented by the 1s are added together to represent the decimal value.
2. To convert, you simply take the decimal value from the top row only where
a 1 appears in the binary value below it, and then you add the values
together. For instance, in our example we have 128 + 16 + 8 + 4 + 1 =
157.
Decimal
Binary (8 bits)
Answer
128
64
32
16
128
+0
+4
+0
+1
+0 +16 +8
= 157
Page 94 of 1229
For a 16-bit value, you use the decimal values 1, 2, 4, 8, 16, 32, 64, 128, 256,
512, 1024, 2048, 4096, 8192, 16384, 32768 (powers of 2) for the conversion.
Table 3.3 shows you how to count from 1 to 10 (decimal) in binary using the
same method above where a 1 bit appears.
Table 3.3 Decimal-to-binary conversion
Decimal
0
1
2
3
4
5
6
7
8
9
10
Binary
00000000
00000001
00000010
00000011
00000100
00000101
00000110
00000111
00001000
00001001
00001010
3.2.2 Converting decimal to binary

The following example will be used to convert from decimal to binary:
1. The decimal number used for this example is 234. To convert this number
to binary, you need to find the highest of the power of 2 numbers 256, 128,
64, 32, 16, 8, 4, 2, or one that is less than the number you are looking for.
Decimal
Binary
256
128
64
32
16
2. First, you will find that 256 is bigger than 234 but 128 is not. Place a 1 in
the 128 column.
3. Subtract 128 from 234 = 106. Place a 1 in the 64 column because it is
smaller than 106.
4. Subtract 64 from 106 = 42. Place a 1 in the 32 column because it is smaller
than 42.
5. Subtract 32 from 42 = 10. Place a 0 in the 16 column because it is bigger
than 10. Place a 1 in the 8 column because it is smaller than 10.
6. Subtract 8 from 10 = 2. Place a 0 in the 4 column because it is bigger than
2. Place a 1 in the 2 column because it is equal to 2.
7. Subtract 2 from 2 = 0. Place a 0 in the 1 column because it is smaller than
0.
8. Decimal 234 equals 11101010 (in binary for 8 bits, not counting the 256
column).
Page 95 of 1229
3.2.3 Converting to hexadecimal

To represent a hexadecimal value, only four binary values are converted as
shown in Table 3.4. Use the same method as above starting from the rightmost non-zero binary value and moving left to work out the equivalent
representation of decimal-to-hexadecimal-to-binary.
Table 3.4 Decimal-to-hexadecimal-to-binary conversion
Decimal
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
Hexadecimal Binary
0
1
2
3
4
5
6
7
8
9
A
B
C
D
E
F
0000
0001
0010
0011
0100
0101
0110
0111
1000
1001
1010
1011
1100
1101
1110
1111
Binary calculations
0
1
2
1+2=3
4
1+4=5
2+4=6
1+2+4=7
8
8+1=9
2 + 8 = 10
1 + 2 + 8 = 11
4 + 8 = 12
1 + 4 + 8 = 13
2 + 4 + 8 = 14
1 + 2 + 4 + 8 = 15
3.2.4 Using a scientific calculator

You can use a scientific calculator, like the one in Windows, to convert
numbers between numbering systems or to double check your calculations. To
open the calculator in Windows 7, click Start > All Programs > Accessories
and choose Calculator. For example, Figure 3.3 shows you how to use the
Windows Calculator program to double check your calculations. The
Programmer option must be chosen from the View menu to display the
options shown in Figure 3.3. Arithmetic (mathematics) can also be performed
in any numbering system on a calculator, once that numbering system is
chosen on the calculator. After entering a decimal number, such as 79 in
Figure 3.3, choose the numbering system to which that number must be
converted. In this case, decimal 79 is converted into hexadecimal 4F and
01001111 in binary.
Page 96 of 1229
Figure 3.3 Converting 79 into hex and into binary using a Calculator
Note
Keep in mind that the calculator will drop any leading zeroes. Also,
when converting decimal to binary, it will only show a limited number
of binary numbers, so for long numbers, it is best to work on bytes or
octets.
3.3 Data representation

Because computers store and process data into information using electricity,
they are forced to work with binary data. The fundamental unit of data
storage is called a bit (binary digit), which is represented by two states: 0
and 1. A combination of 0 and 1 bits represents everything you see on screen,
including numbers, letters, pictures, emails, videos, etc.
Because of the way the system is organised, bits are grouped in eight different
sequences of 0s and 1s to form what is called a byte. A byte is worked on as a
unit and can represent a single character, such as the letter C, a symbol such
as % or a number such as 255.
Because a bit and a byte are such small amounts of data, file and memory
sizes and drive storage sizes are measured in thousands, millions, billions and
trillions of bytes. Table 3.5 summarises the data measurement values used in
the industry and their abbreviation and equivalent sizes.
Table 3.5 Data measurement values
Measurement
Bit
Byte
Kilobyte
Megabyte
Gigabyte
Terabyte
Petabyte
Exabyte
Zettabyte
Abbreviation
b
B
KB
MB
GB
TB
PB
EB
ZB
Size
Single binary value (1 or 0)
= 8 bits
= 1024 Bytes
= 1024 KB
= 1024 MB
= 1024 GB
= 1024 TB
= 1024 PB
= 1024 EB
Page 97 of 1229
You may be wondering why kilobyte, megabyte, gigabyte and terabyte do not
equal exactly one thousand, million, billion and trillion bytes respectively. Kilo
literally means thousand, so you would think that one KB would be one
thousand bytes. However, the bytes are calculated by using binary with the
formula of 210 (or 2 x 2 x 2 x 2 x 2 x 2 x 2 x 2 x 2 x 2). If you enter these
numbers into a calculator, you will see that it works out to 1024. The same
applies to MB, GB, TB, PB, EB and ZB but with more 2s.
Bits and bytes and other measurements are used in different ways:
System (RAM) memory size is always quoted in binary measurements in

megabytes and gigabytes, for example, 8 GB memory (which equals 8192
MB).
File size is always quoted in binary measurements, for example, in
kilobytes, megabytes and gigabytes.
Hard drive manufacturers almost always quote hard drive space in decimal
measurements of megabytes, gigabytes and terabytes, for example, 500
GB. The computer, however, reads the size in binary measurements, for
example, 465.66 GB.
Bandwidth/data transfer rate/throughput when data is transferred
within a computer or between computers, bandwidth measures how much
data is being sent or received per second, for example, bit per second
(lowercase b), Megabits per second (Mbps), Bytes per second (uppercase
B), Megabytes per second (MBps) and Gigabytes per second (GBps).
Network transfer rates between systems that are connected to one
another are in decimal measurements of bits per second, for example, 56
Kbps means 56 000 bits per second.
Memory and network addresses are reported in hexadecimal notation,
for example, a memory address of 02F8.
Note
If you see a new hard drive advertised with a certain amount of TB

space by a drive manufacturer, but the computer reports it as having
a different size, do not be alarmed. Computers count a kilo in binary
as 1024 while normally a kilo is counted in decimal as 1000. A giga
is 1024 x 1024 x 1024 = 1,073,741,824, but this is 1,000,000,000 in
decimal. There is no difference in the number of actual bytes of
storage.
Some other measurements to know about include:
Millimetre (mm) a unit of length used to measure many objects,

including camera focal lengths, motherboard sizes, ports and fan sizes.
Centimetre (cm) a unit of length where 1cm = 10 millimetres.
Centimetres can be used to measure many components, such as
motherboard sizes, fan sizes and cable lengths.
Inch () a unit of length where an inch is represented by the double
prime symbol . 1 inch = 2.54 cm. It is commonly used to measure
motherboard sizes, drive bays, drive form factors, some ports and screen
sizes.
Page 98 of 1229
Metre (m) a unit of length where 1m = 100 cm. Metres can be used to
measure many components that run for long distances, such as cable
lengths. 1000 metres = 1 kilometre (km).
3.3.1 Character encoding schemes

Every text file is just a collection of binary 0s and 1s. Computers take those
binary numbers and convert them into characters so that people can
understand them. How the computer does this for any given file is called
encoding. Encoding defines what set of characters 1s and 0s will be converted
to. Character encoding schemes are used to represent all characters that
can appear in text data, such as numbers, letters, special characters and
symbols using numeric codes. The character encoding schemes are:
3.3.1.1 ASCII
American Standard Code for Information Interchange (ASCII) is a
traditional scheme that uses 7 bits to represent each lowercase (a-z),
uppercase (A-Z) letter, number and some punctuation symbols from the
standard English language. For example, the capital T is represented by the
number 84 and lowercase t by 116. Because ASCII uses 7 bits, it is limited to
27 or 128 characters, which is not sufficient to represent characters from other
languages and some special characters. Several extended ASCII character sets
are available that support 8 bit combinations and add an extra 128 characters
to give a total of 256 characters.
Table 3.6 lists some extended ACSII code examples:
Table 3.6 Extended ACSII code examples
CHARACTER
0
1
A
B
+
!
ASCII
00110000
00110001
01000001
01000010
00101011
00100001
Although the extended versions include the characters used in the

alphabet, some non-English characters, the 10 decimal digits (0 to
other characters usually found on a keyboard, they do not include
characters to represent all languages. Therefore, other character sets,
Unicode, are commonly used to represent more characters.
English
9), and
enough
such as
3.3.1.2 Unicode
Sending files to another user whose computer does not use exactly the same
encoding as yours results in all of your language-specific characters getting
transformed into some other characters that do not make sense in your file.
This leads us to Unicode.
Page 99 of 1229
Unlike ASCII, Unicode is an international encoding standard designed to

represent characters written in any ancient or modern day language, including
those with different alphabets, such as Zulu, Xhosa, Afrikaans and so on.
Unicode uniquely identifies each character using 0s and 1s, no matter which
language, platform or program is used. It has 1 to 4 bytes (8 to 32 bits) for
each character, and can represent well over a million characters.
Many characters, such as the ones below, can be represented by Unicode but
not by ASCII.
Most modern software programs and programming languages use Unicode.

Unicode assigns a unique number or code point for every character. For
instance, when you open the Symbol dialog box in the Microsoft Office Word
program, the Unicode representation and its character code (in decimal or
hexadecimal) can be seen. The Symbol dialog box in Figure 3.4 shows the
Unicode representation of the Greek symbol in hexadecimal 03A3.
Figure 3.4 Unicode representation

Note
Unicode is updated regularly to add new characters and new

languages not originally encoded. UCS-4, UTF-16, UTF-32 and UTF-7
and so on are different ways of encoding the Unicode code points
using a different number of bytes.
Page 100 of 1229
3.4 Ports and connectors

A connector is a piece of hardware attached to a wire, cable or piece of
hardware (such as the motherboard) that creates an electrical connection so
that components can exchange data. The term connector is also used to
describe a port, plug or jack. A port is a piece of hardware that has holes or
pins that accept a matching connector. A moveable connector (often a male) is
commonly referred to as a plug which goes into a port, and a female
connector (often at a fixed location) is referred to as a jack, socket,
receptacle or outlet. To summarise, you always put a connector or plug into
a port, not the other way round.
Port
Jack
Plug (or
connector)
Figure 3.5 Plug, port and jack

Note
The term interface when speaking about hardware refers to a card,

connector or other electronic device that connects pieces of hardware
to the computer so that data can be transferred.
3.4.1 Port location, standard and gender

An input and output (I/O) device can either be internal, such as with an
expansion card installed into an expansion slot, or external and connected to
a port coming off the motherboard or an expansion card. Every peripheral
device connects to the computer through the appropriate I/O port.
You can identify connectors and ports by their colour, shape and gender and
by counting the number of pins or pin holes they have. The gender of a port
(or connector) refers to it being either a male or female. If a connector has
pins, it is a male; if it has pin holes, it is a female. The gender and the fact
that connectors and ports are keyed stops people from inserting them
incorrectly. Also some connectors have screws and other locking mechanisms
to ensure that they are fully inserted and cannot work loose.
A gender changer changes a male connector to a female connector or a
female to a male, and is ideal in cases where you cannot attach a device to the
computer because its connector is the same gender as the port. See Figure
3.6.
Page 101 of 1229
Front
Back
Figure 3.6 A gender changer
3.4.2 Legacy ports

Although the older parallel, serial and PS/2 ports have largely been replaced by
USB, you will still find these ports on computers and therefore you must know
how to support them.
3.4.2.1 Serial port
Take note of the following points about the serial port:
RS-232 (Reference Standards 232) standard defines everything about serial

ports, such as how fast they communicate and how the connectors look.
It is a serial bus bits are sent over a single wire, one bit after the other.
It is used for older external modems.
It supports maximum speeds of 115 Kbps.
The cable can be extended to 15 m but at a slower speed.
In software terms, it is known as COM (for Communications) port.
Figure 3.7 shows a serial port and its connector.

9-pin male D-shell port on a
computer
9-pin female D-shell connector with

screws for securing it to the port
Figure 3.7 Serial port and connector

3.4.2.2 Parallel port
Take note of the following points about the parallel port:
It is known as the Printer or Centronics port.

It is a parallel bus data bits are sent over 8 wires at the same time with
extra handshake wires that control the signal.
It is used for older printers and scanners.
In software terms, the parallel port is referred to as the LPT (Line Printer)
port.
Page 102 of 1229
Newer parallel interfaces are covered by the IEEE 1284 standard. The
Institute of Electrical and Electronics Engineers (IEEE) is a standards-setting
group that publishes computer bus and networking standards.
Speeds range from 150 KBps for Standard mode, 2 Mbps for Extended
Capabilities Port (ECP) mode and 2.5 MBps for Enhanced Parallel Port (EPP).
The maximum length of a standard parallel cable is 5m and IEEE 1284 cable
is 10m, with data speeds dropping with longer cables.
Figure 3.8 shows a parallel port and two types of parallel connectors.
25-pin female DB25 (D-sub)
port
DB25 25-pin male connector with screws

to secure it to the computer port end (left)
and 36-pin Centronics found on the printer
end (right)
Figure 3.8 Parallel port and connectors
3.4.2.3 PS/2 port

Take note of the following points about the Personal System 2 (PS/2) port:
It is used for mouse and keyboards.

It is a serial bus.
Ports and connectors are colour coded: green for mouse and purple for
keyboard.
You cannot plug a mouse connector into a keyboard connector for cases
that have two separate PS/2 ports.
You can plug a mouse or keyboard into a case that has a single combo PS/2
port. Figure 3.9 shows PS/2 ports and connectors.
Page 103 of 1229
6-pin female port on a

computer
6-pin male connector coming from a mouse and

keyboard
Figure 3.9 PS/2 ports and connectors

Note
When adding or removing devices from PS/2, serial and parallel ports,
you might have to shut down the computer first, add or remove the
connector and then start the computer again.
3.5 Modern ports

In this section, you will examine the ports you will find on modern computers.
3.5.1 Universal Serial Bus (USB) port

Take note of the following points about USB ports:
USB is the standard means of connecting many PnP peripherals devices,

such as mouses, keyboards, printers, smartphones and drives, to the
computer. Many monitors include a built-in USB hub.
USB has a host such as the computer. The host might have multiple host
controllers and each host controller might provide one or more USB ports. A
host controller is an integrated circuit built into the chipset that controls
every USB device that connects to it. USB version 3 controllers have subcontrollers: one controller for its devices and another one to provide
backward compatibility with version 1 and 2. Built into each host controller
is a USB root hub, which makes the physical connection to the USB ports.
A USB device can be a hub that has ports for additional devices or a
function and is divided into classes such as human interface (USB
keyboards and mouses), mass storage (disk drives and flash drives) and so
on.
Theoretically up to 127 devices can be connected to a single host
controller, but this is limited by devices sharing bandwidth and the number
of ports supported by each controller (typically three or four on modern
chipsets).
USB devices are hot swappable, which means you can add and remove
devices without powering down the computer.
Some USB devices need more power to run than others. Bus-powered
USB devices receive power from the USB host itself. A powered USB device
comes with its own power cable (usually with an AC adapter) that you plug
into the wall outlet.
Page 104 of 1229
There are three USB standards:

o USB 1.1 ports run at 1.5 Mbps at low speed for slower devices, such as
mouses and keyboards, and 12 Mbps at top speed for many other
devices.
o USB 2.0 (High Speed USB) ports run at a top speed of 480 Mbps and are
backward-compatible with USB 1.1 devices and speeds. A USB 1.1 device
plugged into a USB 2.0 port will work at a slower speed. A USB 2.0
device plugged into a USB 1.1 port will cause a notification message to
appear telling you that the device can work at a faster speed.
o USB 3.0 (SuperSpeed USB) supports full duplex operation at up to
theoretical speeds of 5 Gbps. USB 3.0 provides 4.5W power to devices
and its controllers have sub-controllers, one to support USB 3.0 devices
and another to support USB 2.0 devices. USB 3.1 (Superspeed+) doubles
the speed of USB 3.0 to 10 Gbps.
Duplex: Duplex simply means being able to send and receive data. Halfduplex allows a device to send and receive data in both directions, but only in
one direction at a time. In contrast, full-duplex allows a device to send and
receive data in both directions at the same time.
o You can plug any USB device into any USB port and it will work, but you
can only get 3.0 speeds when you plug a USB 3.0 device into a 3.0 port.
Possible combinations include:
USB 1.1 or 2.0 device in a USB 3.0 port. This will work at the devices
speed. For example, a 2.0 device will run at 480 Mbps.
USB 3.0 device in a USB 2.0 port. This will work at the USB 2.0 speed
of 480 Mbps.
USB 3.0 device in a USB 3.0 port. This is the only combination that
allows the full theoretical 5 Gbps speed. USB 3.1 will be backwardcompatible with older USB devices, with fully backward-compatible
cables and connectors.
The maximum length for a USB cable attached to USB 1.1 devices is 3 m
and for high speed USB 2.0 it is 5 m, while the recommended cable length
for SuperSpeed USB 3.0 is 3 m.
There are two types of standard push/pull USB connectors:
o Type A plugs into the computers USB port and is used by external USB
hubs to support USB devices.
o Type B plugs into a device.
Figure 3.10 shows the different types of USB connectors.
Page 105 of 1229
USB Standard connectors. Each has USB Mini connector designed for
4 pins, two for power and two for
smaller devices like cameras. It has 5
data.
pins. One pin supports USB On the Go
(OTG) which allows a device such as a
smartphone to work as a device when
Type B for
connected to the computer or as a host
device end
when connected to a keyboard or
printer. OTG provides easy switching
Type A
between the host and device roles.
for
computer
end
Mini B
USB Micro connectors for mobile

devices such as smartphones. It
also has 5 pins and one pin supports
USB On the Go.
The USB 3 standard suggests that its

connectors and ports be colour coded in
blue. It has 9 pins. Type A connectors
and ports are backward-compatible
with USB 1 and 2 but Type B cables
and connectors are not.
USB 3 Type B
for device
end
Micro B
USB 3 Type
A for
computer
end
Micro A
USB1 and USB2 computer ports

(left) and USB3 computer ports
(right).
USB port symbol
Figure 3.10 USB ports and connectors
USB ports built into the computer are connected to USB root hubs. Each root
hub is controlled by a Standard OpenHCD USB Host Controller (for USB 1.1),
Enhanced Host Controller (for USB 2.0) or Extensible Host Controller Interface
(xHCI) for USB 3.0. The other type of USB hub you might see in Device
Manager is a Generic USB Hub. A generic hub allows you to connect multiple
devices to the same USB port and to increase the distance between the device
and the USB port (it simply splits one USB port into multiple ports).
Page 106 of 1229
Open Device Manager in Windows 7 and expand the Universal Serial Bus
(USB) category by clicking the plus (+) sign. As you can see from Figure 3.11,
this computer has two USB Enhanced Host Controllers that support USB 2.0
ports, two Generic USB hubs and a USB Mass Storage Device because a flash
drive is plugged into the computers USB port.
Figure 3.11 USB category in Device Manager

Note
On systems that support hardware virtualisation, a separate category

for USB virtualisation is also listed.
Different types of USB devices draw different amounts of power. To see how
much power a particular USB device draws, in Device Manager double-click the
device for the hub that the device is connected to and click on the Power tab.
Figure 3.12 shows the power needed for the USB Mass Storage Device that is
plugged into the computer.
Page 107 of 1229
Figure 3.12 Looking at power needed by a device in Device Manager

You can add more USB ports to the computer in any of the following ways:
Motherboard some motherboards have USB headers for cables that

enable you to make additional USB ports available on the back or front of
the computer.
Expansion card can be plugged into an expansion slot to provide
additional USB ports. This is especially useful for older computers that do
not support the latest USB standard.
Hubs an external device that provides additional USB ports. There are
two types of hubs:
o Bus-powered distributes both USB signals and power through the USB
bus to other devices. It might be built into other devices such as
monitors, keyboards or standalone devices.
o Self-powered has its own power source and plugs into the AC wall
outlet. Figure 3.13 shows a self-powered hub.
Figure 3.13 Self-powered USB hub
Page 108 of 1229
3.5.2 Small Computer Systems Interface (SCSI)

SCSI is a set of standards for communication between computers and
peripheral devices, and uses a parallel data stream with handshaking and
control signals. Many specialised network servers use SCSI for hard drives,
optical drives, printers and high-end tape backup machines.
Take note of the following points about SCSI:
SCSI chain also known as the SCSI bus, the chain is a series of SCSI
devices working together through a host bus adapter. Up to 8 or 16 internal
or external devices (or both) can be attached to a single chain.
Host Bus Adapter (HBA) also known as host adapter or SCSI

controller, the host adapter is an expansion card that is plugged into an
expansion slot to chain SCSI devices off the card. It is responsible for
managing all SCSI devices and controlling the conversation on the SCSI
chain.
SCSI ID when the host adapter receives data for a particular device, it
references that device by its unique ID. The SCSI ID allows each device to
share the same SCSI chain and each device is assigned a priority. The SCSI
ID can range from 0 to 7 or 0 to 15.
Termination both ends of the SCSI bus must be terminated so that when
a signal is sent down the SCSI bus, the terminator at the end of the bus can
absorb it. See Figure 3.14.
External chain
SCSI host adapter
Optical drives
Internal chain
Scanner
Hard drives
Terminate last devices that
make up both internal and
external chain
Figure 3.14 SCSI termination
Page 109 of 1229
SCSI standards there are many SCSI standards which differ in device
speed, bus widths, cable lengths and other technical details. Depending on
the standard, SCSI bandwidth can be up to 320 MBps, bus widths from 8-bit
to 16-bit, and maximum cable lengths from 1.5 m to 25 m. The two general
categories of all SCSI standards used on computers have to do with the
width in bits of the SCSI bus, either 8 bits (narrow SCSI) or 16 bits (wide
SCSI).
Signalling a SCSI cable transmits a signal on a pair of twisted wires. The

cable can either use single-ended (SE) signalling where one wire carries
voltage and the other wire is a ground, or differential signalling where
both wires carry voltage and the signal is calculated as the difference
between the two voltages.
SCSI cable there are different types of SCSI cables and connectors
available. Internal cabling uses a ribbon cable with several keyed
connectors that are attached to computer devices (the order is
unimportant), with one connector attached to the host adapter. External
cabling uses thick, shielded external SCSI cables that run from the host
adapter to each device in a process called daisy-chaining. Each device has
two ports on it.
The following symbols denote the various SCSI ports, with the SCSI SE symbol
(the first symbol on the left) used by most SCSI devices.
Page 110 of 1229
The most common SCSI connectors are as follows:

SCSI connector
Image
IDC50 50-pin connector for early

SCSI devices
Keyed 50-pin ribbon cable connector
CN50 50-pin Centronics-style

connector for external connection
to early SCSI devices
CN50 male to CN50 female external

SCSI cables and connectors
DB25 25-pin connector for Zip

drives
DB25 female to male external cables

and connectors
HD68 68-pin connector for

internal and external ports
HD68 male active terminator
Single Connector Attachment

(SCA) 80-pin connector for hot
swappable drives
SCA 80-pin connector on hard drive
Page 111 of 1229
3.5.2.1 SCSI host adapter card installation

Note

This exercise provides the general steps to install a PnP SCSI host adapter
card:
1.
2.
3.
4.
Turn off the computer and unplug all cables. Take ESD precautions.
Open the case, ensuring that the motherboard slots are facing you.
Remove the appropriate slots blanking plate.
Check the documentation that comes with the card and make any needed
adjustments in the PnP configuration in the CMOS Setup program before
installing the card. You might need to change parameters for the card.
5. Handle the card by its edges and then install it into the correct expansion
slot. Secure the card in the slot.
Figure 3.15 Ultra-wide SCSI card

6. Close the case and turn on the computer.
7. When the computer detects the card, you will be asked to install software
for it. Insert the appropriate disc and follow the steps to complete the
installation.
8. Reboot the computer and use the Windows Device Manager program to see
the cards configuration.
3.5.3 FireWire
FireWire, based on the IEEE 1394 standard, sends data at high speeds over its
serial bus, making it ideal for streaming real time video and voice data
between devices. It can connect computers to each other, digital devices such
as hard drives and scanners to computers or devices to each other.
Take note of the following points about FireWire:
The FireWire bus is powered and supports PnP and hot swapping.
Although FireWire is compared to USB, there are differences between them
in their connectors, functionality, maximum devices, cable lengths, speeds,
etc.
Page 112 of 1229
FireWire supports a maximum of 63 devices connected to a single bus.

FireWire devices can take advantage of bus mastering, which enables two
FireWire devices to communicate directly with each other (without going
through RAM and the CPU).
FireWire uses isochronous transfer mode, where the data is transferred
continuously without any breaks (guaranteed bandwidth), making it ideal
for real time data transfer between televisions (TVs) and digital cameras.
There are two FireWire standards:
o IEEE 1394a (or FireWire 400) runs at 400 Mbps, supports cable
lengths up to 4.5 m and allows up to 16 cables to be daisy-chained
together using FireWire networking devices. It can come as a built-in
motherboard port or as part of an expansion card.
o IEEE 1394b (or FireWire 800) runs at 800 Mbps, provides up to 45
watts of power per port and supports different types of cable for
networking over long distances (up to 100m).
The symbol for FireWire is:

FireWire ports and connectors
FireWire connectors are push/pull connectors. Standard 1394a ports and
connectors use a 6-pin connector (4 pins for data and 2 for power). This
connector can be seen on some computers. Some 1394a devices and all i.LINK
ports use a 4-pin connector for data and signals, but with no power. It can be
seen on some portable computers and devices, such as cameras. Figure 3.16
shows a 6-pin 1394a connector and port, and a 1394a/i.LINK 4-pin connector
and port.
Figure 3.16 1394a 6-pin (left) and 4-pin (right) connectors and ports
1394b uses a 9-pin powered connector for high-speed devices. There are two
versions of the 1394b connector and port. The beta connector and port is used
only for 1394b-to-1394b connections, and the connector has a wide notch at
the top of the connector and port. The bilingual connector and port is used for
1394b-to-1394a or 1394b-to-1394b connections, and has a narrow notch at
the 1394b connector end of the cable and uses either the 4-pin or 6-pin 1394a
connector at the other end of the cable.
Page 113 of 1229
1394a 6-pin
connector
1394a 4-pin
connector
1394b beta
connector
1394b bilingual
connector
Figure 3.17 1394a and 1294b connectors
3.6 Display connectors and cable types

The primary computer output device is the monitor. Displaying an image on a
monitor requires three main components: the video adapter to process video
data and prepare a video signal for output, the video cable to connect the
video adapter to the monitor, and the monitor. Depending on the type of
monitor, the video signal must be in analogue or digital format.
The two main monitor categories are:
A cathode ray tube (CRT) is an older monitor that uses analogue signals
sent from the video adapter.
Most modern monitors use liquid crystal display (LCD) technology, which
accepts digital signals only.
Digital connectors are quickly replacing analogue because they make both the
monitor and the video adapter cheaper, provide a clearer signal because there
is no analogue to digital conversion, and the installation is easier. Many
monitors and video adapters only support digital signals, but there are
monitors that support both digital and analogue connections.
The main computer video ports and connectors are discussed next.
Page 114 of 1229
3.6.1 Video Graphics Array (VGA)

Take note of the following points about VGA:
VGA is a standard analogue interface still found on many graphics cards and
monitors.
VGA carries Red, Green and Blue (RGB) component video signals.
Low quality cables support 800x600 resolutions with high quality cables
marketed as supporting 1600x1200 resolutions.
Better quality VGA cables use shielded coaxial cabling, allowing for longer
lengths and better signal quality.
VGA ports and connectors are colour coded in blue, although you might find
some in other colours.
Figure 3.18 shows the VGA connector and port.
A D-shell 15-pin male connector (HD15M) with locking
screws.
15-pin port (also known as HD15F / DE 15).
Figure 3.18 VGA connector (top) and port (bottom)
3.6.2 Digital Visual Interface (DVI)

Take note of the following points about DVI:
DVI is a high quality digital interface for digital
monitors (or flat panel displays).
DVI is a very common rectangle-shaped interface
that quickly carries uncompressed digital video.
DVI types include:
o DVI-D: Digital-only signals
o DVI-A: Analogue-only signals
o DVI-I: Digital and analogue signals
DVI-D and DVI-I connectors come in two varieties:
o Single-link supports less bandwidth (3.7
Gbps) than dual-link, but enough for High
Definition
TV
(HDTV).
It
also
supports
1920x1200 pixel resolutions at a frame rate of
60 frames per second (fps). A single-link
connector can be plugged into a dual-link port.
o Dual-link uses more pins to increase power,
speed (7.4 Gbps) and signal quality for HDTV at
85 fps.
Better quality DVI cables support longer lengths and
use thicker wires with better shielding. All cables
can be 5m in length.
Page 115 of 1229
DVI ports and connectors have different numbers of

pins and pin holes which are orientated differently.
A DVI port is commonly colour coded in white.
Connectors have locking screws.
Figure 3.19 DVI-D port (left) and connector (right)

Note
In short, frames per second (fps) refer to how many still images
(frames) the video adapter can output to the displayed per second
and is expressed in Hertz.
3.6.3 High Definition Multimedia Interface (HDMI)

Take note of the following points about HDMI:
HDMI has the ability to quickly carry both digital video and audio signals on
one cable.
HDMI does not support analogue monitors and is expected to ultimately
replace DVI.
There are different HDMI versions with later versions offering improved
bandwidths, signal quality and other video features. HDMI v1.4 supports
signal bandwidth of 340 MHz at resolutions of 4096x2160 (4Kx2K) at 24-bit
colour, 3D and DVD audio, and a computer and display to establish a fast
Ethernet connection. HDMI 2.0 supports data bandwidths up to 18 Gbps,
video resolutions of 4096x2160 at 60 fps, 21:9 widescreen aspect ratios, 32
uncompressed audio channels, dynamic audio-to-video synchronisation, and
the ability to deliver multi-audio streams and dual HD video streams to
multiple users on a single screen at the same time. HDMI 2.0 is backwardcompatible with older HDMI versions.
HDMI is primarily designed for home theatre systems, but this will change
over time.
An HDMI cable is rated as either standard (Category 1) or High Speed
(Category 2 supporting longer cable lengths).
HDMI connector types include:
Type A is a 19-pin connector that supports all HD modes and is compatible

with DVI-D connectors using a suitable adapter cable. You will find this type
on graphics cards and TVs.
Type B is a 29-pin connector that supports dual-link connections, doubling
the bandwidth and improving signal quality, but it is not widely used.
Type C is a small 19-pin mini HDMI connector used on portable devices
such as tablets.
Page 116 of 1229
Type D is the smallest 19-pin micro HDMI connector used on portable

devices.
HDMI Type A port
Figure 3.20 HDMI connectors (top) and port (bottom)

Other display standards that are supported on some graphics cards that
connect to some types of display equipment, such as projectors, are discussed
next.
3.6.4 DisplayPort
Take note of the following points about DisplayPort:
DisplayPort is a royalty-free display interface that uses less power than
other interfaces and is designed to replace VGA and DVI and complement
HDMI.
DisplayPort can be used to send both audio and video at the same time, but
each one is optional and can be sent without the other. It sends packetised
data, much like a network.
The DisplayPort connector is found on some computer and laptop models.
Its bandwidth can be allocated in lanes with each lane given a different data
rate. The maximum data rate for a 4-lane link is 17.28 Gbps.
DisplayPort supports various features such as 3D and high-bandwidth
digital content protection (HDCP). HDCP protects the video content sent
between the video source, such as the computer port, and the display by
encrypting the connection.
DisplayPort supports both copper and fibre-optic cabling and multiple
monitors (daisy-chained) on the same cable.
DisplayPort uses a 20-pin connector. The DP++ (dual mode) port allows a
connection to DVI-D and HDMI devices using a suitable adapter cable. See
Figure 3.21.
Page 117 of 1229
Figure 3.21 DisplayPort connector and port
3.6.5 Composite Video

Take note of the following points about Composite Video:
Composite Video brings together colours from three (red, green, blue
[RGB]) channels into a single analogue-only signal to carry video.
It is typically used to connect a computer to a standard definition TV
(SDTV).
It typically uses a single yellow RCA (Radio Corporation of America) jack.
See Figure 3.22.
Figure 3.22 Yellow Composite Video jack

Composite cables commonly come with two additional jacks that carry stereo
sound. Figure 3.23 shows both ends of a combined composite and sound cable.
The jacks are colour coded: yellow is used for the Composite Video, and white
and red for audio.
Figure 3.23 Composite Video and audio
Page 118 of 1229
3.6.6 Separate Video (S-Video)

Take note of the following points about S-Video:
S-Video carries an analogue-only video signal.
It is used for standard TVs, projectors and DVD
players.
It typically uses a 4-pin mini-DIN connector.
3.6.7 Component (RGB) Video

Take note of the following points about Component Video:
Component Video uses three RCA jacks (red, blue and green) for sending
analogue or digital video signals.
Component Video is found on better quality Audio/Visual (A/V) equipment.
Some data projectors and HDTVs support Component Video.
Figure 3.24 shows the Component Video connector and Component Video and
S-Video ports.
Component
Component
S-Video
Composite
Figure 3.24 Component Video connectors (right) and Component,

Composite (yellow) and S-Video ports (left)
Many graphics cards have two of the same connectors, such as two VGA
connectors or different connectors like a VGA and DVI connector. Other
graphics cards also add S-Video, Component, and Composite ports. Passive
adapters allow you to plug a cable of one type into a different type of port.
For example, HDMI-to-DVI both use digital signals and adapters are available
to convert one connector to another. Active converters convert the analogue
signals to digital signals and vice versa, such as VGA-to-DVI. See Figure 3.25.
Page 119 of 1229
Figure 3.25 DVI-I to VGA (top and bottom left) and DVI-D to HDMI
(top and bottom right)
3.6.8 Video over Ethernet

Ethernet is a family of technologies for local networks. Video can be sent over
Ethernet network cables using Registered Jack (RJ-45) connectors. Figure 3.26
shows a typical RJ-45 port and connector. The port can either be built into the
motherboard or provided with a network card. Network connectors do not have
a standard colour and have a plastic clip that must be depressed to remove the
connector.
Figure 3.26 RJ-45 Ethernet cable and port

Sending video over Ethernet is commonly used for solutions such as:
Keyboard Video Mouse (KVM) can be used to control multiple

computers from one or more keyboards, monitors and mouses.
Closed Circuit Television (CCTV) the use of video cameras to monitor
areas and activities primarily for security purposes.
3.7 Audio connectors

The sound (audio) component is responsible for converting digital signals to
analogue audio signals and analogue audio to digital signals. Audio
components can be built into the motherboard, installed as expansion cards, or
connected to USB ports. Audio ports are colour coded and most audio
connectors are 3.5 mm mono (18 inch) or stereo jacks. You will find audio jacks
on the back or front of the computer. Figure 3.27 shows common audio ports
on a motherboard.
Page 120 of 1229
Light blue Audio in (or line in)

for inputting sounds from devices
such as CD and music players.
Black Audio out for connecting to

rear speakers for surround sound
audio output.
Lime green Audio out (or line

out) for outputting sounds to
headphones or amplifiers.
Orange Audio out for subwoofer

in a surround sound system.
Pink Microphone input that

connects to a microphone for
analogue (voice) input.
Grey/brown
Output
additional side speakers.
Figure 3.27 Audio motherboard ports

Many motherboards and sound cards also support a Sony/Philips Digital
Interface Format (S/PDIF) connection, which is mostly used to carry digital
signals for surround sound speaker systems. S/PDIF can either use coaxial
(with RCA or Phono connectors) or fibre-optic network cabling and connectors.
Coaxial S/PDIF out port
Optical S/PDIF out port

Figure 3.28 S/PDIF motherboard ports
RCA jacks and connectors are used to send both audio and video signals. The
RCA cable is simple: it has two connectors, usually male, one on each end of
the cable. The male connector connects to the female jack on the equipment.
Many audio connections use a tip ring sleeve (TRS) connector. As shown in
Figure 3.29, a TRS connector has three contacts, one on the tip, one on a ring
and one on a sleeve.
Figure 3.29 TRS connector
Page 121 of 1229
for
Note
While there are standard colours followed by most manufacturers, you

will very likely come across audio ports that differ from the standard.
For example, sometimes grey is used instead of brown for speakers.
This is also true for many other ports as well.
3.8 Basic input devices

A computers job is to process data, but only after the user inputs that data
using an input device (or human interface device [HID]) or by other input
means. Installing devices is easy. In most cases the device is PnP, while in rare
cases you might have to install a driver for the device, which usually comes on
a disc or can be downloaded from the manufacturers website along with the
user manual.
3.8.1 Keyboard
A keyboard lets you enter data and send commands to the computer or
mobile device. There are different models that come in different shapes and
sizes, and the exact layout of the keys can vary between them. Most
keyboards use the 104-key keyboard layout, which includes the <Windows>
keys on the sides of the Spacebar and a <Right-click> key next to the <Ctrl>
key.
The keyboard has characters printed on each of its keys. Pressing each one
creates the letter, number, symbol or other function printed on it. To create
some characters requires pressing and holding multiple keys at the same time
or in a specific order. Figure 3.30 shows a keyboard.
Figure 3.30 Common keyboard layout

Some common key functions include:
1. Escape key for cancelling operations.
2. Function keys for refreshing the screen, saving files, finding help, printing
data and other functions.
3. Print screen key for copying the screen image and pasting it into an
application; other keys for other functions.
Page 122 of 1229
4. Light emitting diode (LED) lights indicating if a toggle key is on or off,

such as Num Lock for the number keypad, Caps Lock for switching
between uppercase and lowercase letters, and Scroll Lock to control
scrolling (moving text and graphics up and down the screen) for some
applications.
5. Numeric keypad for inputting numbers.
6. Keys for inserting, deleting and moving between text and screens of
information.
7. Navigation keys for moving up, down, left and right.
8. Control and Alt keys used with other keys to perform functions or change
(alternate) the function of other keys. The Windows key without pressing
any other key opens the Start menu or Start screen and when used with
another key performs some task.
9. Alphanumeric keys used for entering letters, numbers and symbols; Enter
key for selecting options; other keys for performing various functions.
Keyboards can be connected to PS/2 or USB ports or through a wireless
(infrared or Bluetooth) connection. Some keyboards come with an adapter so
you can use either the USB or PS/2 port, and there are adapters for wireless
connections too.
Keyboards might come with additional keys and buttons for web browsing,
playing movies and music, and illuminated keys that light up in dark rooms
and so on. Many keyboards also have touch pads, scroll wheels and other
components. Touch screen devices also have an on-screen virtual keyboard.
Figure 3.31 shows a touch screen keyboard on a mobile device.
Figure 3.31 Touch screen keyboard for a tablet

The order and layout of the keys on a mobile device may be different from the
order and layout on a computer keyboard, and the keyboard layout may be
different from mobile device to device. If a mobile device does not have a
built-in keyboard, you can use a portable keyboard (that folds or rolls up and
connects to the device through a cable or wireless connection) instead. You
can also use the virtual on-screen keyboard built into Windows if a physical
keyboard is not available.
Page 123 of 1229
3.8.2 Mouse
A mouse is a pointing device that lets the user move a graphical pointer on
screen to choose graphical items. A mouse places its motion detection
mechanism on the bottom, requiring the user to move the entire mouse to
move the on-screen pointer or cursor. The mouse has multiple buttons that
can be pressed and released to act on whatever the user is pointing to on
screen. These buttons can be changed for different functions. The three main
types of mouse are:
Mechanical mouse has a round ball at the bottom that rolls on a flat
mouse pad in any direction. Rollers detect the balls movement, and
circuitry translates the movement into signals that cause the on-screen
pointer to move in the same direction as the ball. To access the ball and
rollers, turn the mouse upside down and remove the protective cover.
Optical mouse uses light emitting diodes (LEDs) as its electronic light
source to track the movement of the mouse over a surface.
Laser mouse uses an infrared laser to detect the mouses movement over
a surface.
There are different mouse models that come in different shapes and sizes and
numbers of buttons, with smaller types of mouse available for portable
devices. Like a keyboard, a mouse uses a USB, PS/2 or wireless (infrared or
Bluetooth) connection. The standard mouse has at least two buttons and a
scroll wheel as shown in Figure 3.32:
The wheel is used
to scroll up and
down through
screens of
information and is
a clickable button.
The primary mouse
button, usually the left
one, is used to select
and highlight items and
text.
The secondary mouse button,

usually the right one, is used to
display a context menu with options
that apply to the selected item.
Figure 3.32 A standard mouse

Moving the pointer over an item on screen and clicking the left or right mouse
button on it enables you to select and perform a task on it. The pointer can
change depending on what you are pointing to.
There are some basic ways to use your mouse buttons:
Clicking (or single- or left-clicking) clicking the primary mouse button

once to select an item.
Double-clicking quickly clicking the primary mouse button twice in
succession to open an item.
Page 124 of 1229
Right-clicking clicking the secondary mouse button on an item once to

display a mini-menu of items related to that item.
Dragging (or dragging and dropping) using the primary mouse button
to move items around the screen or between media.
Hovering moving the mouse over an item to view a description of it
(tool tip) without clicking it.
There are also touch-based mouses available like the one shown in Figure 3.33
designed for portable devices. The mouse in Figure 3.33 has sensors and a
blue LED beam at the bottom that reads the surface it moves over as well as a
large touch-sensitive surface that responds to one-, two- and three-fingered
movements (called gestures).
Figure 3.33 A wireless touch mouse

You can also buy a 3D mouse like the one shown in Figure 3.34 to navigate
through 3D applications. These mouses can be rotated in various directions to
fly around objects or tilted to look up, along with other movements.
Figure 3.34 3D mouse
3.8.3 Installing keyboards and mouses

The Windows OS comes with drivers for any standard keyboard and mouse,
but sometimes you need to install drivers for a keyboard that comes with
specialised keys and a mouse with extra buttons that has special features.
Read the devices instructions. If you have to install the driver, install it from
the optical disc that comes with the device or otherwise download it from the
manufacturers website and then install it.
Page 125 of 1229
It is easy to install and remove a standard mouse and keyboard:
1. For a PS/2 keyboard and mouse, turn off the computer.

2. Insert the PS/2 connector for the device into the correct colour computer
port and then turn the computer back on.
3. Make sure that the port is enabled in the CMOS Setup program.
4. If no special drivers are needed, the mouse and keyboard should work
without any further installation steps.
5. For a USB keyboard and mouse, plug the mouse or keyboard connector into
a USB port or a USB hub plugged into a USB port on the computer.
6. The OS will find and install the driver for it and the device should be ready
for use.
Wireless keyboards and mouses might come with a USB wireless adapter that
connects to the computer responsible for receiving the signals from the
wireless keyboard or mouse. Wireless keyboards are a wonderful convenience
because there is no cable, but make sure you keep a complete set of spare
batteries with you.
If a driver for a mouse and keyboard is needed, then you can follow these
general steps to install it:
1. Insert the driver disc that comes with the device into the drive and run the
Setup program for the device.
2. Follow the installation prompts to install the drivers.
3. After the drivers are installed, restart the computer. Then plug the keyboard
or mouse into the appropriate port and it should be ready for use. You can
then configure the mouse and keyboard in the Control Panel on a Windows
computer. The Control Panel contains many settings that can be used to
configure hardware, software and users.
3.8.4 Keyboard, video, mouse (KVM) switch

A KVM switch enables you to use a single mouse, keyboard and screen to
view and control many computers, particularly many network servers. See
Figure 3.35. Some KVMs reverse this capability, allowing you to access one
computer using many keyboards, mouses or other devices from two or more
places, while other KVMs have additional ports for speakers and microphones
as well. Figure 3.35 shows a KVM switch that supports USB, DVI, audio and
microphone ports.
Page 126 of 1229
Figure 3.35 A KVM switch

It is not difficult to install a KVM. There are usually no drivers to install; you
simply turn off all the devices, plug all of them into the KVM switch and turn
everything back on again. Once configured, you can use a combination of
keyboard keys (hotkeys typically assigned by the KVM manufacturer) to
switch between the computers connected to the KVM.
Note
It is important to remember to connect the individual sets of cables

between the KVM ports and each computer one at a time, keeping
track of which cable goes to which computer. The KVM will not work
as it should if the connections are incorrectly connected.
3.8.5 Projected peripherals

A projection keyboard is one that is projected as an image onto a flat
surface. When you touch the surface covered by the image of a key, the
corresponding keystroke is recorded. A laser or beamer projects the virtual
keyboard onto the surface and a sensor or camera tracks finger movements.
Then, software converts the coordinates to identify actions or characters and
determines the action of character to be created.
A projection mouse is also available. Light sensors project a lighted area that
you can move your fingers over, which the device then tracks to provide full
mouse (click and double-click) and multi-touch (rotate, pinch and zoom)
functionality along with drawing and handwriting recognition (with your hard or
pen). Figure 3.36 shows a projected keyboard and mouse.
Figure 3.36 Projected keyboard and mouse

Both of these projection peripherals connect to a computer or mobile device
through Bluetooth or USB, which will charge the projection device's battery.
Page 127 of 1229
3.8.6 Gamepads and joysticks

You can use a game controller as the input device for PC games that directs
the movements and actions of on-screen objects. Game controllers include
gamepads and joysticks:
A gamepad has multiple buttons and one or more direction controllers

called sticks that are used to choose and control the movement and
actions of on-screen objects.
A joystick is an upright lever stick mounted on a base that you can move
in different directions to control the movement and actions of on-screen
objects. The stick usually includes push buttons called triggers that you
can press to start some event. Some joysticks include other buttons for
performing other tasks as well.
Figure 3.37 Gamepad (left) and joystick (right)

Note
Many gamepads are marketed as joysticks.
Modern gamepads and joysticks communicate with the computer using USB or
wireless. Wireless connections typically use a wireless USB dongle, similar to
those used with wireless keyboards and mouses.
Depending on how complex the controller is, you might have to install drivers
that come with the gamepad or joystick to get it to work. Simpler controllers
can probably get by using the default drivers included in the OS. You will need
to configure the gamepad or joystick in Windows to make sure all the buttons
and controls work properly. You might also need to configure the controller
from within the game you want to play.
Tip
Steering wheels, foot pedals and musical instruments are among

other game controllers available for playing games.
3.8.7 Biometric devices

A biometric device is an input device that authenticates you by identifying if
you are a valid user of the device or network. The device scans and
remembers your unique body characteristics, such as your fingerprint,
handprint, face, voice, eye or handwriting. This information is used as a
security key to prevent people who do not have permission from using the
device or accessing the network that is protected with the biometric device.
Page 128 of 1229
Biometric readers, such as thumb- or fingerprint readers for computer

equipment, can look like a mouse and use a wireless or USB connection, or can
be built into the computer chassis or in devices such as USB mouses,
keyboards and flash drives. See Figure 3.38.
In most cases you have to install the software that comes with the USB device
before you plug in the device. At some point during the installation you will be
told to connect the device to the computer. Follow the instructions. To use the
reader or scanner, you press your finger to the scanner before logging onto the
device or before using the flash drive, for example.
Figure 3.38 USB biometric flash drive

No matter what biometric device you use, the general steps to make it work
are:
Note

1. Install the device and its driver.

2. Register your identity with the device by placing your unique body part into
or onto the device so it can scan you.
3. Configure software to tell the device what to do when it recognises your
scanned identity.
3.9 Touch screens and digitisers

A touch screen enables you to interact with it by touching areas of the
screen, usually with your finger or with a stylus. A stylus (also called a digital
pen, electronic pen or tablet pen) is a thin, plastic pressure-sensitive device
that you can use to tap, write and draw on a touch screen. Some styluses are
powered by the device it is used with while others have buttons or switches to
perform actions, such as erasing content or right-clicking and sending
commands to the device using specific movements with the pen, known as pen
flicks.
Page 129 of 1229
Figure 3.39 Using a stylus on a tablet

Touch screens are either a built-in screen such as in smartphones, or
standalone screens like those used in many information or point-of-sale
systems (PoS).
Listed below are many types of touch screen technology:
Capacitive panel is coated with material that stores small electrical

charges. When your finger touches the screen, it conducts a small amount
of electrical charge, reducing the charge on the screens capacitive layer.
Circuits measure the change in the charge and send this data to the touch
screen controller on the device or software on the device for processing.
Capacitive screens are high quality, they support multi-touch actions using
multiple fingers and are generally not affected by items that do not conduct
charges.
Resistive panel has a glass panel coated with two main layers of
electrically conductive and resistive material that face each other with a
very small gap between them. When you touch the touch screen, the two
layers are pressed together and the horizontal and vertical lines on the two
layers register the exact location of your touch, allowing an electrical signal
to be generated and sent to the device. Resistive screens are not as clear as
capacitive screens.
Surface acoustic wave (SAW) panel passes ultrasonic sound waves

over the touch screen panel. When the panel is touched, a part of the wave
is absorbed, which allows the controller to calculate the position of the
touch and determine what signal to send to the device. Because these
waves pass over the screen, it is easy for outside objects to damage the
device. SAW provides a clear image when compared to resistive and
capacitive screens, and is suitable for banking and information kiosks.
Optical panel uses cameras or sensors mounted on the screen to detect

objects close to the screens surface.
Infrared panel uses LEDs that send out beams of light to form a grid over
the surface of the screen and sensors that detect the light beams. When
you break the beams of light travelling across the screen with your touch,
the location of the break can be determined.
Page 130 of 1229
Figure 3.40 A tablet with a capacitive touch screen

Most touch screens have a separate USB or PS/2 port along with drivers that
come with the device.
You can follow these general steps to install a touch screen monitor:
Note

1. Shut down the computer and disconnect it from the power outlet.
2. Connect the touch screen monitor to the appropriate video port on the
computer.
3. Connect the USB cable to the touch screen and to the port on the computer.
4. Turn the computer on and install the driver for the touch screen interface.
A digitiser (also called a graphics tablet) enables you to draw, paint, ink or
pencil on a tablet using a stylus. See Figure 3.41.
The digitiser receives input using a special surface. When you press against the
surface using the stylus, the surface transforms the analogue movements into
digital information, which the drawing application turns into an image on
screen.
Most digitiser tablets connect to the computer through a USB or wireless
connection. You will need to install drivers before you connect the digitiser. The
digitiser should also come with a configuration program that allows you to
adjust the sensitivity of the stylus, configure buttons on the tablet, and
configure other parameters. You might need to install a graphic arts application
as well.
Figure 3.41 A digitiser
Page 131 of 1229
One trend in touch screens is surface computing. Surface computing involves

using a combination of multi-touch input from multiple people and object
recognition to interact with computers that are typically built into table tops
and other surfaces. See Figure 3.42.
Figure 3.42 Surface Computing
3.10 Gesture recognition

Gesture recognition can be seen as a way for devices to begin to understand
our body language. It allows you to interface with the machine (called human
machine interface [HMI] or human-computer interaction [HCI]) and
interact with it naturally. A gesture is a movement you make with your hands,
face, eyes or other parts of your body to communicate particular messages.
A 3D touch free gesture controller from Leap Motion is available that you can
place on a desk like the one shown in Figure 3.43. The controller is a tiny
device with built-in cameras and LEDs that track your hands and fingers in real
time as soon as you step in the area that the controller observes. It then sends
the data to the computer running software that understands your gestures. It
is a USB controller and there are plans for a wireless version.
Figure 3.43 Playing a game using the Leap Motion gesture controller
The current focus in gesture recognition includes:
Hand gesture recognition moving your fingers and hands to perform

tasks on the device.
Page 132 of 1229
Figure 3.44 Turning the page electronically on an e-book reader
Facial gesture recognition the device can recognize and store images
and videos of your face to perform tasks.
Eye recognition or eye tracking the process of measuring either where
your eyes are looking at or the movement of your eyes relative to your
head.
Another trend is a gesture-controlled chip, which has sensors to sense hand

and finger gestures and electrodes that measure changes or disturbances in a
static electrical field created over the device as the user makes the gesture.
You will most likely see this kind of chip used in mobile and embedded devices.
Figure 3.45 Gesture chip
3.11 System resources

In the past, a big part of troubleshooting computers was to understand how to
configure system resources. A system resource is a setting assigned to a
device, such as a network card, that allows the device to work with the
computer. All modern operating systems are PnP compatible, which means
that when you add a device to the computer, the OS will automatically discover
and configure it or ask you to use a wizard to configure it. The OS will then
automatically assign system resources unique to that device. Many devices
come with setup programs that do the same job.
Page 133 of 1229
Each device needs its own set of system resources that allows it to
communicate with the CPU and memory. Software also uses certain system
resources to communicate with hardware, and vice versa. The main types of
system resources are listed in Table 3.7. All of the system resources depend on
certain address and control lines on the bus on the motherboard.
Table 3.7 System resources
System
resource
I/O address
Memory
address
IRQ
(interrupt
request)
DMA channel
Note
Definition
Also known as a port address, the I/O address tells the
CPU where to look in memory to communicate with the
device. The address is referred to using a hexadecimal
address in a range of 0000-FFFF, although references to
I/O ports are made using the start address only, such as
03F8 or 3F8h (for hexadecimal).
A memory address is assigned to memory that allows
software to access specific areas of memory. When the
driver loads, it lets the CPU know which block of memory
should be set aside for the exclusive use by the device.
Memory addresses are usually shown in a hexadecimal
range, such as 00F0000000FFFFF.
An IRQ is voltage that a device places on a line to signal to
the CPU that it should process its request. When the CPU
receives an IRQ, it stops whatever it is doing as soon as
possible and determines how to handle the request. When
requests come in, special interrupt controllers prioritise the
competing requests, favouring lower interrupt numbers
between 0 and 15, making IRQ 0 the highest priority. The
priority of the request is determined by the IRQ number
assigned to the device. Each device is given its own
interrupt to use when interrupting the CPU, although some
devices can share an interrupt with each other.
Allows a storage device or expansion card to directly
communicate with memory without going through the CPU.
This allows fast data transfer rates.
Resource conflicts hardly occur with PnP systems (a resource

conflict occurs when multiple devices use the same resource), but
older non-PnP systems sometimes do experience conflicts.
3.12 Basic principles to supporting I/O devices and ports

Consider the following important principles when supporting I/O devices and
ports:
Software the BIOS and manufacturer-written device drivers controls

every device. The drivers provide the OS with information it needs to
communicate to the device.
Page 134 of 1229
Drivers are hardware- and OS-specific.

The CMOS Setup program can be used to enable and disable many ports for
devices.
When supporting a device, the manufacturer knows best. Therefore, first
follow the guidelines about the device in the manufacturers documentation.
For example, you might have to install the device first, the driver first, or it
does not matter which one is installed first.
You can sometimes solve device problems by updating drivers or firmware.
Manufacturers often release updated driver versions, which could also
include additional features for the device.
Some devices might need application software to use the device.
First inspect the connector and port for damage, then align and hold the
connector and insert it into the correct port. Do not use too much force and
avoid damaging any pins. Hold the connector, not the cable!
Check whether the device needs an external power supply or is powered by
the computer.
Use Device Manager to manage devices and drivers. See Figure 3.46. When
you first install a device, use Device Manager to ensure that Windows sees
it and that no errors are shown.
Figure 3.46 Device Manager
You can also use the Control Panel or manufacturer software to configure
the device. The Control Panel program in Windows has many programs
called applets that you can use to see and change hardware, software,
user and other computer settings. See Figure 3.47.
Follow the correct installation and removal procedures!
Page 135 of 1229
Figure 3.47 Control Panel
3.12.1 Basic procedure for installing devices

The general procedure for installing any device in a Windows computer is the
same no matter what version of Windows you are using or whether the device
is PnP compliant.
The general process is as follows:
1. Find the driver for the device and install it. Drivers normally come on a disc
supplied with the device or the OS might include drivers for the device.
However, the most up-to-date drivers are available from the manufacturers
website and should be used.
2. Connect the device to the computer.
3. Install the proper driver for a non-PnP device. If the device is PnP
compliant, Windows should discover it and automatically install and
configure it.
4. Configure the device (if necessary, by a non-PnP device).
Note
Failure to follow the manufacturers instructions might lead to

damage to the device.
3.13 Expansion bus slots

Expansion buses, such as AGP and PCIe, have slots at certain points in the bus
that accept expansion cards. Many systems have more than one type of
expansion bus (a multi-bus design) to support both older and newer
technologies. There are different types of expansion bus slots, so when you
buy a network card, for example, you must get the correct card for the type of
slot the motherboard supports.
The next section explores the different expansion bus and slots that you need
to know about.
Page 136 of 1229
3.13.1 Peripheral Component Interconnect (PCI)

Take note of the following points about PCI:
PCI is an older bus standard that has mostly been replaced by PCI Express
(PCIe).
PCI supports many different cards, including network, video, sound, I/O and
storage adapter cards for SCSI, PATA and SATA.
PCI supports up to 5 devices (each of which can have 8 different functions).
PCI devices support PnP and bus mastering allowing devices to control
the bus and transfer data directly to RAM without going through the CPU.
The PCI bus uses its own internal interrupt system for dealing with requests
from cards, which is handled by the PCI BIOS. The PCI BIOS can assign
multiple PCI devices with the same IRQ (called PCI steering) without
causing resource conflicts.
PCI has multiple versions (PCI and PCI 2.x).
PCI has a 32-bit or 64-bit wide parallel bus, capable of transferring data 32bits or 64-bits at a time, working at 33.3 MHz or 66 MHz bus frequency and
achieving data rates of 133 MBps up to 533 MBps.
The bandwidth on a PCI bus is shared by all components connected to it and
only one component can make use of the bus at one time.
Older desktop computers commonly support 32-bit slots and cards, and
servers support 64-bit slots and cards.
PCI slots can deliver up to 25 watts of power to the expansion card.
PCI slots and cards are manufactured in 3.3 and 5V versions. You cannot
plug a 3.3V card into a 5V slot or a 5V card into a 3V slot. Universal (dual
voltage) cards are keyed to fit in slots based on either of the two voltages.
32-bit 3V cards can be plugged into 64-bit slots.
The slots are easily recognisable because they are short and usually white.
Figure 3.48 shows the PCI expansion cards and slot orientation.
Figure 3.48 PCI slots and cards
Page 137 of 1229
3.13.2 PCI Extended (PCI-X)

Take note of the following points about PCI-X:
PCI-X is an update to PCI, used mainly for network servers.

PCI-X has various standards (PCI-X and PCI-X 2.x).
PCI-X is a 64-bit wide parallel bus supporting clock speeds up to 533 MHz.
PCI-X slots will accept regular PCI cards, working at the same voltage
principles as PCI and working at the speed of the slowest card installed in a
slot. See Figure 3.49.
Figure 3.49 PCI-X slot
3.13.3 Accelerated Graphics Port (AGP)

Take note of the following points about AGP:
AGP has mostly been replaced by PCIe.

AGP is a slot used for graphics cards only.
AGP standards include three major releases (1.0, 2.0 and 3.0) and one
major change in slot length (AGP Pro) which needs more power than the
other versions.
AGP has four different speeds (1x, 2x, 4x and 8x) working from 266 MBps
up to 2133 MBps.
AGP provides a dedicated pathway between the slot, CPU and RAM.
The AGP parallel bus is 32 bits wide working between 66 MHz and 533MHz
clock speeds (depending on the standard).
A motherboard will have a PCIe x16 slot or an AGP slot, not both.
Normal AGP slots deliver 25 watts of power while some AGP Pro slots
deliver up to 50 or 110 watts of power.
The AGP slot is typically brown or maroon (brownish-red) in colour.
Figure 3.50 shows a comparison of AGP slots and cards.
Page 138 of 1229
AGP slots are keyed. You cannot put an

AGP 3.3V card into a 1.5V slot or vice
versa, though universal cards will fit into
either slot. Un-keyed universal slots can
accommodate 3.3V or 1.5V cards. 0.8V
cards and 1.5V cards are interchangeable.
AGP Pro cards will not fit into standard
AGP slots, but standard AGP cards will
work in a Pro slot. AGP 1x/2x and AGP
4x/8x slots have their keys in different
positions. This prevents you from installing
the wrong AGP card into the slot. AGP
1x/2x cards use 3.3V, 4x cards use 1.5V
and 8x cards use 0.8V or 1.5V.
1. PCI slot
2. AGP 1x/2x (3.3V) slot
3. AGP 4x/8x (1.5V) slot
4. AGP Pro/Universal slot
5. AGP Pro slot cover to prevent
normal AGP cards from being
plugged into the wrong part of the
slot.
6. AGP 4x/8x with plastic latch
7. AGP 1x/2x key
8. AGP 4x/8x key
AGP 3.3V card (top)
AGP universal 1.5V and 3.3V card (middle)
AGP 1.5V card (bottom)
Figure 3.50 Comparing AGP slots and cards
3.13.4 PCI Express (PCIe)

Take note of the following points about PCIe:
PCIe uses serial communications.

PCIe uses a switch that makes point-to-point connections to slots, giving
each component full use of the corresponding bandwidth.
A PCIe connection uses one pair of wires for sending and another pair for
receiving. Each of the pairs of wires (four wires) between PCIe components
is called a lane. One lane or collection of lanes that a PCIe switch connects
between devices is referred to as a link. There are several different link
widths supported by PCIe identified by a multiplier (x), with x1, x4, and x16
the most common.
Page 139 of 1229
PCIe has three major versions, 1.x, 2.0 and 3.0, with plans announced for
4.0 supporting faster speeds per lane. For the first three versions, a single
lane (x1 slot) operates in each direction or transmits and receives from
either communicating device at full duplex, at a data rate of 250 MBps for
PCIe 1.x, 500 MBps for PCIe 2.0, and 1 GBps for PCIe 3.0. The more lanes
you have, the more data gets sent in a given time. Combining lanes results
in an upward multiplication of these rates. For example, PCIe graphics cards
have 16 lanes that provide a transfer rate of 4 GBps (16 x 250 MBps).
Although MBps is used here, PCIe speeds are often measured in transfers
per second, and all the PCIe versions achieve speeds in the gigatransfers
per second (GT/s) range.
The most powerful PCIe slots with the highest data transfer rates connect
directly to the Northbridge; the lesser PCIe slots connect to the
Southbridge.
PCIe 1.x can supply 150W (75W from pins on the expansion slot with an
extra 75W from a 6-pin connector from the PSU). PCIe 2.x slots supply
power up to 150W and another 150W from an 8-pin auxiliary connector
from the PSU.
PCIe supports hot swappable and hot pluggable expansion cards.
PCIe 2.0 motherboards and cards are compatible with PCIe 1.x, but to
achieve full performance, use PCIe 2.0 cards in 2.0 slots.
Compatibility is important: a x1 card can go in a x1 or larger slot but a x16
card currently only fits in a x16 slot.
PCIe slots almost always have a plastic extension that does not include any
pins but does help the card fit snugly and prevent it from working loose.
You will not find the version of a PCIe slot or card by looking at it. You will
have to refer to the system documentation, motherboard manual or cards
user manual, or visit the manufacturers website.
Figure 3.51 shows a comparison of PCIe slots and cards.

PCIe x16 slots with plastic latch
PCIe graphics card
PCIe network card
PCIe x4
slot
PCIe x1slots
Figure 3.51 PCIe slots and cards
Page 140 of 1229
3.13.5 AMR and CNR

You might encounter on older motherboards an unfamiliar short slot beside the
PCI or AGP slot that is not a PCI, AGP or PCIe slot. Suspect that this is either
an AMR (Audio Modem Riser) slot or its replacement: the CNR
(Communications Network Riser) slot. These two slots were designed to
accept special expansion cards, called riser cards, which provide sound,
modem, USB or network functionality.
Note
You will not find AMR and CNR slots on modern motherboards
because current systems use built-in components or have PCIe slots
for modems, sound and network cards, and USB ports.
3.14 Expansion cards

The expansion card (or adapter card) is a circuit board that can be plugged
into an expansion slot on a motherboard or on a riser card. One edge of the
expansion card holds the contact pins that fit exactly into the appropriate slot.
The motherboard provides most I/O ports, but an expansion card can be
installed to provide additional ports or a bus type that is not supported by the
motherboard.
Slimline or low-profile case designs place their expansion slots sideways on a
riser card (or daughterboard). A riser card plugs into the motherboard and
has its own expansion slots that accept expansion cards. See Figure 3.52.
Riser cards are often used in a lower height chassis such as in slimline cases.
Figure 3.52 A riser card
3.14.1 Installing and configuring expansion cards

You can follow the general steps below to install any type of expansion card
successfully:
Page 141 of 1229
First step Compatibility with the computer and OS

Does the card work with the computer and does it have drivers for the OS you
are using? Drivers written for one Windows OS do not always work for another
version. Other operating systems such as Linux might or might not have
drivers for the card. Check the cards driver disc and documentation or visit the
manufacturers website for the correct and most up-to-date driver.
Second step Type of expansion slot
What expansion slots are available for expansion cards? Modern motherboards
might have two or three different types of expansion slots, such as PCIe x16 or
PCIe x1. PCIe x1 is used for a variety of cards while PCIe x16 is designed for
graphics cards. The correct card must fit into the correct slot.
Third step backup
Back up important data before installing drivers. Drivers can cause system
problems.
Fourth step card and on-board adapter
Does the card have the same function as the built-in adapter, such as a video
card and video adapter? Depending on the type of card, it might be necessary
to disable the on-board adapter first in the CMOS Setup program before
installing the card.
Fifth step ESD precautions and physical installation
When inserting the card, take steps such as handling the card by its edges and
avoiding ESD to avoid damaging the card, the motherboard or both.
Sixth step Driver installation or removal
Installing the driver is straightforward. Use the correct driver and if upgrading,
uninstall the current driver before installing the new one. Often the driver
version is printed on the disc, otherwise insert the disc in the optical drive and
go through its various files.
Install the driver for the specific OS running on the computer. In almost all
cases, install the driver after installing the device. To install a new driver, use
its installation disc or the Add Hardware Wizard in Control Panel on a Windows
computer.
Page 142 of 1229
Figure 3.53 Graphics card driver installation program

Some cards, especially graphics cards, need you to remove old drivers of the
same type before you install the new card. To do this, find the driver in Device
Manager by right-clicking the device and select Uninstall from the context
menu. Many devices, especially ones that come with a lot of applications, will
have an uninstall option in the Programs and Features applet in Control
Panel.
Seventh step Verify
Lastly, review the results of the installation and make sure the card works
properly. Open Device Manager and check to see if the card is listed. Once this
is done, your next check is to put the card to work by making it do whatever it
is supposed to do. That is, for a sound card, play some music; for a network
card, connect to a network. If it works, the installation is complete!
The general steps to install any type of expansion card are as follows:
Note

1. Read the cards documentation. For most cards, you first install the card
and then install the driver afterwards but this might not be the case for all
cards.
2. If installing a card to replace an on-board port, access the CMOS Setup
program and disable that port.
3. With the computer shut down and all the external cables disconnected,
press the power button to drain power.
4. Remove the case cover. If the case has a one piece design, remove the
entire case; otherwise for a tower case, remove the one side panel only.
Ensure the expansion slots are facing you or upwards.
5. Find the appropriate type of slot you plan to use and remove the slot cover
for that slot (if needed). Most slot covers are held in place by screws that
fasten the cover to the back of the case. However, some systems use
different methods.
Page 143 of 1229
6. Remove the slots blanking plate. The blanking plate snaps or punches out,
and sometimes you have to remove the screw from a slot cover to remove
the blanking plate. Examine the case for the correct removal procedure.
Keep screws in a container.
Figure 3.54 Remove blanking plate

7. Remove the card from its anti-ESD bag and hold it by its metal bracket and
edges, not by the circuit board, chips or connector. Take ESD precautions.
8. Line up the connector and notches at the bottom of the card to the keys in
the slot connector and then insert the card into the slot. Push the card
straight down into the slot using some force, but be careful not to use too
much to avoid bending the card and rocking it from side to side. If you have
a problem getting the card into the slot, do not push the front or back of the
card into the slot. To help with air flow, try to leave an empty slot between
cards, especially cards that create a lot of heat, such as graphics cards.
9. You should feel a slight snap as the card drops into the slot. Later, if you
find that the card does not work, it might not be seated in the slot correctly.
Check this first and then if possible, try another appropriate slot.
Figure 3.55 Insert card

10. Insert the screw that secures the cards bracket to the top of the slot. Be
sure to use the correct screw. If it is not secured, the card can work out of
the slot over time.
Page 144 of 1229
Figure 3.56 Fasten the card

11.
12.
13.
14.
Secure the slot cover with screws (if needed).

Connect any cables needed by the card.
Cover any unused slots with blanking plates and secure them with screws.
Replace the case cover, connect the power cable and other cables and
peripherals (you can leave the cover off until you have tested the card, in
case it does not work and you need to reseat it).
15. Start the computer. Log in and PnP should find the card (if it is a PnP
card). Start the found new hardware wizard and you can use it to
complete the installation. Otherwise, it is preferable to use the driver on
the optical disc or a driver from the manufacturers website to perform the
installation.
To remove an expansion card:
16. Uninstall the cards drivers from Device Manager. Shut down the
computer, remove all cables and take ESD precautions. Open the side
panel with the card facing you.
17. Undo any screws for the slot cover (if needed) and undo the screw that
holds the cards metal bracket to the slot.
18. Use both hands to remove the card straight out of the slot. If the card is
stiff, gently rock it backwards and forwards in the direction of the slot to
release it from the slot. Do not rock the card from side to side. Keep the
card in an anti-ESD bag.
3.15 Display devices

The term video covers the interaction between the different computer parts
that are all designed to put text, pictures and video information on a screen.
The monitor (also known as a display, display unit or screen, or video
display unit) is the main type of output device for the computer. The video
adapter generates and sends video signals to the monitor to display on
screen.
Monitors for computers include CRT and LCD, and projectors. This section will
explore these and other display units and technologies.
Page 145 of 1229
Caution Monitors have high voltages. Only qualified and experienced

technicians should attempt to open them up and repair them.
3.15.1 Cathode Ray Tube (CRT)

CRT monitors are heavy and take up a lot of desk space and use more power
and generate more heat than LCDs. Although LCDs have largely replaced
CRTs, you will still find CRTs used so they need to be supported.
A CRT requires signal information in analogue format from the video adapter.
After receiving the signal from the video adapter, the CRT monitor displays the
image by using red, green and blue electron guns that shoot beams of
electrons, from left to right, at colour chemical dots called phosphors covering
the screen, causing those areas of the screen to glow, creating the image on
screen. These electron beams are called raster lines. The glow of the
phosphors dims very quickly and therefore the electron beam must return
regularly to each phosphor to ensure each one continues to glow.
Colour CRTs use three guns, each targeting a different colour phosphor: red,
green and blue (RGB) (these are the primary colours that produce the range of
different colours called the gamut).
Colour tubes can be aperture grille designs which have their phosphors
arranged in stripes, or shadow mask designs which have their phosphors
arranged in triangular dot clusters called triads a triad has three dots, one
for each colour. See Figure 3.57.
Figure 3.57 A triad

CRTs only accept analogue video input, typically VGA. Figure 3.58 shows a
picture of a CRT monitor.
Page 146 of 1229
Figure 3.58 CRT monitor
3.15.2 Liquid Crystal Display (LCD)

LCDs (flat panel displays) are the most common type of display screen for
computers and other devices. LCD displays have many advantages over CRTs.
They are thinner and lighter, use less power, create less heat and use less
desk space. An LCD basically works as follows:
An inverter sends power to a backlight, which illuminates the entire front
panel. If the backlight is a cold cathode fluorescent lamp (CCFL), it needs
an inverter to provide it with AC voltage.
An LCD display has two sheets of material surrounding a liquid containing
crystals that act as picture elements (pixels) for the display. Each crystal
has a red, green and blue cell illuminated by an electrical charge hitting the
crystal, which then creates the image on screen.
Liquid crystals are chemicals whose properties change when provided with
voltage. The crystals in their natural state are in a twisted but predictable
form, that is, they always want to position themselves in the same direction.
The molecules of the crystal are special in that they rotate or twist the light
by some degree as it passes through. Where light is allowed through, the
screen appears bright, and where light is blocked, the screen appears dark.
A colour filter is used to change the light to red, green or blue, or a
combination of these. Figure 3.59 shows a picture of an LCD display.
Figure 3.59 LCD display
Page 147 of 1229
When voltage is applied to the liquid crystal, it untwists, changing the lights
orientation and causing more of it to be blocked. The more voltage that is
applied, the more the liquid crystal untwists and the more light is blocked.
Each pixel has three cells (sub-pixels): one red, one green and one blue, as
shown in Figure 3.60.
Figure 3.60 LCD pixels and sub-pixels

Transistors are responsible for turning sub-pixels on and off. By varying the
voltage to each sub-pixel, you can mix the three colours to create the gamut
that can be displayed on screen.
An LCD monitor is a digital design, but many models use the same VGA
analogue interface as CRTs. In such cases, the monitor must have an
analogue-digital converter to change the analogue signal coming from the
VGA cable into a digital signal. Many LCD monitors support digital signals and
use ports such as DVI.
3.15.3 LED LCD and OLED Displays

Light Emitting Diode (LED) monitors and televisions (TVs) are LCDs with
LED backlights. They either use RGB (red, green and blue) LED arrays behind
the LCD panel, or use white edge-LEDs around the inside frame and a light
diffusion panel to spread the light evenly behind the LCD panel.
Using LEDs for backlighting reduces the thickness of the LCD panels and
reduces the overall amount of electricity used. LEDs do not need AC power, so
there is no inverter. Smaller devices such as laptops, tablets and display
screens use LED backlights to save battery usage.
Some smaller devices such as smartphones and digital cameras, and bigger
display screens such as monitors and TVs use a related technology called
organic light-emitting diode (OLED) screens. A simple OLED is made up of
six different layers as shown in Figure 3.61.
Page 148 of 1229
Seal
Cathode
Emissive layer
Conductive layer
Anode
Substrate
Light
Figure 3.61 OLED layers

An OLED basically creates light as follows:
1. Current is applied to the negative anode and positive cathode.
2. The cathode receives electrons and the anode loses them (or in simple
terms, holes are injected into it).
3. As electrons flow, they cause the emissive layer to hold a negative charge,
while the conductive layer holds a positive charge. Both the emissive and
conductive layers are made of special organic material that conducts
electricity.
4. Positive electrons on the conductive layer jump over to the emissive layer
and when the absence of an electron or hole meets an electron, a process
called recombination causes the two to cancel each other out and release
light. Since this happens many times a second and as long as the current
keeps flowing, the OLED will continue to produce light.
An OLED can create coloured light by adding a coloured RGB filter just beneath
the top or bottom layers. OLEDs can provide sharper and brighter colours than
LCDs, and because they do not need a backlight, OLED displays are thin and
flexible and they use less electricity than LCDs. Also, they do not break when
dropped.
Page 149 of 1229
There are Active Matrix (AMOLED) and Passive Matrix (PMOLED) types:
PMOLEDs are made up of rows of electrical anodes arranged vertically in

columns of electrical cathodes, with organic material placed between them.
Circuitry applies current to selected strips of anode and cathode to
determine which pixels to turn on or off. The point where the rows and
columns meet is where each pixel is lit and where light is produced. The
more current applied through each pixel, the brighter the pixel will be.
AMOLED are better quality screens than PMOLED but need a thin film
transistor (TFT) backplane to switch each individual pixel on or off to
produce light. See Figure 3.62.
Figure 3.62 AMOLED

New technologies are starting to appear all the time. Figure 3.63 shows a
smartphone with a flexible display that will be with us soon. There are a few
special types of OLEDs available or in development. For instance, flexible
OLED (FOLED) displays are OLED displays built on flexible surfaces. Flexible
displays can roll up when not in use. Another kind of OLED is transparent
OLED (TOLED). TOLED displays are transparent (see-through) displays. A
third type of OLED is phosphorescent OLED (PHOLED). Phosphorescence
refers to a process that results in more conversion of electrical energy into
light.
Figure 3.63 Smartphone with flexible AMOLED display
Page 150 of 1229
3.15.4 Digital projectors

A video projector, data projector or digital projector projects images and
videos onto a projection screen or other flat surface using a lens system. They
are commonly used for meetings, presentations and training. To project an
image, the projector can be a rear-view which shoots an image onto the
screen from the back, or front-view which shoots the image out the front and
relies on a screen placed in front of the projector at a proper distance. While
most projectors connect using a cable to the computer, wireless projectors that
use a Wi-Fi connection are also available.
Projectors can be portable or fixed in placed and are available in CRT, LCD and
DLP versions. The first generation of projectors used CRTs. Each RGB colour
used a separate CRT tube that projected the image onto a screen. CRT
projectors project good quality images but are big and heavy and have for the
most part been replaced by other technologies. Given that light shines through
the LCD panel, LCD projectors are a natural fit for front-view projectors. LCD
projectors are light and are used by most portable projectors, but do not give
the best image quality.
Figure 3.64 shows the connections on the back of a data projector.
Figure 3.64 Data projector ports

Digital Light Processing (DLP) projectors use a spinning RGB colour filter to
add colour data to light reflected from an array of small mirrors found on a DLP
chip known as a digital micro-mirror device (DMD). Each mirror
corresponds to a pixel and moves thousands of times per second towards and
away from a light source. A lamp projects through the spinning colour filter
onto the DLP chip, which creates the image by moving the mirrors, which in
turn reflect onto the screen. See Figure 3.65. DLP projects a rich image.
Page 151 of 1229
Figure 3.65 DLP projector operation

Some advancement in DLP technology includes standalone and integrated
projectors as follows:
Handheld also known as a pico, mobile or pocket projector, it fits into

your pocket and allows you to give a presentation to a small group of
people. It has built-in memory and speakers, a battery for power and can
display an image many inches in size. You can plug it into another device
and project what is on that device onto a surface.
Mobile phone a projector built into a smartphone that projects videos and
images onto a surface.
Figure 3.66 DLP-enabled phone (left) and handheld projector (right)
3D projector projects 3D images and can connect to a computer, game

console or other device through VGA and HDMI connections. The speed of
DLP can actually create two images on a screen at the same time: one for
the left eye and one for the right eye. Then you can use 3D glasses to
combine the two images to create the 3D effect.
Page 152 of 1229
Three projector terms to know about include:

o
Lumens - measures the brightness of the image projected onto the

surface. The lumen rating depends on the size of the room and the
amount of light in the room. A projector rated at 3000 lumens will show
clear images in a room with closed curtains and dimmed lighting whereas
a projector rated at 6000 lumens will show clear pictures in a room with
sunlight.
Throw - the size of the image at a certain distance from the screen. You
need to consider the recommended minimum and maximum throw
distance.
Lamps generate a large amount of light and therefore heat. All

projectors come with a fan that stops the lamp from overheating. When
the projector is turned off, the fan continues to run until the lamp is fully
cooled.
Note
After turning off the projector, it is best to leave it off for at least a
few minutes before turning it back on again, so as to ensure that the
lamp has cooled down.
3.15.5 Plasma displays

A plasma display is another type of flat panel display. It can produce some
bright colours but is more susceptible to screen burn-in. In addition, it draws
more electricity than an LCD monitor. The plasma display tube includes
millions of small cells filled with gas, and when voltage is applied to these cells,
they can emit different coloured lights. Figure 3.67 shows a picture of a plasma
display.
Figure 3.67 Plasma display
3.15.6 3D displays
Improvements in display technology and graphics processing have led to
several 3D output devices, including 3D display screens, TVs, laptops, mobile
devices and game consoles. The newest 3D displays use filters, prisms, lenses
and other parts built into the screen to create the 3D effect and as a result, the
user does not have to wear 3D glasses or other gear to experience the 3D
effect. Figure 3.68 shows a picture of a 3D display.
Page 153 of 1229
Figure 3.68 3D display
3.16 Display characteristics, coating and power

Table 3.8 lists common characteristics of displays.
Table 3.8 Display characteristics
Characteristic
Pixel
Resolution
Native
resolution
Dot pitch
Description
Short for picture element, a small dot that can be turned
on and off and joined with many other dots to create the
image on screen. A pixel must be made up of at least one
red, green and blue phosphor (triad) to create any colour.
With more pixels, you can see more of the image and in
more detail.
The number of pixels used to create the image and
addressed by software. Shown as the number of horizontal
(across) pixels times the number of vertical (up and down)
pixels. Values can range from hundreds to thousands of
pixel counts for high-end displays. You can find out how
many pixels are on the screen by multiplying the values
together: 1024x768 = 786 432 pixels per screen. CRT
monitors and graphics cards are designed to use several
resolutions up to a maximum one. A higher number of
pixels results in a higher resolution and an overall better
image.
A single fixed resolution, such as 16801050, that enables
LCD monitors to display the sharpest picture possible.
Setting an LCD monitor to a different resolution other than
the native one can severely degrade image quality, causing
the image to appear fuzzy. See the monitors
documentation to find the native resolution.
For CRTs, the distance between two adjacent phosphors of
the same colour (e.g. red and red), measured in
millimetres.
Page 154 of 1229
Characteristic
Screen size
Aspect ratio
Refresh rate
Response rate
Brightness
Contrast ratio
Viewing angle
Description
The diagonal length of the screen surface, measured in
inches. CRT monitors provide two numbers: The monitor
size measures from two opposite diagonal corners of the
plastic case (bezel). The viewable image size (VIS)
measures one edge of the actual screen to the opposite
diagonal side of the screen. LCDs use the viewable image
size. Common sizes are 15, 17, 19 and 21 with 30+
available.
The screens width divided by its height. The common
resolutions, such as 1024768, 1280960, 12801024,
and 16001200, match a 4:3 ratio. For example, for a
display that supports 4:3 ratios, such as 1024768, if you
divide the first number by 4 and multiply the result by 3, it
equals the second number. This means that for every 4
pixels running horizontally, there are 3 pixels running
vertically. Depending on screen resolution, widescreens can
have varying aspect ratios of 10:6, 16:9, 16:9.5 or 16:10.
Refers to how quickly the monitor updates or redraws the
screen, measured in Hertz (Hz) or times per second.
Refresh rates for CRT monitors vary from 60 Hz or more,
with 75 Hz or higher causing less flicker on screen and are
ideal. There is no need to freshen up a dot on an LCD
display because each one has its own transistor to light it
up; it is on or off. The refresh rate for an LCD monitor
refers to how often a screen can update completely.
Standard LCDs have a 60 Hz rate with models featuring 120
Hz and 240 Hz.
The amount of time it takes for a pixel on an LCD monitor
to change colour, to go from pure black to pure white and
back again, measured in milliseconds (ms). The lower the
response time the better, with better quality monitors
having 8 ms times or less.
Luminance is how bright the screen appears to your eyes,
measured in nits or candelas per square metre (cd/m2).
Typical LCDs fall between 200 and 300 cd/m2, with 500
cd/m2 or better designed for gaming and home theatre
systems.
The difference in the amount of light between the brightest
(white) colour and the darkest (black) colour that the
monitor can display. For example, a contrast ratio of 600:1
means that the white areas are 600 times the brightness of
the black areas. The higher the ratio the better.
The degree of angle at which you can see the screen from
the sides and top and bottom, and continue to see clearly
defined images and accurate colours.
Page 155 of 1229
Characteristic
Colour depth
Description
Also known as bit depth, it describes the number of bits
that represent colour. Common colour depths include 4-bit
(16 colours), 8-bit (256 colours), 16-bit (65, 536 colours)
24-bit (16, 777, 216 colours), 32-bit (4,294,967,296
colours), 30-bit, 36-bit and 40-bit (billions of colours).
3.16.1 Monitor coating

A display typically comes with one of two types of coating:
Gloss screens give a sharper contrast, richer colours and wider viewing
angles compared to matte screens. Each manufacturer has a different name
for gloss coatings. The drawback is that they can take external light from
nearby objects and shine on your eyes, resulting in glare (which can
negatively affect your eyes). Antiglare covers or filters are available that
you can fit over the front of the display screen to avoid glare caused by light
sources.
Matte screens give a good richness of colour and reduction in glare by
scattering light. A drawback to scattering light results in reduced contrast
and brightness and a narrower viewing angle when compared to gloss,
which can seem like the screen is blurred.
3.16.2 Power conservation

CRT and LCD monitors need a certain amount of electricity to work. Simply
stated, CRTs use a lot more electricity and LCDs use less. CRT monitors that
meet the Display Power Management Signalling (DPMS) specification can
reduce the amount of power used by roughly 75%. DPMS is done by reducing
or cutting off the signals sent by the video adapter to the monitor when the
monitor is not in use. Turning off the CRT monitor with the power switch is the
most effective way of managing power, though.
3.17 Video adapters

The graphics adapter (also known as the video card, graphics card or
video adapter) generates and transmits video signals to the display device to
show the image on screen. A graphics processor processes data from the CPU
and outputs commands to the display. The graphics processor like any other
processor needs RAM and also a fast connection to RAM and the CPU. The
video adapter must also have a connection compatible with the display device.
Although many new systems have low-end video adapters built into the
motherboard chipset with one or more video ports, the video adapter can also
be an expansion card that plugs into an expansion slot. Figure 3.69 shows a
graphics card.
Page 156 of 1229
Figure 3.69 Graphics card with graphics processor built in
3.17.1 Understanding video standards

A number of video resolution standards have been developed, with each
standard increasing the quality of the display from the previous standards.
Display standards are often a combination of resolution, aspect ratio, colour
depth and refresh rate. Increasing any of these increases the amount of
bandwidth needed for the video signal, and the amount of processing the CPU
or graphics processor does and the amount of system RAM or video RAM
needed.
The video graphics array (VGA) standard defines 16 colours at a 640480
pixel resolution at 60 Hz with a 4:3 aspect ratio. A number of other modes
were introduced after VGA including super VGA (SVGA) providing 800x600
resolutions at 4-bit or 8-bit colour with a 4:3 aspect ratio and eXtended
graphics array (XGA) providing 8-bit colour at 1024x768 resolution with a
4:3 aspect ratio. Modern displays are extensions of XGA, having higher
resolutions and various aspect ratios. There are more than 20 different
resolutions used by different monitors. You do not need to memorise them all,
but some common resolutions are listed in Table 3.9.
Table 3.9 Common display mode resolutions
Display mode name
Resolution
VGA (Video Graphics Array)
640480
SVGA (Super VGA)
800600
XGA (Extended VGA)
1024768
EVGA (Extended VGA)
1024768
SXGA (Super XGA)
12801024
UXGA (Ultra XGA)
16001200
WUXGA (Wide UXGA)
19201200
WQXGA (Quad XGA)
2560x1600
HDMI (High-Definition Multimedia Interface) 1080 19201080
HDMI 780
1280720
Page 157 of 1229
Whenever a known display mode starts with the letter W, it means wide
screen formats (16:9 or 16:10). When it starts with the letter Q, it means the
horizontal and vertical resolutions are each doubled, making a final resolution
four times (quadruple) the number of pixels compared to the original standard.
The letter H for hexadecatuple means it is 16 times as many pixels compared
to the original standard resolution. HD is for high definition screens. Super (S),
eXtended (X), Plus (+) and Ultra (U) mean steps, one after the other, up the
resolution ladder from a comparative original standard but usually mean less of
a jump up the ladder than what it would be if it were two times or four times
the resolution.
Note
VGA 640x480 and SVGA 800x600 are commonly seen if you attempt
to boot the system into an advanced boot or safe mode, which starts
the system in a limited state that is used for troubleshooting
purposes.
3.17.2 Graphics Processing Unit (GPU)

Modern CPUs rarely process video data as this is done by the GPU. Graphics
cards have their own GPUs which handle processing video images the task of
taking instructions from the CPU and translating them into coordinates and
colour data that the device understands and shows on screen. Dual card
technologies allow multiple GPUs to be used to draw one image, increasing the
processing power for graphics. Some of the better and faster GPUs have more
transistors than the average CPU.
Figure 3.70 GPUs

A GPU uses special programming to help it analyse and use data. GPUs for
computers use video RAM installed on the graphics card so that system RAM is
not tied up with video data. If a motherboard has a video port, the GPU is part
of the on-board video controller and system RAM on the motherboard is used
for video data. Some modern motherboards are ready for an integrated
CPU/GPU. Many manufacturers that make integrated CPU/GPUs differ in
graphical performance and target different devices, such as computers,
tablets, smartphones and gaming consoles.
Note
Many manufacturers call current integrated GPUs accelerated

processing units (APUs), although this term can also be applied to
other chips that have multiple processing functions built in.
Page 158 of 1229
A typical graphics card might be called:
XFX Radeon HD7970 3-GB 384-bit GDDR5 PCI Express 3.0
XFX is the graphics card manufacturer.

Radeon HD7970 is the GPU and series.
3-GB 384-bit GDDR5 describes the dedicated video RAM and the connection
(memory bus) between the video RAM and GPU.
PCI Express 3.0 describes the motherboard expansion slot the card uses.
Graphics card model numbers are organised by generations (or series), such
as 800 or 900 or 8000 or 9000. Each successive generation has built on the
previous one to create faster and more powerful hardware.
Tip
A high-end graphics card is easy to spot. It has lots of Video RAM and
a fast GPU, and some have decorative cooling systems as well. GPUs
have code names such as Volcanic Islands and Pirate Islands.
The following factors are a good overall measurement of the graphics cards
performance:
Frame rate is how many still images (frames) the card can output to the
screen each second, measured in frames per second (FPS). Put another
way, how often in a second can the video card redraw what you see on
screen. The higher the frame rate, the better.
GPU clock speed (MHz) is the basic measure of performance.
Size of the memory bus between the GPU and video RAM (in bits).
Amount of video RAM (MB or GB) you have.
Memory clock rate (MHz or GHz).
Memory bandwidth (GB/s).
RAMDAC speed (MHz). Random access memory digital-to-analogue
converter (RAMDAC) is a special chip (or function built into a chip) that
takes the digital signal from the card and turns it into an analogue signal for
the analogue monitor. Some cards have multiple RAMDACs, which can
improve performance and support more than one monitor.
Shader units support special effects built into games and other software.
The 3D architecture of the card plays an important role in performance.
The CPU, RAM and motherboard also play a major part, since using a very fast
graphics card with a motherboard that cannot deliver data quickly gives no
performance benefits. Similarly, the card's connection to the motherboard and
the speed at which it can receive instructions from the CPU affects how well it
does its job.
The graphics pipeline is the central part of graphics processing. The graphics
pipeline has a number of stages where particular video jobs are completed and
where each stage works at the same time in a fixed order. Figure 3.71 shows a
flowchart of a modern day graphics pipeline.
Page 159 of 1229
Figure 3.71 Graphics pipeline

ATI, NVidia and CPU manufacturers make most GPUs and they have developed
their own improvement for GPU performance. Choosing a GPU is very
important when buying a graphics card. Before buying a graphics card, find out
as much information as you can about the card by visiting the GPU or graphics
card manufacturers website (see Figure 3.72). Also, read trusted third party
reviews online. Poorly written video drivers can cause several different
problems, so be sure to check for driver updates and install them when they
become available.
Page 160 of 1229
Figure 3.72 Manufacturer driver and software download page
3.17.3 Video RAM

The GPU uses Video RAM to store video data while it is busy creating images.
When working with game and other graphics-intensive applications, the type
and amount of video RAM is very important. See Figure 3.73. Video RAM can
read and write data at the same time. The width and speed of the memory bus
between video RAM and the GPU is also important. When you read about a
graphics card having a certain amount of bits, understand that it refers to the
memory connection on the card, not the connection on the motherboard. Lowend cards use shared memory (and share memory with System RAM) while
others use a mix of their own video RAM (dedicated) and shared memory.
Integrated graphics solutions, shared graphics solutions, or integrated
graphics processors (IGP) use a part of system RAM rather than dedicated
video memory (that is, dedicated for use by the graphics card only). Most are
built into the motherboard.
Page 161 of 1229
Video RAM
GPU Heatsink
GPU Fan
Figure 3.73 Video RAM, GPU and cooling

Older graphics cards used older memory technologies such as Video RAM
(VRAM) and Double Data Rate Synchronous DRAM (DDR SDRAM). Modern
cards use megabytes and gigabytes of Double Data Rate (DDR) RAM or
versions thereof and Graphics Double Data Rate SDRAM (GDDR SDRAM). Each
version of GDDR RAM that is released improves on previous versions in one
way or another, such as by providing faster speeds and performance, and by
adding buffers.
Tip
It is very common to see low-end cards with megabytes of video RAM

and high-end cards with gigabytes of video RAM. The huge amount of
video RAM allows game and other application developers to get the
best out of their applications and store more essential data in video
RAM. The more video RAM, the better the performance.
Figure 3.74 shows a screenshot of a program called GPU-Z that shows all
information about your video card/adapter including Video RAM. You can
download GPU-Z from: www.techpowerup.com.
Page 162 of 1229
Figure 3.74 GPU-Z
3.17.4 Motherboard connection

As a computer technician, you will find that there are many ways that video
adapters/cards connect to a motherboard:
AGP an older slot that is only used for graphics cards.

PCIe most modern graphics cards plug into the PCIe x16 slot on the
motherboard. To get the fastest speeds, the motherboard needs to support
the highest version of PCIe.
On-board many motherboards have adapters built in.
Note
Multiple graphics card technologies using two or more slots are also
available.
3.17.5 Connector types

You can find many different connectors on graphics cards, including:
DVI (digital)
VGA (analogue)
DisplayPort (digital)
HDMI (digital) for HD TV. Some devices offer HDMI output directly, while
other cards support HDMI through a special cable that connects to a DVI
port.
Page 163 of 1229
Graphics cards might support other connectors as well. You can also get
adapters that convert one type of video connector to another type (such as
VGA-to-DVI). The graphics card shown in Figure 3.75 has three ports: HDMI,
VGA and DVI.
Figure 3.75 Graphics card with VGA, DVI and HDMI ports
3.17.6 3D graphics and APIs

An image that has or appears to have height, width and depth is three
dimensional (3D). See Figure 3.76. You find 3D objects in real life, that is,
you can see an objects height (how far up and down it goes), its width (how
far from side to side it goes) and depth (how far back it goes). An image that
has height and width but no depth is two dimensional (2D).
Figure 3.76 3D depth

3D graphics is the field of creating and displaying 3D objects to create images
with the same depth and texture as objects seen in the real world. A true 3D
object is made up of a group of points called vertices. Figure 3.77 shows the
vertices for a 3D video game jet plane.
Page 164 of 1229
Figure 3.77 Vertices for a 3D video game jet plane

Each vertex has a defined X, Y and Z position in the 3D world. Figure 3.78
shows a vertex for the front end of a jet plane. The computer must track the
vertices of all objects in the 3D world. Objects might not move (such as a
wall), might have animation (such as a window opening and closing) or might
be moving (such as a jet flying in the sky). This calculation process is called
transformation and needs the processor to do a lot of work.
Polygon
Edge
Vertex
Figure 3.78 A vertex, edge and polygon for the tip of a 3D jet plane
Once the processor has determined where all the vertices must go, the system
begins to draw lines called edges between the vertices to build the 3D object
into many triangular shapes. See Figure 3.79. Although any shape will work,
triangles make the most sense from a mathematics point of view. All 3D
games use triangles to connect vertices. The 3D process then groups triangles
into different shapes called polygons.
Figure 3.79 Connected vertices forming a polygon mesh
Page 165 of 1229
Polygons have faces that are the result of surrounding edges and vertices.
When faces are joined together they create a polygon mesh. A series of
triangles are often called geometry, model or mesh. Next comes texturing
and shading. Every 3D game stores a number of image files called textures.
The program wraps textures around an object called a primitive to give it a
surface. This process is known as texture mapping. A single object can have
one or more textures, applied to one triangle or a group of triangles
(polygons). Shading controls the way the surface interacts with light (levels of
lightness and darkness). Figure 3.80 shows the finished jet plane.
Figure 3.80 Finished jet plane with textures added

Using textures, primitives and vertices, the image descriptions must then be
rendered. 3D rendering means taking a 2D image and covering that image
with a surface colour and texture to make it appear as a 3D object, or taking a
series of images and making them animated the process of making images
move quickly and cleanly on a frame-by-frame basis. Animation speed is
measured in frames per second (FPS).
Furthermore, although the game re-draws each screen, it must also keep track
of where all the objects in the game are and perform many other tasks as well.
GPUs take this workload off the CPU and they have rendering engines that are
capable of processing millions of polygons each second. They also have lots of
video RAM to store textures and other video data.
Game engine: Like a car engine, a game engine is a software platform that
drives the program code that makes up a game and allows game developers
to make games and is responsible for setting up the game, making sure it
runs properly and shutting it down. Not every game must be created from
scratch; quite often a new game can be created using an existing game
engine. Cross-platform game engines, such as Unity, are also available and
are used by many developers to develop video games for web plugins,
desktop platforms, game consoles and mobile devices.
Page 166 of 1229
Figure 3.81 Creating a game with a game engine

To work with 3D games and design applications, graphics cards need to be
compatible with the specified version of one of the major graphics Application
Programming Interface (APIs).
An API is a library of commands that 3D application developers use in their
programs to help hardware and software communicate more efficiently for
complex tasks, such as 3D rendering. The program currently using the
graphics card sends API commands directly to the cards driver. The driver
then directs the graphics hardware to perform a video task.
Tip
APIs are different from drivers. But as with updated APIs, updated
drivers can help programs run correctly.
Several APIs have been developed, with the major ones being:
OpenGL standard was developed for UNIX systems but has since been
ported (or made compatible) with a wide variety of computers, including
Windows and Apple.
DirectX is a Microsoft specification that programmers use to take control of
certain hardware and to communicate directly to that hardware. It provides
the speed necessary to play advanced games. DirectX is not only for video;
it also supports direct access to joysticks and game controllers, sound,
network connections for multiplayer games, presentation devices and other
parts of your computer. Microsoft constantly adds to and changes DirectX to
support various types of hardware and releases different versions of
DirectX.
Page 167 of 1229
As many games need DirectX and all graphics cards have drivers to support it,
you need to make sure that DirectX is installed and working properly on your
computer. This can be done on a Windows computer by using the DirectX
Diagnostic Tool (dxdiag).
3.17.7 Video BIOS

Graphics cards have a BIOS chip that is separate from the motherboards
system BIOS. Like the system BIOS, the video BIOS has basic instructions that
allow hardware and software to interact with the card, and it also stores the
cards settings and runs tests at startup.
3.17.8 Video card cooling

The GPU and RAM chips on the graphics card can get very hot. As a result,
they both need cooling. Cooling can be provided through heatsinks or cooling
fans and fan shrouds. While some low-end cards rely only on case fans for
cooling, many modern cards have heatsinks that provide cooling for both the
GPU and memory on the card. Heatsinks are great for computers that need to
run as quietly as possible, such as home theatre PCs (HTPCs). Figure 3.82
shows a graphics card cooler with a fan and heat pipes.
Figure 3.82 A silent graphics card cooler

Note
Some graphics cards use heat pipes to take heat from the CPU and
memory and move it to a radiator-type cooler on the card. A heat
pipe provides better cooling but needs extra space around the card.
3.17.9 Overclocking
Overclocking means running the GPU faster than its rated clock speed set by
the manufacturer. This can be done using software/firmware. Although
overclocking provides better performance, it is not recommended as it can lead
to many problems, such as an unstable system and even hardware failure.
Page 168 of 1229
3.17.10 Installing a graphics card

After choosing the features and other factors for a graphics card and monitor,
you need to install them into a computer. As long as you have the right
connection to the graphics card, installing a monitor is straightforward. The
challenge comes when installing the graphics card. While installing the card,
take note of the following:
Compatibility some high-end cards simply do not fit in certain cases or

block access to motherboard connectors. In such cases, you have to change
at least one of the components (graphics card, motherboard or case).
Spacing high-end cards get very hot. You do not want them sitting right
next to another expansion card. Make sure the fan on the graphics card has
plenty of ventilation space. A good practice is to leave the slot next to the
graphics card empty to allow better air flow. Some high-end cards come as
double-wide cards with built-in air vents, so you do not have any choice but
to take up double the space.
Three main steps are needed to install a graphics card:

Step 1: Configure the BIOS for the graphics card being installed.
Step 2: Physically install the graphics card.
Step 3: Install the drivers for the graphics card.
This exercise lists the general steps that can be followed to replace an existing
card or upgrade from integrated video to a graphics card:
Note

1. If a graphics card is installed and you need to remove it because you are
installing a new card, for instance, then go into Device Manager and
uninstall its driver from there.
2. If the graphics card is intended to replace the on-board video port, go into
the CMOS Setup program and disable the on-board video port. Set the
Primary VGA BIOS or Primary Graphics Adapter or a similar option to the
appropriate slot setting, such as PCIe if using a PCIe slot.
3. Shut down the computer and unplug all external cables.
4. Open the case and take ESD precautions.
5. Disconnect any internal cables attached to the old graphics card and remove
the screw holding the cards bracket in place. Then release the cardretention mechanism that holds the card in place. Card retention
mechanisms vary from motherboard to motherboard. Some use a lever that
can be pushed to one side to release the lock while others use a knob that
you pull out to release the lock. Check the motherboard documentation on
how to release the retention mechanism.
6. Remove the card from the slot and place it in an anti-ESD bag.
Page 169 of 1229
7. Take the new graphics card from its anti-ESD bag, holding it by its edges
and metal bracket, and plug it into the appropriate slot. Lock the card into
position using the retention mechanism and with the screw for the bracket.
Check the motherboard documentation for specific instructions for installing
the card and locking it into place.
Figure 3.83 Install graphics card

8. If the card has a power connector, connect the cable from the PSU to the
cards connector. If the PSU does not have the right connector, you can buy
an adapter converter.
Figure 3.84 Graphics card power connector

9. Re-attach the video cable from the monitor to the new graphics card.
Remember adapters are available to convert one type of video connector to
another type.
10. Connect all other external cables to the computer.
11. Turn on the monitor and then turn on the computer.
Once you have properly installed the graphics card and connected it to the
monitor, you are ready to tackle the driver and configure the OS for the card.
12.
Configuring the video software is usually a two-step process:
First you need to install device drivers for the graphics card. The
graphics card needs a driver to work.
Page 170 of 1229
Drivers install in much the same way as all of the other drivers:
either the driver is already built into the OS or you can use the
installation disc that comes with the card. However, it is best to check
the manufacturers website for an updated driver and use that driver
instead. If the website does not offer a driver, then use the one on
the installation disc. Avoid using the built-in Windows driver as it
tends to be the most outdated.
13. When Windows starts, the Found New Hardware Wizard should launch.
Although you can install drivers for the card using this wizard, it is best to
cancel the wizard and use the driver from the manufacturers website or
the one on the disc.
14. Run the installer setup program for the card and follow the on-screen
instructions to install the driver. During the installation, Windows might
ask you to install the driver and continue with the installation.
Figure 3.85 Install the graphics card driver

15. After the driver is installed, you need to open the Control Panel and go to
the Display applet to check the resolution and refresh rates for the
monitor and make other adjustments.
16. Close the case.
3.17.11 Installing dual graphics cards

Technologies from different vendors have been developed for connecting
multiple graphics cards in two or more slots. NVIDIA calls this technology
Scalable Link Interface (SLI) and AMD calls it CrossFire. Using a special
cable, the graphics cards can combine their power to improve the image
quality and performance. With either technology, you can link up two or more
graphics cards together for more graphics power.
Page 171 of 1229
To install multiple graphics cards means that you must have a motherboard
that can handle two or more PCIe cards, a PSU that gives enough wattage and
the correct connectors (some manufacturers rate their PSUs as SLI or
CrossFire certified), a case to fit everything in, enough system RAM and a
cooling system powerful enough to stop the computer from overheating. When
running two cards together, the system automatically defaults to the lowest
clock settings of the cards when SLI or CrossFire is enabled. Keep these factors
in mind when upgrading or building a computer.
Figure 3.86 Two identical SLI graphics cards

To install two graphics cards, you need a motherboard with two PCIe x16 slots
and two matching graphics cards. The motherboard and cards must support
SLI or CrossFire. Check the card and motherboard documentation for the
correct installation procedure and slot position. You can follow the general
steps in this demonstration exercise to install the cards using SLI or CrossFire:
Note

1. Shut down the computer, disconnect all cables, open the case and take ESD
precautions. Also handle the cards properly.
2. On some motherboards, you have to set a switch on the motherboard to a
dual card position while on others you do not.
3. Some motherboards have a protective cover over the graphics card
connector, so remove this cover if it has one.
4. Install and secure the first card into the first PCIe slot. Graphics cards can
be heavy so it is recommended to secure the graphics card to the case.
Page 172 of 1229
Figure 3.87 The white square shows a second slot for a second card
5. Connect the power connector to the first card.
6. Plug the video cable from the monitor into the card and connect all other
external cables.
7. Boot the computer and make sure the display is working. Install the driver
for the card.
8. Shut down the computer, disconnect all cables and take ESD precautions.
Handle the second card properly.
9. Install and secure the second card in the second PCIe slot and connect its
power connector. You can also install an optional bridge that connects to a
connector at the top of each card. The bridge improves performance
because the cards can communicate by way of the bridge and PCIe slots.
See Figure 3.88. SLI and CrossFire bridges are not compatible.
Figure 3.88 A bridge (left) installed on two cards (right)

10. Leave the video cable connected to the first card; the second card will not
be connected to a monitor.
11. Boot the computer and install the driver for the second graphics card.
12. After the installation, Device Manager should report both cards are
installed with no problems.
Page 173 of 1229
13. To configure the cards to work together, either a notification pop up will
appear telling you that it has found the new cards and you can simply
follow the steps from there, otherwise open the program that comes with
the card and choose the appropriate Enable parameter from within the
program to enable dual card functionality. Read the cards documentation
for more information.
Figure 3.89 Dual graphics card program

14. Test the graphic performance.
15. Once you have done the installation and are comfortable installing two
cards, you can install multiple cards into slots at once and install their
drivers afterwards. There are also more than two slot graphics cards, such
as triple slot cards, that take up three slots on the motherboard as well.
Page 174 of 1229
3.18 Installing a monitor

To install a monitor in Windows, follow these general steps:
1. Determine if the monitor is using a cable that is compatible with the video
adapter.
2. If the Windows computer is running and has an existing monitor that will be
replaced, navigate to the Display applet in Control Panel and choose a
resolution and refresh rate that is compatible with the new monitor.
3. Shut down the computer.
4. Connect the video cable between the new monitor and video adapter.
Secure the connector on both ends of the cable by fastening the screws.
5. Plug the monitor into the wall outlet, turn it on and start the computer.
6. Open the Display applet. If the monitor is listed as Plug-and-Play or by
brand and model, adjust the resolution. If not, install the driver for the
monitor before continuing. The driver might be provided on an optical disc
bundled with the monitor or can be downloaded from the manufacturers
website.
7. For CRT monitors, choose a flicker-free refresh rate.
LCD and CRT monitor settings range from the simplest, that is, brightness,
contrast, colour and factory default reset, to more sophisticated adjustments.
Most adjustments to the monitor take place when installing it. All monitors
have an On/Off button and have an on-board menu system, allowing you to
make changes to the monitors image and screen.
Every manufacturer provides a different way to get to the monitors menu, but
they all provide two main functions: physical screen adjustment (bigger,
smaller, move left, right, up, down and more) and colour adjustment (for
adjusting the red, green and blue levels). Make sure the user using the
monitor understands how to adjust these settings. Both the monitor buttons
and display tools in the OS provide you with the opportunity to fine-tune the
monitors image.
For CRT monitors only, you can use the buttons on the monitor to change the
size and horizontal and vertical position of the screen, adjust the orientation of
the screen, make edges straight, cancel wavy lines, adjust coloured shadows
around text and lines, and degauss to reduce magnetic fields created around
the monitor which can make the image slightly fuzzy. Do not degauss a
monitor more than twice within a 20 30 minute period.
Page 175 of 1229
Monitor menu
Monitor buttons
Figure 3.90 A monitors buttons and on-board menu
3.18.1 Multiple displays

A computer or laptop can be set up to use two or more monitors and
projectors. Multiple displays (multi monitors or dual monitors) work
together like two halves of one large display, or the second display might
simply show a duplicate of what is happening on the first one. There are two
ways of setting up multiple displays: plug in two or more graphics cards or use
a single card that supports multiple video ports.
Figure 3.91 Multiple monitors
3.19 Sound devices

Sound is created by vibrations (analogue waves that travel through the air or
another medium that you can hear when they vibrate in your ears). To
correctly set up sound, you need to understand the sound process and sound
components.
Page 176 of 1229
In the industry, the term capture is used interchangeably with record, and
the term output with play or playback.
Note
The term sound card used in this section refers to both the card and
on-board adapter.
3.19.1 Sound cards

A sound card can record sound, save it to a file and play it back. Modern
motherboards come with built-in sound processing and you can buy a sound
card that plugs into an expansion slot or USB port.
Figure 3.92 Sound card

Almost every modern computer comes with important components for
capturing and outputting sound: a sound card, ports for plugging in speakers
or headphones for outputting sounds, and a microphone for inputting sounds
with playback software for playing sounds.
A sound card has a digital signal processor (DSP) chip that translates
commands and handles communication between the application, OS and CPU.
The DSP has a digital-to-analogue converter (DAC) that converts digital
data into analogue sound signals for sound output and an analogue-todigital converter (ADC) that converts analogue sound waves to digital
signals for the CPU to process.
Figure 3.93 DSP chip
Page 177 of 1229
Sound cards follow standards. Standards for lower end cards support a limited
set of features, such as playback and recording capabilities for office
computers. Standards for mid-to-higher end cards support more features such
as surround sound and sending multiple streams of sound from one
computer to different output devices.
Surround sound: Surround sound involves using multiple speakers and
maybe other sound equipment that are arranged in a way that surrounds the
listener to create a cinematic sound experience.
3.19.2 Sound APIs

Game developers use 3D sound for their games. To communicate with
applications and with the rest of the computer, a sound card uses software.
This software includes the cards driver, enabling the card to communicate to
the OS and APIs, which sit between applications and hardware, and are used
by the OS to communicate to hardware in a more direct way than normal
drivers do. For instance, APIs are numerous commands that issue instructions
such as play a sound on the left speaker. The hardware manufacturers
simply have to ensure their sound cards are compatible with the APIs such as
DirectX, Open AL and Environmental Audio Extensions (EAX).
3.19.3 Recording sounds and the nature of sound

Computers capture analogue sound waves in electronic format through a
process called sampling. Sampling means capturing the state or quality of a
particular sound wave at a set number of times per second. The sampler
divides the wave into a number of slices per second called the sampling rate
(measured in thousands of cycles per second or kilohertz [KHz]) and captures
bits of information about each slice called resolution (measured in bits or bit
depth). The more often sound is sampled, the better sound is reproduced; and
the more bits of information about each slice is used to capture a sample, the
more characteristics of that sound can be stored and re-created.
The three basic sound properties are:
Amplitude determines the sound's volume (or the height of the wave) and
depends on the strength of the vibrations creating the sound. The loudness
of sounds is measured in decibels (db).
Frequency is the number of waves that pass a certain point in each
second to create sound, measured in the number of Hertz (Hz) or cycles
per second. One cycle is a complete vibration back and forth.
Timbre is the quality and texture that makes a particular sound different
from another, even when two sounds have the same amplitude and
frequency.
Note
The amplitude, frequency and timbre of a particular sound wave need

to be captured and translated into 1s and 0s to reproduce the sound
accurately within the computer and out to the speakers.
Page 178 of 1229
Another important sound card characteristic is polyphony, which refers to the

cards ability to process and output multiple voices (independent sounds) at
the same time. The last aspect of sound capture is the number of channels of
sound you capture. A channel is a communication pathway used for recording
and playback. Most commonly, you can capture either a single channel (mono
or monaural) or two channels (stereo or stereophonic), although more
advanced captures record many more channels.
Mono recording uses one sound channel and has one or more speakers
that output the exact same sound.
Stereo recordings use multiple sound channels, allowing multiple
speakers to output different sounds.
3.19.3.1 Sound quality

Sound recordings, no matter how they are created, will have some amount of
noise (unwanted sound, from clicks to a door slamming to someone coughing
and so on). Distortion is similar to noise, but noise is something that is
introduced to a signal from outside whereas distortion is something that
changes the actual signal.
The quality of a sound is often measured by three criteria:
Frequency response is the volume that can be created at different
frequencies.
Signal-to-Noise Ratio (SNR) determines how strong a signal is compared
to the noise created by the sound cards circuitry and cabling, measured in
decibels (dB). An SNR of 90 dB or higher is considered good (less noise).
Total Harmonic Distortion (THD) is a measure of accurate sound
production. Distortion is the difference between the sound sent to the
output device and the sound you hear, measured in percentages. The
smaller the percentage of distortion, the clearer the sound.
Figure 3.94 shows a sound card that is rated to have a good SNR and excellent
THD.
Figure 3.94 Sound card with SNR and THD ratings
Page 179 of 1229
Note
When recording sound, place the sound card in the slot furthest away
from the power supply and CPU. Also place the graphics card as far
away from the sound card as possible to prevent interference with
analogue inputs.
3.19.4 Recorded audio formats and codecs

After audio is recorded and digitised, sound cards must store the files in an
uncompressed file format such as WAV (Waveform Audio Format) or
compressed format such as a WMA (Windows Media Audio) or MP3 (Moving
Picture Experts Group Layer 3 Audio) file format. Not all music players can play
all of these formats, that is, many formats are nothing more than some type of
compressed file. With the correct audio codec installed, you should be able to
play almost all audio formats.
Codec: Stands for encoder/decoder (or compressor/de-compressor), a
codec is a program that compresses (packages audio data into a smaller file)
or decompresses (unpacks the smaller file into the original file) according to
an audio file format or streaming media audio format. A codec is used to
compress both audio and video files when they are saved and the same
codec decompresses the files when they are played back. The more a file is
compressed, the more data from the original is thrown away.
Video files use standard audio codecs for audio tracks, such as WAV or MP3,
but vary in the type of video codecs used. Just as with audio codecs, video
codecs take a video stream and compress it. When both video and audio
streams of a video file are compressed, the file is placed into some sort of file
or wrapper.
When compressing an audio file, the key decision is the bit rate. The bit rate
is the amount of data bits transferred from the compressed file to the decoder
in a second. The higher the bit rate of an audio file, the better the sound
quality. The bit rate of sound files is commonly measured in thousands of bits
per second (Kbps or kbits) and upwards.
Note
Some sound encoders support a range of bit rates.
3.19.4.1 Musical Instrument Digital Interface (MIDI)

MIDI is a set of standards that allow electronic musical instruments, such as
drum machines and synthesizers, to communicate with the computer. Figure
3.95 shows an electronic drum set that supports MIDI on the left and a MIDI
electronic keyboard on the right.
Page 180 of 1229
Figure 3.95 MIDI drum set (left) and keyboard (right)

MIDI files describe and store individual musical notes played by an instrument
used in making music, such as a guitar or piano. Many sound cards play MIDI
files and most electronic instruments have MIDI ports. A MIDI port is a 5-pin
DIN port.
Note
MIDI-to-USB adapters are available if the computer does not support

MIDI.
Hardware and software is available that allows you to record sounds to storage
and create an entirely digital sound with special software. MIDI devices, also
known as MIDI controllers, come in several form factors. Some use a grid or
row of buttons while others light up. The audio software should include options
and instructions for configuring the MIDI device, but for many applications, you
can just plug it in and start playing. Most modern MIDI controllers use USB.
3.19.5 Supporting speakers and headphones

Speakers and headphones provide playback functionality, outputting sounds
from the computer. Quality sound depends on quality speakers. Speakers
come in a wide variety of sizes, shapes, technologies and quality, and in
different formats: digital and analogue speakers are available as well as
speakers that support both analogue and digital inputs. Speakers offer a
variety of power sources, controls and headphone jacks. Many speakers have
volume controls as well as an on/off switch.
Another speaker addition is a subwoofer. It provides low-frequency bass
sounds that give an extra dimension to the sound in movies, music and games.
Most modern sound cards support both surround sound and a subwoofer.
Speakers are rated by frequency response (the range of high and low
sounds the speaker can create), total harmonic distortion (the amount of
distortion created by amplifying the signal) and watts (the amount of
amplification available to power the speakers).
Headphones are an alternative option to a set of speakers. They provide
privacy and allow you to play sounds loud without disturbing other people.
Page 181 of 1229
Figure 3.96 Headphones
3.19.5.1 Speaker standards

There are a number of different standards for speakers. Knowing these
standards will help you choose speakers that work best for your customers.
Stereo is the oldest computer speaker technology. It has a left and a right
speaker that share a single jack that plugs into the sound card.
2.1 speaker system has a pair of stereo speakers - called satellites - that
come with a subwoofer. 2.1 speaker systems have a single jack that on one
end plugs into the sound card, and on the other end into the subwoofer,
with another wire running from the subwoofer to two speakers. This is a
good, non-surround sound speaker setup. The number on the left is the
total number of speakers and the number on the right is the total number of
subwoofers. For example, 2.1 means the system has two speakers and one
subwoofer (bass).
Dolby Digital or Digital Theatre System (DTS) is designed to support
five channels (speaker setup): front-left, front-right, front-centre, back-left
and back-right, and it also supports a subwoofer.
Dolby Digital Plus or DTS-HD has two extra side speakers.
Figure 3.97 shows a stereo speaker system (left) and a surround sound
speaker system (right).
Figure 3.97 Stereo speaker system and surround sound speaker

system
Page 182 of 1229
Tip
Before buying a speaker system, be sure to do your research and go

through some professional reviews online to see what others think
about the speakers you are considering buying for a customer.
3.19.6 Sound jacks

Figure 3.98 shows common sound jacks on a sound card.
Figure 3.98 Common sound card jacks

Note
The number of sound ports depends on the sound standards the card
or motherboard supports.
3.19.7 Microphones
If you want to record your own sounds or use a system that recognises your
voice, you will need to plug a microphone into the sound card to input sounds
into the computer. To record sound, a microphone detects vibrations and turns
them into an electronic signal. Microphones plug into the inch jack (which
has a pink ring or microphone icon) on the sound card. To install a
microphone, you plug it into the port and configure and test it in the Sound
applet in the Control Panel on a Windows computer. Figure 3.99 shows two
types of microphones available for computers.
Figure 3.99 Computer microphones
Page 183 of 1229
3.19.8 Installing sound

The choices for sound hardware on modern computers are a separate sound
card or on-board sound. The installation process consists of three major parts:
physical installation, driver installation and configuration.
Physically installing the card is easy. On-board sound is already installed, so all
you need to do is verify that sound is enabled in the CMOS Setup program and
then install the driver for it. You might be able to download audio drivers for
the chipset from the motherboard manufacturers website.
The installation for most sound cards is the same as for any other expansion
card, although you can find USB versions too. After installing the card, you
must determine where to plug in the speakers, microphone and so on. The
surround sound systems have a variety of jacks, so you will probably want to
read the sound cards documentation for more details.
Here are the general steps to install the sound card:
Note

1. Shut down the computer, unplug all cables and open the case. Take ESD
precautions.
2. Remove the sound card from its anti-ESD bag, handling it by its edges and
metal bracket.
3. Find an open PCIe slot and plug in the sound card.
4. Make sure the card is securely seated and secure it to the chassis with a
screw.
5. Close the case, connect the cables and boot the computer.
6. Once the sound card is installed, let Windows install its drivers. This applies
to expansion cards and on-board sound. You now have a choice between
the built-in OS drivers and the driver that comes on an optical disc with the
card. Take a moment to check the manufacturers website to see whether
the sound card has any driver updates and install those drivers.
7. If no driver updates are available, like any other expansion card, it is always
best to install the driver that comes with the card.
8. All sound devices have a setup program that guides you through the
installation process.
You might run into a USB sound card in which case the installation process is
reversed. Install the drivers before you plug in the USB device. Windows
probably has basic drivers for USB sound cards, but do not risk this; always
install the drivers first.
Page 184 of 1229
Figure 3.100 USB sound card

9. After installing the sound card and its driver, go to Device Manager and
make sure the driver is installed correctly. Installing the driver is never the
last step for a sound card.
10. The last step is to plug in speakers and a microphone, and then configure
and test the sound card.
3.19.9 Speech recognition and sound recording

Speech recognition or voice recognition allows the computer or mobile
device to recognise spoken words and other sounds. Just by talking, you can
control your computer by opening and closing applications, selecting options
from a menu, and moving the on screen pointer, for instance. Your voice can
also be used to enter and edit text.
To do this, you need hardware, such as a microphone and speakers or a
headset (with a microphone), and speech recognition software, which might
come with the OS, such as the Windows Speech Recognition feature built
into Windows. You can access it by typing Windows Speech Recognition in
the Search box of the Start menu and clicking on Windows Speech
Recognition (or by clicking Start > All Programs > Accessories > Ease of
Access > Windows Speech Recognition). See Figure 3.101.
Figure 3.101 Using my voice to perform tasks in Windows

Voice recognition is increasingly added to mobile phones with software like Siri
and S-Voice, tracking systems and other mobile devices. Figure 3.102 shows
Siri (left) and S-Voice (right)
Page 185 of 1229
Figure 3.102 Voice recognition software on mobile devices

Sound recording software is used to record sounds and store them in an
audio file, such as to create a podcast. A podcast is a recorded audio file that
is sent out over the Internet. The recording software might come with the OS
or you can download or buy it separately. You can open the sound recorder in
Windows by typing sound recorder in the Start menus Search box and
clicking on Sound Recorder in the program list that appears (or by clicking on
Start > All Programs > Accessories > Sound Recorder). See Figure
3.103. Just have a microphone ready!
Figure 3.103 Windows Sound Recorder
3.20 Multimedia input devices

In the next section, you will explore a number of multimedia input devices that
you can connect to your computer.
3.20.1 TV tuners and video capture devices

A TV tuner allows you to watch TV on your computer, while others allow you
to listen to the radio and watch High Definition (HD) TV. TV tuner cards
come in analogue, digital and hybrid (both analogue and digital) varieties. Most
TV tuners also work as video capture cards, allowing you to record TV
programs and save them onto a hard drive much like the digital video
recorder (DVR) does. Captured video can be saved as video clips and edited
with the right software. Some cards have two tuners, one to watch a TV
program and another to record a TV program. A high-end TV tuner/video
capture card might also work as a graphics card. Also, some motherboards and
laptops have on-board TV tuners and video captures.
Page 186 of 1229
Figure 3.104 A USB TV tuner with an antenna and remote control

You need the following to receive TV signals:
Tuner device an internal PCIe expansion card or external USB or FireWire

device.
Antenna or cable TV tuners generally connect to a set-top box used for
cable/satellite/digital TV using an S-Video connector or with a wireless
antenna using a coaxial connector. Some cards come with a built-in wireless
reception antenna.
A tuning application you need to install a specific application, such as
Windows Media Center or applications to watch TV. Tuner card vendors
bundle third party applications with their cards.
Optional subscription if you are not getting free-to-air TV services, you
will most likely need to get a subscription from a TV provider.
Figure 3.105 A TV tuner card with a remote control
3.20.2 Digital cameras

A digital camera (or digicam) takes videos and still photos by recording and
saving them on internal non-removable memory or on removable digital
media (such as a memory card). Both types of memory store data without
power and the removable cards can hold up to many gigabytes of data.
The digital camera shown in Figure 3.106 is loosely called a smart camera.
Page 187 of 1229
It comes with a mobile OS that combines the functionality of a digital camera

with a portable media player, and allows you to perform tasks such as take
photos with its HD camera, download applications from online app stores,
check emails and browse the Web.
Figure 3.106 A digital camera with touch screen functionality
3.20.2.1 Connections
Modern digital cameras plug directly into a USB port. Another option is
connecting the cameras removable digital media to the computer using one of
the many digital media readers available. Many printers have memory card
slots and support direct printing from a camera without going through a
computer.
3.20.2.2 Camera quality, size and features
Apart from being measured by its lens system, image sensor size (the image
sensor chip captures and converts light into electrical charges one pixel at a
time, and additional circuitry in the camera converts the charges into digital
information), shutter speed (the time the shutter stays open when capturing a
picture) and features, a digital camera is advertised by its resolution,
measured in millions of pixels (megapixels or MP). The more megapixels
recorded in the photo being taken, the more detail is shown in that photo. The
resolution also affects how large the image can become before it becomes
blurry.
Sizes of digital cameras range from small, ultra-compact models to large
models. Modern cameras have an LCD screen for previewing shots, and
viewing and scrolling through photos and for setting up slideshows.
Another camera feature is the capability to zoom in (to get a closer view of
faraway objects) and zoom out. Digital cameras have their focal lengths (the
range through which the optics in the lens can move) measured in millimetres
(mm). You will also see cameras advertised with a zoom rating (x), which is
the difference between the smallest and biggest magnification measurements
of the lens. Most mid-to-high end camera models have an optical zoom
meaning the zoom is built into an adjustable lens but almost all models
include multiple levels of digital zoom, accomplished by software in the
camera.
Page 188 of 1229
Another camera feature that is good to know is the flash. The cameras flash
provides a brief intense light to allow a photo to be captured when it would
otherwise be too dark to take it.
3.20.2.3 Compression
Image files can be large and larger file types require the computer to have
more storage space to store them. Compression is a term used to describe
methods of making a file smaller in size. Compression schemes can be:
Lossy involves losing some image data and image quality when
compressing a file that will not be that noticeable when looking at the
compressed image. However, you will not be able to get the original file
back after it has been compressed. Many digital cameras convert photos to
the lossy compressed JPEG (Joint Photographic Experts Group) format.
MP3s also use lossy compression.
Lossless involves reducing the file with no loss of image data and image
quality. Lossless basically rewrites the original files data in a more efficient
way. Some entry level and professional cameras can typically record
uncompressed (RAW) data.
Tip
Files compressed with lossless compression are bigger in size than files
compressed with lossy compression.
3.20.2.4 Camera installation

Follow these general steps to connect a digital camera and its memory card to
the computer:
Note

1. Connect the cameras USB cable to the cameras USB port and the other
end to the computers USB port.
Note
You might need to first install software before connecting the camera
to the computer or you might need to connect the camera and then
install software afterwards. Read the cameras documentation for
installation guidelines.
2. Turn the camera on.

3. If the camera is not recognised, install the drivers for the camera.
Note
Some digital cameras appear in the Windows Explorer file manager

program with a driver letter assigned to identify them from other
drives on the system. If the camera is assigned a drive letter, you can
copy, move and delete image files just as you would do with any
storage device.
Page 189 of 1229
4. Alternatively, if images are stored on a memory card inserted into the

camera, remove the card and then insert it into a memory card slot on the
computer. If the computers slot is not compatible with the type of card you
have, you can perhaps buy an adapter that allows a smaller card to fit into
a bigger slot or buy a media reader that provides a slot for the type of card
you have.
5. When the memory card is recognised by Windows, it is usually assigned a
drive letter which you can double-click on to manage the cards image files.
6. Optionally, after loading the images on the computer, you can use the
cameras image editing software or other software to edit the images.
3.20.3 Webcams
A webcam (or web camera) records digital video and takes still images using
an image sensor. It is most commonly used for video conferencing, security or
live chat situations. Some of the features you can find on modern webcams
include high definition video recording, autofocus and zoom capabilities with a
built-in microphone for video calling.
Figure 3.107 Webcam

Some factors to consider when buying a webcam include:
Image quality webcams measure their resolution in pixels. There are

webcams with resolutions that range from hundreds of thousands of pixels
(under a megapixel) to millions of pixels (megapixels).
Frame rate the number of times the webcam takes a picture each
second. Higher frame rates produce smoother video.
Modern webcam technology can digitally recognise and track your face with
little or no training to keep your face in the picture. This technology
recognises when you are sitting in front of the camera, homes in on your face
and begins automatically tracking your face as you move around.
3.20.3.1 Webcam connectivity and installation
Most webcams use USB connections and many laptops have built-in webcams.
Since Windows only comes with a limited set of webcam drivers, it is best to
install the drivers supplied with the webcam. Check the cameras
documentation for the correct installation procedure.
Page 190 of 1229
After the driver is installed and the webcam is plugged in, you need to
configure and test it. All webcams come with an application to configure its
properties, which might be in the notification area on the taskbar, or in
Computer or the Control Panel.
A challenge for technicians is getting the webcam application to recognise
there is a webcam plugged in and configured for use. Every application does
this differently, but the steps are generally the same (with exceptions):
1. Tell the application you want to use the webcam.
2. Tell the application whether you want the webcam to turn on automatically
when you chat.
3. Configure the image quality of the webcam.
4. Test the webcam.
3.20.4 Camcorders
A camcorder is a video and sound recording device that you hold in your hand
for that purpose. Modern camcorders support HD recording and have built-in
hard drives, and some include two lenses to capture 3D videos. Digital
camcorders typically use USB or FireWire connections. Figure 3.108 shows a
picture of a Blu-ray disc camcorder.
Figure 3.108 Camcorder
Complete the following exercises in the GTS A+ Certificate 801

o Lab 3: Identifying Computer Ports (p.11)
o Lab 4: Connecting Peripheral Devices (p.12)
Page 191 of 1229
Unit 4 Storage, Memory and Processing
Explain how a hard drive works and list factors that affect its
performance.
Choose a hard drive and remove, install and configure the
various types of hard drive, including PATA, SATA and SCSI.
Describe how to protect data with RAID and how RAID
systems are configured.
Explain how CD/DVD/Blu-ray optical drives work, and
describe the capabilities and uses of the various optical
media.
Remove, install and configure optical drives.
Explain how flash memory, tape and floppy drives work and
describe the capabilities and uses of these devices.
Remove, install and configure tape drives and flash memory.
Identify the different types of memory for computers,
including SDRAM, RDRAM and DDR and their characteristics.
Explain how memory is packaged for different technologies.
Describe the characteristics of different memory types and
ways of installing memory, including chips, banks, singleand double-sided, dual channel, error correction and
registered memory.
Remove, install, upgrade and manage memory.
Explain how CPUs work.
Identify the CPU models created by the major CPU
manufacturers.
Describe key CPU features including multiprocessing, core,
instruction set, cache, clock speed, overclocking, power
management and virtualisation.
Identify which CPU is compatible with which socket.
Explain how CPUs are packaged and how packaging
determines their connection to the motherboard.
Identify the components that cool the entire computer.
Remove, install and upgrade CPUs.

Module 2 Unit 1, 2, 3 and 4 (p.87-146)

Review Questions:
o Mass Storage Devices (p.106)
o Removable Storage Devices (p.115)
o System Memory (p.127)
o Processors (p.147)
Page 192 of 1229

(G183eng):
o Lab 5: Adding Storage Devices (p.15-17)
o Lab 6: Upgrading Memory (p.18-20)
o Lab 11: Removing and Installing FRUs (p.30-32)
4.1 Storage devices

When not in use, programs and data are stored in a mass storage device.
Mass storage devices use magnetic, solid state or optical technology to
store data. Removable or external mass storage devices allow users to
transfer data between devices for backing up data or archiving data for longterm storage. Removable media refer to any type of mass storage unit that
users may use in one device and then use in another device. Removable media
are used for transferring, archiving and copying data, and for distributing
software.
4.1.1 Hard drives

A hard disk drive (HDD), known as a hard disk, hard drive or physical
disk, stores the OS, application files, user data and data shared over a
network. The drive stores data until it is deleted or becomes corrupted or
destroyed. Internal hard drives are installed inside the computer chassis with
no outside access, while external and removable hard drives sit outside and
plug into the appropriate port.
4.1.1.1 Hard drive anatomy and operation
A hard drive has the following physical components:
Platters: Magnetically coated glass or metal disks stacked on top of each

other on a spindle that spin together at high speeds. Platters store data.
Read/write head: Used to transfer data to and from the platter. A hard
drive will have two read/write heads for each platter (one for the top and
one for the bottom). A drive with two platters, for example, will have four
read/write heads. The read/write heads float on a pocket of air without
touching the platter. If the heads were to touch the platter, it would cause a
head crash, damaging the platters or the read/write heads and corrupting
data.
Actuator arm and axis: The arm is used to move the read/write heads
over the surface of the platter. The arm is moved back and forth by turning
around the actuator axis.
Actuator: A motor that moves the arm.
All the parts are in a sealed casing to keep out dirt, dust and outside air that
can affect the distance between the heads and platters.
Page 193 of 1229
Figure 4.1 Inside a hard drive

Note
Hard drives should not have their casing removed.
Drive layout and geometry

To find information on these platters, drives are divided into a number of
logical components called tracks, sectors, clusters and cylinders:
Tracks: The surface of each platter is logically divided into tracks, which
are circles on one side of the platter. When the head is positioned over a
track, it can read or write data on the track as the platter spins. Tracks are
numbered, starting with the outer most track which is called track 0. All
platters have the same number of tracks, but the number is different from
one hard drive model to another.
Sectors: Tracks are logically separated into slices called sectors. A sector
can be between 512 bytes and 4 KB in size and is the smallest unit of
storage on a platter.
Clusters: A cluster is a group of multiple sectors. Files are written to
clusters.
Cylinders: One corresponding track on all surfaces of all platters is called a
cylinder. For example, cylinder 0 is made up of all track 0s on all platters
inside the hard drive; cylinder 1 is made up of all track 1s on all platters
and so on.
Figure 4.2 shows the sector, cluster, track and cylinder format of a hard drive.
Page 194 of 1229
Figure 4.2 Hard drive geometry

During normal operation, the platters spin at a constant rate. When data needs
to be read or written, the actuator moves the actuator arm to position the
head over a specific track. It waits for the target cluster to arrive under the
head, and then it reads or writes the data.
The basic hard drive geometry is made up of three values: the number of
sectors that each track contains, the number of read/write heads and the
number of cylinders in the assembly. These define where the hard drive can
store data.
Drive preparation or low-level formatting done by the manufacturer at the
factory involves marking the surface of the disk with the positions of tracks
and sectors and other information. Cylinders, heads and sectors/tracks
(CHS) values are important because the BIOS must know the drives
geometry to be able to communicate with it. Every hard drive stores CHS
information in an electronic format that allows the BIOS to ask the drive
automatically to find these values.
Connectors
All internal hard drives have a data and power connector. The data connector
attaches to the motherboard or expansion card. The power connector attaches
to the PSU. Hard drives come in two main sizes or form factors: 3.5 inch for
computers and 2.5 inch for laptops and portable external drives.
The next few sections will help you understand what makes one brand of hard
drive different from another so that you can best choose and buy a hard drive
for a customer.
4.1.1.2 Choosing hard drives
When choosing a hard drive, keep in mind that there are many standards. To
get the best performance, the BIOS or firmware on the hard drive controller
card must use the same standard used by the drive. To find out what
standards are supported, refer to the documentation for the motherboard or
card.
Page 195 of 1229
Consider the following when looking to buy a new hard drive:

Capacity
Performance
Interface standard
Reliability
Cost
Capacity
Modern hard drives can store anywhere from hundreds of gigabytes (GB) to
multiple terabytes (TB) of data. An average computer has one or two hard
drives, although most computers accept more. Network servers have many to
store large amounts of data.
Figure 4.3 Size printed on drive

Note
Remember the more data you store on the drive, the more disk space
is used up so disk capacity is important when choosing a hard drive.
With auto-detection, the BIOS detects the new drive and automatically
chooses the correct drive capacity and configuration.
Performance
Disk performance can be measured in terms of some (or all) of the following
important characteristics:
Spindle speed is how fast the disk platters spin, measured in revolutions
per minute (rpm). Modern hard drives are rated in thousands of rpms.
The higher the rpm, the faster the drive and the more data can pass
through the read/write heads.
Seek time is the average amount of time it takes to move the read/write
head from one track to another, measured in milliseconds (ms). For
example, if the read/write heads are on track 1, it will take them longer to
move to track 12 than to track 3. The lower the better.
Page 196 of 1229
Latency is how long it takes the appropriate sector to move under the
read/write head, measured in milliseconds (ms).
Access time is how long it takes the read/write head to find a particular
position on the drive, measured in milliseconds (ms). Access time is a
combination of seek time and latency. The lower the access time, the
better.
Data transfer rate covers both the internal transfer rate (how fast
read/write operations are performed on platters) and external transfer
rate (how fast data can be moved to the CPU across the bus). Transfer
rates on modern drives are rated in MBps and GBps.
Note
The hard drives internal buffer or cache can help achieve better
transfer rates, improving the time it takes to read and write data, and
can range in different megabyte sizes. Larger buffer sizes provide
better performance.
Interface standards
Match the drive to the standards supported by the motherboard. Examples
include PATA and SATA for internal drives and eSATA, FireWire and USB for
external drives.
Reliability
When you shop for a drive, you might notice a statistic (or metric) called the
mean time between failures (MTBF) or early-life failure rate listed in the
drive specifications. This metric tells you the number of hours that a device
should work in the best possible conditions before a serious incident occurs.
For an individual drive, these statistics do not accurately predict reliability.
However, if you are a manager thinking of buying thousands of drives each
year or a vendor building and supporting thousands of systems, it might be
worth your while to look at the MTBF values and study the methods that each
vendor uses to calculate them.
Tip
The key point to remember when looking at any MTBF value is that it
is meant to be an average, based on testing done on many hard
drives over a period of time.
Another statistic to look out for is life expectancy, which is how long the
device can be expected to stay reliable and usable.
Self-Monitoring, Analysis and Reporting Technology (SMART) is a
feature built into modern hard drives that monitors performance, disk spin up
time, temperature, distance between the head and platter, and other
mechanical activities to help predict when the drive is likely to fail. If SMART
suspects that the drive is going to fail, it creates a status report so that
monitoring software can notify you of the problem that is likely to happen,
perhaps allowing you time to back up data before any real problem does occur.
Page 197 of 1229
Most hard drive manufacturers have a free diagnostic program (which usually
works only for their drives) that will do a SMART check along with other drive
tests. Figure 4.4 shows two hard drive diagnostic programs that report on the
condition of internal and external hard drives.
Figure 4.4 Hard drive diagnostic programs
4.1.1.3 Solid state technology and hybrid drives

Solid state technology and devices use semiconductors, transistors and flash
memory to create electrical components with no moving parts. Flash memory
is a non-volatile electronic, electrically erasable, programmable, read-only
memory (EEPROM) technology that can be electrically erased and
reprogrammed (re-written).
Solid-state technology is commonly used in desktop and laptop hard drives,

memory cards, cameras, USB flash drives and other handheld devices.
SSD form factors are typically 1.8-inch, 2.5-inch or 3.5-inch in size.
SSDs can be PATA, SATA, eSATA, SCSI, PCIe and USB for desktop
computers. Some portable computers have mini-PCIe versions.
Figure 4.5 PCIe SSD

Solid-state drives (SSDs) are storage drives that use non-volatile flash
memory to keep their data when power is turned off.
Page 198 of 1229
Because SSDs have flash memory chips and no moving parts (instead of
spinning platters), they create less heat and are reliable, quiet and less likely
to fail or lose data when there is a power failure or vibrations compared with
magnetic hard drives. However, they perform worse when writing data to the
drive and storing large gigabyte files.
SSDs are installed in laptops and desktop computers as internal and external
devices. They are being used to both replace hard drives as a faster way of
storing data and in other areas where hard drive storage is not always possible
or practical, such in high temperature and high humidity environments. Figure
4.6 shows an illustration of an internal SSD hard drive for a computer.
Figure 4.6 Internal SSD drive

Hybrid hard drives (HDDs) consist of a magnetic hard drive with flash
memory to provide fast and reliable storage while using less power and
creating less heat. Data that is used often can be temporarily stored or cached
in flash memory so that the magnetic disks do not have to be read as often.
This can extend the battery life of portable devices. Additionally, flash memory
allows encryption and other security measures to be built into the drive.
Magnetic hard drive
It has 2 hard disks and 4 read/write heads.
Flash memory cache

Stores a copy of data so that the data can be
accessed when the hard disks are not spinning.
Figure 4.7 Hybrid hard drive
Page 199 of 1229
4.1.2 Host bus adapter (HBA) and drive standards

A controller is the drives on-board circuitry that controls how the drive works
and allows it to put data on the data bus. The data includes instructions for
where to find and how to get to data.
Note
When the BIOS communicates with a drive, it communicates to the

controller built into the drive, not the connection on the motherboard.
Therefore, do take note that the real controller is on the drive.
The host bus adapter or host adapter is the connection point between hard
drives, optical drives and tape drives and the motherboard, allowing data to be
moved to the CPU and RAM. Most motherboards have the host adapter built
into their circuitry, which connects to headers where you plug in the drives
data cable.
A hard drive must have a set of rules to work properly. These rules make up a
standard called an interface that oversees how the drive works with the
system. Standards tell you the number of heads on the drive, what commands
the drive responds to, the cables and connectors used with the drive, the
number of drives supported and so on. There are two main bus standards for
attaching drives to the computer:
Advanced Technology Attachment (ATA) also known as integrated

drive electronics (IDE). ATA is commonly used in home and office
computers and network servers. There are two types of ATA older PATA
(Parallel ATA) and newer SATA (Serial ATA).
Small Computer System Interface (SCSI) Most commonly found in
network servers.
4.1.2.1 Understanding and installing PATA drives

Also referred to as Integrated Drive Electronics (IDE) or Extended IDE
(EIDE), PATA is an older IDE type that transfers data in parallel that is,
multiple bits are sent over multiple paths. With PATA, multiple drives can
attach to the same bus and share that bus. PATA is used for internal drives
such as hard, tape, zip and optical drives. Modern motherboards have one
PATA IDE header (although some have two or more).
The IDE headers are known as the primary or primary IDE channel (IDE1),
secondary or secondary IDE channel (IDE 2) and if there is a third header,
tertiary channel (IDE 3). Every PATA header (or channel) can have up to
two drives (0 and 1 or master and slave) connected. There are multiple PATA
standards, each supporting different MBps speeds. Figure 4.8 shows the back
of an IDE drive.
Page 200 of 1229
Connector for 40-pin 80-wire

ribbon cable
Jumper for
Master/Slave
Molex Power
Connector
Figure 4.8 Back of IDE drive

Under PATA, two types of ribbon cables can be used for data. Each ribbon
cable typically has three connectors one at both ends of the cable and one
close to the middle. Two connectors can be plugged into drives, while the other
is plugged into the motherboard header. This means that one ribbon cable can
have no more than two drives. The motherboard headers and the drive
connectors are 40-pin connectors to which you can connect either the older
40-wire or the newer 80-wire ribbon cable. Newer IDE cables are all 80-wire;
however, they look identical to the 40-wire versions, except for the blue
connector on one end that you find on many 80-wire cables. The 80-wire cable
has three connectors:
One for the motherboard header (often blue).

One for the master drive (often black).
A connector in the middle of the cable for the slave drive (often grey).
The maximum cable length for both cables is 46 cm (18). You will also find a
44-pin connector for attachment to smaller 2.5 inch drives. Figure 4.9 shows
an 80-wire PATA ribbon cable.
Figure 4.9 An 80-wire PATA ribbon cable
Page 201 of 1229
Along the one side of the ribbon cable is a colour-coded stripe which tells you
the wire on that side is attached to Pin 1 on each connector. The cable has a
key to ensure that you do not plug it incorrectly into each drive and the
motherboard. Figure 4.10 shows Pin 1 on the connector, the red stripe (wire 1)
and the key on the cable.
Wire 1
red stripe
Pin 1
Key
Figure 4.10 IDE ribbon cable and connector

Pin 1 should be aligned with Pin 1 on each drive and Pin 1 on the motherboard
header. Figure 4.11 shows how to connect an IDE cable to two drives and to
the motherboard.
Pin 1
Drive
Pin 1
Drive
Coloured
stripe aligns
with each
Pin 1
Pin 1
Motherboard
IDE header
on
motherboard
Figure 4.11 IDE cable, drive and motherboard orientation

Because a single ribbon cable can only connect to two drives and because each
drive has its own controller, there is no main controller that decides which
drive is currently communicating with the motherboard.
Page 202 of 1229
Fortunately, IDE uses a master and slave configuration that allows the
master controller on the one drive to tell the slave controller on the other drive
when it can transfer data to and from the motherboard.
This way, each drive knows when it can send and receive data and when the
other one is transferring data. Each channel can have a master and a slave
drive. To tell the difference between the drives, use the channel name followed
by the words master or slave. For example, if two hard drives are installed on
the primary channel, they are called primary master and primary slave.
The master and slave setting can be configured by setting a jumper in between
the power and data connectors on the drive itself. You use a jumper (a clip
that covers two pins on the back of the drive) to set the drive to master or
slave, as shown in Figure 4.12. The top drive in Figure 4.11 should be made
the master and the bottom drive should be made the slave.
You will find the master (or primary) drive at the end of the ribbon cable: the
opposite end to the motherboard connector. The slave (or secondary) drive is
connected to the IDE cable in the middle, between the master drive and the
motherboard. Since data cannot go to and from each drive at the same time, it
is essential to make one drive the master and the other the slave.
Figure 4.12 A jumper on IDE drive

Drives that are set to slave and installed as the only drive on the IDE cable still
work properly. However, it is always best to check the settings of drives you
install.
There is another type of IDE data cable called cable-select that has
connectors that are colour coded to help you determine which device is master
and which one is slave (rather than setting jumpers on the drive itself). For
example, the connectors on a typical cable-select cable are colour coded as
follows:
Blue motherboard
Black master drive
Grey slave drive
The following criteria must be met in order to use the cable-select option:
1. A special IDE cable-select cable or the 80-conductor (40-pin) cable must be
used.
2. The host controller must support the cable-select option.
Page 203 of 1229
3. The attached drives must be set to the cable-select option.

Note
The connector on the cable-select cable might also have master and
slave labels on it.
Some other technologies that you need to understand in relation to PATA are:
Programmed input/output (PIO) is a traditional I/O addressing scheme

where the CPU communicates directly with the hard drive through the BIOS
to send and receive data. There are different modes for PIO, each
supporting different speeds.
Direct memory access (DMA) transfer mode allows data to be

transferred between the hard drive and RAM without going through the CPU
using DMA commands. There are different modes for DMA with the latest
mode called UDMA (ultra DMA). With UDMA the interface gains control of
the PCI bus under the direction of the motherboard chipset, a process
known as bus mastering. UDMA comes in different modes, which
represent different transfer speeds, with the latest UDMA mode supporting
133 MBps speeds. Most often when installing the drive, the BIOS auto
detects the drive and selects the fastest UDMA mode supported by the drive
and BIOS.
Advanced technology attachment packet interface (ATAPI) is an

additional ATA specification that allows CD/DVD and tape drives to connect
to an IDE channel by way of ATA controllers.
Logical block addressing (LBA) is an addressing scheme that tells the

drive how to address a particular location on the disk surface. Driver
software now handles drive addressing.
In this exercise you will learn how to install a PATA hard drive,
optical drive or SSD PATA drive. Do not touch any exposed
circuitry and chips on the drive. Handle the drive with care!
When it comes to installing and removing cables, hold the
cables connector rather than the cable. Always read the
documentation that comes with the drive, expansion card or
motherboard for configuration and installation information. You
can also search online for help. Lets look at the general steps
for installing a PATA drive:
1. Back up data on any existing drives.

2. Shut down the computer, unplug all external cables, open the case and
take ESD precautions.
Decide how to configure the drive:
3. You must decide which IDE connector to use, which type of cable to use
and whether two drives will share the same cable or have their own cable.
Page 204 of 1229
Set the jumpers on the drive:

4. There is usually a diagram or sticker on top of the hard drive that shows
you how to set the jumpers, as shown in the example chart in Figure 4.13.
Otherwise, refer to the drive manufacturers documentation. Table 4.1
explains three important jumper settings. The drives you are using might
have different jumper settings. You can use your fingers or needle nose
pliers to position the jumper on the drive. See Figure 4.14.
Table 4.1 Drive jumper settings
Jumper setting
Direction
Master or
single drive
The master drive is used to boot the computer. Use this

setting if the drive is the only drive on the cable (single)
or the drive is the master.
Drive is slave
This is the non-boot drive. Use this setting if the drive is

an additional drive on the cable and the original drive on
the same cable is set to master. To set a drive to slave,
connect the jumper vertically to the correct pair of pins
and connect the grey (middle) connector of the cable to
the drive.
Cable select
(CS)
Some drives have a cable-select configuration mode

that automatically sets the drive as master or slave
according to where you connect it to the IDE cable. This
might be marked on the drive as CS. If you choose this
configuration, you must use a cable-select cable.
Figure 4.13 Drive jumper example chart
Page 205 of 1229
Figure 4.14 Setting a drive jumper

5. If using a single cable for two drives, follow these recommendations:
When two drives connect to the same cable, the faster or bigger
capacity drive should be configured as master. Hard drives are normally
the fastest IDE drives. When only one master drive connects to an IDE
cable, connect the drive to the end connector (the one furthest away
from the motherboard) for best performance.
Avoid putting a hard drive and an optical drive on the same channel.
The optical drive uses a more complicated command set than the hard
drive and it can slow down the hard drive.
For optimum performance, connect the boot hard drive to the primary
IDE motherboard connector and configure it as master.
If a drive is the only one on the cable, set it to master or single.
Choose a drive bay:

Now that you have set the jumpers, the next step is to look at the drive bays:
6. Find an unused 3.5-inch hard drive bay or unused 5.25-inch optical drive
bay. Bays for hard drives do not need people to access them from outside
the case, while bays for optical drives need access from outside the case for
the insertion and removal of optical discs.
7. Choose which bay will hold the drive. Look at where the drive bays are and
the length of the data and power cables. Will the data cable reach the drive
bay and the motherboard connector? If not, choose another bay. Some
bays are fixed and others are removable, in which case remove the bay by
removing its screws or clips, install the drive in the bay, and then return
and secure the bay to the case.
Connect the PATA data cable to the drive:
8. Decide whether to connect the IDE data cable to the drive before or after
you install the drive into an appropriate drive bay, depending on how easy
it is to access the connections. Typically, the IDE data cable is connected to
the drive first and then the drive is fitted into the bay. If only one drive is
connected to the cable, attach the connector at the end of the cable to the
drive, not on the connector in the middle of the cable (see Figure 4.15).
Most drive connectors have a notch to help you adjust the cable.
Page 206 of 1229
Figure 4.15 Plug in IDE data cable into drive

9. Pin 1 on the cables connector should be aligned with Pin 1 on each drive.
Pin 1 is on the same side as the colour coded stripe (wire 1).
Tip
As a rule of thumb, you orientate Pin 1 on the ribbon cable closest to

the power connector on the drive.
Mount the drive in the bay:

10. Slide the drive into the appropriate bay with the drives connectors facing
the motherboard and the drives circuitry facing downwards:
Tip
For hard drives, you can slide the drive into the 3.5-inch bay from the
inside of the case.
For optical drives, this can be done by removing the front panel of the
case and/or the 5.25-inch drive slot cover from the case and then
sliding the drive from the front of the case into the 5.25-inch bay
opening. These slots are generally removed by pushing some tabs,
either on the inside or outside of the case, or by removing screws.
Make sure the front of the optical drive where the disc gets inserted is
lined up with the computers front panel.
Depending on the cases design, hard drives can be placed inside the
case vertically or horizontally.
Tighten the drive to the bay:

11. Slide the drive back and forth until the screw holes in the side of the bay
line up with the screw holes on the side of the drive.
12. Secure the one side of the drive with one or more short screw(s). Some
bays use rails to hold drives in position. If so, snap the ends of the rails
into place. Do not over tighten the screws.
Page 207 of 1229
Figure 4.16 Fasten drive to drive bay

13. Carefully, without disturbing the drive, turn the case over and secure the
the other side of the drive to the case with one or more short screws.
14. Carefully turn the case back over again and ensure the motherboard is
facing you.
If you did not install the IDE data cable earlier on, connect it to the drive now.
If you have only one drive connected to the cable, attach the connector at the
end of the cable to the drive; do not attach the connector in the middle of the
cable to the single drive.
Connect the power connector to the drive:
15. You can now plug the Molex 4-pin power connectors into each drive, as
shown in Figure 4.17. The power connector is keyed so it can only be
connected in one direction.
Figure 4.17 Plug in IDE power connector

Connect the data cable to the IDE header on the motherboard:
Some modern motherboards provide at least one IDE header for you to plug in
an IDE cable (see Figure 4.18). You can buy a PATA host bus adapter card for
a motherboard that does not have an IDE header.
Page 208 of 1229
Figure 4.18 IDE motherboard connectors

16. Connect the other end of the data ribbon cable to the IDE header on the
motherboard. Make sure that Pin 1 and the colour coded stripe on the
cable align correctly at both ends of the cable.
17. Check that all cables are secure. Make sure the cables do not stop air
moving around the inside of the case or stop fans working. You can use
cable ties to tie up cables in a neat and tidy way.
18. Close the case, connect all external cables to the computer and monitor.
19. After physically installing the drive, you need to check that the drive is
recognised by the BIOS. Turn the computer on and check to see if the
drive is listed on the BIOS screen. If it is not listed, enter the CMOS Setup
program by pressing the appropriate key/key sequence shown on the
BIOS Startup screen and see if the drives host adapter is enabled. Autodetection is a powerful and handy feature that takes almost all the work
out of configuring hard drives. When you boot up, BIOS queries the drives
through auto-detection and whatever drives BIOS sees, it shows up in
CMOS (as shown in Figure 4.19). In some older CMOS, you have to run a
special menu option called Auto-detect to see the drives in this screen.
There are places on the screen shown in Figure 4.19 for up to four PATA
drives, with only two (Primary IDE Master and Secondary IDE Master)
detected, thus indicating that there are two IDE channels, each one
having a master drive.
Page 209 of 1229
Figure 4.19 PATA drive recognition in CMOS Setup

20. If the drive is still is not recognised, recheck all connections and check
CMOS Setup again.
21. When the drive is recognised by the BIOS, you have to prepare it for use.
If you have to install an OS on the drive, you will need to partition it
first, which is the process of electronically subdividing the physical hard
drive into one or more storage areas. After partitioning, you then have to
format the drive. Formatting installs a file system onto the drive that
organises each partition so that the OS can store files and folders on it.
22. You can do these tasks using the OS installation disc or if an OS already
exists on the first bootable hard drive and you have installed a new
second hard drive, you can log into the OS and use it to partition and
format the new second drive.
4.1.2.2 Understanding and installing SATA drives
PATA drives dominated the industry for a long time but have been replaced by
Serial Advanced Technology Attachment (SATA) hard and optical drives.
SATA drives have a point-to-point dedicated connection to the CPU; each drive
has the entire connection bandwidth. SATA sends data in a serial format one
bit at a time using only one wire, which allows it to use longer, thinner and
more flexible cables that can be up to 1 m long. The cables have two 7-pin
connectors. Figure 4.20 shows the power and data cable connectors for a SATA
drive.
SATA drives do not have any master/slave, cable-select or termination
jumpers or settings. Each drive connects to one motherboard port. There is no
maximum number of drives many motherboards come with multiple SATA
ports where you can plug in the SATA drives.
Note
Both SATA hard drives and optical drives use the same data cable and
power connector.
Page 210 of 1229
There are various SATA standards with each one supporting a Gbps speed,
such as 6 Gbps. As of this writing, the latest SATA revision 3.2, called SATA
express, supports bus speeds up to 16 Gbps. This is not the drive speed, but
the bus speed. It uses SATA software over the PCIe bus to increase speeds.
SATA also supports hot swapping, allowing you to connect and disconnect the
drive while the computer is running.
Figure 4.20 SATA drive with power cable (left) and data cable (right)
Note
Drive speeds for SATA, like most other components, will increase over
time.
In this exercise you will learn how to install a SATA drive. SATA
drives are easy to install. Most internal drives need a special
host adapter card or an integrated motherboard header. Handle
the drive carefully. Do not touch any exposed circuitry or chips
on the drive. When it comes to installing and removing cables,
hold the cables connector rather than the cable. Always read
the documentation that comes with the drive, card or
motherboard for configuration and installation information.
Make sure that you visualise the steps. You can also search
online for help. You can follow these general steps to install a
SATA hard drive, optical drive or SSD drive.
1. Back up data on any existing drives.

2. Shut down the computer, unplug all external cables, open the case and
take ESD precautions.
Choose and add the drive to a bay:
3. Find an unused 3.5-inch drive bay for hard drives or unused 5.25-inch drive
bay for optical drives. Bays for hard drives do not need access from outside
the case, while bays for optical drives need access from outside the case
for optical discs to be inserted into the drive.
4. Choose which bay will hold the drive. Look at where the drive bays are and
the length of the data and power cables. Will the data cable reach the drive
bay and the motherboard connector? If not, choose another bay. Some
bays are fixed and others are removable, in which case remove the bay by
removing its screws or clips, install the drive in the bay, and then return
and secure the bay to the case.
Page 211 of 1229
5. Slide the drive into the appropriate bay with the drives connectors facing
the motherboard and the drives circuitry facing downwards.
Note
For hard drives, slide the drive into the 3.5-inch bay from the inside of
the case.
For optical drives, remove the computers front panel and/or the 5.25inch drive slot cover from the case and then slide the drive from the
front of the case into the bay opening. These slots are generally
removed by pushing tabs, either on the inside or outside of the case or
with screws. Make sure the front of the optical drive where the disc gets
inserted is lined up with the computers front panel.
Depending on the case design, hard drives can be placed inside the
case vertically or horizontally.
Tighten the drive to the bay:

6. Slide the drive back and forth until the screw holes in the side of the bay
line up with the screw holes on the side of the drive.
7. Secure the one side of the drive with one or more short screw(s). Some
bays use rails to hold drives into position. If so, snap the ends of the rails
into place. Do not over tighten the screws.
8. Carefully, without disturbing the drive, turn the case over and put one or
more short screws on the other side of the drive.
9. Carefully turn the case back over again and ensure the motherboard is
facing you.
Connect the data cable to the drive and motherboard header:
10.
Attach the one end of the data cable to the drives data connector. See
Figure 4.21. The connector is keyed so it can only be connected to the
drive and motherboard in one direction.
Figure 4.21 Plug SATA data cable into drive

11.
Attach the other end of the data cable to the motherboard header (see
Figure 4.22) or to a SATA host expansion card. Generally the
motherboard headers, labelled SATA1 and SATA2, are used before
headers, labelled SATA3 and SATA4.
Page 212 of 1229
Therefore, connect the data cable for the bootable drive to SATA1 (the
lowest port) and connect the other drives to SATA2 and so on. The
cables connector is keyed so it can only be connected in one direction.
Note
There are also adapters available that allow a SATA hard drive to
connect to a standard IDE header.
Figure 4.22 SATA motherboard header

Attach the power connector to the drive:
12. Find the SATA power connector from the PSU and attach it to the drive, as
shown in Figure 4.23. The internal SATA power connector is not an IDE
Molex connector; it is a different type of connector. You can buy a cable
converter if a Molex connector is the only one available from the PSU. The
power connector is keyed so it can only be connected in one direction.
Figure 4.23 Fitted power and data connector
Page 213 of 1229
Figure 4.24 Install SATA hard drive

13.
14.
15.
Check all your connections. You can use cable ties to keep cables neat
and tidy.
Close the case, connect all external cables to the computer and monitor.
After physically installing the drive, check to see if the drive is recognised
by the BIOS. Turn on the computer and check to see if the drive is listed
on the BIOS screen. If it is not listed, enter the CMOS Setup program by
pressing the appropriate key/key sequence shown on the BIOS Startup
screen and check that the drives controller is enabled. You might need
to change the adapter mode, usually choosing between ATA-compatibility
mode and Advanced Host Controller Interface (AHCI) mode. Figure 4.25
shows three SATA drives detected in the CMOS Setup program. Notice
that SATA in Figure 4.25 uses the numbering system (i.e. SATA 1 and so
on).
Figure 4.25 SATA drive detection in CMOS Setup
Page 214 of 1229
16. If it is still not recognised, recheck all connections. When the drive is
recognised by the BIOS, you have to prepare it for use. If you need to
install an OS on the drive, you will need to partition it and then format it
with a file system to store files.
17. You can do these tasks using the OS installation disc, or if an existing OS
exists on the first bootable hard drive and you have installed a new
second hard drive, you can log into the OS and use it to partition and
format the new second drive.
Note
You install internal SSD and hybrid drives with PATA or SATA
connections just as you would any PATA or SATA drive.
4.1.2.3 External hard drives

External hard drives are great for backing up data, adding extra storage space
and for transferring data between devices. While some external drives are
designed to be portable, others support large gigabyte and terabyte storage
space. An external drive uses either a USB, FireWire, eSATA or Ethernet
network connection.
External SATA (eSATA) extends the SATA bus at full speed to external
drives. It uses connectors similar to internal SATA but they are keyed
differently. eSATA uses shielded cables up to 2 m long outside the computer
and is hot swappable. eSATA PCIe cards or eSATA slot plates are available for
computers that do not have eSATA connectors. You can upgrade laptops to
support eSATA devices by inserting an eSATA card. There are also USB-toeSATA adapters.
There are variations of eSATA, such as eSATAp. eSATAp stands for powered
eSATA and uses a powered USB connection together with a speedy eSATA
connection. Also known as Power over eSATA, Power eSATA, eSATA/USB
Combo or eSATA USB Hybrid Port (EUHP), eSATAp allows you to connect an
internal hard drive, SSD drive or optical drive to a laptop using a single
combined data and power cable. You can attach a USB, eSATA or eSATAp
cable into the eSATAp port to receive power and transfer data.
An eSATA drive normally has no jumpers. However, when plugging in a faster
drive in a slower port, a jumper may need to be configured to ensure the drive
is compatible with the port. Always read the drive manufacturers manual when
installing the drive.
Some laptops have a USB/SATA combo port. eSATA port is often disabled in
CMOS Setup and sometimes needs you to make CMOS changes, updates and
install device drivers. With the drive plugged into the laptop, switch it on and
the drive should mount. When a drive is mounted, a communication channel is
opened between the drive and OS. Before disconnecting the drive, it should be
un-mounted.
Page 215 of 1229
Figure 4.26 eSATA port (left), connector (middle) and external hard
drive (right)
To un-mount an eSATA drive, click on the Safely Remove Hardware icon in the
notification area. Select the appropriate drive and remove it when the OS asks
you to.
Another type of storage to know about is network attached storage (NAS).
NAS is not a type of drive, but a computing system with one or more hard
drives designed to store and provide data to devices over a network. NAS is
attached to the network through an Ethernet connection and typically receives
power through an external power supply. Many NAS devices have a web-based
management program like the one shown in Figure 4.27 that users can access
using a web browser.
Figure 4.27 NAS web-based management program
4.1.2.4 Understanding and installing SCSI

Small computer system interface (SCSI) is an older standard that is
mainly used for hard drives installed in network servers, but it can also be
found on optical drives, printers and scanners. When compared to PATA, SCSI
supports higher speeds, more devices per host adapter and hot swapping.
Figure 4.28 shows the connectors for a type of SCSI drive.
Page 216 of 1229
Figure 4.28 SCSI drive connectors

A single SCSI chain consists of a series of SCSI devices cabled together and
controlled by a host bus adapter. The host bus adapter is usually an expansion
card but it may be built into the motherboard.
Figure 4.29 SCSI adapter card

The chain includes internal devices that connect to the host adapter on the
inside of the computer and external devices that connect to the adapters
external port. Multiple chains can exist and a computer can have multiple host
adapters to support many SCSI devices. A SCSI-1 host adapter supports a
total of seven devices while SCSI-2 or higher adapters support a total of 15
devices.
Every device, including the host adapter, is assigned a unique SCSI ID (or
drive select ID) that makes it different from other devices on the same chain.
SCSI IDs are normally set using click wheels (switches) or jumpers on the
drive, SCSI BIOS software or manufacturer-provided software. Standard SCSI
devices recognise SCSI IDs 0 through 7, while wide SCSI devices recognise
SCSI IDs 0 through 15.
The SCSI host adapter is normally pre-set to SCSI ID 7 or 15 (the highest
priority) and should not be changed. Slower devices, such as scanners and
optical drives, should be assigned a higher SCSI ID, such as 6 or 5 for
standard SCSI devices and 13 or 14 for wide SCSI devices. A bootable SCSI
hard drive is set to 0 so that the SCSI controller automatically looks for it to
boot the computer. Restrictions on IDs apply only within a single chain.
Page 217 of 1229
SCSI devices should be properly terminated. If the signal was not absorbed or
removed from the bus, the signal would bounce back up the cable and collide
with other data on the bus, causing interference or destroying the signal. The
SCSI chain will not work properly without terminating both ends of the chain.
Figure 4.30 shows how SCSI devices can be terminated.
Figure 4.30 SCSI termination

You can terminate SCSI by installing a jumper, setting a switch (as shown in
Figure 4.31), installing a terminator plug, installing a pass through terminator,
or through software.
Figure 4.31 Termination on SCSI drive

Note
When setting or removing termination, read the documentation that

comes with the adapter or device. If the terminator to an external
SCSI device does not come with the device, it must be bought
separately.
Termination can be passive or active:
A passive terminator uses no power and has a resistor to try to stop

signals from bouncing back down the cable.
An active terminator uses an external power supply and uses voltage
regulators inside the terminator to hold the end of the cable at a constant
voltage and absorb any signals reaching the end of the cable. Active
termination is more effective and provides better termination.
Note
Most modern SCSI host adapter cards are self-terminating, so you will
not need to terminate them. Do not terminate devices that are not on
the ends of the chain.
Page 218 of 1229
Instead of jumpers and switches, newer SCSI cards have either a software
program that comes with the adapter or a program built into the adapters
ROM chip that enables configuration through software. Refer to the adapters
documentation for configuration instructions.
You must enable the SCSI BIOS on the SCSI host adapter if booting off a SCSI
hard drive. Enabling this will allow the computer to recognise the drive when it
boots without needing you to install a driver for the card.
Note
If you are booting off a PATA or SATA drive and using the SCSI drive
as an additional drive, disable the SCSI BIOS and install a driver in
the OS.
After assigning jumpers and configuring termination, you must fasten the drive
to the drive bay with screws and connect the drive to the host adapter using a
suitable SCSI cable. Modern internal SCSI devices connect to the host adapter
with a flexible 68-pin ribbon cable. Many external devices connect to the host
adapter with a 50-pin high-density (HD) connector, while higher end SCSI
devices use a 68-pin HD connector. Some early versions of SCSI used a 25-pin
connector.
Note
Multiple internal devices can be connected simply by using a cable

with enough connectors.
Figure 4.32 68-pin SCSI cable

Finally, connect the PSU using a Molex connector. Before installing the driver
for the SCSI host adapter in the OS, review the steps to install a SCSI bus:
1. Assign a unique ID to each device.
2. If the motherboard does not have a SCSI adapter built-in, install a SCSI
host adapter into an available expansion slot.
3. Chain the devices to the SCSI host adapter and terminate both ends of the
chain.
4. If you are not booting off the first bootable hard drive, install the driver for
the SCSI host adapter.
Note
When installing and chaining multiple SCSI devices, install and test
one device at a time, one before the other.
Page 219 of 1229
Earlier SCSI versions were parallel technologies that needed devices to share
bandwidth. The latest SCSI devices are known as SAS (Serial Attached
SCSI). SAS devices connect through a serial point-to-point bus, allowing them
to support higher 6 Gbps speeds. They also support more devices on a single
SCSI chain; use smaller, longer, round cables; have a small hard drive form
factor that can support larger capacities; and have no termination issues.
4.1.2.5 Creating a RAID array
Redundant Array of Independent (or Inexpensive) Disks (or Devices)
allows reading from and writing to multiple physical disks for some purpose.
When two or more disks are grouped together in what is called an array, the
OS views them all as one large storage space (a logical volume). RAID can
be implemented in hardware or software. There are several levels of RAID
shown by a number and each number defines a different way to spread data
across multiple disks. Depending on the RAID level, RAID provides one or more
of the following benefits:
Redundancy: Using multiple disks to store a copy of the same data.

Fault tolerance: Generally refers to any system that can suffer a fault but
can still tolerate the fault and continue to operate. Fault tolerance is
achieved by using extra disks in specific configurations. With RAID, if one
disk fails, the other disk(s) can provide the missing data, allowing the data
to be available. Data can be protected by continuously writing copies of it to
multiple disks.
Extra space: RAID increases the amount of disk space available.
Performance: Read and/or writing performance can be improved.
Table 4.2 briefly describes the most commonly used RAID levels. Figure 4.33
shows 3 different types of RAID configuration.
Table 4.2 RAID levels
RAID
level
Description
RAID 0
Known as striping without parity, RAID 0 stripes (splits) data

between two or more physical disks. For example, in a two-disk
striped system, you would store half a file on one physical disk
and the other half on the other physical disk. The system can
read both halves of a file from the two disks at the same time,
which improves read performance, and can write both halves to
the two disks at the same time, which improves write
performance. The benefit of RAID 0 is performance and speed
(fast read and write operations) and additional storage space.
However, disk striping by itself provides no redundancy. If one
disk fails, all data on all disks in the array is lost. RAID 0 should
not be used for data disks.
Page 220 of 1229
RAID level
Description
RAID 1
Also known as mirroring, a mirrored volume includes two

physical disks, and data written to one disk is also written to
the other disk at the same time. The biggest benefit is fault
tolerance. If one disk fails, the other disk has a copy of the
same data and can be switched to, either manually or
automatically (if supported). When a failed disk is replaced, the
data on the working disk must be rebuilt on the new disk.
Because you are writing an entire file to two physical disks, you
do not get any write performance gains, but since many RAID 1
controllers recognise that the other disk has the same file and
can read from both disks at the same time, read performance is
improved. However, you lose capacity in RAID 1 because data
is duplicated, that is, you would need two 500 GB disks to store
500 GB of data. The available capacity is equal to the size of
one disk (or 50% of the total disk space). Using RAID 1 with a
separate disk controller for each drive is called duplexing and
protects against controller failure. RAID 1 is suitable for use on
data disks.
RAID 5
Also known as striping with distributed parity, Raid 5

protects data by writing parity information along with user
data to each physical disk in the array. The parity information
is used to recreate user data when one disk in the array fails.
Data and its parity information are never stored on the same
disk. At least three disks are required, and one disks worth of
space is always used for parity. RAID 5 offers the best read
performance during normal read operations, but when a disk
fails, read performance is reduced because data from the failed
disk must be recovered with parity information on the other
disks. However, RAID 5 has poor write performance during the
parity calculation process. RAID 5 arrays effectively use one
disks worth of space for parity. If, for example, you have three
200 GB disks, your total storage space is 400 GB. If disks of
different sizes are used, the disk with the smallest size will be
used. RAID 5 is suitable for use on data disks.
Nested RAID
Also known as multiple RAID, nested RAID groups different

types of RAID into one RAID:
RAID 01: Takes two sets of striped disks and mirrors the sets.
It creates a second striped set to mirror the primary striped set
of disks. At least four disks are needed with an even number of
disks.
RAID 10: Takes two sets of mirrored disks and stripes the
sets. At least four disks are required. RAID 10 is often used on
database servers.
Page 221 of 1229
Figure 4.33 compares the most commonly used RAID levels.

RAID-0
RAID-1
RAID-5
Figure 4.33 Comparing common RAID levels

Figure 4.34 shows an example of how RAID 10 is configured. Array A has a set
of disks (Disks 1 and 2) that are a mirrored (RAID 1 array) and they each hold
a copy of the same data. Array B has a set of disks (Disks 3 and 4) that are
also a mirrored (RAID 1 array) and they each hold a copy of the same data.
Both Array A and Array B are configured as a RAID 0 (stripe). Disks in the
Array A mirror store half the data and disks in the Array B mirror store the
other half of the data.
Figure 4.34 RAID 10

Like RAID 0, RAID 10 increases read and write performance, and like RAID 1,
it provides fault tolerance. Additionally, a RAID 10 can survive the failure of
multiple disks. For example, if Disk 1 in Array A fails and Disk 3 in Array B
fails, data can be retrieved from Disks 2 and 4. However, if two disks in the
same mirror fail (such as both Disk 1 and Disk 2), the data is lost. This
illustrates that RAID is not a substitute for data backups.
Both software-based RAID and hardware-based RAID are available.
Hardware-based RAID is supported on some motherboards with PATA or
SATA RAID connectors built in, and you can also buy a controller card or
external hardware-based arrays. Most hardware RAID allows you to replace a
bad drive without shutting down the computer (hot swapping). When a new
drive is added to the array, the controller synchronises it with the other drives
in the array without the user and OS knowing about it. Hardware-based RAID
arrays outperform software-based arrays, so if you can afford it, it is a better
option. The OS views a hardware-based array simply as another disk.
Page 222 of 1229
Note
Motherboards that support only two drives in a RAID array support

only RAID 0 or 1. Motherboards that support more than two drives
support RAID 5 and RAID 01 and 10.
RAID-enabled host controller cards support different levels of RAID. A

PATA/SATA array needs:
Two or more identical drives for best performance, the drives should be
identical in size, speed and other features. If some drives are bigger than
others, the additional disk space will be ignored.
RAID compatible motherboard or plug-in controller card both have
controllers, chips and a special BIOS, and handle all RAID functions
including finding and configuring the drives in the array.
Hardware RAID is invisible to the OS. The only difference in the physical
installation between normal PATA/SATA drives and RAID drives is where they
are connected. They must be connected to a motherboard or a card that
supports RAID. To find out if RAID is supported, read the system or
motherboard manual. After the drives used to create the array are connected
to the built-in adapter or card, restart the computer. Start the CMOS Setup
program and turn RAID on or off for the PATA or SATA drives. See Figure 4.35.
Save the changes and exit the CMOS Setup program.
Figure 4.35 RAID in CMOS Setup

After enabling RAID, follow the manufacturers instructions to create the array.
Generally, this means activating the array by opening the RAID firmware
configuration program when the computer starts but before the OS loads. See
Figure 4.36. You can follow the prompts in the program to choose the type of
array you want to create and configure it with a name, size and so on. After
the array is configured, the drives are handled as a single physical drive by the
system.
Page 223 of 1229
Figure 4.36 Creating a RAID volume using firmware program

Note
If any drive that will be used to create the array has data, back up
that drive before starting the array configuration process. Most RAID
host adapters delete data on all the drives in the array when creating
the array. Also, RAID must be configured before installing the OS on a
drive in the array.
In software-based RAID, the OS manages the RAID configuration. For

example, Windows systems allow you to create software-based RAID using
standard PATA/SATA/SCSI drives and controllers. Software-based RAID works
for small RAID solutions but tend to overwork the OS, slowing the system
down.
RAID arrays are sometimes used as part of network attached storage
(NAS) or a storage area network (SAN). A SAN is a network that stores
large amounts of data. External hot swappable drive enclosures are available
for adding and removing hot swappable drives without having to reboot or
disconnect the drive enclosure. These enclosures provide data and power ports
for drives and have a latch that secures the drives to the enclosure.
Figure 4.37 Hot swappable drive enclosure
Page 224 of 1229
4.1.3 Optical disc storage

Optical disc is the generic term for all different types of round, flat, thin
portable discs that are made of metal and plastic and have a protective
coating. See Figure 4.38. The discs come in a variety of standards and
formats, and are used to store, transfer and back up data and distribute
software. Optical discs include CDs (Compact Discs), DVDs (Digital Video
Discs or Digital Versatile Discs) and BDs (Blu-ray Discs). The drives that
transfer data to the optical discs using laser light (optically) are called optical
drives. Some older drives can only read from discs and not write to them, but
modern ones are commonly both readers and writers/rewriters (also called
burners or recorders).
Figure 4.38 Optical discs
4.1.3.1 Reading and writing to optical discs

An optical drive uses a laser beam to store data on the reflective metal surface
of the optical disc. A high-powered laser beam writes data to the disc by
burning or creating bumps called pits into the discs metal surface, and a lowpowered laser beam reads data by distinguishing between the pits and the flat
areas of the metal surface (called lands) by the amount of light deflected
when the laser beam hits the surface. The drive interprets the pit-to-land and
land-to-pit changes to represent digital 1 and 0 bits. The bit pattern follows a
continuous track that spirals from the inside of the disc outwards towards the
edge of the disc. See Figure 4.39.
Figure 4.39 Basic operation of an optical drive
Page 225 of 1229
Note
The data on the DVD and Blu-ray discs have pits that are smaller and
more closely spaced than the pits on CD discs.
An optical drive consists of a spindle motor that spins the disc, a laser diode
or similar device to generate the laser, a lens (mirror) system to guide the
laser beam to read the disc, and a tracking system to move the laser and
lens assembly. Modern optical drives use either a tray-loading mechanism, as
shown in Figure 4.40, where the disc is loaded onto a motorised or manually
operated tray that opens and closes, or a slot-loading mechanism, whereby
the disc is inserted into a slot and taken in by motorised rollers. Slot-based
drives cannot handle non-standardised discs and are not as common as trayloading drives. Internal optical drives fit into a 5.25 inch drive bay.
Figure 4.40 A tray-loading optical drive

There are a number of optical disc recording methods, all of which use a laser
to change the way that light reflects off the disc in order to copy the effects of
the pits and lands created when an optical disc is pressed. All methods enable
data to be read from the disc as many times as you want, but writing is a
different situation.
CD and DVD drives use red laser beams while Blu-ray drives use a blue laser
beam. The shorter the wavelength of the laser beam, the more accurate the
laser is, the smaller the pits and lands are, and the more data that can be
stored in the same space on the disc. The wavelength of the DVD laser beam is
shorter than the CD laser beam which means that DVDs store more data than
CDs. The Blu-ray beam is shorter than any red beam, allowing Blu-ray discs to
store more data than CDs and DVDs. Also, the Blu-ray laser is much closer to
the data surface than it is in CDs and DVDs.
Data is only read and written to one side of a CD, but can be read and written
to one (single-sided) or both sides (double-sided) of a DVD or Blu-ray disc.
Double-sided discs hold twice as much data as a single-sided disc but also
need you to turn the disc over to read from and write to the other side. DVD
and Blu-ray discs can hold data in two layers on both the top and bottom of
the disc (dual-layer or DL) as opposed to a CDs single layer (SL). Duallayer (DL) discs need dual-layer drives in order to be recorded and DL
recording speeds are slower than those for single-layer discs. Blu-ray is
available in dual-, triple- and quad-layer discs that support much more data
than CDs and DVDs.
Page 226 of 1229
If the drives eject button does not work or there is a disc stuck inside the
drive, you can insert a paper clip in the emergency eject pinhole (as shown in
Figure 4.41) to manually open the tray.
Figure 4.41 Emergency eject hole

Let us now explore everything you need to know about optical discs and drives
to make recommendations to customers.
4.1.3.2 Labelling, storing and protecting discs
A sticker is placed on the non-playing side of the disc. Discs can be labelled
using a special marking pen. The best way to store discs is to keep them in
cases that protect the surface from any dirt, damage and scratches. Keep the
discs away from light, heat, dirt and dust.
There are different ways of stopping people from making normal copies of
discs, or forcing them to make copies that do not work properly. Several copy
protection schemes are available, ranging from the simple to the more
sophisticated.
4.1.3.3 Disc formats and standards
Before continuing, here are some optical disc terms you will need to know:
Burning also called recording or writing, means to write data to the disc.
Ripping means to copy data from a disc to the hard drive.
Session a period of time in which something happens, meaning a file or
files are added in the same operation.
Single-session writing data in one operation.
Multi-session writing data at a time without filling up the disc and then
adding additional sessions later on until the disc is full.
4.1.3.4 Disc formats and standards

Most optical drives support multiple types of optical discs. The different types
of disc formats and standards are:
Read-only memory (ROM) only reads data; you cannot change and
delete data if the disc has data stored on it. ROM standards include: CDROM, DVD-ROM and BD-ROM.
Page 227 of 1229
Recordable (R) also known as write-once, can have data written to it

only once, and then the disc is read-only. Although (a) new session(s) can
be started on the disc, this might make it unreadable by the drive and
should be avoided. The data cannot be changed or deleted once you have
written data to the disc. Recordable standards include: CD-R, CD+R, DVDR, DVD+R, BD-R and BD+R.
Rewritable (RW) also known as re-recordable, you can write, rewrite
and erase data multiple times. Rewritable standards include: CD-RW,
CD+RW, DVD-RW, DVD+RW, BD-RW and BD+RW.
Recordable Erasable (RE) Blu-Ray discs use RE (as in BD-RE) to show
that the disc is rewritable.
-R the minus or dash sign is for single session media, that is, you cannot
add more data to the disc once burning has locked it (even if there is disc
space for more data). Some systems can perform a multi-session on -R
discs but not all systems are designed to read these extra sessions.
+R the plus sign is intended for multi-sessions, that is, you can add data
to the disc in sessions. You do not have to fill the disc up all at once but can
add data to it over time.
+-: the plus and minus sign refer to drives that can write/rewrite both plus
and minus formats.
Video a format used to store digital video on DVD discs.
Figure 4.42 Optical disc logos

Most modern optical writers and readers now work with no noticeable
performance differences between plus and minus formats. Check with the
manufacturers suggestion of disc format for the best compatibility especially
in older technology. You can tell the difference between disc standards and
formats by the sticker printed on top of the disc (non-playing side), by the
colour of the bottom of the disc (the playing side) and by software. If you
insert an optical disc that is not recognised by the drive, applications will often
just ignore it or ask you to insert the correct disc.
4.1.3.5 Disc sizes
Many optical drives can accept both standard-sized discs and the smaller-sized
mini discs. See Figure 4.43. Look at the drive tray to see if there is a smaller
diameter depression in the centre of the tray. If so, the depression is for the
smaller discs. Place a mini disc in the depression, close the tray and the optical
drive should read the disc.
Page 228 of 1229
Figure 4.43 Comparing standard to mini discs
4.1.3.6 Optical disc capacity

Here is a breakdown of how much data a CD, DVD and BD disc can store:
A CD can store data and video, but has limited space. Originally, CD-ROMs
could store 650 MB of data and 74 minutes of music, but modern CD-ROMs
can store 700 MB of data or 80 minutes of music. CD specifications for
recording, sampling and the physical diameter in mm are published in a
series of technical documents known as books, which are known by the
colours of their cover, for example, red, yellow, green and white.
DVDs can store data and video:
o Single-sided, single-layer DVD can store 4.7 GB
o Single-sided, dual-layer DVD can store 8.5 GB
o Double-sided, single-layer DVD can store 9.4 GB
o Double-sided, dual-layer DVD can store 17 GB
o DVD-video can store 17.1 GB
o DVD-audio can store 8.5 GB
BDs can store data and high definition (HD) video:
o Mini-discs can store 7.8 GB per layer
o Double-sided, single-layer BD can store 25 GB
o Double-sided, dual-layer BD can store 50 GB
4.1.3.7 Compatibility
CD drives can only read and write to CD formats, that is, they cannot read and
write to DVD and BD formats. Most DVD drives can read and write to CD and
DVD formats, but not BD formats. Depending on the drive features and model,
BD drives can read, write and play CD and DVD formats using a compatible
DB/DVD/CD optical head. To be certain as to which drive supports which
formats, look in the drives documentation or visit the manufacturers website.
Figure 4.44 Multi-format Blu-ray writer
Page 229 of 1229
4.1.3.8 Drive speeds

Optical drives are rated according to their data transfer rates (speeds). Faster
discs have thinner layers that react faster to laser light and the greater laser
power used. Each increase in speed is measured in multiples of the original
drive speed and given an x to show the speed relative to the first (1x) drive:
1x (single speed), 2x (double speed), 32x, 48x, 52x and so on.
CD when working with CDs, 1x equals 150 KBps. Multiply the x-rating by
150 to find out the drives speed for reading, writing or rewriting CDs.
Modern models offer 7 Mbps speeds. Drives that feature three speeds are
shown as Record/Rewrite/Read. For example, 24x/16x/52x.
DVD when working with DVDs, 1x equals 1.385 MBps. Multiply the 1x
factor by 1.385 to find out the drives speed for reading, writing or rewriting
DVDs.
Blu-ray when working with Blu-ray discs, 1x equals 4.5 MBps. Multiply the
1x factor by 4.5 to find out the drives speed for reading, writing or
rewriting Blu-ray discs.
Note
Keep in mind that these are maximum speeds that are rarely
achieved in real life operation.
4.1.3.9 Buffer/Cache
One way an optical drive reduces data transfer time is by using its on-board
buffer or cache memory to store frequently used data. A buffer improves
performance because it is much quicker for the CPU to fetch data from the
buffer than having to fetch it from the disc. Buffer sizes typically range from
KB to MB sizes, with the bigger buffers providing better performance. The
buffer also helps the burning process run smoothly by constantly feeding data
to the drive.
4.1.3.10 How to reliably record to optical discs
The main factors that influence your ability to create a working disc are:
Interface type.
Drive buffer size.
The location and condition of the data you want to record.
The writing (recording speed), whether the computer is performing other
tasks while trying to create the disc.
Features available with the recording software.
When experiencing problems with recording data, make sure the drive has
some kind of buffer under-run protection.
4.1.3.11 Internal and external connections
Optical drives can use many interfaces. The particular
recommend to the customer depends on several factors.
interface
you
Page 230 of 1229
The following questions will help you decide which interface to use:
Is the drive going to be an external drive? If so, eSATA, USB and FireWire
are the choices, with USB a popular choice. Many manufacturers have
released external versions of optical drives, both readers and writers.
Is the drive going to be an internal device? If so, internal drives can be
PATA, SATA or SCSI. Most internal drives use SATA (though you will find
some older PATA ones) and support the ATAPI standard.
Do you plan to add more devices, such as a scanner, to the computer in the
near future? If so, SCSI, USB, eSATA, and FireWire are options.
4.1.3.12 Installation
Figure 4.45 shows a CD, DVD and BD drive on top of each other. Optical drives
look identical from the outside. Can you tell which drive in Figure 4.45 is a CD,
DVD and Blu-ray drive?
Figure 4.45 CD, DVD and BD drive

The BD drive is on top, the DVD drive is in the middle and the CD drive is at
the bottom. One way to determine what drive you are handling is by looking at
the sticker on the drive itself, as shown in Figure 4.46.
Figure 4.46 Sticker on drive showing its type
Page 231 of 1229
Installing an optical drive is fundamentally the same as installing a hard drive,

except that internal drives are installed in a 5.25 inch drive bay by sliding them
into the bay from the front. To do this, you might have to remove the front
panels faceplate. When given the choice of placing a PATA optical drive on the
same cable with a hard drive or on its own cable, choose to use its own cable.
An optical drive can slow down the hard drives performance. Also, optical
drives might have a connection for an audio port so that audio from audio CDs
can be sent directly to the sound controller.
You will not need to make changes in the CMOS Setup program as part of the
optical drive installation process, except to ensure that master/slave
parameters are correct for PATA and that BIOS sees the drives (as shown in
Figure 4.47).
Figure 4.47 Auto-detect settings for optical drives

Note
Modern motherboards report the model numbers of optical drives,

giving you a degree of assurance that the drive is configured and
installed correctly.
When you install a new optical drive into a computer, the first question to ask
is: Does Windows recognise the drive? To find out, log into the OS and open
Computer and check that the drive is listed, as shown in Figure 4.48.
Figure 4.48 Blu-ray drive shown in Computer
Page 232 of 1229
Device Manager has most of the information about optical drives. Open Device
Manager and find the drive in the list of devices. Right-click on the drive and
select Properties to see more information. The General tab shows the
current status of the drive, informing you whether the device is working
properly or not. Other tabs, such as the Driver tab, provide other information
about the drive.
4.1.3.13 DVD and Blu-ray region codes
To protect against piracy and to control the distribution of DVD and Blu-ray
movie and audio software across the worlds regions, a DVD and Blu-ray drive
or disc player has a region code. The region code enables you to play only
those DVD and Blu-ray discs on a drive that has the same region code. If the
region code is different, the disc will not work on the drive. However, illegal
methods have been developed to overcome this region-code restriction.
Note
There are region-free drives available that do not need this region
code setting. Current standards allow changes to be made to the
region code before the drive is locked. There are programs on the
Internet that you can use to check your drive for its region
requirements without increasing the number of times the region code
has been changed.
4.1.3.14 Compression with MPEG

DVD-video relies on an MPEG standard for video and sound compression.
Moving Picture Experts Group (MPEG) is a group of compression standards
for both audio and video. MPEG created a compression technique called
MPEG2, which is used by DVDs. Your computer must decompress the video
and sound from the DVD. This is called decoding.
Note
Blu-ray supports many video compression schemes.
4.1.4 Flash memory

Flash memory is a type of non-volatile, solid state memory that stores data
permanently or semi-permanently. It can be electrically programmed and
erased. From an electrical point of view, flash memory works by storing data in
memory cells arranged in grids of rows and columns. Each cell has a Field
Effect Transistor (FET) that stays switched on or off when the power is turned
off.
The next section explores two popular flash memory storage technologies:
flash drives and memory cards.
4.1.4.1 Flash drives
If you need to carry data and programs from one computer to another, you
can use a flash drive. Flash drives have a USB connector as shown in Figure
4.49, come in different sizes, support capacities ranging from hundreds of MB
to lower TB, and go by many names including flash drive, thumb drive,
jump drive and key drive. The drives might come with LEDs (to show data
reads and writes), write-protect switches to enable or disable writing of data in
memory, and a cap to protect the connector from damage and dirt.
Page 233 of 1229
Some drives allow you to add more storage through a memory card slot and
have security features that allow you to secure the drives contents.
Figure 4.49 Flash drives

Read and write speeds for flash drives are specified in MBps for optimal
conditions only; speeds for real-world conditions are much slower.
These drives do not need an external power supply and because they are nonvolatile, solid-state memory, they can withstand shocks. The latest computers
allow you to boot to the flash drive to start the OS from the drive. This
configuration is sometimes known as a Live USB and requires changing the
boot order in the CMOS Setup program to boot off the drive.
You can also get a thumb drive computer that allows you to take your own
customised computer with you wherever you go. This is possible and easy to
do when using a portable application (also called a portable app). The
portable app is used with the drive and can include a menu structure, antivirus program, web browser and other applications.
To use a flash drive, you simply plug it into the USB port. The OS PnP finds the
drive, installs the driver and then either automatically displays the Autoplay
dialog box with various programs to open the files on the drive, or you can
open Windows Explorer or Computer to get to the drive. From there you
can view and edit the drives contents.
Before you remove a flash drive or any USB device from the computer, first
verify that no data is being read from or written to the drive. Then double-click
on the Safely Remove Hardware icon in the notification area, choose the
drive and click Stop or Eject. When a message appears telling you to safely
remove the drive, remove it.
4.1.4.2 Memory cards
Memory card is a generic term for a number of small cards that store data.
These cards appear as drives in Windows but they usually do different jobs.
They are a great way to store and transfer data. Cameras, smartphones and
music players often come with slots for a type of memory card. The cards
come in different sizes and support hundreds of MB to multiple GB of storage,
with TB expected. Figure 4.50 shows different types of memory card formats.
These formats are incompatible with each other.
Page 234 of 1229
Secure Digital (SD)

MiniSD, MicroSD
MiniSD, MicroSD
SmartMedia
Microdrive
Compact
flash (CF)
Memory Stick
xD
Picture
Card
Figure 4.50 Flash memory card media formats

Whichever type of memory card you use, the computer must have the correct
reader to accept the card, and read and write data to it. A media reader, also
known as card reader or memory card reader/writer, has slots for
memory cards and can be an internal or external device. A number of card
readers are available, some of which have multiple slots to support different
types of cards while some computers have built-in readers.
Speeds are rated on the same system as optical discs in multiples of KBps,
with the fastest devices working at MBps read speeds and slower write speeds.
To install an internal reader, insert the reader into the appropriate drive bay.
Some readers fit into a 5.25 inch bay and others into a 3.5 inch bay. You might
need to connect the reader to a USB header on the motherboard or it might
come with an expansion card; otherwise, you can run a USB converter cable
from the reader to an external USB port.
The memory card fits into the slot one way. Whichever type of card you have,
understand that it functions like a hard drive and appears as a drive in
Windows, allowing you to format the card and copy, delete and rename files.
When you insert the card with files on it into the reader, Windows might show
the Autoplay dialog box giving you the option to open the card, or you can use
Windows Explorer to access the cards contents.
Figure 4.51 Internal memory card reader

An external reader uses a USB port. To use the external reader, simply plug
the device into the port and it will mostly be seen by Windows with no further
configuration needed. If you get an error indicating that the device does not
work, unplug it and install the software on the disc that comes with the reader.
Then try and use the reader again. If you are still having problems with the
reader, make sure the USB data cable is securely fitted, check Device
Manager for errors, and try the reader in a different port or on a different
computer.
Page 235 of 1229
To safely remove a hot swappable card from the reader, close any programs
that are using the cards contents and then check the status light on the reader
to see if the card is not being used, and then remove it.
4.1.5 Floppy drives

Although floppy drives have disappeared from modern computers, they can
be used for troubleshooting. A floppy disk or floppy diskette is a 3.5 inch
magnetic disk with a protective plastic case that has round tracks and 512 byte
sectors. It can store 1440 KB of data (referred to as 1.44 MB) and support
62.5 KBps speeds.
To read and write to the floppy diskette, a 3.5 inch floppy disk drive (FDD)
or A: drive is used. When you insert a floppy disk into the floppy drive, the
disks protective slide opens and exposes the magnetic disk inside the plastic
casing to the drive.
A motor-driven spindle snaps into the centre of the drive to make the disk
spin, and a set of read/write heads moves back and forth across the disk to
read or write tracks on it. When the disk is used, the read/write LED on the
front of the drive flashes. Do not try to remove the disk from the drive when
this LED is on! When the light is off, you can push the small release button on
the front of the drive to eject the disk.
Internal floppy drives connect to older motherboards using a 34-pin ribbon
cable and use a mini-Molex (or Berg) power connector. The floppy controller
gives the floppy drive instructions and can be an expansion card or built into
the motherboard.
Figure 4.52 shows an external USB floppy drive (left), a 3.5-inch floppy disk
(middle) and an internal 34-pin ribbon cable (right).
Figure 4.52 External USB floppy drive, floppy disk and 34-pin ribbon
cable
Note
External USB floppy drives are available.
By default, many computers that still support floppy drives first attempt to
boot from the floppy drive looking for an OS before any other boot device. This
process enables technicians to insert a floppy disk into a problematic computer
to run programs when the hard drive fails. On the other hand, it also means
hackers can insert bootable floppy disks into servers and cause harm. You do
have a choice, though, because most systems have CMOS parameters with
which you can change this default boot order to a hard or optical drive.
Page 236 of 1229
4.1.6 Tape drives

Magnetic tape is typically used to store backup or archived (long-term)
copies of data. A tape drive is the device that positions, reads data from and
writes data to a reusable tape stored within a protective tape cartridge. You
can install a tape drive in a computer, assign it a drive letter, insert a tape and
copy files to and from the tape. A special program is needed to address the
drive and to send data to it for storage and restore the data later from it.
Note
Magnetic tape drives are mainly used in network servers. Tape drives
accommodate full-sized and smaller tapes.
There are different types of internal and external tape drives, such as Quarterinch cartridge (QIC), Digital Audio Tape (DAT) and Digital (DLT), which come in
different formats and support different gigabyte and terabyte capacities.
Capacities are typically listed in compressed and uncompressed format.
Most tape drives are also available in autoloader (auto-changer) or tape
library designs to allow unattended automatic backups of drives that need
multiple tapes.
Autoloader: An autoloader is a hardware device that has one or more tape
drives and a robotic arm that swaps the tapes in and out of the drives.
Figure 4.53 shows a single tape drive (left), a tape cartridge (middle) and a
tape autoloader (right).
Figure 4.53 Tape drive, tape cartridge and autoloader

When choosing a tape drive, consider how many and what type of tapes the
drive uses, its capacity and how it connects to the system. A tape drive can be
internal and external. Internal drives connect to the computer using a PATA,
SATA or SCSI connection, whereas external drives can connect through an
SCSI, eSATA, USB or FireWire connection.
4.2 Memory
System memory is the primary workspace for the CPU. It is the area where
data, instructions and programs are stored while the CPU is processing them.
Page 237 of 1229
The two main types of memory are:
Random access memory (RAM) is the system memory the CPU uses to
temporarily store data, instructions, the OS, applications and user data.
Random access means the CPU can access any piece of memory it needs
from anywhere in RAM, and any access takes an equal amount of time.
Accessing RAM is fast and efficient compared to accessing hard drives.
However, RAM is volatile and needs electricity to store its contents. RAM is
temporary. When the computer is shut down or restarted, the contents of
RAM is erased.
Read-only memory (ROM) is non-volatile memory that keeps its contents
when the computer is off. This makes it an ideal place to put the computers
startup instructions.
The memory controller chip (MCC) is RAMs and the CPUs go-between. See
Figure 4.54. Basically, when the CPU wants to store or access data from RAM,
the memory controller is responsible for getting the job done. It does this by
moving data over the address bus, which connects the memory controller to
RAM. The memory controller can be in one of two places: within the
Northbridge chipset on older systems or integrated in the CPU on modern
systems.
Figure 4.54 Memory controller

The capacity of RAM is measured in MB and GB.
4.2.1 Memory module sockets and packaging

Memory chips are placed on rectangular circuit boards called memory
modules or sticks which plug into memory slots on the motherboard. See
Figure 4.55. A module has one or more notches (keys) that prevent it from
being plugged into the slot the wrong way round or into the incorrect slot.
Memory module contacts or edge connectors and memory sockets are gold.
Page 238 of 1229
If the computer accepts tin modules and you install gold ones, over time a
chemical reaction between the metals can damage the connector. Memory
errors can also occur.
Figure 4.55 Memory module

The memory chip used today is a DIMM (Dual In-line Memory Module), which
has 184, 240 or 284 pins and uses a 64-bit data bus.
4.2.2 Types of RAM

There are different types of RAM chips, with each having a particular set of
features and characteristics making it best suited for a particular application.
The following sections discuss the different types of RAM chips.
4.2.2.1 Dynamic RAM (DRAM)
DRAM is a memory chip that works like a spread sheet: it has numbered rows
with cells. Each cell has a capacitor to store a charge to represent a 1 or no
charge for a 0, and a transistor to read the charge state of the adjacent
capacitor. The charge in the capacitor is constantly draining, which is why
DRAM must be recharged or refreshed constantly. This refresh process occurs
when the memory controller takes a tiny break and accesses all the rows of
data in the chip. Unfortunately, refreshing slows DRAM down and even a
momentary power or other interruption during the refreshing process will
cause a cell to lose its charge and therefore the data it contains. This can lead
to any number of system crashes.
Note
The memory controller is set for refresh times in milliseconds (ms).

For every number of milliseconds, all the rows in DRAM are
automatically read to refresh the data.
Despite having to be refreshed, DRAM is inexpensive and very dense, meaning

that a lot of bits can be packed into a very small chip (memory capacity per
chip).
4.2.2.2 SDRAM and RDRAM
Table 4.3 lists two older types of RAM that are not used anymore but might be
found on some older motherboards and need to be supported.
Page 239 of 1229
Table 4.3 Older RAM types

Older
type
SDRAM
RAM Description
RDRAM
(RAMBUS)
The original SDRAM cannot be found on modern computers;

however, most modern computers use some type of
SDRAM. SDRAM is still DRAM, but shares a common clock
signal with the system clock that ties SDRAM to the speed
of the FSB and the CPU, speeding up memory. SDRAM has
a 64-bit data bus, is rated in MHz clock speeds up to 133
MHz, and has bandwidths up to 1066 MBps. SDRAM for
desktop computers is packaged in 168-pin DIMM modules
that have two notches.
Developed by the Rambus Corporation, a proprietary
memory that has a 16-bit (single channel) or 32-bit (dual
channel) bus width that runs at speeds up to 533 MHz.
RDRAM is also double pumped allowing data to be
transferred twice per clock cycle and supports bandwidths
up to 4200 MBps. It is packaged for 16-bit RDRAM in 184pin RIMMs and for 32-bit RDRAM in 232-pin RIMMS. Single
channel RIMMs must be installed in pairs with dual channel
motherboards and dual channel RIMMs can be installed
singly. The BIOS and chipset must both support RDRAM.
When RIMMs are used, all slots must be filled and for empty
slots, you can use a blank terminator module called CRIMM
(Continuity RIMM).
4.2.2.3 Double Data Rate (DDR/DDR2/DDR3/DDR4) memory for

desktop computers
DDR is an improved version of SDRAM. DDR, DDR2 and DDR3 are (or will be
in the case of DDR4) the most commonly found on modern motherboards.
Note
All DDR memory use DIMM modules.
DDR runs twice as fast as SDRAM, has one notch, uses 184-pin DIMM and
cannot be inserted into a DDR2, DDR3 or DDR4 memory slot. Instead of
processing data for each tick of the system clock, as regular SDRAM does, it
processes data when the tick rises and again when it falls, doubling the data
rate of memory. This is known as double pumping. For example, if the
motherboard runs at 200 MHz, DDR runs at 400 MHz.
Two improvements over DDR are DDR2 and DDR3, which double and
quadruple bus speeds, respectively. DDR2 runs faster, uses less power and
generates less heat than DDR. DDR3 is faster and uses less power than DDR2,
further reducing heat generation. Both DDR2 and DDR3 use 240-pin DIMMs,
although their notches are not in the same position and their modules and
slots are keyed differently and therefore they are not compatible. Figure 4.56
shows a comparison of the notch positions of DDR, DDR2 and DDR3.
Page 240 of 1229
Figure 4.56 Comparing DDR versions

DDR4 uses a new process to read, write and refresh data more efficiently.
Compared to earlier DDR versions, DDR4 supports faster speeds and more GB
per module, and uses less power. Instead of the multiple DIMMS per channel
approach used by earlier types of DDR, DDR4 uses a point-to-point topology
where each channel is connected to a single DIMM. Switched memory banks
are an option for servers. DDR4 memory comes in a 284-pin DIMM and is not
compatible with any earlier types of DDR. DDR4 will be used in servers,
computers and mobile devices.
Memory speeds are measured in several ways. The actual speed of the chips
on the module is measured in nanoseconds (ns). The bus speed of the CPU
is measured in MHz. The speed of RAM is shown as bandwidth (throughput)
or simply the number of bytes it can send in a second (Bps) or more
commonly in MBps and GBps. However, RAM speed is not listed plainly.
Instead, it is listed using standard names such as DDR3-800 and PC ratings
such as PC3-12800. The standard name refers to the clock speed of the bus
(100 MHz double pumped) and PC rating refers to the peak bandwidth (200
MHz x 8 bytes). When looking for RAM, you need to understand what these
names mean.
You can calculate the overall speed of any type of DDR SDRAM by using a
specific mathematical formula for that type. The formula is:
The speed of the clock (Clk)

A clock multiplier (Clk Mult) for DDR2 and DDR3
Doubling from double pumping (DP). The speed is calculated for a single
channel, which is 64 bits wide and then converted to bytes by dividing it by
8.
You can use the following formulas to calculate the speed of each of the DDR
versions by using a 100-MHz clock:
DDR speed calculation:
Clk 2 (DP) 64 (bits)/8 (bytes)
100 MHz 2 64/8 = 1600 MBps
Page 241 of 1229
DDR2 speed calculation:

Clk 2 (Clk Mult) 2 (DP) 64
100 MHz 2 2 64/8 = 3200
DDR3 speed calculation:
Clk 4 (Clk Mult) 2 (DP) 64
100 MHz 4 2 64/8 = 6400
(bits)/8 (bytes)
MBps
(bits)/8 (bytes)
MBps
Table 4.4 shows these speeds and their different naming conventions for DDR.
You can see that the standard name DDR is taken from the clock, the clock
multiplier and double pumping. For example, DDR3 uses a 4-times multiplier
and double pumping. Therefore, it is eight times faster than SDRAM. The
standard name comes from multiplying the clock by 8. The PC rating is a little
more difficult to understand, but if you calculate the speed by using the clock,
you can see that the PC rating shows the calculated speed in MBps. Also, the
names include the version (DDR, DDR2 or DDR3).
Table 4.4 DDR speeds and naming convention examples
DDR standard name
DDR PC rating
DDR2 standard name
DDR2 PC rating
100 MHz
DDR-200
computer-1600
DDR2-400
PC2-3200
DDR3 standard name

DDR3 PC rating
DDR3-800
PC3-6400
166 2/3 MHz

DDR-333
computer-2700
DDR2-667
PC2-5300
PC2-5400
DDR3-1333
PC3-10600
200 MHz
DDR-400
computer-3200
DDR2-800
PC2-6400
DDR3-1600
PC3-12800
Each DDR version supports multiple clock speeds and each newer version
supports faster clock speeds. Some of the clock speeds supported by different
DDR versions are as follows:
DDR: 100, 133 1/3, 166 2/3, and 200 MHz

DDR2: 100, 133 1/3, 166 2/3, 200, and 266 2/3 MHz
DDR3: 100, 133 1/3, 166 2/3, 200, 266 2/3, and 400 MHz
As of this writing, bandwidths include:
DDR various speeds supported from 100 MHz at 1.6 GBps for computer1600 (DDR-200) to 200 MHz at 3.2 GBps for PC-3200 (DDR-400).
DDR2 various speeds supported from 200 MHz at 3.2 GBps for PC2-3200
(DDR2-400) to 533 MHz at 8.5 GBps for PC2-8500 (DDR2-1066).
DDR3 various speeds supported from 533 MHz at 8.5 GBps for PC3-8500
(DDR3-1066) to 1066 MHz at 17.066 GBps for PC3-17000 (DDR3-2133).
DDR4 SDRAM is around twice as fast as DDR3. As of this writing, DDR4

specifications currently go up to DDR4-3200 and bus speeds will start at 2133
MHz. Table 4.5 shows some examples of common memory modules.
Page 242 of 1229
Table 4.5 DDR RAM modules

Description of module
Example
184-pin DDR DIMM supports channelling

or can be installed as a single DIMM. DDR
has one notch near the centre of the edge
connector.
240-pin DDR2 DIMM supports channelling
or can be installed as a single DIMM.
DDR2 has one notch near the centre of
the edge connector.
240-pin DDR3 DIMM supports channelling
or can be installed as a single DIMM.
DDR3 has a notch further away from the
centre of the edge connector.
240-pin DDR3 DIMM with heatsink.
284-pin DDR4 DIMM can be installed as a

single DIMM. DDR4 has a notch further
away from the centre of the edge
connector.
4.2.2.4 Static RAM (SRAM)

SRAM uses switching circuitry instead of capacitors and can store a charge
without needing to be periodically refreshed. Owing to how the switching
works, it is quicker than DRAM, and you will find it used in cache memory for
CPUs as buffers on the motherboard and within hard drives and as temporary
storage for LCD screens.
4.2.2.5 Memory characteristics
Table 4.6 lists the characteristics
performance of DIMMs.
that
affect
capacity,
features
and
Table 4.6 Memory characteristics

Characteristic Description
Chips
The number of chips and size of each chip determine how
much data the memory module can temporarily store. Most
SDRAM and DDR RAM modules have 8 or 16 chips. Each chip
has a size (or density) of either 32 MB or 64 MB with total
capacity from hundreds of megabytes to multiple gigabytes.
Bank
When installing memory, you must fill a bank. A bank is the
amount of data the memory controller expects to fetch. The
number of modules per bank varies. Because DIMMs use a
64-bit data bus, it takes only a single DIMM to provide one
bank to the CPU. However, some double-sided DIMMs give
more than one bank.
Page 243 of 1229
Characteristic Description
Single-sided/
Single-sided or double-sided refers to how the memory
double-sided/
controller accesses RAM (not how many sides of the DIMM
quad ranked
has chips). In double-sided RAM, the chips are separated
into two groups known as ranks and the system can only
access one rank at a time. In contrast, single-sided (or
single-rank) RAM is in one group; the system can access all
RAM on the DIMM without switching. If you have a DIMM
with chips on only one side, it is most likely a single-sided
(single-rank) DIMM. However, if it has chips on both sides, it
can be single rank, dual rank or even quad rank. Switching
back and forth between ranks takes time and slows down
RAM. Single-sided RAM does not switch, and if all other
factors are the same, it is faster than double-sided RAM.
Quad 4 ranked modules are available for network servers.
Channel
Channels have to do with how many DIMM slots the memory
controller can address at a time. Slots are colour coded to
represent a channel, with two slots having the same colour,
three slots having the same colour and so on.
Dual channel the memory controller can access two
DIMMs at the same time, doubling the speed. Two separate
64-bit channels (paths) are used together resulting in a 128bit FSB.
Triple channel the memory controller can access three
DIMMs at the same time, achieving higher speeds and better
performance.
Quad channel the memory controller can access four
DIMMs at the same time, achieving much higher speeds and
better performance.
Parity
An old method not used anymore for checking the accuracy
of data going in or out of memory chips. Check CMOS Setup
to see if the system supports this.
Non-parity
Non-parity memory chips do not use any error checking.
Most memory modules are non-parity because the memory
controller provides error correction. Also, applications
routinely check for errors and often find and correct them
without needing parity or ECC RAM.
ECC
An alternative to parity checking that uses enhanced parity
circuitry to find and correct internal single bit errors and
informs you of large 2-, 3- or 4-bit errors with an error
message. The motherboard must support error correction
code (ECC) modules, and you must typically enable them in
CMOS Setup. ECC is used in network servers.
Page 244 of 1229
Characteristic
Buffered
and
registered
memory
CL rating
Description
Buffers and registers keep data temporarily, taking some
load off the memory controller, but delay data transfers.
This enables the system to keep stable when lots of RAM is
installed. Some DIMMs use buffers, some use registers and
others use neither. If the module does not support registers
or buffers, it is called an unbuffered DIMM. Most DDR
SDRAM is unbuffered. Registered DIMM must be supported
by the motherboard.
CL or CAS (Column Address Strobe) is the amount of
time (clock cycles or nanoseconds) that passes before the
CPU moves on to the next memory address. A RAM cell is
the intersection of a row and column. The CAS signal picks
which column to select and a signal called RAS (row
address strobe) picks which row to select. The intersection
of the two is where data is stored. The delay in RAMs
response time is called latency. The lower the number of
nanoseconds (ns), the faster the access time of the memory
chips. Latency is sometimes advertised as a CL rating. The
higher the CL rating, the slower the memory. A rating of CL5
waits five clock cycles before moving to the next memory
address.
4.2.2.6 RAM banks, channels and slots

Many motherboards and CPUs support single- and multi-channel (dual-, triple-,
quad-channel) memory architectures. Each channel represents a 64-bit path
of communication that can be accessed on its own. Dual channel has two or
more paths that go to and from memory, and so it can transfer twice as much
data at one time as single-channel of the same speed. Tri-channel (three
paths) and quad-channel (four paths) are being used to achieve better
performance.
Dual-channel motherboards are very common. Figure 4.57 shows four memory
slots labelled for a motherboard using an Intel-based CPU. Slots 1 and 3 are
one colour and slots 2 and 4 are another colour.
Figure 4.57 Intel-based DDR slots (S), banks (B) and channels (C)
Slots: Each slot can accept one DIMM.
Page 245 of 1229
Banks: A bank is made up of multiple slots. In Figure 4.57, Bank 0 includes

slots 1 and 3 and these two slots are usually blue but might be another
colour. Bank 1 includes slots 2 and 4 and these slots are usually black but
might be another colour.
Channels: Each channel is a 64-bit communication path. Slots 1 and 2
make up one channel and slots 3 and 4 make up the second channel.
Note
Slots of the same colour show the same bank and matched pairs
should be installed in these slots. You can install a single DIMM in slot
1 and the system will have a single-channel RAM. For best
performance, install matched DIMMs in the same bank.
Looking at Figure 4.57, you should install the matched pair of DIMMs in slots 1
and 3 (Bank 0), leaving slots 2 and 4 empty. The system will take advantage
of this dual-channel architecture by using two separate 64-bit channels.
What happens if you install the DIMMs in slots 1 and 2 instead? The system
will still work; however, both DIMMs are installed in channel 1, so the system
will work with only a single channel. RAM will be about half as fast as it could
be if it were installed correctly to take advantage of the dual channels.
Figure 4.58 shows the motherboard that supports AMD CPUs. Slots 1 and 2
make up Bank 0, and slots 3 and 4 make up Bank 1. Channel 1 includes slots 1
and 3 and Channel 2 includes slots 2 and 4.
Figure 4.58 AMD-based DDR slots (S), banks (B) and channels (C)
While this can be confusing between different motherboards, the good news is
that most motherboard manufacturers use the same colour for each bank.
Note
Many motherboards allow you to use different size DIMMs in different

channels. However, for the system to use the multi-channel, each
DIMM within a bank must be the same size. Also, you can use
different speed DIMMs in the same bank, although this is not
recommended. The speed of the bank will default to the lower speed
DIMM or, in some cases, to single channel. As a best practice, DIMMs
that fill a channel/bank should be identical in capacity, speed, chip
number and features. Read the motherboard manual. You might need
to enable channel functionality in CMOS Setup.
Page 246 of 1229
Table 4.7 shows the configuration of the slots, banks and channels for a
motherboard using triple-channel RAM. A motherboard with this configuration
will have six DIMM slots to support triple-channel memory.
Table 4.7 Triple channel memory
Slots
Slot 1
Slot 2
Slot 3
Slot 4
Slot 5
Slot 6
Banks
Bank 0
Bank 1
Bank 0
Bank 1
Bank 0
Bank 1
Channels
Channel 1
Channel 1
Channel 2
Channel 2
Channel 3
Channel 3
Slots in each bank are commonly the same colour, so you might see a
motherboard with Bank 0 slots (slots 1, 3 and 5) all blue and with Bank 1 slots
all black. Triple-channel DIMMs are sold in matched sets of three, similar to
how dual-channel DIMMs are sold in matched pairs. When you install triplechannel DIMMs, you should install the matched set in the same bank. For
example, if you buy one set, you would install it in slots 1, 3 and 5.
Quad-channel motherboards have eight DIMM slots. When buying RAM for a
quad-channel motherboard, you buy the RAM in a matched set of four.
4.2.2.7 Serial Presence Detect (SPD)
SPD allows the motherboard to automatically discover and configure any DIMM
installed. An SPD chip on the DIMM stores all information about the module,
including its size, speed, ECC or non-ECC, and so on. When a computer boots,
it queries the SPD chip so that the memory controller knows how much RAM is
on the module, how fast it runs and other information. Many programs, such
as CPU-Z, can query the SPD chip. Figure 4.59 shows both the Memory and
SPD tabs of the CPU-Z program. CPU-Z indicates the type of DDR RAM, the
amount of installed RAM, the total number of slots on the motherboard, the
number of slots used and the exact type of RAM in each slot.
Page 247 of 1229
Figure 4.59 Memory characteristics of installed DIMM modules
4.2.2.8 Page file

A page file, also called a swap file or virtual memory, is space on the hard
drive that the OS uses as an extension of RAM to temporarily store data when
needed. When the computer starts running low on RAM because the user has
loaded too many programs at the same time or a program is using up too
much RAM, the OS temporarily swaps the program(s) from RAM to the page
file. The OS does not need to use the page file, that is, it only uses it when
there is not enough RAM available to run all open programs. The default and
recommended page file size is 1.5 times the amount of installed RAM on the
computer.
4.2.2.9 Upgrade options
Memory is one of the easiest upgrades to do to improve performance. Consider
the following when looking for memory:
The total RAM installed. The more RAM there is, the faster the computer.
Generally, use as much memory in a computer as the motherboard and OS
can support.
Amount of RAM needed. This depends on the OS (OSs have memory
limits), type and number of application running at the same time, and the
maximum amount of RAM the motherboard supports.
Memory module type and chip. If you want to change to a faster type of
memory module, from say DDR2 or DDR3 which both use a 240-pin module
or to DDR4 which uses 284-pin, you will most likely have to upgrade the
motherboard first. Use what the motherboard supports.
Speed. Some motherboard manufacturers insist you use the same speed
and sometimes the same sizes of memory in each memory slot, while
others are more flexible. Check the motherboard manual to find out about a
particular system.
Page 248 of 1229
ECC or non-ECC/non-parity. Non-ECC or non-parity is faster, but might

not be as reliable. Use what the motherboard supports.
CL rating. The lower the better. Use what the motherboard supports. The
CL rating might be shown as a series of timing numbers.
Multi-channelling improves performance.
4.2.3 Installing/upgrading memory

In this exercise you will learn how to choose suitable RAM for a
particular motherboard and install RAM. To find the right type of
RAM means that you should either visit the memory vendors
website, check the label on the module itself or refer to the
motherboards manual. You will only use the vendors site to
find the type of RAM your computer uses so that you can buy
the correct RAM from one of the many different computer stores
that sell RAM.
Note
When there is not enough RAM, the OS will display an error message
or the system will slow down by quite a lot. Always store modules in
anti-ESD bags when not in use. Also, use strict ESD procedures when
working with the modules. RAM is very sensitive to ESD.
When you add more memory to a computer, you need to answer the following
questions:
How much is currently installed and how much RAM does the customer
need?
The answer is probably all you can get. Microsoft sets minimum RAM
requirements for its OS on its website. To find out how much RAM the Windows
computer has, go to the System Information tool by clicking Start > All
Programs > Accessories > Run. Type msinfo32 in the Run dialog box and
press <Enter>. Scroll down to see installed memory information.
Windows also has the handy Performance tab in the Task Manager program
(shown in Figure 4.60). Task Manager provides information about computer
performance and running applications, processes and processor usage,
memory, network activity, statistics and so on.
The Performance tab provides information about the amount of RAM used by
the computer. Access Task Manager by pressing <CTRL> + <SHIFT> +
<ESC> and select the Performance tab. Figure 4.60 shows how this
computer currently has 8 GB RAM installed.
Page 249 of 1229
Figure 4.60 Memory information in Task Manager

How many and what kind of modules are currently installed on the
motherboard?
To learn what type and how many modules are already installed, do the
following:
1. Use the CPU-Z program for information about your memory modules.
2. Open the case and look at the memory slots.
3. How many slots does the motherboard have? Write it down here:
4. How many are filled with modules? ______________
5. Can you tell whether your system has DDR DIMMs, DDR2 DIMMs, DDR3
DIMMs or DDR4 DIMMs?
6. Remove each module from its slot and look for the type, size and speed
printed on its sticker.
7. Look at the module for the size and position of its notches. Compare the
notch position to the modules shown in Table 4.5.
8. Download and read the motherboard manual from the memory
manufacturers website. If it is not clear, look on the motherboard for the
manufacturer name and model. Then visit a reputable memory website and
use this information to find out what memory the motherboard supports.
Page 250 of 1229
Figure 4.61 Searching for memory at the manufacturers website

9. Look at the motherboard manual to see what channel configuration the
motherboard supports. If it does support channelling, the slots will be colour
coded.
10. If you still do not know the module type, take the motherboard and old
memory modules to a reputable computer shop and they should be able
to match it for you.
How many and what kind of modules can I fit on the motherboard?
If all the memory slots are full, sometimes you can take out smaller capacity
modules and replace them with larger ones, but you can only use the type,
size and speed of the modules the motherboard supports. Read the
motherboard manual to find this information. If the motherboard supports
channelling, install two or more matching DIMMs for best performance.
How do I select and buy the right modules for the upgrade?
You are now ready to buy memory. When choosing memory, you might find it
difficult to find an exact match of DIMMs already installed on the motherboard.
The DIMM format must match the motherboard.

Mixing unbuffered memory with buffered/registered memory will not work.
Do not mix ECC memory with non-parity memory.
When matching memory, try to match the module manufacturer. Although
modules from different manufacturers will work, it may cause problems with
multi-channel configurations.
Page 251 of 1229
All motherboards can handle different capacities of RAM, with the exception
of multi-channel configurations. Manufacturers recommend installing the
largest module in the lowest numbered slot.
Although you may get away with mixing memory speeds, the safest and
easiest route is to use the speed specified in the motherboard manual and
make sure that every module runs at that speed for best performance.
Mixing memory speeds will result in all modules performing at the slowest
speed module and might cause the system to lock up.
Do not put mismatched RAM modules in the same bank with a motherboard
that uses multi-channel configurations.
Chips can be high-grade, low-grade, remanufactured or used. Poor quality
chips cause frequent errors or unstable systems so it is good to know the
quality of the chips. Stamped on each chip is the date it was made. For best
results, buy memory from reputable sources that only sell new components
and new memory chips.
High quality modules have heatsinks installed to reduce heat and help the
module last longer.
Use a memory manufacturer website that you know can be trusted when
buying RAM. Some websites have a program (as shown in Figure 4.62) that
you can run or download and run. Some programs can identify your
motherboard and the RAM it supports and provide recommendations.
Figure 4.62 Memory advisor program

Also, most memory manufacturer websites allow you to look at the
specifications for a particular memory, as shown in Figure 4.63.
Page 252 of 1229
Figure 4.63 Memory specifications

Installing a new memory module
This exercise shows you how to install RAM modules. Handle
each module with care. Small locking clips on each side of the
slot lock the modules firmly in place when installed correctly.
Have a screwdriver at hand and take ESD precautions.
1. Turn off the computer, unplug all external cables and open the case.
2. Find the memory slots, which are generally located at one corner of the
motherboard close to the CPU. Many motherboards have two or four slots,
although some have more. Figure 4.64 displays what memory slots on a
motherboard look like.
Figure 4.64 RAM memory slots

3. Position the motherboard so that the memory slots are facing you.
4. Move any cables away from the slots.
Page 253 of 1229
5. Find out which bank (slot or series of slots) to fill first. Most slots are
numbered, usually starting from 0 or 1. Some motherboards allow slots to
be filled in any order while most need them to be filled from the lowest
numbered slot upwards. In general, most people fill Bank 0 or 1 (the
lowest-numbered slot) first and then the next bank and so on. Refer to the
motherboard manual for specific instructions.
The slots should look like the one shown in Figure 4.65. Notice that the
notches cut into the connectors at the bottom of the module match up to the
slot breaks (spacers) in the slots if the correct DDR DIMM is used.
Module
Notches
Locking clips
Slot
Figure 4.65 Slot ready for module
6. Pull the locking clips on both sides of the slot outward (in an open position).
7. Pick up a module by its edges do not touch the chips or pins or contacts
at the bottom and line up the notches with the slot breaks in the slot. If
the notches do not line up the right away, turn the module around and try it
the other way. It is possible to install the modules the wrong way.
8. After making sure your module is lined up correctly with the slot, insert it
and push straight down to seat it. A good hard push down is usually all you
need to ensure a solid connection.
9. As the module moves into place, make sure the locking clips on each side of
the slot move towards the centre (as shown in Figure 4.66) until they snap
and lock into the side notches of the module to lock it in place. A fair
amount of force is needed to engage the clips and lock the module into the
slot.
Figure 4.66 The locking clips on the slot
Page 254 of 1229
10. That is it! When correctly installed, the module should sit upright on the
motherboard and the two locking clips should be flush against the sides of
the module.
11. Repeat these steps for any additional modules that need to be fitted.
Figure 4.67 Install additional memory modules

Your motherboard should detect and automatically set up any DIMM you
install, assuming you have the right RAM for the system using SPD. If you add
a RAM module with a bad SPD chip, you will get a POST error message and the
system will not boot. You cannot fix a broken SPD chip and will therefore need
new RAM module.
After installing the new RAM, turn on the computer and watch the boot process
closely. If you installed the RAM correctly, the RAM count on the BIOS screen
reflects the new value. If the RAM value stays the same, you have most likely
installed the RAM in a slot the motherboard does not want you to use or have
not installed the RAM properly. If the computer does not boot and you have a
blank screen, you probably have not installed all the RAM modules correctly.
Usually, a good second look is all you need to find the problem. Reseat or
reinstall the RAM module and try again. Figure 4.68 displays the incorrect
amount of memory (on the left) after inserting the module incorrectly and the
correct amount of memory on the right after reinstalling the module correctly.
Figure 4.68 Incorrect RAM count (left) and correct RAM count (right)
Use the OS to restart the computer several times. Also, at some point, you
should look at the RAM using CPU-Z or within Windows to ensure the OS sees
the correct amount of RAM installed.
There are a couple of ways to do this in Windows 7:
System Properties: Click Start, right-click

Properties. The total RAM should be listed here.
Computer
and
select
Page 255 of 1229
Task Manager: Press <Windows> + <R> to bring up the Run dialog box
and type taskmgr. Then go to the Performance tab and take a look at the
Physical Memory box. It should display the total physical memory. Keep in
mind that this shows the amount of RAM in megabytes and that 1024 MB is
roughly 1 GB.
CPU-Z: Open CPU-Z and click on the Memory tab.
Removing a memory module

To remove a DIMM module with the computer off and power disconnected,
release the locking clips at each end of the slot and remove the module out of
the slot by hand. Handle the module by its edges and place it in an anti-ESD
bag.
4.3 Processors
At the heart of every computer is a chip called the processor,
microprocessor or CPU (central processing unit). The CPU executes
instructions, performs calculations and coordinates I/O operations. The CPU
chip is a programmable integrated circuit that has millions and billions of tiny
electronic switches, called transistors and signal pathways, within an area
called the die. All CPUs process 1 and 0 bits and each bit has a switch. Like a
light bulb, if the switch is open the bit is on and electricity can flow through.
The CPU reads the open (on) switch as a 1. If the switch is closed (off), the
electricity is blocked and the CPU reads the off bit as 0.
Figure 4.69 Bottom of CPU

As CPUs must continue to process faster, the number of transistors on the chip
will increase. The manufacturing process used to create transistors and how
tightly they and other electrical components can be packed on the chip is
shown in n-microns and n-nanometre (ns) measurements. One micron is a
millionth of a metre and one nanometre is a billionth of a metre. The
architecture
and
components
included
in
a
CPU
(known
as
microarchitecture) are different from CPU to CPU.
4.3.1 CPU manufacturers

For the average user, it does not matter too much which CPU you choose.
However, for the developer, gamer or video editor it can make or break the
computers performance.
Page 256 of 1229
The main CPU manufacturers are Intel and AMD (Advanced Micro
Devices). Intel and AMD currently create many CPU models for desktop, highend computers/servers, laptops and mobile devices that are sold under
different names or families, such as Core, Pentium, Xeon, Itanium and Atom
for Intel and Athlon, Phenom, AMD FX, AMD Fusion, and Opteron for AMD.
Both Intel and AMD reuse model names and continue to improve the
manufacturing process after releasing a new model, but they try to minimise
the number of model names in use. Both companies use code names such as
Core, Haswell, Broadwell, Skylake, Shark Bay, K10, Temash and Kaveri to
keep track of different variations within models.
Mobile devices and laptops have different needs from those of desktop
computers, notably the need to use as little electricity as possible. This helps
to extend the battery life and create less heat.
Note
You might encounter Advanced RISC Machine (ARM) CPUs. ARM uses
a reduced instruction set computer (RISC) chip architecture, and
often runs more quickly and with less power than Intel and AMDbased CPUs, so these CPUs do not need fans. ARM CPUs are popular
in tablets.
4.3.2 CPU operation

A simplified overview of how a processor works is as follows:
The CPU runs a program. When a program (OS, BIOS, application, etc.) is run,
it is assembled into instructions using the CPUs instruction set and then loaded
into RAM. From there, the following stage operations are performed on the
instructions:
Fetch
The I/O unit manages instructions entering and leaving the CPU. The control
unit (which manages all CPU activities) fetches the next instruction in
sequence from RAM. The location in RAM is determined by a program
counter (PC). The instruction is placed in the pipeline.
Note
An instruction pipeline is a technique that increases instruction

throughput (the number of instructions that can be executed in a
given time).
Decode
The control unit breaks up each instruction into commands that the CPU can
understand and can work with, according to the instruction set. The
instructions are called microcode and groups of instructions (1s and 0s) are
collectively known as the instruction set.
For new instruction sets, the OS, applications and sometimes the graphics card
or motherboard BIOS must support it.
Page 257 of 1229
Execute
During this step, the control unit passes the instructions to the execution unit
which is responsible for executing the operation that is specified by the
instruction. The execution unit is made up of several functional components:
Arithmetic logic unit (ALU) performs arithmetic operations such as 4 +

5 = 9, and logical operations such as comparing two pieces of data to see if
they are equal, greater than or less than or finding out if a condition is true
or false. Most CPUs have multiple ALUs.
Floating point unit (FPU) works with the ALU and performs arithmetic
operations on decimal numbers, known as floating point numbers, such as
1.62 x 0.87359. Most CPUs have multiple FPUs.
Registers small, high-speed temporary storage areas that store program
counters, instructions, data and addresses for the different units within the
CPU during processing. Registers are measured in bits. Instructions are
moved in and out of registers to RAM.
Write back
The final step simply writes back or stores the results of the execute step to
an internal register for the next instructions to quickly access or it may be
written to RAM.
After the instruction is executed and the resulting data is written back, the CPU
does the same fetch-decode-execute-writeback instruction cycle but with the
next-in-line instruction because of the incremented value in the program
counter.
Fetch
Decode
Instruction Cycle
Writeback
Execute
Figure 4.70 shows some of the units inside the CPU.
Page 258 of 1229
Figure 4.70 Inside a CPU

Notice the external data bus in Figure 4.70, which traditionally was known as
the system bus or front side bus (FSB) on older systems and ran between
the CPU and RAM and chipset. It has been replaced by newer architectures on
modern systems. Inside the CPU package, data, instructions, addresses and
control signals use the internal data bus. The part of the internal bus that
connects the CPU to its internal cache memory is traditionally known as the
backside bus.
4.3.3 Pipelining and Hyper-Threading

Older CPUs had to finish processing one instruction before starting on another
one. Modern CPUs can process multiple instructions and parts of instructions in
parallel, known as parallel execution. CPUs can do this by using multiple
pipelines, dedicated cache and the capability to work with multiple threads (or
programs) at one time. To get an instruction from the data bus, do the
calculation and then get the answer back out to the data bus, the CPU takes at
least four steps (or stages) described previously:
1.
2.
3.
4.
Fetch: Fetch the data from the external data bus.

Decode: Determine what type of instruction needs to be executed.
Execute: Do the calculation.
Write back: Send the data back out onto the external data bus.
Circuits inside the CPU handle each stage and an operation is not complete
until it has gone through all stages. Modern circuits are organised in an
assembly line called a pipeline. With pipelining, a new instruction begins
executing as soon as the previous one reaches the next stage of the pipeline.
This means that while the CPU is executing one instruction, it is at the same
time fetching the next instruction ready for execution.
Page 259 of 1229
Figure 4.71 Parallel processing with pipelines

To improve the way the pipeline works and to make processing more efficient
and faster, the goal is to keep every stage of the CPU busy on every tick of the
clock (a process called multitasking). The following architectures are used to
achieve this goal:
Superscalar allows the CPU to execute multiple instructions for each

clock cycle at the same time by sending out multiple instructions to multiple
execution units.
Superpipeline allows for a longer pipeline made of very small stages so
that more than one stage can be executed during one clock cycle and so
that many instructions can be in the pipeline at the same time.
Hyper-Threading a thread is a set of instructions that are part of a
program and can be executed at any time. For example, when running a
word processing program, one thread accepts your keystrokes and another
one runs the spell checker while you type. Thus, two threads of the program
run at the same time. Hyper-Threading allows one CPU to run two threads
at the same time, making it appear to the OS as if there are multiple
physical CPUs installed when there are not. This is generically called
simultaneous multithreading.
Note
Hyper-Threading is not physically the same as a multiple-core CPU.

However, just as a dual-core CPU simulates two physical CPUs, a
single-core CPU with Hyper-Threading enabled logically acts like two
separate CPUs to the OS because it can execute multiple threads of
instructions at a time. Operating systems cannot tell the difference.
Hyper-Threading needs to be enabled in the BIOS before the OS is installed for

it to work. Some CPU manufacturers make use of both Hyper-Threading and
multiple cores on some of their CPUs. For example, Figure 4.72 shows a screen
shot of the System Information tool. It identifies the processor as an Intel Core
i7 CPU with four cores and eight logical processors. Each core is using HyperThreading and the OS sees it as eight CPUs.
Page 260 of 1229
Figure 4.72 Msinfo32 showing that Hyper-Threading is enabled
4.3.4 Microcode improvements

CPU manufacturers extend their basic instruction set by adding new
instructions (microcode) to support new features and to boost multimedia
performance. Writing microcode is called microprogramming and the
microcode in a particular CPU is sometimes called a microprogram. Executing
one instruction on different pieces of data is called Single Instruction,
Multiple Data (SIMD). Software must be specifically developed to make use
of SIMD programming.
4.3.5 Multiprocessing and multicore

The following approaches have been taken to further speed up processing:
Symmetric Multiprocessing (SMP) involves using two or more physical

CPUs on the motherboard that share a common OS and memory. SMP is
mainly used in network servers and high-end workstations.
Multicore processing places two or more CPUs (or cores) onto one chip
(die). For example, a quad-core CPU has four cores. Each core is a fully
functioning CPU. Software must be specifically written or updated to support
a multicore architecture.
Note
When multiple CPUs or cores are used, techniques such as

multiprocessing (where each CPU or core typically works on a
different job) and parallel processing (where multiple CPUs or cores
work together to finish a single job sooner) are possible.
Operating systems view the multicores as individual CPUs. For example, a

single eight-core CPU will appear in Task Manager as though it is eight
separate CPUs, as shown in Figure 4.73.
Page 261 of 1229
Figure 4.73 Task Manager showing eight cores of a single CPU

Note
It is important to note that Figure 4.73 is the same view you would
see if you had a four-core CPU with Hyper-Threading enabled. A key
point to remember is that even when a CPU has multiple cores, it is
still a single chip that plugs into the motherboard.
4.3.6 Cache
Because CPUs run faster than slower RAM can give it instructions, you will
always get what is called wait states because RAM cannot keep up with the
CPU. A wait state is a clock tick in which nothing happens. To minimise wait
states, modern CPUs come with built-in, very high-speed memory called cache
memory. Cache preloads or caches as many instructions as possible and
keeps copies of already executed instructions in case the CPU needs to process
them again. Although cache was originally placed on a separate chip on the
motherboard, almost all modern CPUs include cache (on die).
There are multiple levels of cache:
Level 1 (L1) smallest and fastest cache and is closest to the CPU. A
multicore CPU has a separate L1 cache on each CPU core.
Level 2 (L2) bigger but slower than L1; only accessed if the requested
instruction is not in the L1 cache. It is much more common for L2 cache to
be part of the CPU today. L2 is shared by all cores of the CPU.
Level 3 (L3) the biggest and slowest cache; only accessed if the
requested instruction is not in L2 cache and it is shared among all cores. L3
is seen only on high-end CPUs or on motherboards.
Many newer CPUs include L1 cache for each core, L2 cache for each core, and
a single shared L3 cache on the same CPU chip.
Intel Advanced Smart Cache is a cache technology that shares L2 cache
between each core to achieve better performance and improve resource
allocation. Each core dynamically uses up all of the available L2 cache and
when one core is inactive, the other cores will have access to the full cache.
Page 262 of 1229
Note
The CPU cache is SRAM.
Cache comes in KB and MB sizes. With each generation of multicore CPU, CPU
manufacturers have changed the way in which they allocate cache among the
cores. Depending on the CPU model, cache can be available to only one core
(discrete) or to all cores (shared).
Figure 4.74 shows the CPU-Z program displaying the cache breakdown of the
CPU.
Figure 4.74 CPU-Z showing cache details

Note
If cache does not have the needed information, the CPU gets that
information from RAM and stores copies of it in its cache.
4.3.7 Instruction set architecture (32-bit vs. 64-bit)

A CPU can only be 32-bit or 64-bit. This bit value describes the size of the
register. Register size, also known as word size, is measured in multiples of 8
bits such as 16-bit, 24-bit and so on. As the number of bits increases, the
more data bits can be processed in larger chunks and a larger number of
locations in RAM can be addressed at a time.
32-bit a CPU architecture originally based on registers, a data bus and
instruction lengths of this size, although a larger 64-bit data bus and larger
registers have been released along with 32-bit CPUs capable of running 64bit code. A 32-bit CPU must use a 32-bit OS and applications. It cannot run
64-bit software. A 32-bit CPU is also known as an x86, x86-32 or IA-32
architecture.
Page 263 of 1229
64-bit a CPU architecture originally based on registers, a data bus and

instruction lengths of this size. Most modern CPUs are 64-bit, meaning they
can run a 64-bit OS and applications. They also support 32-bit processing
for 32-bit operating systems and applications. Also known as x64, IA-64,
AMD64, EM64T or Intel 64.
Note
The term x86-64 refers to a 64-bit OS or 32-bit CPU that processes

64-bit instructions.
4.3.8 Addressing
The data and address bus runs between the CPU and RAM. The wider the data
bus, the more data can be moved over the bus in one clock cycle. The data bus
is 64-bits wide. To store data in RAM, the CPU has to provide an address that
points to a particular location in RAM using an address that looks something
like 10 or 11, which represents two completely different memory locations.
The CPU accesses memory locations through the address bus. The wider the
address bus, the more memory locations the CPU can access. The address bus
for 32-bit CPUs is either 32- or 36-bits wide. A 32-bit address bus allows the
CPU to access a maximum of 4, 294, 967, 296 memory addresses (4 GB) while
a 36-bit address bus expands that to 64 GB address space. Theoretically, a 64bit CPU can support a 64 exabyte address space but in practice 64-bit CPUs
are limited to 1 TB to stay compatible with 32-bit software.
Address bus between CPU and RAM
Figure 4.75 Address bus
4.3.9 Voltage regulator module (VRM)

The VRM is responsible for regulating the voltage that is delivered to the CPU.
It is located on the motherboard and provides the correct running voltage to
the CPU.
4.3.10 Clock speed

The internal clock speed is the fastest speed at which a CPU executes
instructions and accesses cache, measured in Hertz (Hz). Modern CPUs run at
GHz or billions of clock cycles per second speeds. This speed is also known as
clock rate and clock frequency and is set by the manufacturer.
Page 264 of 1229
Note
The clock speed is the CPUs maximum speed, not the speed at which
it must run. It can run at any speed as long as that speed does not go
over its clock speed.
External clock speed is the speed at which the motherboard communicates

with the CPU, measured in MHz. The external speed is determined by the
system crystal that is either soldered to the motherboard or part of the
chipset. The system crystal sends out an electrical pulse at a certain speed,
many millions of times per second. This pulse first goes to a clock chip that
usually increases the pulse by some multiple. The system crystal repeatedly
fires a charge on the clock wire, setting the tick for the CPUs activities. A
charge to the clock wire is called a clock cycle. In the past, data was sent to
the CPU during one clock cycle, but now data is sent many times during one
clock cycle. Figure 4.76 shows data sent four times in one clock cycle.
Send data
Send data
Send data
Send data
One Clock Cycle
Figure 4.76 Clock cycle where data is clocked four times in one cycle
Note
Clock crystals are not used only for processors and chipsets. Many
chips in the computer, such as those on an expansion card, have a
clock wire that are pushed by a clock chip.
The internal clock speed may be the same as the external motherboard
speed, but it is more likely to be a multiple of it. For example, a CPU might
have an internal speed of 3.2 GHz but an external speed of 800 MHz. That
means for every tick of the system clock, the CPU has 4 internal ticks of its
own clock. This factor is called a clock multiplier. It is a number that when
multiplied by the bus speed gives the CPU its clock speed. Other names for the
multiplier include processor or bus/core ratio, clock ratio, bus frequency
multiple and bus frequency ratio.
To summarise, the speed of a CPU is based on the speed of the system crystal
and the multiplier. As another example, if the speed of the crystal is 100 MHz
and it has a multiplier of 20, the speed of the CPU is 2 GHz (100 x 20). You
commonly see the CPU speed listed as only the multiplied speed.
Page 265 of 1229
Take a look at Figure 4.77. It reveals that this computer has an Intel Core 7
CPU 870 and the clock is listed as 2.93 GHz. The system is using a 133.333
MHz clock (commonly listed as 133 MHz) and a 22 times multiplier.
Figure 4.77 CPU speed

Many modern CPUs have taken over the functions of the Northbridge. The CPU
still needs to communicate with the chipset and there are a few different ways
this is done, including:
Intel Direct Media Interface (DMI) can use multiple lanes, similar to
PCIe.
Intels QuickPath Interconnect (QPI) each core in a CPU has a
separate two-way 20-lane QPI link to the chipset.
AMD HyperTransport used with the FSB to increase speed.
Many modern CPUs with integrated memory controllers have very fast pointto-point serial connections that run between multiple CPUs (cores), between
integrated memory controllers and between CPUs (cores) and the chipset. Both
QPI and HyperTransport have similarities but they are used differently. Both
architectures allow much more data to be transferred in both directions at the
same time (full duplex), increasing bandwidth, and both use a double data rate
(DDR) connection, meaning that data is sent on both the rising and falling
edges of the clock signal.
Note
You might find that the effective rate of data transfers for these
technologies is rated in multiple gigatransfers per second (GT/s). The
industry sometimes uses the term transfers per second to mean
the number of operations that transfer data per second over a given
data channel.
A function called CPUID (CPU identifier) is used by modern CPUs to report

its clock speed to the motherboard and the speed and multiplier are set
automatically. Unless you are overclocking a system by making the CPU run
faster, you do not have to be concerned with these settings. Your responsibility
is to make sure that you install the CPU that runs at a speed the motherboard
supports.
If you want to know exactly what type of CPU you have, its clock speed,
number of cores, threads, CPU package and other information, use CPU-Z.
Figure 4.78 shows the clock speed, multiplier and bus speed and other details
on the CPU tab of CPU-Z.
Page 266 of 1229
Figure 4.78 CPU-Z showing the CPU details
4.3.11 Overclocking
Overclocking involves running the CPUs clock speed higher than that for
which it is rated, to improve performance. The GPU and RAM are other devices
that can be overclocked. Overclocking works by changing the bus speeds, clock
multipliers and voltages for these components. If supported, it can be done by
changing parameters in the CMOS Setup program.
Note
Overclocking is not recommended. Without cooling, it has been known

to destroy CPUs and might make the system unstable and prone to
lockups and reboots. Because of this, many motherboard
manufacturers lock these features to stop users from changing them.
4.3.12 Power management (throttling)

The ability of hardware, the BIOS and OS to work together to reduce power
usage is generically known as power management. CPUs do not need to run
at full speed when they have little or no processing to do. By slowing down or
throttling the CPUs clock speed when there is not much processing to do, the
CPU runs cooler, the system uses less energy and in the case of mobile
devices, its battery lasts longer.
CPUs that support throttling have a built-in thermal monitor or sensor that
monitors its temperature. When the CPU finds that it might get too hot and
overheat, it drops its speed so that the temperature drops to an acceptable
level.
Page 267 of 1229
4.3.13 Virtualisation support

CPU manufacturers have built in support for hardware-assisted
virtualisation (HAV). Virtualisation software allows a user to run multiple
software computers called virtual machines (VMs) as guests on a physical
computer, often called the host computer. You can configure VMs so that
they can communicate and share Internet access with the host machine. Any
time you want to play around with a VM, you would start it by using
virtualisation software.
The key issue from a CPU point of view is that virtualisation used to work
entirely through software, which is not the case now. The CPU needs to
support virtualisation and it usually needs to be enabled in the CMOS Setup
program. On some systems, virtualisation is enabled by default and cannot be
disabled. Figure 4.79 shows the CPU-Z program indicating that the CPU
supports virtualisation.
64-bit processor with

hardware-assisted
virtualisation
Figure 4.79 CPU-Z showing hardware-assisted virtualisation support
4.3.14 Protecting against malware

Data Execution Prevention (DEP) is a security measure supported by both
CPUs and the Windows OS to prevent areas in memory marked for storing data
from executing malicious code called malware.
With DEP that is hardware-based, the CPU marks memory with an attribute
indicating that data inside that memory location can be stored but code cannot
be run. Therefore, even if malicious users succeed in loading malicious code
into memory, they will not be able to run it. Different CPUs have different
capabilities, but at a minimum, the CPU can display a message if code tries to
run from the memory locations marked as never execute (NX) or execute
disable. Even if the CPU does not support this, you can get some protection
through software-based DEP.
Page 268 of 1229
4.3.15 Integrated memory controller

Almost all modern CPUs have an integrated memory controller (IMC),
moved from the chipset to improve the flow of data going into and out of the
CPU. As it is in so many other areas of computing, manufacturers use a variety
of IMCs in their CPUs. In practice, this means that different CPUs handle
different types and capacities of RAM.
4.3.16 Integrated GPU

Graphics is one of the areas that has been increasing as quickly as the CPU
and the two are starting to come together. Putting the GPU into the CPU
improves overall performance, allowing for faster video processing, easier
access to memory while reducing the amount of power used, size and cost.
With the growth of mobile devices and portable computers, all of these are
benefits. The major manufacturers have released CPUs with integrated GPUs
that provide high quality graphics. The architecture differs in some ways, such
as how they use cache on the chip and so on. Some GPU manufacturers also
make CPUs and have combined their CPUs and GPUs for use in their mobile
devices.
4.3.16.1 GPU computing
GPU computing is a term for using the GPU for processing some tasks that
the CPU would normally process using a parallel programming language and
API, but without using the graphics API and graphics pipeline model. This is
different to the general-purpose computing on graphics processing units
(GPGPU) approach, which involves programming the GPU using the graphics
API and pipeline to process intensive non-graphical tasks that would normally
be processed by the CPU while still using the CPU to perform the rest of the
processing tasks. Using the GPU for processing boosts the performance of
applications. While CPUs have fewer cores, GPUs have thousands of smaller,
more efficient cores. From a user's perspective, applications simply run much
faster.
CPU cores
GPU cores
Figure 4.80 GPGPU
Page 269 of 1229
4.3.17 Packaging CPUs

CPUs come in different shapes and sizes and every CPU has a package type.
Chip packaging determines how the CPU looks physically (its form factor) and
how it electrically connects to the motherboard. Every modern CPU package
has a number of versions and each one plugs into a particular socket on the
motherboard. If you ever need to replace a CPU, it is important to recognise
that there are different types of sockets, which are explored next.
4.3.17.1 Zero Insertion Force (ZIF)
In the past, technicians had to use force to plug a CPU into the socket to
ensure that each CPU pin had a good, tight connection to the motherboard.
Unfortunately, it was easy to bend pins and break them, making the CPU
unusable. Fortunately, manufacturers created the zero insertion force (ZIF)
socket which either has a locking lever to the side of the socket that, when
lifted, brings the CPU slightly up out of the socket, or a metal cover and a
locking lever. You can place a CPU into a ZIF socket without any force and
after the CPU is in place, you lock the lever to secure it. This ensures that the
pins are making a good, tight connection to the motherboard. See Figure 4.81
for an example of two ZIF sockets.
4.3.17.2 PGAs and LGAs
Intel CPUs use a land grid array (LGA) package, where the bottom of the
CPU has hundreds of contact pads (or bumps) that line up with socket pins.
Most (not all) AMD CPUs have pins; the sockets have holes into which the pins
can be inserted. The pins on the bottom of AMDs pin grid array (PGA) CPUs
line up with the holes in the sockets.
Figure 4.81 PGA socket (left) and LGA socket (right)

Note
CPUs and sockets are keyed so that the CPU fits into a socket in only
one way. If you feel any resistance when putting a CPU into a ZIF
socket, it indicates that the pins are not lined up. Double-check the
keying and ensure that the CPU is lined up correctly. If you try to
force it, you will likely bend pins and damage the chip or the socket.
Another type of socket you might find in mobile devices is ball grid array
(BGA). The pins on the CPU are replaced with balls of solder. The BGA chip,
which typically has more pins than LGA and PGA, is mounted in the socket and
then heated to melt the solder.
Page 270 of 1229
4.3.18 Common socket types

There are many different types of sockets used by the two major computer
CPUs. You do not need to memorise all of them, but you should be aware of
some modern ones. Table 4.8 lists some modern Intel sockets. Notice the
socket type number shows the number of pins.
Table 4.8 Common Intel sockets
Socket
type
LGA 775
LGA 1366
Number
pins
775
1366
LGA 2011
2011
LGA 1156
LGA 1155
1156
1155
of Information about socket

Also called Socket T. Replaced Socket 478.
Also called Socket B and designed to replace
LGA 755 in some desktop computers.
Also called Socket R. It replaces LGA 1366
sockets in many desktop systems.
Also called Socket H or Socket H1.
Also called Socket H2 and replaces LGA 1156 in
basic desktop systems.
Table 4.9 lists some modern AMD sockets.

Table 4.9 Common AMD sockets
Socket type
Socket
Socket
Socket
Socket
Socket
Socket
Socket
Note
Number of Information about socket

pins
940
940 (PGA)
AM2
940 (PGA)
Not compatible with Socket 940.
AM2+ 940 (PGA)
Replaces AM2. CPUs that can fit in AM2 can
also fit in AM2+.
AM3
941 (PGA)
Replaces AM2+. Supports DDR3. CPUs
designed for AM3 will also work in AM2+
sockets, but CPUs designed for AM2+ might
not work in AM3 sockets.
AM3+ 942 (PGA)
Replaces AM3. CPUs that can fit in AM3 can
also fit in AM3+.
FM1
905 (PGA)
Used for accelerated processing units (APUs).
F
1207 (LGA)
Used on servers and replaced by Socket C32
and Socket G34.
If you buy a motherboard and CPU separately, it is important to
ensure that the motherboard socket is the correct type for the CPU.
4.3.19 Comparing CPU names

To help you understand CPUs and their features and how they might be
advertised, here are two CPUs with an explanation of the names:
Intel Core i7-960 Processor 3.2 GHz 8 MB Cache Socket LGA 1366
Page 271 of 1229
This name tells you it is an Intel processor in the Core i7 family with a model
number of 960 and a 3.2-GHz multiplied clock. The 8 MB cache is the total
amount of cache. LGA 1366 is the type of socket the CPU plugs into and the
1366 is the number of pins.
Phenom II X4 965 AM3 3.4 GHz 512 KB 45 NM

This indicates it is an AMD Phenom II CPU with a model number of 965. X4
means that the CPU has four cores and AM3 is the socket type. The 3.4 GHz
clock speed is the internal speed of the CPU. Cache size is shown by 512 KB,
and in this case, it shows the L2 cache size for each of the cores. The
manufacturing process is 45 nm.
4.3.20 Cooling
Electricity equals heat. Because computers use electricity, their components
create heat as they work and the faster they work the more heat they create.
If they create too much heat, they overheat and become unstable or get
damaged. Thus, it is important to keep the computer cool.
4.3.20.1 Cooling the CPU
CPUs have billions of transistors, all connected with extremely small wires. If
these transistors or wires get too hot, they can easily break, making the CPU
useless. To avoid overheating, a cooler, which has a fan and heatsink, sits on
top of the CPU.
A heatsink is a block of metal with fins that take hot air away from the
chip. It is glued to the surface of the chip with thermal paste (the liquid
paste sits between the bottom of the heatsink and the top of the chip) that
removes air pockets, helping to take heat away from the chip. This paste is
also known as thermal transfer material, thermal compound, thermal
grease or phase change material.
A cooling fan is placed on top of the heatsink and blows the hot air out
into the case. Make sure that the fan you use matches the CPU model to
provide the correct amount of power to cool the amount of heat the CPU
creates.
Figure 4.82 Adding thermal paste to the CPU

There are different ways of fastening the heatsink/fan assembly to the CPU,
the most common being with screws or clips.
Page 272 of 1229
Clips can use retaining screws, pressure release (press down on them and they
release) or a retaining slot. Small screwdrivers can be used to release the clips
that attach using the retaining slot. Clips for fans and heatsinks can be difficult
to install.
Figure 4.83 CPU coolers

Note
When the CPU and coolers are bundled together, the heatsink might
have thermal compound already stuck to the bottom of it and covered
with tape.
You can usually remove the cooler if you need to replace it, although some
CPUs have the fan permanently attached. You might also find a plastic shroud
(cover) over the CPU that directs air to a fan.
Tip
If you are replacing the CPU, you will need to clean off the old thermal
paste from the CPU and heatsink. Some vendors sell cleaning material
to remove this paste, but you can often use cotton swabs and
isopropyl alcohol to remove it.
4.3.20.2 PSU and case fans

The PSU fan provides the basic cooling for the computer. It not only cools the
circuits inside the PSU but also provides a constant flow of outside air
throughout the inside of the case. Case fans are typically square and plug into
special brackets on the case or screw directly into the case. They provide extra
cooling for the components inside the computer. A computer should never be
without one or two of them.
Figure 4.84 Fitting a case fan
Page 273 of 1229
4.3.20.3 Cooling graphics cards, RAM and hard drives

To cool both the GPU and video RAM, many graphics cards come with a fan.
You can also get heatsinks and fans to mount on top of the card to keep it cool
while a fan card can be plugged into an expansion slot next to the graphics
card to keep it cool.
Figure 4.85 A fan expansion card

For RAM modules, consider using a RAM cooler. The fan for the cooler has a
power connector.
Figure 4.86 A ram cooler

For hard drives, consider getting a hard drive cooler.
4.3.20.4 Maintaining air flow
A computer is a closed system. Cases help fans keep the components inside
the case cool. Although some technicians keep the side panel open so that
they can easily get to the components inside the case, this is not the best
practice. A closed case allows fans to create air flow, which cools the
components inside the case. When the side panel is open, the air flow is
disrupted and you lose a lot of cooling efficiency.
Page 274 of 1229
Figure 4.87 Computer air flow

In the typical layout of case fans for a case, the intake fan, near the bottom
of the front panel, brings cool air in from outside the case and blows it over the
components inside the case. The exhaust fan, near the top and back of the
case, takes hot air from inside the case and blows it outside the case. Also,
make sure that all empty expansion slots are covered with blanking plates.
Tip
In addition to thinking about cooling the inside of the computer, you

must also consider where heat goes after it leaves the case. If the
computer is in an enclosed area, the heat will have a hard time
escaping and might end up back inside the case. Therefore, ensure
there is good air flow around the case.
4.3.20.5 Reducing fan noise

When choosing a fan or cooler, consider the noise it makes. To ensure proper
cooling, many technicians install several high-speed fans into the case which
make loud noises. To reduce fan noise, you can use:
A manually adjustable fan which allows you to speed up or slow down

the fan using a switch or software option. Be careful not to slow down the
fan too much and thus let the air inside the case heat up.
A larger fan that spins more slowly and can be less noisy while keeping
good air flow.
A higher-end, low-noise fan (quiet fan).
4.3.20.6 Controlling and monitoring fans

Unlike case fans connected to the PSU, case fans plugged directly into the
motherboard can be monitored and controlled using software. Many CMOS
Setup programs provide some control over fans that are plugged into the
motherboard. Figure 4.88 shows typical CMOS settings for the fans.
Page 275 of 1229
Figure 4.88 CMOS settings for fans, temperatures and voltages

Software is the best way to control fans. Some motherboards come with a
system monitoring program for setting the temperature at which you want the
fans to switch on and off. If the motherboard or the manufacturers website
does not offer one, use a third party program. Some programs allow you to
monitor voltages, fan speeds and computer temperatures with hardware
monitor chips and some even support monitoring hard drive temperatures.
Note
Always make a point of turning on the temperature alarms in CMOS

Setup. If the computer gets too hot, an alarm will warn you. There is
no way to know if a fan has failed other than to have an alarm warn
you or by physically hearing or seeing that it has failed.
4.3.20.7 Fan motherboard connectors

One issue related to fans is where to plug them in. Most motherboards offer
one or more 3-pin or 4-pin headers for fans. The CPU fan uses one of these
connectors and the other connectors are for case fans or the PSU fan. Some
case fans also come with Molex connectors, which are easy to plug in. You can
also get adapters to plug 3-pin connectors into Molex connectors, or vice
versa.
Figure 4.89 CPU fan header

4.3.20.8 Other cooling systems
The following are other cooling techniques you might find in modern
computers:
Page 276 of 1229
Liquid cooling works by running liquid, usually water, through a metal

block heatsink that sits on top of the CPU, taking in heat. The liquid gets
heated by the block, runs out of the block and into a radiator that cools it,
and then it is pumped with a pump through the block again. Liquid-based
cooling can be used for any part that uses a heatsink, including the CPU,
GPU and chipset.
A heat pipe uses science to cool components. In simple terms, a heat pipe
is a sealed tube that has a liquid coolant (water or ethanol). The liquid
absorbs heat which evaporates at one end of the pipe into a vapour. The
vapour travels to the other (cooler) end of the pipe, where it condenses,
giving up its heat, and returns to the hot end of the pipe as liquid and the
process starts over again. A dual heat pipe uses two pipes to provide
better cooling.
A heat spreader is similar to a heat pipe but uses a flat container instead
of a pipe. It is suitable for portable computers.
Figure 4.90 shows a basic diagram of a liquid-based cooling system. A

specialised heatsink is attached to the CPU, using thermal paste just like a
standard heatsink, but this heatsink has channels so that the liquid can flow
through it. The pipe is connected from the pump to the heatsink, and the
pump constantly pumps the liquid through the heatsink.
Figure 4.90 Liquid cooling system

Note
It is important to only use approved cooling liquids and pipes. Check

with the cooling system vendor for details. One of the biggest
challenges with a liquid cooling system is making sure the pipe
connections do not leak, which could damage components.
4.3.21 Researching CPUs

As a computer technician, it is good to know CPU speeds, sockets, models,
code names and other specifications to be able to make knowledgeable
recommendations to customers. This involves visiting Intels and AMDs
websites, and conducting your own research and comparing CPUs:
www.intel.com
www.amd.com
Page 277 of 1229
You can also search other websites that will give you information on the latest
CPUs such as:
www.tomshardware.com
www.arstechnica.com
www.hardocp.com
www.bit-tech.net
If you are trying to replace a CPU with a matching one, you can use the CPU-Z
program to identify the computers current CPU. Figure 4.91 shows the result
of searching Intels website for information about a specific CPU.
Figure 4.91 Researching CPU specifications
4.3.22 Choosing a CPU

As a computer technician, you might be called on to assemble a computer in
component form, replace a faulty CPU, add a second CPU to a system, or
upgrade an existing CPU to improve performance. In all of these situations will
you need to know how to match a CPU to the system that you are installing it
into.
1. When choosing a CPU, choose one that the motherboard supports and the
socket used by the motherboard. You can find this information in the
motherboard manual or by searching the motherboard manufacturers
website.
Page 278 of 1229
2. Choose a CPU by comparing all of the CPUs supported by the motherboard.

Generally you will be looking for the best features according to what the
customer can afford. When you search websites for each CPU, consider the
following characteristics, depending on the CPU and how new it is:
CPU socket.
CPU clock speed or frequency (the higher the better). Look at
benchmarks, which measure different areas of a CPUs performance.
Support for architectures such as QPI and HyperTransport in place of the
FSB.
Number of cores.
Memory cache (the more the better).
SIMD technologies, microcode improvements and other CPU features.
Power management features.
All modern CPUs are 64-bit.
Cost.
Note
You will find CPUs advertised with a speed that you can use for
comparisons. For example, one CPU might have a speed of 2.8 GHz
and another might have a speed of 3.4 GHz. It is safe to assume that
the 3.4 GHz CPU is faster, but the speed is not always tied to the FSB.
3. Cooler assembly: If the CPU does not come with a heatsink and fan
assembly, choose a cooler that fits the CPU and CPU socket, and one that
gets good reviews. You will also need thermal paste if not included with the
cooler assembly.
4.3.23 CPU and system benchmarks

It is inaccurate to compare systems with different CPUs, different amounts and
types of RAM, different hard drives and so on. Benchmark tests typically run
the same series of programs on several computers that are identical except for
one component (such as the CPU), and measure how long each task takes in
order to find out what the overall relative performance is of the component
being
tested.
One
website
that
provides
benchmark
charts
is
www.tomshardware.com. Figure 4.92 shows a benchmark CPU chart listing
different Intel CPUs and their scores from this website.
Page 279 of 1229
Figure 4.92 CPU benchmark chart

Benchmarks are only one approach among many to take when deciding on
what components to choose when upgrading or building a system. The most
accurate way of testing how well a system performs is to run your own set of
operating systems and applications and configurations on it.
4.3.24 Removing the cooler and CPU

It is best to follow the CPU documentation and motherboard manual for the
correct removal procedure. Go through the installation procedure covered in
the next section to see how the installation process works. You can follow the
reverse procedure to remove the CPU. Just remember to remove the thermal
paste with isopropyl and a tissue or non-lint cloth from the older CPU and
heatsink.
4.3.25 Installing the cooler and Intel CPU

It is best to follow the CPU documentation and motherboard manual for the
correct installation procedure. When building a computer, if the motherboard is
not already installed in the case, follow the motherboard manufacturers
instructions to install the motherboard and then the CPU, or install the CPU and
then the motherboard. The order of installation differs between manufacturers.
Here are general steps that you can follow to install a modern cooler and Intel
CPU.
Note

Step1: Start the installation procedure

1. Power down the computer, remove all external cables, drain the computer
of power and open the side panel.
Page 280 of 1229
2. Gently lay the case on a flat stable surface.

3. Take ESD precautions.
4. If a shroud covers the cooler and CPU, remove it by unclipping the plastic
clips that attach it to the case. Look at the shroud for the correct removal
procedure.
5. Make sure there are no obstructions that will prevent you from installing the
cooler and CPU, such as cables. If there are any, remove them by
disconnecting them and so on.
Step 2: Installing Intel coolers and CPUs into LGA sockets
To install Intel coolers and CPUs into LGA sockets, follow these general steps:
Before installing the CPU onto the motherboard, make sure that the CPU
model and motherboard socket are compatible.
Use the motherboard manufacturers website to get the most up-to-date
information.
Do not touch the bottom of the CPU.
The correct way to hold a CPU is by its edges or corners. Do not touch the
pins or contacts on the CPU and socket. Always leave the plastic protective
chip cover in place covering the CPU until you are ready to install it into a
motherboard.
It is very important that the CPU is installed slowly, carefully and straight
down into the socket in the correct way, by following pin 1. Any careless
handling will damage the pins/contacts on the motherboard or socket.
Read all the directions that come with the CPU and cooler before you begin.
1. Open the socket by pushing down the locking lever and gently pushing it
away from the socket to lift the lever and then pull it back in the open
position.
Figure 4.93 Release lever in the open position

2. Using the small metal tab on the edge of the load plate, push down to lift up
the socket load plate.
Figure 4.94 Open load plate

Page 281 of 1229
3. Remove the sockets protective cover and store it in a safe place (do not
throw it away). If you remove the CPU and are not using the socket, the
cover should be left in the socket to protect it. While the socket is exposed,
do not touch the socket pins.
Figure 4.95 Remove protective cover from socket

4. Take off the protective cover from the CPU and hold the CPU by its edges or
corners. Do not touch the bottom of the CPU. Put the CPU cover in a safe
place and use it whenever you remove the CPU from the socket.
Figure 4.96 Underside of CPU

5. Insert the CPU into the motherboard socket. Ensure that pin 1 of the CPU
lines up with pin 1 on the socket of the motherboard:
On the CPU:
Pin 1 might be a bevelled corner or white dot printed in one corner of the
CPU.
Pin 1 might be a square joint where one of the pins is connected to the
bottom of the CPU.
Pin 1 may be a gold triangle or spur on the bottom of the CPU.
On the socket:
Pin 1 might be a difference in the pattern of pin holes in one corner of the
socket.
A 1 printed on the motherboard next to one corner of the socket.
6. Hold the CPU with index finger and thumb, and align it so that the notches
on the edges of the CPU line up with the posts in the socket. Gently insert
the CPU straight down without tilting or sliding the CPU in the socket. To
protect the pins, it needs to go straight down into the socket.
Page 282 of 1229
Figure 4.97 Insert the CPU

7. Verify that the CPU is aligned correctly in the socket. Closing the load plate
without the CPU pins aligned correctly can damage the socket. After the
CPU is inserted, close the load plate.
Figure 4.98 Insert CPU and close load plate

8. Push down on the lever and gently lock it in place.
Figure 4.99 Lock load plate

Your CPU is now correctly in place and ready for heatsink/fan installation.
Before installing the cooler, read the directions carefully and make sure you
understand them. Clips that hold the heatsink/fan assembly to the CPU frame
are sometimes difficult to install. Follow these general steps:
9. The motherboard has holes to hold the heatsink/fan assembly. Take a close
look at the heatsink/fan fasteners that fit over the holes and the clips,
screws or wires that will hold the heatsink/fan in place. Make sure you
understand how this mechanism works.
Page 283 of 1229
Figure 4.100 Locate motherboard holes

10. If the heatsink/fan assembly has a thermal pad pre-applied at the bottom
of it, remove the plastic from the pad. If the heatsink/fan does not have
thermal pad/paste applied, put a thin layer of thermal paste on the top of
the CPU or on the bottom of the heatsink. Spread the thermal paste
evenly over the surface. Do not use too much just enough to create a
thin layer. If you use too much paste, it can slide off the housing and
damage the CPU or circuits on the motherboard.
Caution Never install a heatsink without thermal paste!
11. Align the heatsink/fan assembly over the CPU so that all the fasteners fit
into the holes on the motherboard and the fan power cable can reach the
fan header on the motherboard.
Figure 4.101 Align heatsink/fan

12. Push down on each locking fastener until you hear them click into the
hole. To help keep the heatsink/fan assembly balanced and in position,
push down on the two opposite fasteners and then push down on the
other fasteners. Using a screwdriver, turn the locking fasteners clockwise
to secure them. Later, if you need to remove the heatsink/fan assembly,
turn each fastener counter-clockwise to release them from the hole.
Press
down
Figure 4.102 Lock cooler

Page 284 of 1229
13. Ensure that the heatsink/fan assembly is sitting evenly on top of the CPU.
14. Now attach the power connector from the fan to the motherboard power
header near the CPU.
Figure 4.103 Insert cooler and power

Consult the motherboard manual to find the location of the power (connector
or header) of the heatsink/fan assembly. Ensure that the power cables cannot
get caught in the fan blades and that no other cables obstruct air flow. Check
one last time and make sure that all power connectors are in place and the
other cables are connected to the motherboard.
You are now ready to plug in the computer, turn it on and check that all is
working. If the power comes on, but the system fails to work, the CPU is most
likely not seated properly in the socket or some power cable is not connected
properly. Turn everything off and recheck your installation. If the system turns
on and begins the boot process, but suddenly turns off before the boot process
is complete, the most likely problem is overheating because the heatsink/fan
assembly is not installed correctly. Turn everything off and check to see if the
heatsink/fan assembly is seated and connected properly.
If the CPU is not identical to the one you replaced, check the motherboard and
CPU documentation. After the system is up and running, the BIOS will
recognise the new CPU and adjust settings automatically. You can open the
CMOS Setup program to verify this.
Look for items in the CMOS Setup screen that manage CPU features and make
sure everything is set correctly, including temperatures. On older systems, you
might have to change jumpers or switches on the motherboard to change
voltages, clock timings and other settings.
If the BIOS does not recognise the CPU properly, check if a BIOS upgrade is
necessary for your motherboard. Also make sure that the CPU fan is working.
Access the OS and make sure it boots correctly. Complete several warm boots.
Finally, look at the CPU within Windows and with the CPU-Z program:
Within Windows:
Check Device Manager to make sure that the CPU is identified correctly. From
the list in the right pane of Device Manager, there should be a category named
Processors; click the plus sign + to expand it and the CPU should be listed.
Page 285 of 1229
Figure 4.104 Verify processor installation in Device Manager

You can see similar information in Windows at the System Information tool,
which you can find by pressing <Windows> + <R> key combination to open
the Run dialog box and typing msinfo32 before pressing <Enter>.
With CPU-Z:
A great program to use when analysing and monitoring your CPU.
4.4 Verifying your work done

Before putting the case back together, remember to double check every
connection and task you perform. Depending on what you have done, you
might need to plug in extra devices and cables and perform additional steps.
Read the manuals and documentation that come with the component for the
correct installation, configuration and removal procedure, and visit the
manufacturers website for the most up-to-date information and downloads.
Ask yourself the following questions:
1. Did I remember to secure the motherboard to the case?
2. Did I remember to fit all components, such as fans, PSU, motherboard,
CPU, RAM, expansion cards and drives, and did I configure them correctly?
3. Did I remember to plug in the front panel and back panel connectors
correctly?
4. Did I plug in all power and data cables correctly?
5. Are any cables loose that might get caught in fans?
6. Are there any other parts, such as screws, lying loose in the case?
Page 286 of 1229
Go back and double check all your connections and configurations and make
sure that there are no loose parts inside the case. Also check that all
components are clean and no dirt or dust exists on any component inside the
case.
7. Once you have done this, close and secure the case and connect all external
cables.
8. Turn on the computer and double check the following signs to make sure
the computer is working properly:
Power LED comes on.

Fans start spinning.
Single short beep (or two beeps for some systems) or no beep at all.
Hard drive LED flickers, indicating activity. A grinding or clicking noise
indicates a problem.

o Lab 5: Adding Storage Devices, exercise 1,2, 3 and 4 (p.1517)
o Lab 6: Upgrading Memory (p.18-20)
o Lab 11: Removing and Installing FRUs (p.30-32)
Page 287 of 1229
Unit 5 BIOS and CMOS Setup
Use the CMOS Setup program.

Explain how to update BIOS firmware.
Use firmware and OS independent diagnostic programs.

Module 2 Unit 5 (p.148-162)

Review Questions:
o BIOS (p.162)

(G183eng):
o Lab 7: CMOS Setup
The BIOS (basic input/output system)

component. It has the following functions:
is
an
important
motherboard
Stores and runs the POST program that identifies, tests and initialises basic
hardware.
Stores a basic routine called the bootstrap program or boot loader that
finds the OS and allows it to load.
Stores the CMOS Setup program that stores system parameters. CMOS
also acts as a clock to keep the current date and time.
5.1 CMOS Setup program

Complementary metal oxide semiconductor (CMOS) stores data that is
read by BIOS to complete the programs needed to communicate to hardware.
The data stored in CMOS is needed for the computer to do work! It is very
important that CMOS information is correct. If you change any basic hardware,
you must modify CMOS to show your changes. You therefore need to know
how to change the parameters in CMOS.
CMOS Setup, BIOS Setup or System Setup is the program that allows you
to change hardware parameters. When you boot your computer, the first
screen you are likely to see is BIOS information. It might look like that shown
in Figure 5.1 or something similar.
Page 288 of 1229
Figure 5.1 BIOS information on Startup screen

Note
There are various BIOS companies that write BIOS programs and sell
them to computer manufacturers. You might find the BIOS
manufacturers name on the Startup screen.
You always open the CMOS Setup program during the boot process. The real
question is how to get to the program for a particular computer. BIOS
manufacturers use different keyboard keys or key combinations to open the
CMOS setup program. Usually the keys are shown on the BIOS Startup screen.
For example, at the bottom of the screen in Figure 5.1, it states press the DEL
key to enter BIOS Setup. Keep in mind that this is only one possible example.
Motherboard manufacturers can change the key or key combination for
entering CMOS Setup. You can even set up the computer so the message does
not show. If you do not see an Enter Setup message, wait until the RAM
count starts and then try one of the following keys or key combinations:
Delete <Del>, Escape <Esc>, <F1>, <F2>, <F10>,
<Ctrl>+<Alt>+<Enter>, <Ctrl>+<Alt>+<Esc>, <Ctrl>+<Alt>+<S>,
<Ctrl>+<Alt>+<F1>, or <Ctrl>+<Alt>+<F11>.
It may take a few tries, but you will eventually find the right key or key
combination. If not, check the motherboard manual or the manufacturers
website for information.
Note
Not all BIOS screens display the same type of information and POST
results. Some BIOS or computer manufacturers change the BIOS
screen to show nothing more than their own logo during the boot
process. You can typically enable/disable this feature, called screen
logo or something similar, from within the CMOS Setup program.
5.1.1 Taking a quick tour of the CMOS Setup program

The CMOS Setup program for each BIOS manufacturer looks different, but all
modern programs basically have similar options; you just have to be
comfortable looking around. If a feature is not supported, it will not be listed in
the program.
Page 289 of 1229
Most programs have a Help menu that you can access from within the program
to explain the purpose of each parameter. Always look in the computer or
motherboard documentation for the meaning of each parameter.
This exercise will ask you to open the CMOS Setup program for
your computer and will explain most of what you can expect to
find in the BIOS. Go through this section and then go through
the CMOS Setup program on your computer. Answer the
questions and perform the tasks when asked to. To avoid
making a mistake, do not save anything unless you are sure you
know what a parameter does by changing it.
Step 1: Enter the CMOS Setup program
1. Turn on the computer. You should hear one, maybe two beeps or no beeps
from the motherboard speaker which indicates POST has done its test.
2. Watch the screen carefully and when the BIOS screen appears, press the
proper key or key combination to open the Setup program. You have to be
quick to catch the key combination or try any of the above key or key
combinations listed in the previous section.
3. If you missed it the first time, restart the computer and try opening the
program again. You might be able to pause the initial start-up screen using
the Pause/Break key and then press <Enter> to allow the computer to
continue to boot.
Step 2: Explore each screen, answer the questions and do the exercise
CMOS programs vary widely. The computers you use might have similar
options, but the menus might be named differently and the parameters might
be stored under different menus and submenus. There are several different
CMOS Setup program screenshots in this unit so that you know what you can
expect to work with in the workplace. You can navigate most programs by
keyboard, but some programs support a mouse.
5.1.1.1 Main menu
You are now in the main menu of the CMOS Setup program. From the main
menu, you can go to any other menu and submenu by using the keyboard
arrow keys and pressing <Enter> to select a submenu or option. Depending
on the program, you might be able to see and change the time, date, language
and other information from the Main menu, otherwise navigate to the
Standard CMOS Features menu or another menu/submenu. Figure 5.2 shows
an example of the Main menu for this CMOS Setup program. To move back
one screen, you usually press the <Esc> key or use the keyboard
navigational keys. When saving, you will usually be given the option to save
changes and exit or exit without saving.
Page 290 of 1229
Figure 5.2 CMOS Setup main menu
5.1.1.2 Standard information

CMOS Setup programs have information such as the date and time, BIOS
version, processor, RAM, hard drive(s), optical drive(s), boot order and the
battery on a laptop.
Figure 5.3 System information in different BIOS programs
Page 291 of 1229
Write down the BIOS manufacturers name and version number. (For example:
AMI BIOS 0103.)
5.1.1.3 Date/Time/Daylight Saving
The computers real time clock (RTC) is the battery-powered clock that keeps
track of the second, minute, hour, day, month and year. The OS picks up these
values when it loads. These values can be adjusted automatically within the
time zone parameters in the OS to support daylight saving time (DST). An
incorrect date and time could indicate the CMOS battery is failing.
Daylight saving time (DST): DST is the practice of adjusting time in some
countries to make better use of daylight.
Is the date and time set correctly in CMOS Setup? Yes or no. If your answer is
no, set the correct time and date.
5.1.1.4 CPU features
There will be options for changing CPU features, such as cores, cache, HyperThreading, execute disable, power performance and so on. In many cases,
these features will be detected and enabled by default, but in case there are
not, you know where to find them and change them for troubleshooting if
needed.
Write down any features that the CPU supports and what features are disabled
and enabled. (For example: Hyper-Threading enabled.)
5.1.1.5 Virtualisation
Virtualisation enables you to create an entire virtual computer, recreating hard
drives, RAM, network adapters and more hard as well as software. To run
virtual machines, you will need a powerful physical computer since you are
trying to run multiple computers on it at the same time and assign each virtual
machine with resources such as RAM, hard drive space and so on. To support
this, CPU manufacturers have added hardware-assisted virtualisation and have
named their virtualisation technologies by different names. Hardware-assisted
virtualisation helps virtual machines use physical hardware more efficiently and
is controlled by the BIOS. The virtualisation feature is typically disabled by
default in CMOS Setup on many systems, so if you need to set up hardwareassisted virtualisation, you will need to activate it here.
Page 292 of 1229
Figure 5.4 CPU and virtualisation parameters

Is there an option to enable or disable virtualisation? Yes or no.
Note
If you change the virtualisation setting in CMOS Setup, it is

recommended that you do a cold boot by completely powering down
the computer. You should wait for a few seconds and then start the
computer.
5.1.1.6 Overclocking
Some computers have menus that display information about the CPU, RAM and
GPU, and include parameters for overclocking them to make them run faster
than what the manufacturer intended. See Figure 5.5. Be very careful when
overclocking as it causes devices to create more heat and you could end up
with an unstable or damaged system. If there are overclocking parameters, it
is best to leave them set to Auto or Default and stay away from this screen.
Some manufacturers disable these parameters to prevent overclocking.
Figure 5.5 System performance parameters
Page 293 of 1229
Is there any option to overclock the CPU? Yes or no.

5.1.1.7 Power management
The Power management menu, shown in Figure 5.6, can be used to set soft
power and power saving modes for the computer. These parameters work with
or are sometimes in conflict with the OS power management settings to control
how and when computers turn off and back on to save power. If the BIOS
supports ACPI, you can enable and disable it here. There might be other power
options, such as if a call comes into a modem to wake the computer up and to
power on with a keyboard or mouse. On laptops, you might find battery
performance and screen brightness parameters that can be changed.
Figure 5.6 Power management parameters
5.1.1.8 Wake up
Many CMOS programs give you options for wake up events, such as powering
on when a mouse is clicked or a key is pressed, or waking up a computer over
a network from another computer or a call from a modem or at a certain time
of day. See Figure 5.6 above and Figure 5.7 below.
Figure 5.7 Wake up parameters
Page 294 of 1229
Does your CMOS Setup program allow you to configure wake up events? Yes or
no.
If yes, write down what options the CMOS Setup program supports to wake up
your computer.
(For example: wake up by mouse.)
5.1.1.9 Health check

Many CMOS Setup programs have options for CPU temperature, system or
motherboard temperature, CPU and RAM voltages, and warning alerts. This
menu, usually called computer Health Status or Hardware Monitor or
something similar, also gives options for fan speeds. Generally, the major
temperature, fan speed and voltage values in BIOS can be detected by
programs such as the one shown on the right in Figure 5.8.
Figure 5.8 Health check CMOS parameters (left) and health program
(right)
If available, write down
system/motherboard.
the
current
temperature
of
the
CPU
and
CPU temperature:
____________________________________________________________.
System/MB temperature:
______________________________________________________.
5.1.1.10 Halt on post errors
Some computers allow you to configure the BIOS to stop and ask you if certain
errors happen during the POST part of the boot process, such as to stop on all
errors, on no errors (not recommended), on all but keyboard errors and so on.
See Figure 5.9.
Page 295 of 1229
Figure 5.9 Halt on errors
5.1.1.11 Boot up NumLock status

The NumLock key controls the functions of the numeric keypad on the
keyboard. The NumLock Status option in CMOS Setup tells the BIOS to turn
NumLock on or off whenever the computer starts.
5.1.1.12 Keyboard installed
Some CMOS Setup programs let you specify if there is a keyboard installed.
The default is Installed or Yes.
5.1.1.13 Fast or quick boot
If enabled, fast boot causes POST to skip some tests to speed up the boot
process. Disable this option when installing or testing a motherboard to get a
thorough POST.
Does your CMOS Setup program have a fast or quick boot mode? Yes or no.
On what screen can this option be found?
5.1.1.14 Hard drive BIOS support
Hard drive controllers and every other computer device need to be supported
by the BIOS. Motherboards give support for IDE/PATA and SATA through the
BIOS, but they need you to configure CMOS Setup for the specific hard drives
attached. SCSI drives need software drivers or firmware on the host adapter.
If you plug in a hard drive and turn on the computer, it is very likely that the
BIOS and OS will figure everything out for you.
Configuring controllers
Your first step in configuring controllers is to make sure they are enabled. Most
controllers are already enabled, ready to automatically find new drives but you
can disable them. Go through the CMOS Setup program and find the controller
on/off options (see Figure 5.10 for typical settings). Enhanced enables SATA
and PATA, compatibility enables IDE for older operating systems, and disabled
disables the controller.
Page 296 of 1229
Figure 5.10 Common controller CMOS parameters

Auto-detection
If controllers are enabled and the drive is properly attached, the drive should
appear in CMOS Setup through auto-detection. A hard drive stores the OS
needed to boot the computer and the system needs a way to know where to
look for that OS. Here is how the older IDE auto-detection process worked:
Older BIOS supports a maximum of only four IDE drives on two channels,
called the primary channel and the secondary channel. The BIOS looked
for the master drive on the primary channel when the computer booted. If you
used only one channel, you used the primary channel. The secondary channel
was used for optical drives or other non-bootable drives. Older CMOS Setup
programs made this clear and easy, as shown in Figure 5.11. When you booted
the computer, the CMOS automatically detected the drives and whatever
drives were detected, they showed up in the program.
There are places for up to four drives; notice that only two channels are used
by two drives. The auto-detection screen shows that the IDE drive is installed
correctly. If you had two drives and set both to master, one drive or
sometimes both did not appear, indicating that something was wrong with the
physical installation of the drives. If you forgot to plug in the data or power
cable, the drives would not be seen.
Page 297 of 1229
Figure 5.11 IDE channel setup in CMOS

SATA changes the auto-detection process. There is no master, slave, primary
or secondary channel. For SATA, motherboards use a numbering system. One
common numbering method uses the term channels for each SATA controller.
The first boot device is channel 1, the second channel 2 and so on. A SATA
channel has only a master, because a SATA controller supports only one drive.
So instead of drive names, you see numbers. Take a look at Figure 5.12.
Figure 5.12 SATA channels in CMOS

This motherboard supports six SATA controllers. Each has a number with hard
drives placed on SATA 1 and SATA 2 channels and the optical drive on SATA 6
channel. Each drive is auto-detected and configured by the BIOS without any
configuration other than plugging the drives into the SATA ports.
Page 298 of 1229
Note
On older systems, SATA ports might be named IDE third master or

IDE fourth master or they may be recognised as a SCSI device. Also,
if the SATA drive cannot be recognised, find out if a BIOS update is
available.
How many SATA channels does your motherboard support?
Enabling AHCI and RAID

On motherboards that support Advanced Host Controller Interface (AHCI), you
select it in CMOS Setup. You generally have three options: IDE or compatibility
mode, AHCI or RAID. Use compatibility mode to install older operating
systems. Going to AHCI or RAID enables the AHCI option for the host bus
adapter.
Is there any option to enable RAID? Yes or no.
Boot order
Once supplied power, hardware, firmware and software enables the computer
to boot up. Once POST has completed, it passes control to the BIOS function
called the bootstrap loader. The purpose of the bootstrap loader is to find the
OS by reading CMOS information. The CMOS Setup program has an option that
you configure to inform the bootstrap loader which devices to check for an OS
and in which order (called the boot sequence) so that the OS can load. The
option in the program might be called boot device priority, boot sequence
or something similar. You will usually be able to set 3 or more boot options
that will be tried in order, one after the other, starting with the first boot
device. Your choices are:
Hard drive PATA, SATA or SCSI. If you have a mix of PATA, SATA and
SCSI drives, adjust the CMOS Setup to your preferred drive. A SCSI boot
disk is normally set to ID 0. A SATA boot drive should be connected to the
lowest numbered port. Most likely you will boot from the hard drive with the
OS pre-installed.
Optical drive most likely when you install a new hard drive or an OS, you
will boot from the optical drive first and if there is no optical disc, turn to
the hard drive next. After the OS is installed, to prevent accidental boots of
the disc, change setup to boot first from the hard drive. You might also set
the optical drive as the first boot device if performing a repair install.
USB some systems can boot to USB devices.
Network/PXE a pre-boot execution environment (PXE) network
adapter enables you to get boot settings over a network from a specially
configured network server to download and install an OS.
If you use the wrong boot order, the BIOS will skip straight to the hard drive
and load the OS.
Page 299 of 1229
Note
Boot order is the first place to look when you see this error at boot:
Invalid Boot Disk
Figure 5.13 CMOS boot order

Write down the current boot order for your computer below.
1st device ____________________________________.

2nd device ___________________________________.
3rd device ____________________________________.
Set the boot order (if not set already) to boot first from the hard drive and
then to the optical drive.
Note
If the Quick Boot option is enabled, the system will skip memory and
drive tests to enable faster startup. Also, enabling Boot Sector
Protection provides some protection against malware.
Disk protection and monitoring

SMART allows the early prediction and warning of hard drive failures. Some
BIOS manufacturers support disk protection that enables the computer to
save a copy of the current OS image for recovery purposes. This copy can be
used to recover a computer to a previously saved state.
5.1.1.15 Integrated ports or peripherals
On this menu you can configure, enable or disable adapters built into the
motherboard, such as on-board audio, eSATA, serial and parallel ports, PS/2
ports, USB port and power, FireWire and network adapter.
Page 300 of 1229
Figure 5.14 Integrated peripherals

Write down the name of the peripherals or ports that can be enabled or
disabled in your CMOS Setup program. (For example: USB keyboard, on-board
sound.)
5.1.1.16 Wireless port

Here you can enable or disable infrared (Infrared Data Association [IrDA]),
Bluetooth and Wi-Fi adapters built into the motherboard. On laptops, these
settings can also be turned on and off using the Function (Fn) key.
5.1.1.17 PnP/PCI Configuration
Plug-and-play (PnP) is how devices automatically operate when you plug them
into the computer. PCI is a type of slot used for cards. Parameters for this part
of CMOS determine whether the BIOS or the PnP OS configures PnP devices
not needed to boot.
5.1.2 BIOS Security

Many motherboards for desktop computers and laptops offer several BIOS
features designed to make the system secure. Here is a brief summary of
these methods:
5.1.2.1 Power-on passwords
In many CMOS Setup programs you can set at least two passwords that help
control who is allowed to enter the CMOS Setup program and who is allowed to
boot the computer:
Supervisor/Administrator controls who can enter the program. When
entered correctly, the supervisor password gives unlimited access to view
and change all the parameters in the program.
User controls who can access the entire computer by asking for a password
before the computer boots up fully. The password must be entered correctly
before the computer is allowed to boot.
Page 301 of 1229
Note
Passwords used for BIOS-level security should follow the same rules
as passwords for any user account. That is, they should have a
number of different characters and be a certain length. You can set a
password and find password options under the boot or security menu
or a similar menu in the CMOS Setup program.
Figure 5.15 CMOS password options

Note
If both the supervisor and user passwords are set up, you must enter
a valid password to boot the computer.
Some motherboards provide additional options that either allow you to open
and view CMOS parameters, but not make any changes, or open CMOS Setup
and only make a few changes, otherwise you are given no access at all.
Set the supervisor password to P@ssword and then reboot the computer. Can
you open the CMOS Setup program with this password? Yes or no.
If necessary, reboot the computer. Open the CMOS program using your
password. When you have logged in, remove the password, reboot the
computer, test to see if you can open CMOS Setup again, close it and continue
with the rest of this section.
What to do for a forgotten power-on password
When a power-on password is set and forgotten, most motherboards have pins
that you can jumper together to clear all power-on passwords. This means that
not only must you set the password, but you also need to lock the case to stop
users from opening it and getting to the password-clear jumper; otherwise, the
password serves no purpose.
Provided you know the password to get into CMOS Setup, a password can also
be cleared by entering CMOS Setup and choosing the Clear Password or some
similar parameter. There are also CMOS programs, such as the CMOS save and
restore program, that can be downloaded from the Internet. The program
backs up the CMOS information that you can use to restore at a later time.
This means that you must back up CMOS before setting a password so that it
can be restored to a state without a password.
Page 302 of 1229
If you cannot find the motherboard manual and you do not know how to clear
the password, as a last resort you can try using the Clear CMOS jumper or
button, or remove the CMOS battery for a few minutes to clear CMOS RAM.
Note
These methods will clear all the information in CMOS Setup and set
the parameters to their default settings, so they should be recorded
beforehand.
5.1.2.2 Drive lock password protection

On some motherboards and hard drives, you can set a password that must be
entered before the hard drive can be accessed. This password can generally be
stored using three options:
Computer firmware the hard drive must be used with the specific
computer only.
Drive firmware you can move the hard drive between computers that
have a compatible BIOS.
Full disk encryption (FDE) encrypts the entire drive with a password used
as the encryption key.
Encryption and decryption: In simple terms, encryption takes information

that you can read and scrambles it into an unreadable (encrypted) format
with the help of cipher (a kind of algorithm) so that it can only be read and
understood (decrypted) by someone with the correct key.
5.1.2.3 Trusted Platform Module (TPM)
TPM acts as a cryptoprocessor, a specialised chip built into some modern
motherboards that carries out encrypted operations, and securely protects and
stores encryption keys, certificates, passwords and other security information
used to identify and authenticate users and the computer. Computers that use
TPM have the ability to create encryption keys and encrypt them so that they
can be decrypted only by the TPM chip. TPM can be used for both identification
and authentication.
Identification and authentication: Identification is how you tell the
computer who you are so that it can identify you. Authentication challenges
whether you are who you claim to be when you want to use the computer.
Every TPM chip has a basic set of keys associated with it. The most significant
key is the endorsement key (EK), which is actually a pair of keys created
randomly on the chip when the manufacturer makes the chip. This key cannot
be changed and is unique to the TPM chip. One key never leaves the chip and
is used for decrypted operations, while the other key is used for encrypting
sensitive data sent to the chip. During the boot process, TPM measures
(hashes) key system data such as the BIOS, boot loader and OS kernel before
they are loaded to ensure they have not been changed. Information stored on
TPM is secure from outside attacks and physical theft.
Page 303 of 1229
5.1.2.4 Drive encryption

You can use drive encryption programs, such as Windows BitLocker, or
programs downloaded from the Internet to encrypt everything stored on your
hard drive or a part of your drive (a volume). Drive encryption protects the
data on your drive against anyone who should not be allowed to access it,
especially when it is stolen.
BitLocker works with the TPM chip or a removable USB device (if used as a
boot option) to store the key it uses to encrypt the drive. The TPM chip
authenticates on boot to make sure that the computer has not changed, for
example, that you still have the same OS installed, and that the computer has
not been attacked by some malicious program. TPM also works when you
move the BitLocker drive from one computer to another.
If you have a BitLocker failure because of tampering or moving the drive to
another computer, there needs to be a properly created recovery key or
recovery password that you can use. The key or password is generally created
when you set up BitLocker and should be kept somewhere secure.
Note
BitLocker does not encrypt the Windows volume with the boot files
used to boot the computer; if it did, the computer would not boot.
The CMOS Setup program usually has parameters that can enable or disable
TPM. See Figure 5.16.
Figure 5.16 TPM in CMOS

Is a TPM chip installed in your computer? Yes or no. If yes, is it enabled?
5.1.2.5 LoJack
Some manufacturers include LoJack tracking software in their BIOS. A dialler
program checks in with tracking server on the Internet every day to find out
where the LoJack-enabled laptop is.
Page 304 of 1229
If the laptop is reported stolen, the tracking server can attempt to find the laptop
by either using data provided by the Laptops GPS chip or information from
nearby wireless networks. The tracking server and company can attempt to
remotely lock down the laptop by performing various operations, such as:
Ask the thief to enter a boot password.

Remotely delete sensitive data on the laptop.
Remotely install a key logger program to track the keys the thief presses
on the keyboard.
Remotely install a screen capture program to identify the thief.
GPS: global positioning system (GPS) is a space-based satellite navigation

system that enables a device to find out where the device is on a map.
5.1.2.6 Intrusion detection
Many motherboards support chassis intrusion detection provided by the
computer chassis. Compatible cases have a switch that trips when the case is
opened. With a proper connection between the motherboard and case and
motherboard support, the BIOS logs whether the case has been opened and if
it has, notifies you by way of a management program or an alert at the next
boot screen. Some BIOS manufacturers offer a feature that locks the computer
when an intrusion is found and asks for your supervisor password to unlock it.
Figure 5.17 Chassis intrusion parameter
5.1.3 Advanced Chipset Features

The Advanced Chipset Features or a similar-named screen deals with chipset
functions. Avoid this screen unless you are a highly experienced computer
technician and have been asked to do something here by a support technician
who works for the motherboard manufacturer.
Page 305 of 1229
5.1.4 Load fail-safe/optimised default

The load fail safe default option sets everything to the most stable minimum
performance factory parameters. You might occasionally use this parameter
when very low-level problems, such as lock-ups, occur and you have checked
more obvious areas first. The load optimised option sets CMOS to the best
possible system stability. You would use this option after you have tampered
with parameters and need to put them back to where they were.
Note
If you use automatic setup to load default parameters after you make
changes, all your changes will be overridden. Try using the default
options and then make any changes you want.
5.1.5 Exiting and saving parameters

All CMOS Setup programs allow you to save your changes and exit, or exit
without saving your changes. Use these options as needed for your situation.
5.1.6 UEFI
The original BIOS has not changed much over time in the way it is
programmed. As such, BIOS works only in 16-bit mode and depends on x86compliant hardware. Extensible Firmware Interface (EFI) specification is a
newer type of BIOS. EFI was renamed Unified Extensible Firmware
Interface (UEFI).
UEFI has already replaced BIOS on many systems. It acts as super-BIOS,
doing the same job as BIOS, but in a 32- or 64-bit environment, and offers
additional features such as browsing the Web and launching games without
booting the OS, as well as opening the CMOS Setup program. You can think of
UEFI as a mini-OS that runs on top of the computers firmware, enabling you
to do many tasks at boot time by using your mouse. It works as a nonhardware-specific, non-OS-specific, 32- or 64-bit bootloader. This does not
make POST or system setup go away. They still exist, but UEFI runs instead of
BIOS.
Figure 5.18 UEFI firmware that includes CMOS parameters
Page 306 of 1229
Figure 5.19 shows the UEFI interface for two different motherboards.
Figure 5.19 UEFI interface for different motherboards
5.2 Updating firmware

There are various reasons why a computer might need a firmware or BIOS
update: to provide support for new or upgraded hardware such as RAM and
features such as virtualisation, to solve problems with the current BIOS or
incompatibilities with the OS and so on. Flashing the BIOS erases the BIOS
code and rewrites it with a new version.
Because the update process differs from motherboard to motherboard, here
are a few basic steps:
1. Back up, record and read instructions: Back up the hard drive in case
the update goes wrong and record all CMOS parameters. The update
process will reset CMOS parameters to their default and you will need to
enter them again. Before updating the BIOS, save a backup copy of the
existing BIOS. Without a good backup, you could end up with a computer
that will not boot or an unusable motherboard.
2. Identify what BIOS you are running: You must be aware of the make
and model of your motherboard and preferably the BIOS manufacturers
name and version number. The BIOS version can be found in the CMOS
Setup, system information or CPU-Z programs.
3. Download the latest version of the same BIOS: With the information in
step 2, visit the manufacturers or vendors website and download the BIOS
update file. Updates are listed by system model and version. Avoid beta
(pre-release) versions. The update file will most likely include detail
instructions. Using the wrong file can make the BIOS useless.
4. Choose how to update the BIOS: With flash ROM, you might need to run
a small command line program with an update file downloaded from the
manufacturers website, and thats it, the BIOS is updated!
Page 307 of 1229
Another common option is inserting a removable optical disc (usually a

bootable optical disc or USB flash drive) with the update BIOS file on it and
use the update option in CMOS Setup to perform the update. Some
motherboard manufacturers provide a Windows-based flash ROM update
program that checks the Internet for updates and downloads them for you
to install.
Figure 5.20 displays two different methods of updating the BIOS. The program
on the left is executed from a bootable USB drive while the program on the
right is a Windows-based flash program.
Figure 5.20 Methods of updating the BIOS

5. Flash the BIOS: Run the BIOS flash update from the appropriate media or
OS:
For an optical disc or USB flash drive, use a program to make the drive
or disc bootable, then download and copy the update file to the drive or
disc. Boot to the drive/disc and follow the directions on screen. Then
remove the drive/disc, restart the PC and the update is installed.
Note
UEFI firmware can install a BIOS update from an optical disc from
within the UEFI menu.
From within Windows, download the update file to your hard drive. Close
all open programs and disable virus scanning programs. Double-click the
file to run the update program and follow the directions on screen. The
computer will reboot to enable the update. Most update programs allow
you to back up your current BIOS so that you can return to it if the
update goes wrong. Let the system do the update.
Virus and scanners: A virus is a program that performs harmful actions on
systems when activated. Anti-virus (A-V) software or simply a virus

scanner is designed to protect systems from malware that it knows about;
malware such as viruses.
Page 308 of 1229
Caution Avoid anything that can disrupt the update process, such as a
power failure. When you start a BIOS update, be sure to complete
it.
A computer without a working BIOS will not boot and a failed update can make
the motherboard unusable. If the motherboard gives problems, consider
updating the chipset drivers before performing the update.
There are various steps you can try to recover from a failed update. Some
motherboards have a program that you can use to recover if the BIOS is
corrupted or the update fails. Other motherboards have a flash recovery
jumper or switch used for BIOS recovery.
1. With a jumper, you typically download and copy an update file to one of the
bootable media.
2. You then shut down the computer, set the jumper according to instructions,
and boot and run the BIOS update from the media. There will be no video
but you should hear the POST beep(s) and hard drive activity.
3. Once the drive activity has ended, shut down the computer, remove the
update media and reset the jumper to its normal position and boot.
Figure 5.21 shows how to set jumpers for a particular motherboard. The
jumper in Figure 5.21 can be set to clear passwords, recover from a failed
BIOS update or be set to normal mode.
Figure 5.21 BIOS jumper configuration example

Tip
See the motherboard manual or system documentation or

manufacturers website for specific update steps and how to go about
recovering and protecting the BIOS.
Page 309 of 1229
Finally, do not update the BIOS unless you have a very good reason to do so.
There is a common saying: If its not broken, dont fix it!
Is there an option to update the BIOS in your CMOS Setup program? Yes or
no. If you answer yes, what is the name of the menu or submenu that gives
you this option?
5.2.1 BIOS chip replacement

You might be able to buy a replacement BIOS from online vendors for those
motherboards that cannot be upgraded with software. Consider the following
before ordering a BIOS chip:
The cost of upgrading the BIOS chip.

Although the BIOS will be updated, the rest of the system might be out of
date. If the system is old and not fast enough for your needs, it might be
best to replace the motherboard or system.
If the BIOS chip is soldered to the motherboard, it cannot be replaced. The
chip must be socketed to be replaced.
A replacement BIOS enables you to improve the system operation without
having to reinstall the OS.
If you do update the BIOS chip, make sure the vendor has the correct chip. It
might be a different brand of BIOS than your current BIOS. The vendor will
need the motherboards ID information displayed at bootup. You can download
free programs to display this information for you.
The replacement chip must plug into the motherboard. Some chips are square
and some are rectangular. The replacement chip must support your
motherboard/chipset and it must provide the features you need, such as
support for particular processor speeds and larger hard drives. For steps on
how to replace the chip, refer to the motherboard manual or manufacturers
website.
5.3 Monitoring and diagnostics programs

Some motherboards come with software that sets the temperature at which
your computers fans must turn on and off. If your motherboard does not come
with such a program and the manufacturers website does not offer one, there
are various programs that you can download from the Internet. One such
program is SpeedFan which can be downloaded from www.almico.com.
SpeedFan monitors voltages, fan speeds and temperatures, including hard disk
temperatures in computers that have hardware monitor chips. Figure 5.22
shows SpeedFan and another program called CPUID Hardware Monitor
downloaded from www.cpuid.com that monitors main health sensors, such as
voltages, temperatures and fan speeds.
Page 310 of 1229
Figure 5.22 Hardware monitoring programs

A System Monitor (or Health Monitor or Diagnostic Tool) is a program
typically built into many computers and laptops that can be used to track
computing resources and performance, and warn you of problems such as
device temperature, fan speeds, clock speeds and bus speeds, disk failure,
chassis intrusion and component failure. You can typically run these programs
at boot time or as an OS application.

o Lab 7: CMOS Setup (p.21-22)
Page 311 of 1229
Unit 6 Custom Configuration and Gaming
Build custom systems by choosing appropriate components for

different types of workstations and home systems.
Understand gaming and the requirements of gaming systems.


Review Questions:
o Custom Configuration (p.168)
6.1 Evaluating parts

Part of your responsibilities as a computer technician might be to review and
choose the appropriate parts for a custom system configuration to meet the
needs of the customer. Consider the following steps you can use to find and
compare the right components for specific types of systems:
Step 1: Read reviews
Every hardware component and software product has a review on the Internet
and in magazines. There are two types of reviews: industry reviews written
by professional people and companies, and personal reviews written by
people who bought and used the component or software. Read the
professional reviews as they will more likely give you an accurate review on
the component or software you are researching. Examples of professional
review websites include:
www.cnet.com
Step 2: Read documentation
Learn everything you can about the component or software product. Take
some time to read the technical specifications. Check the vendors or
manufacturers return and warranty policy. Make sure you can find help if the
component does not work or if you have problems with the software product.
Step3: Compare
Compare parts and products from different manufacturers or vendors.
Page 312 of 1229
Step 4: Go out and look at the system or product

If it is possible for you to go to a computer store or vendor to take a closer
look at a particular component or software product, go out and do it. Find as
much information on the product as possible.
6.2 Computers for business use

Most computers used for business purposes will fit into any of the roles
discussed next.
6.2.1 Standard and thin clients
Standard client also known as a thick client, this is an ordinary office

computer that runs applications such as a web browser and office
applications that have been installed locally. It is not dedicated to any
specific role but instead for day-to-day use. To begin researching parts for a
standard client, look at the recommended hardware requirements for both
the OS and software applications you intend to use.
Thin client a computer that runs the OS at its most basic performance
level and is designed to handle only very basic applications. A laptop or
desktop are suitable thin clients. A thin client commonly relies on a remote
network server to do everything beyond the most basic computing tasks.
The thin client is booted into an OS and all keystrokes and mouse clicks and
movements are sent to the remote network server, which runs, processes
and displays the requested application or entire Windows desktop (called
Virtual Desktop Infrastructure [VDI]) to the clients monitor for viewing
along with any sounds that have been requested. If you are helping a
customer identify the resources needed for a thin client, ensure that it
meets minimum recommended requirements for the OS and the application
used to connect to the remote system.
Figure 6.1 Thin client environment
Page 313 of 1229
6.2.2 Workstations
A workstation is a high performance computer that runs more demanding
applications than your standard computer would run. The requirements of a
workstation changes as technologies and standards change.
6.2.2.1 Programming workstation
A programming-based workstation is used by programmers to develop
applications and games in Rapid Application Development (RAD)
environments. A database server is also often needed for testing. Programming
workstations need a fast 64-bit CPU, lots of RAM and a fast hard drive with
plenty of storage space.
6.2.2.2 Virtualisation workstation
A virtualisation workstation is used by different types of professionals to run
one or more virtual machines (VMs) on top of a single workstation called the
host. A developer, for example, might use virtualisation for testing. To achieve
good performance and to be able to run many virtual machines with their OS
and applications on the single workstation, the workstation needs a powerful
64-bit CPU (preferably with hardware-assisted virtualisation), lots of RAM and
a fast hard drive with lots of storage space.
Figure 6.2 Virtualisation workstation

Remember that each VM will use some of the resources on the host system,
but the most important resources are the CPU, RAM and hard drive. For
example, if you want to run four VMs with 2 GB each, youll need at least 8 GB
beyond what you will use for the host. A system with 12 to 16 GB will meet
most needs. Also, VMs are stored as one or more files on the hard disk. As you
install applications on the VM or add data to it, these files grow, so you need to
ensure that the hard drive is big enough to hold them.
Page 314 of 1229
6.2.2.3 Graphics/CAD/CAM workstation

Workstations used for graphic designing, desktop publishing, image editing,
computer-aided design and computer-aided manufacturing ideally need a fast,
multicore 64-bit CPU, lots of RAM start at 8 GB, fast hard drives with lots of
space, a large and good quality monitor, and ideally a high-end graphics card
with on-board RAM and room for possibly more components. They will also
often need special peripherals such as a digitiser and stylus.
Graphic design software is used for designing print or electronic forms of

visual information to create advertisements, books, websites and so on.
Desktop publishing software is used to create high quality documents that
have text and graphics for items such as textbooks, newsletters and so on.
Computer-aided design (CAD) software is used for architectural,
engineering and scientific designs.
Computer-aided manufacturing (CAM)
software
is used for
manufacturing processes and machinery in industries, such as power
generation, food production and automobile manufacturing. CAM is
commonly linked to CAD systems. An integrated CAD/CAM system takes
computer-generated designs and feeds them directly into a manufacturing
system.
Figure 6.3 Designing a car with CAM software
6.2.2.4 Multimedia workstation

A high performance workstation is needed to edit audio/visual files, and create
animations and music. For example, many companies create their own videos
and post them on YouTube as advertisements. The requirements include a
fast, 64-bit multicore CPU with lots of RAM, a large monitor and a large, highspeed hard drive since multimedia files are often large files and need to be
streamed from disk. Additional specific requirements include:
For an audio workstation, a high quality audio interface that connects to

professional audio input devices, such as microphones and instruments.
For a video or visual workstation, in addition to needing multiple
monitors and a powerful CPU, get as much RAM as possible because video
editing is intensive, high-speed hard drives with lots of space to store video
files that take up lots of space, and ideally a professional level graphics
card. Because video workstations are often used as audio workstations, too,
you will often find the same audio interfaces on a video workstation.
Page 315 of 1229
Figure 6.4 Audio workstation with audio systems
6.3 Computers for home use

Computing requirements change once you move away from the office and into
the house. Common types of home systems are explored next.
6.3.1
Home Theatre PC (HTPC)
A home theatre PC (HTPC) or Media Center is a system that is designed to

work as a digital video recorder (DVR) for television, audio player for music
and video player for movies. An HTPC might come in an SFF case with a microATX or mini-ITX motherboard. A key part of designing HTPCs is reducing noise
that fans and drives make (some HTPCs are passively cooled systems because
they have no fans). An HTPC often has a laptop CPU because CPU performance
is less important than running cool. Consider the following when choosing an
HTPC:
TV tuner to receive (broadcast, cable or satellite) TV signals.

To get the best sound experience, choose a surround sound system.
To direct content between the HTPC and TV, get an HTPC with an HDMI or
possibly a DisplayPort graphics adapter.
To get the best picture, choose a graphics adapter that supports high
resolutions, and possibly 3D viewing and a high quality display at the
needed size.
To change TV channels and control the system, get a wireless remote
control, keyboard and mouse.
To stream media content, go for a Gigabit Ethernet connection. The home
theatre could use Wi-Fi, though wired is best for HD content.
To watch and listen to streaming content, you need software. The OS might
come with a media player program or search the Internet for one.
Devices certified with the Digital Living Network Alliance (DLNA) connect
to a home network, find each other and share media. If you share media files
on a Windows computer, for example, a DLNA-enabled TV, game console or
other home theatre device should be able to see those files. Look for the DLNA
logo on devices such as Blu-ray players, network storage boxes, printers,
digital cameras and more.
Page 316 of 1229
Figure 6.5 HTPC
6.3.2 Home Server PC and NAS

A network of computers can be found in many homes and small offices. Here it
sometimes makes sense to have a central place where files and other
resources can be stored, managed, easily reached and secured. One option for
this central place is a Home Server PC running any modern OS or a dedicated
OS that is used for this purpose. A home server PC can use a cabled Ethernet
or wireless connection and is typically used to perform one or more of the
following roles:
Media streaming streaming video and other files from the home server
to remote computers. This server should have a powerful CPU, plenty of
disk space and RAM, a very fast Gigabit network card since the network
connection will be busy and cabling to support these speeds.
File sharing storing and sharing files from the home server. Storing files
on the server allows them to be managed, secured and backed up easily.
You can configure multiple hard drives on the server in a RAID array
according to the customers needs to speed up disk access, increase disk
capacity and avoid losing any valuable data. This server should have a very
fast Gigabit network card and cable connection and plenty of disk space to
store the many different types of files.
Printer sharing a printer can be controlled and managed centrally from
the home server acting as a print server for all home printers. You can
assign printer permissions to control who can print and manage printers and
so on. This server should have a very fast Gigabit network card and cable
connection and extra RAM to support printing.
Instead of building your own customised home server PC, you can go out and
get a pre-configured NAS appliance and attach it to your cabled Ethernet or
wireless network so that users can use it to store and share files and printers.
NAS has a cut-down server motherboard and a hard drive or RAID array with
some kind of OS installed, and usually comes with a Web-based program that
you can use to manage it. The NAS can be a large system designed for a large
network or a small system for a small office/home office (SOHO) network. If
you are going to connect the NAS to the Internet, then make sure that you
have set up security properly.
Page 317 of 1229
6.3.3 Gaming PC
A video game is a computerized game with a story or activity played on a
gaming platform such as a TV, computer, mobile device, gaming console or
other gaming system for the purpose of entertaining or teaching us. A PC
game is software that involves a player interacting with a computer connected
to a monitor, although a PC game works on a gaming laptop as well.
Competition modes are ways to build cooperation and competition into games:
Single-player (me versus the situation)
Two-player competitive (you versus me)
Multiplayer competitive (everyone for himself)
Multiplayer cooperative (all of us together)
Team-based (us versus them)
Hybrid competition modes (combination of the above)
People love to play video games together too and technology gives them lots
of ways to do it, including:
Single player one player plays the game.
Multiplayer local gaming means two or more players playing together in
one place.
Networked play, also called multiplayer distributed gaming, refers to people
playing against other people over a network or Internet at different
locations.
LAN parties are events in which a group of people get together in one
place, but each has his own PC connected to the others over a local area
network (LAN).
When you build a PC for a gamer, you mostly build it around the latest
graphics card technology. The parts you use to build the gaming PC will
depend on how much the customer can spend and their needs. Instead of
following the recommended OS requirements for a gaming PC, you might want
to turn your attention to the system requirements for the latest PC game. Find
a game that came out recently and see what its requirements are. Then, go
beyond those requirements to keep that gaming PC future-proof. Futureproofing means building a PC that keeps it relevant for a few years.
Page 318 of 1229
Figure 6.6 Gaming PC and widescreen monitor

Consider the following when building a gaming PC:
Graphics card When thinking ahead, you should buy a card that is
powerful now and in the near future. Keep the following in mind when
choosing a card:
o Do not get an extremely powerful graphics card that your CPU can barely
handle.
o If the customer wants the best of the best PC gaming experience, you
will need to link multiple high-end graphics cards together.
o Think about what ports are needed by the card VGA, DVI or HDMI, or a
combination.
o Think about cards that support DirectX or any other API.
o How do you know which cards are powerful? Look at the series, memory,
suffixes and benchmark tests:
If possible, choose a card from the latest possible series.
The more memory, the better. A top-notch graphics card with onboard memory and a specialized Graphics Processing Unit (GPU) is
needed for many of the games.
Learn the suffixes, such as GTX, GTS, HD, X, etc.
Use benchmarks on the Internet to compare the performances of
each card. The benchmark shows you how well cards perform during
intense graphical testing, e.g. frame rates during a specific game
sequence, while running through different screen resolutions. Some
common benchmark websites include:
Passmark www.passmark.com
Tomshardware www.tomshardware.com
Page 319 of 1229
Figure 6.7 Graphics card benchmark chart from Passmark
CPU consider clock speed and number of cores. A high-end, powerful CPU
is essential for a great gaming PC experience, with multiple CPUs further
improving the gaming experience.
RAM essential to system performance. If you want games to run
smoothly, you will need to provide enough RAM for them. An SSD drive (or
two) will help load game data into RAM much faster.
Motherboard consider the quality of the motherboard and the CPU
socket and slots it has. Gaming PCs typically use ATX motherboards, which
allow future expansion. Consider the chipset and ports.
Sound card many games take advantage of sound cards that create
surround sound. Games often have three dimensional (3D) sound and a
good surround sound system provides a realistic experience.
PSU make sure it gives enough power. Future upgrades to a gaming PC
will possibly need more power. Remember: power supplies lose power the
older they get.
Cooling a powerful CPU and GPU will create heat so you must consider a
cooling system that can handle the heat.
Hard and optical drives consider disk space to store game files and
optical drives to read game media.
Monitor consider the number of monitors needed, resolution, size and so
on. More and more computer games provide support for 3D displays.
Widescreen displays are better for playing games. Choose a port that
matches the graphics card.
Peripherals some gamers have keyboards and mouses that have extra
buttons that can be customised. Some PC games are best enjoyed when
using a gamepad.
Page 320 of 1229
Case the case is a personal choice and can come in different colours,
lights and features.
Network Gigabit network card for high-speed connections to other
gamers.
6.3.3.1 Game development

Programmers and graphic designers are the people who primarily develop
games, but game development has been expanded over the years to also
include technicians such as musicians and sound designers. Everyone involved
in developing games are managed by game producers.
6.3.3.2 Online and cloud gaming
Online gaming means any type of game that you can play by yourself or with
other players over the Internet or over a computer network. If you want to
have the best online gaming experience, you will typically need proper
hardware, such as a computer or gaming console, that you can connect to the
Internet over a high-speed connection. Some online games need specific
hardware, such as a joystick or gamepad. Gaming software that comes from
an optical disc or downloaded through the Internet will also be a needed.
With online gaming, players can compete in multiplayer games, where many
players play against each other or as a team. These types of games send
information using ports reserved by the game.
Figure 6.8 Playing an online game

Cloud gaming, also called gaming on demand, is a type of online gaming
that allows games stored on the cloud provider or gaming companys server to
be streamed over the Internet to a computer or mobile device. Cloud-based
gaming is loosely called Gaming as a Service (GaaS).
A graphics technology called Grid Visual Computing Appliance (VCA) is a
cloud-based system that runs complex graphics-intensive applications and
sends graphics output over the network to the computer or mobile device. All
processing and storage is done on the cloud providers systems.
Page 321 of 1229
6.4 Virtual and augmented reality

Virtual reality (VR) replaces or combines the real world with a simulated
(make believe) one that is created by using a computing system. VR means
using computer technology to create a 3D virtual world that you can change
and explore while feeling as if you are really in that world. Characters called
avatars move around and take actions in the virtual world. When the virtual
world is similar to a real world and your actions are similar to what you might
do in real life, this is known as a simulation.
Figure 6.9 A virtual world

The idea starts off with you entering the virtual world by wearing a wearable
computing device such as special glasses or headgear and headphones
attached to a computer system. The wearable device, computer system and
the VR program running on the system give you the sights and sounds of the
virtual world.
The gaming industry along with other industries has helped develop graphics
and sound technology that can use VR. Figure 6.10 shows a VR headgear
system with a simulated gaming environment shown in the background. This
headgear has built-in support for the most popular game engines, a highresolution screen, and wider field-of-view optics that connects to a gaming
system using USB.
Figure 6.10 Oculus Rift VR headgear
Page 322 of 1229
Augmented reality (AR) is a variation of a virtual environment (VE) or VR

that takes digital information such as videos and adds extra layers of digital
information over the real-world environment in real-time. Not only can you to
see the real world with computer-generated virtual objects added to it, but you
can also remove real-world information from it. Figure 6.11 shows video clip
taken from a smartphone camera with star wars and other game characters
blended into the real world.
Figure 6.11 Augmented reality
6.5 Gaming trends

You can expect to see more and more games, computers and gaming consoles
supporting gesture recognition-based technologies that possibly reacts to our
emotions and bodily states, 3D interfaces, and more focus on online
multiplayer cloud gaming. Also more and more gamers are contributing to the
design and development of games and even becoming game developers
themselves by creating user modifications (mods). Some mods have
become just as popular as the game they originate from, such as a game
called Counter-strike, which began as a mod of the game Half-Life, which
eventually became a published game that was very successful.
Gamers are actively seeking levels of interactivity beyond what they are
currently getting from their smartphone screens, along with more intuitive
gestural or telepathic interfaces and controls, and the ability to personalise the
physical world to mirror what is possible in games and online.
One trend in gaming is social network gaming, which involves connecting to a
social network using your web browser on a platform such as a computer and
mobile device to play games against or with your social friends.
Page 323 of 1229
Unit 7 Portable and Wearable Computers
Describe many types of portable computing devices

Describe laptop features
Explain methods of expanding laptop functionality
Describe the features and proper use of laptop power
adapters and batteries
Research new trends in portable and wearable computers


Review Questions:
o Laptops (p.189)
7.1 Portable computing devices

A portable computing device enables you to take all your computing
capabilities with you when you move from place to place. The main types of
portable technologies are:
Smartphone a handheld device with a mobile OS that has cellphone and

computer functionality. A smartphone is small in size and weighs very little.
Figure 7.1 Smartphones
Tablet a portable computer that uses a touch-sensitive screen as its

primary input device. Tablets are larger than handhelds.
Page 324 of 1229
Figure 7.2 10 inch tablet (left) and 7 inch tablet (right)
Phablet a device with both smartphone and tablet functionality. It is

usually larger than a smartphone.
Figure 7.3 Phablet
Laptop also called a notebook, a laptop is a fully portable computer that

is similar to a desktop computer, but is smaller, uses less power and takes
up less space. A typical laptop runs the standard desktop OS and
applications. There are various models that can be broadly classed as
laptops. These differ in terms of their size, shape, specifications and
performance.
Display
Keyboard
Hinge
Optical drive
Figure 7.4 A laptop
Page 325 of 1229
One of the most striking differences between laptops and similar portables and
tablets/smartphones is upgradability. You can and should upgrade laptops
while tablets/smartphones do not offer much upgradability when it comes to
their hardware.
7.2 Laptops
As a computer technician, it is important that you identify components and
ports that surround the laptop, and that you know how to install and configure
laptop hardware. In many respects, laptops work the same way as desktop
computers.
Power and extra buttons
Function (Fn) key
Screen
Touchpad
Keyboard
Figure 7.5 Viewing a laptop from the outside

The main laptop components include an integrated screen, keyboard, function
key, touchpad, power button, ports, optical drive and extra buttons. The extra
buttons offer additional functionality, for example, enabling and disabling
wireless, putting the laptop to sleep, turning the sound on and off, and opening
applications such as web browsers. These functions might be enabled through
buttons or function keys.
7.2.1 Laptop input devices

There are different ways of controlling the mouse pointer on screen. You will
typically find a small rubber pointing stick called a TrackPoint on older laptops
placed between the keys in the centre of the keyboard that controls the
pointer. Other older models have a trackball that you use with your finger to
move the pointer on screen.
Page 326 of 1229
By far the most common pointing device on modern laptops is a flat, touchsensitive pad called a touchpad or trackpad.
To work the touchpad, you simply glide your finger across its surface to move
the pointer on screen, and tap the surface once or twice to single- and doubleclick, respectively. Some manufacturers include a multi-touch touchpad to
perform tasks using multiple fingers.
Laptop keyboards commonly have function keys, labelled <F1> to <F12>,
which you can use when working with any computer. For example, you can
press <F1> to open Help in many applications or <F5> in just about any
application to refresh the display. On laptops, you will often find that function
keys have more than one function, which you can access by pressing the <Fn>
key with a function key. The <Fn> key also enables you to toggle other
features specific to the laptop, such as network connectivity and external
displays.
Figure 7.6 shows part of a laptop keyboard with some keys highlighted. The
function keys are across the top and the <Fn> key is on the bottom.
Function keys
Fn key
Figure 7.6 Laptop keyboard with Fn and function keys

Tip
Figure 7.6 shows how one manufacturer is using the function keys,
but there is no standard. Another laptop might be using these keys
for different purposes.
The following section takes a look at the purpose of function keys and other
buttons found on many laptops:
Dual-display also known as dual screen, dual monitor, dual view and
multi-monitor, this is useful when you have a second monitor connected to
the laptop or when the laptop is connected to a projector.
Page 327 of 1229
Figure 7.7 Different dual-display laptop keys

You will usually see multiple choices when pressing the dual-display key, with
one choice selected. Press it again to select the next choice. The choices are as
follows:
o
o
o
o
Computer only video is displayed on the laptops monitor but not on

external devices.
Duplicate video is displayed on both the laptop and on an external
display device.
Extend to extend the desktop and move applications between multiple
displays.
Projector only the laptop display is disabled and only the projector
display is used.
Not all laptops support all of these choices, but they are common. Although the
Function key on many laptops is used to switch between these choices, this is
not always the case. You might have to use the Display applet in Control
Panel to click a checkbox. Some laptops come with their own display
management programs to switch between these choices.
Note
If the display on the laptop is not working, toggle the dual-display key
by pressing it repeatedly to see if the display changes. The user might
have accidentally set it to projector only.
Wireless (On/Off) use this key to turn wireless on and off. The key
typically has a radio transmitting tower icon. You might see the wireless
control in different places. Some laptops have a button above the keyboard
that can control some features. One LED looks like a transmitting antenna and
it is blue when wireless is enabled. If you press it, it changes to orange and
disables wireless. Some laptops have a switch for wireless on the side.
Figure 7.8 Wireless (On/Off) touch panel button (left) and wireless
function key (right)
Page 328 of 1229
Bluetooth (On/Off) laptops with Bluetooth capabilities include a key or

button to enable and disable Bluetooth. It is usually an icon with an uppercase
B printed on it, but it might be something else.
Volume increase, decrease and turn the sound off (mute). Volume settings
commonly use some kind of speaker icon. You control the sound through either
the appropriate Control Panel applet or through some kind of button on the
laptop. Other portables use a combination of the <Fn> key and another key to
toggle sound on and off.
Figure 7.9 Laptop volume and mute keys

Screen brightness increase or decrease screen brightness. The brightness
controls commonly use a circular icon resembling the sun, with a down arrow
to decrease brightness and an up arrow to increase it.
Figure 7.10 Laptop brightness keys

Note
Laptops often switch to a low power plan when on battery power.

When using a low power plan, the screen brightness keys might be
disabled. Pressing them will not change the display.
Keyboard backlight some keyboards have backlights that illuminate the

keys so that they can be seen in dark areas. A key with an icon of a light is
usually available to toggle the backlight on and off.
Lock and F-Lock the <Lock> key often has a lock icon and it locks the OS
when you press it. This is similar to pressing the <Ctrl> + <Alt> + <Del>
keys and choosing Lock This Computer in Windows. The <F-Lock> key often
has the F in a box and the word Lock that functions like the <Caps Lock> key
except that it locks the function keys (<F1> to <F12>), using the other
purpose of the keys.
NumLock on some laptops, the entire numeric keypad (0-9) is added to the
keyboard as secondary keys. These numeric keys may work with the
<NumLock> key or <Fn> key. When you press the <NumLock> key, you
should see an indication on screen that NumLock is on or off. Similarly, you
might see the same type of display for the <Caps Lock> and the <F-Lock>
keys.
Of course, external mouses, keyboards and other devices can be connected to
the laptop using USB or wireless ports.
Page 329 of 1229
7.2.2 Considerations when upgrading a laptop

True laptop technicians are specialists. Upgrading the basics usually means
using a screwdriver and avoiding ESD. Repairing laptops and other portable
devices successfully, on the other hand, needs research, knowledge, patience,
organisation, special tools and documentation. Plus you need a steady hand.
Do not force anything. This section provides an overview of the upgrade and
repair process.
Laptops are made by different manufacturers, and you will find that there are
multiple differences in how they are assembled. Because of their differences,
servicing laptops tends to be complicated and can take time. Some
components are easy to replace while others need extra patience.
Fortunately, manufacturers provide a service manual online; otherwise, you
can search for one on the Web. Do not forget about the user manual, which
might have guidelines for replacing components, such as RAM or the hard
drive, that generally do not need you to take the entire chassis apart. For all
laptop models, check the frequently asked questions (FAQ) web pages for help
in tasks such as opening the case and replacing a component. Figure 7.11
shows the website of one laptop manufacturer with the different support
options available.
Figure 7.11 Seeking laptop support
Page 330 of 1229
When faced with an unfamiliar laptop that a customer brings in for repair, you
have the following options:
Step 1 find a dedicated laptop technician and refer the customer to that
technician.
Step 2 if the problem looks like something you can repair, then search
the Internet for videos and other sources of information. Every portable
computer has a specific make and model.
People have to deal with broken devices, and they sometimes place videos
or a list of troubleshooting steps online on how to repair the problem. This
applies to desktop computers and other devices as well. Take precautions
when following guidelines online; otherwise, you could do more damage
instead of actually fixing the problem.
Step 3 if it is beyond your skills level or it needs a set of expensive tools
that you do not have, then revert to step 1 and go and find a dedicated
computer technician/repair centre. Otherwise, determine what tools and
parts you need. You will have to buy some parts from the manufacturer or
vendor.
If you are going to do the repair, you must find out whether the laptop is
under warranty, which means that support and parts for the laptop are given
for a period of time under certain terms and conditions. Performing tasks such
as removing labelled parts can cause that manufacturer to cancel the warranty
and thus provide no support. If the laptop is under warranty, look at the
documentation on how to get the necessary technical support.
Manufacturers might provide diagnostic software that tests components for a
specific laptop model to find out if they need to be replaced. The software can
be downloaded from the manufacturers website, stored on the disc or stored
on the laptops hard drive.
Laptops from reputable vendors are sold with an OS pre-installed at the
factory. The OS is customised by the manufacturer to the specific needs of the
laptop. In this situation, the manufacturer is called the original equipment
manufacturer (OEM) and the OS is called the OS build. Drivers installed on
an OS build are also specific to proprietary devices installed in the laptop, and
diagnostic software is written specifically for the laptops OS. Therefore, be
very careful when upgrading the OEM laptops OS to a new one. If you have
problems with a component, in many circumstances you will have to go to the
OEM for solutions and updates for device drivers.
7.2.3 Replacement process

To replace some components, you have to open the laptop up fully, remove
many other delicate parts and even strip the laptop down to its chassis.
Laptops open in different ways, depending on the manufacturer. You either
take parts away from the top down, through the keyboard, or from the bottom
up, through the base. Whichever method you follow, pay attention to detail,
where the components are located and how they are connected.
Page 331 of 1229
Because there are many differences between laptop models, there is no

specific set of hardware replacement steps that can be followed that will work
for every laptop. There are, however, some basic steps that you can follow to
successfully take a laptop apart and put it back together again:
Step 1 back up important data.

Step 2 turn the laptop off, unplug it and remove the battery.
Step 3 look at the manufacturers service/user manual, which should
explain how to take that particular laptop apart.
Step 4 use the appropriate hand tools. Laptops do not use standard
connectors and screws. You should have a set of jewellers screwdrivers for
small screws and Phillips, Flat-head and Torx screwdrivers as well. Keep
track of the screws and their locations. You will need a tiny crowbar (pry
bar) or dental pick or wedge to remove cases, connectors and screw plates
without damaging them. Tools that are good to have include a flashlight (to
see in dark places), extractor tool (to pick up tiny screws) and a number of
other special tools.
Figure 7.12 shows an entry-level toolkit for a laptop technician. There are
more professional toolkits that have many more tools.
Figure 7.12 Bare-minimum laptop repair tools
Step 5 put a name on every cable, component and screw location and
take notes or photos of the entire dissembling process. It is common to
tape the screws you remove next to the photos you take or to the
manufacturers documentation to keep track of where each screw goes.
Step 6 organise any parts you remove from the laptop. Store screws and
other small parts in a container of some kind.
Step 7 take ESD precautions. You can attach an anti-ESD wrist strap to
an unpainted metal part of the laptop, for instance, on a port on the back
of the laptop. If a wrist strap is not available, ground yourself by touching
an unpainted metal part before touching any sensitive component inside it.
Keep ESD-sensitive components (CPU, memory, adapter cards, etc.) in
anti-ESD packaging and work on an anti-ESD mat.
Page 332 of 1229
The following laptop repair websites provide useful resources such as links to
major vendors laptop manuals and illustrated step-by-step procedures for
removing many components:
www.insidemylaptop.com
www.laptoprepair101.com
Note
All the exercises in this unit are for demonstration purposes

only. You will not be tested on them in the practical
examination.
7.2.4 Powering the laptop and replacing its battery

Portable computers (and mobile devices) use both mains power and a
removable, rechargeable battery pack to receive power. With mains power, an
external power supply called an AC adapter sitting outside the laptop converts
AC from the wall outlet to DC needed by the laptop to work. AC adapters are
normally universal (auto-switching from 110V-240V 50/60Hz power) while
some are fixed (handling only one type of AC voltage) or have to manually be
set to the correct input.
Adapters are also rated for their power output (65-120W). If either the voltage
or amperage output is too low, the laptop will not run. If either the voltage or
amperage is too high, you can very quickly damage the laptop. Always make
sure the voltage and amperage are at the correct rating before you plug the
one end of the AC adapter into the laptop and the other end into the wall
outlet. This information should be printed on the sticker on the AC adapter;
otherwise, you will need to look in the laptops documentation.
Using an adapter designed for one model on another model is not
recommended. When replacing an adapter, get the manufacturers
recommended model or use a universal AC adapter. When using a laptop in
another country, use a universal AC adapter and get a plug for the adapter
that fits the type of socket used in that country. It is also best to use a surge
protector to protect the laptop from damage caused by too much voltage.
Figure 7.13 Standard AC adapter (left) and universal AC adapter

(right)
Page 333 of 1229
The laptops battery allows it to run for a period of time when disconnected
from AC power. You will see batteries in many different shapes, sizes and
types. Types of batteries include the older and outdated Ni-Cad (nickelcadmium) battery which loses a significant amount of its rechargeability if
charged repeatedly without being totally discharged (a problem called
memory effect); the longer life NiMH (nickel-metal-hydride) battery which is
much less susceptible to memory effect problems, can tolerate overcharging
better, can take more recharging and can last longer between recharge cycles;
and the current lithium-ion (Li-ion) battery, which is more efficient than
earlier batteries.
Relative battery capacity is measured in cells. A battery that has more cells will
have a longer run time but also a longer charge than one with fewer cells. A Liion battery has good storage capacity and discharges slowly when it is not
used. Keep in mind that large capacity batteries are larger.
You can charge the battery in the following ways:
Quick charge plug the laptop into the AC wall outlet with the laptop
turned off. This takes a few hours to fully charge the battery.
Trickle charge plug the laptop into the AC wall outlet with the laptop
turned on. This is a slower charging method that can take several hours to
charge the battery.
Battery charger an external charging unit that charges the battery while
it is removed from the laptop. Keep the charger away from flammable
materials and ensure that there is good ventilation around the unit.
When the battery is fully charged, the laptop continues to run on power
coming from the AC adapter.
Note
Li-ion batteries can explode if they are overcharged, and although

they have built-in circuitry that prevents accidental overcharging, the
circuitry is known to fail when the battery is left to charge for very
long periods, such as overnight. Additionally, Li-ion batteries should
not be allowed to discharge fully.
The battery that comes with the laptop should be able to power all internal
components and common peripherals. If you have power problems, use fewer
peripherals at a time, lower the screen brightness, use CPU/graphics card
throttling features, and disable Bluetooth and wireless devices that are not
being used. If you need extra battery power for more peripherals, you can buy
a second battery pack and fit it to a media bay.
In general, stick to the following best practices:
Always store batteries in a cool place at below 20C.

Keep the battery charged to at least 70-80%.
Page 334 of 1229
Never drain the battery all the way down unless this needs to be done as
part of a battery calibration (where you reset the battery according to
steps given by the manufacturer). Rechargeable batteries have only a
limited number of charge/discharge cycles before overall battery
performance is reduced.
Never handle a battery that is damaged; battery chemicals are very
dangerous.
Recycle old batteries using the correct recycle procedure.
Follow the manufacturers instructions for charging a particular battery to
get the best battery life.
Most batteries are very easy to remove and replace. Just make sure that you
get the manufacturers recommended model. Before inserting or removing the
battery pack, turn the laptop off and unplug it from the wall outlet. Batteries
are typically held in a compartment in the unit that is secured with a sliding
latch or screws on the bottom of the laptop or in a media bay on the side. You
can slide the latch to one side to release it or unscrew to remove the screw
plate. Turn the laptop over, release the latch and allow the battery to slide out
or remove the battery with your hands. Insert the new battery using the
reverse order. Just make sure you insert the battery so that the positive and
negative terminals are in the right directions. Check the laptop manual for the
proper charge time for the new battery.
Removed battery
Battery
goes here
Latch
Figure 7.14 Remove laptop battery
Note
Lithium polymer (LiPO) batteries are a variation of Li-ion batteries

that are used in smaller devices such as tablets, smartphones and
portable media players.
7.2.5 Replacing laptop FRUs

Laptops commonly have plastic cases and other parts that you need to remove
to get to their internal components. They are normally secured with screws
and often with clips or latches. Even after removing screws, you often need to
remove the laptops plastic cover with a pry bar. There are slot covers or card
blanks designed to keep dust out of the memory card and expansion slots. If
you need to replace one of these components, simply get a spare from the
manufacturer, vendor or online, and replace it.
Page 335 of 1229
Figure 7.15 Laptop case

Hard drives, RAM and expansion cards are field replaceable units (FRUs).
This means that the component can be quickly replaced at the customers
location. Other components such as the CPU and motherboard are not usually
field replaceable. If one of these fails, the repair process will take longer and it
usually means bringing the laptop back to the repair centre.
You can get to most of the FRUs you will need to replace from the bottom of
the laptop. You usually have to remove a few screws to get to them. Some
laptops have multiple bottom screw plates while others only have a single
plate. Figure 7.16 shows the screw plates and screw location at the bottom of
two different laptop models. The model on the left has multiple screw plates
(you first have to remove parts to get to other parts). The model on the right
has one screw plate for all internal components.
Battery
Hard drive
RAM
Hard drive, RAM, cards
Figure 7.16 Bottom of two different laptops

Note
Avoid electrical shocks. Always disconnect power and remove the

battery before adding or replacing any hardware. The exception to
this is hot swappable devices.
Figure 7.17 shows the bottom of a laptop with the plate removed. When the
screws are removed, you can remove the plate to get to the internal
components.
Page 336 of 1229
Figure 7.17 Bottom of laptop with back screw plate removed
7.2.5.1 Upgrading laptop memory

Laptops almost always come with a minimal amount of RAM. Two primary
concerns when replacing RAM is to make sure that you use compatible RAM,
memory speed and memory timing (CAS) and that you take ESD precautions.
Laptops use small outline dual in-line memory modules (SODIMMs),
which are smaller than DIMMs used in desktop computers.
Older laptops use a 144-pin SODIMM module with SDRAM technology. DDR
and DDR2 primarily use a 200-pin SODIMM while DDR3 uses a 204-pin
SODIMM, although some laptops use micro-DIMMs. DDR4 uses a 256-pin
SODIMM. The modules are keyed to prevent insertion into the incorrect slots,
for example, a DDR2 module into a DDR3 slot.
Figure 7.18 Laptop SODIMMS: DDR (left), DDR2 (middle), DDR3

(right), DDR4 (bottom)
Refer to the manufacturers website or service manual for the specific RAM
needed. When replacing modules, be sure to buy a matched set with the
fastest speed supported by the system.
Page 337 of 1229
Every laptop offers a unique challenge to the laptop technician who wants to
upgrade RAM. More often than not, you need to unscrew or open a screw plate
on the bottom of the laptop, otherwise you will have to remove the keyboard.
To replace a RAM module, shut down the laptop, unplug it and remove the
battery. Take ESD precautions. Review your documentation to find out where
the module(s) can be found. For this step assume that RAM is added to a
compartment underneath the laptop. Figure 7.19 shows how to remove the
RAM module from the compartment. The compartment is opened by undoing
screws from underneath the laptop and removing the screw plate. This laptop
has two slots for two modules. Some laptops support multi-channel memory.
Each module is held in place with latches that are fixed into each slot that lock
into the notches on each side of the installed module. When secured, the
module lies flat, but when you release the latches by gently pushing them
outwards, the module rises to a 45 degree angle, allowing easy removal.
Figure 7.19 Remove SODIMM

Once removed and placed in an anti-ESD bag, take the new module and gently
push it into the slot, making sure the contacts make a firm connection with the
connector. Then gently push the top of the module down into the slot until it
lies flat and the two latches lock it into place. Replace and fasten the screw
plate, insert the battery, plug the laptop in and turn it on.
The system should recognise the new RAM and display it during the boot
process. If not, double check your work and ensure that the module is of the
correct type and is seated properly in the slot. Finally, boot the laptop into the
OS and make sure the OS sees the new total amount of RAM. You can do this
by right-clicking on Computer from the Start menu and selecting Properties
from the context menu. The System window will appear and display the
amount of RAM installed. You can also test the upgrade by running the
memory diagnostic program available in Windows.
Some laptops (and desktops) support shared memory where the video card
can borrow RAM from the system.
Note
You cannot tell if a laptop is using shared memory in Windows. You

have to go to CMOS Setup to be sure.
Some systems give you control over the amount of shared memory while
others simply allow you to turn shared memory on and off. The parameters are
found in CMOS Setup on only those systems that support shared memory.
Page 338 of 1229
Adding more system RAM to a laptop with shared memory will improve laptop
performance.
7.2.5.2 Replacing the laptop (2.5 inch) hard drive
Most hard drives in new laptops use a SATA connector that is often a combined
power and data connector. Older PATA drives directly plug into a 44-pin
connector, which means you need to pay attention to cabling and jumpers.
Some PATA drive makers may need you to set the drive to use a cable select
as opposed to master or slave, so check with the laptop manufacturer for any
special configuration.
If you need to buy a hard drive for a laptop, ensure that you get one 2.5
inches in size. Compared to its 3.5 inch desktop counterpart, the 2.5 inch
laptop drive tends to be slower and has a lower TB capacity. If you need more
space, you can connect an external drive to the laptop using a media bay,
expansion card or through an appropriate port.
Figure 7.20 2.5 inch hard drives

Both SATA and SSD laptop hard drives are very easy to replace. You can
typically get to them from one of three places. The first and probably the most
common is from a compartment on the bottom of the laptop which you access
by removing a screw plate. The second is from underneath the keyboard and is
the more difficult to access. The third would be from the side of the laptop. In
this last scenario, the hard drive is inside a caddy (casing) that has a handle
for easy removal; it should slide right out of the side of the laptop. Once the
caddy has been removed, you can remove the actual hard drive from the
caddy, then install the new drive in the caddy and finally insert the caddy into
the drive bay. In the other two scenarios there will usually be some kind of
bracket that holds the drive. You must unscrew the bracket from the chassis
and then unscrew the drive from the bracket when replacing it. Hold on to the
bracket for the new hard drive.
Figure 7.21 shows the hard drive removal process for one laptop model. When
you remove the drive, you might need to undo the screws that hold the drive
bracket in place and then you can partially lift up the drive bracket away from
the connector and unplug the hard drive cable connector from the
motherboard. Then, remove the drive from the bracket.
Page 339 of 1229
Figure 7.21 Remove hard drive

The new drive fits into the bracket and then the bracket gets fitted into the
drive bay with a little gap. When putting the drive in, this gap allows you to
place the drive flat in the bay and then push it into the connector. Screw in the
bracket, close and secure the screw plate, insert the battery, plug the laptop
in, boot the laptop, let BIOS find the drive, enter CMOS Setup and see if the
drive is properly seen by the laptop, then exit and let BIOS search for the OS;
otherwise, install it and then youre done. Reverse these steps to install the
new hard drive.
One of the best upgrades you can make to a laptop is adding an SSD. An SSD
uses less electricity (extending the laptops battery life), it does not have any
moving parts and it is very fast compared to a standard hard drive, boosting
the overall performance of the laptop. Figure 7.22 shows an SSD hard drive
that has multiple TB storage space and uses a SATA connector.
Figure 7.22 SSD hard drive for a laptop

Notice that this drive has a Quick Response (QR) code printed on it. A QR
code is a type of 2D barcode that gets placed on an item that can be read by
QR scanners, cellphones with cameras and smartphones. Smartphone users
with a QR scanner application can, for example, scan the QR code with their
camera and the smartphones web browser will open and display the website of
the item or company associated with that code. QR codes can be used for
many purposes such as displaying text and contact information, and for
connecting users to a network or website.
Page 340 of 1229
Figure 7.23 Scanning a QR code with a smartphone
7.2.5.3 Replacing the laptops optical drive

Optical drives are the same size as desktop drives. To remove the drive,
disconnect all power sources. Turn the laptop over so the bottom is facing you.
Find the latch or screw that holds the drive in place. Slide open the latch or
remove the screw. When removed, you can slide the drive out of the bay and
slide the new drive into the bay until it clicks into place and fasten it. Figure
7.24 shows the location of a screw (indicated by the white square) and an
optical drive partially removed from the laptop (indicated by the arrow).
Replace the battery, plug the laptop in and turn it on. After the laptop boots,
open the optical drives tray (if it opens it means the drive has power). Find
your test disc and place it into the drive. Close the drive tray. If Autoplay is
working, the Windows program will open and the disc will start to play.
Figure 7.24 Remove optical drive

Different laptop models use different part/model numbers for optical drives.
Laptops sometimes have removable internal optical drives and some are hot
swappable. Laptops sometimes have slot-loaded optical drives that suck in
discs.
Always check the laptops documentation on how to remove the drive and for a
compatible replacement or upgrade, or check the bottom of the drive for part
numbers that you can use to find a replacement drive online.
Page 341 of 1229
7.2.6 Expanding laptops

There are many ways to expand the capabilities of laptops. Most have external
ports for attaching different devices. You can also take advantage of the latest
wireless technology simply by inserting a card into the appropriate slot on the
laptop.
7.2.6.1 General purpose and peripheral ports
Most laptops support a second monitor by way of an analogue VGA port or
digital port, such as DVI, HDMI, Mini HDMI, Micro HDMI or DisplayPort. Laptops
typically provide USB ports, possibly a FireWire, infrared and eSATA port,
microphone and speaker jacks and possibly network connectivity ports such as
RJ-11 (modem), wireless, Bluetooth and RJ-45 (cabled Ethernet).
Figure 7.25 Common laptop ports

Laptops that come with wireless or Bluetooth have some form of on/off button
to toggle the antenna on or off. This function might be provided by a separate
button or it might be a toggle of the <Fn> key plus another key on the
keyboard. Keep this in mind when troubleshooting.
If you are not using wireless or Bluetooth, turn them off to save electricity and
to make the laptops battery last longer. With Bluetooth, look in Device
Manager to make sure the Bluetooth component is recognised with no errors.
Infrared wireless ports can be used to transfer data between the laptop and
another device over a short distance. Unlike Bluetooth, IrDA connections must
be line-of-sight.
The Ethernet RJ-45 network port might have link lights that indicate whether
there is network connectivity. You turn the network port on and off just like
you would turn off the network card on a desktop computer by disabling the
network card in Device Manager or turning the card off in CMOS Setup. If you
ever plug a laptop into a cabled network and the OS does not see the
connection, check the RJ-45 port.
7.2.6.2 Storage card slots
Many portable computers offer one or more flash memory card slots for
additional storage. These slots also enable the fast transfer of data from the
card to the portable, and vice versa.
Page 342 of 1229
7.2.6.3
Adapter slots and cards
Manufacturers have developed ways for you to add features to the laptop
through expansion slots and cards.
Mini-PCI/PCIe expansion slot
Mini-PCI is an SFF expansion slot that supports 32-bit data transfer at 33 MHz
using 3.3V power with bus mastering and direct memory access.
Mini-PCI cards are installed inside the laptop with their ports generally lining
up with the edge of the outside of the laptop case. There are three types of
Mini-PCI cards:
Type I and II use a 100-pin connector.

Type III uses a 124-pin connector.
Mini PCI cards allow SCSI, SATA, USB, FireWire, wireless, network, sound and
other types of device and memory connectivity. Some mini-PCI cards have
multiple functions such as a modem and network adapter.
Mini-PCIe slots and cards are smaller than Mini-PCI but they can carry more
data. Their cards have a 52-pin edge connector, support USB 2.0 and PCIe x1
lane functionality and use 1.5V and 3.3V power.
PC Card
For many years, the Personal Computer Memory Card International
Association (PCMCIA) established parallel bus standards involving laptops
and other portable computers, especially when it came to expansion cards,
which are generically called PC Cards. See Figure 7.26. PC Cards are small,
credit card-sized cards that come in three sizes: Type I, II and III, each
differing in the thickness of the card (Type I being the thinnest and Type III
the thickest).
Each card has at least one function, such as networking, but many have more.
All cards are hot swappable (hot-pluggable) and they insert into a slot in the
side of a laptop. All slots are backward-compatible and most laptops offer
multi-purpose slots for different cards.
PCMCIA 2.0 are 16-bit, 5V cards that can be used in PC Card and CardBus
(PCMCIA 2.1) slots. CardBus are 32-bit, 3.3V cards that support 133 Mbps
speeds and their slots are keyed, which means they cannot be used in
PC Card slots.
Figure 7.26 CardBus cards for networking, FireWire and USB
Page 343 of 1229
To insert a PC Card or Cardbus card, just push it into the slot until it stops.
Then attach any cables or dongles needed for operation. To remove it, remove
any cables or dongles. Click the Safely Remove Hardware or Eject icon in
Windows. Stop and wait for the computer to acknowledge that the card can be
removed, and then push the ejector button and pull the card out of the slot
and store it in its case or anti-ESD bag.
ExpressCard
Some newer laptops include an ExpressCard slot and there are a wide variety
of ExpressCards available that provide USB, eSATA, network, FireWire,
memory, sound and many other functions. ExpressCard is a serial bus using
1.5V power. Its slots are not backward-compatible with PCMCIA. Figure 7.27
shows the two ExpressCard versions.
Figure 7.27 ExpressCard/34 (left) and ExpressCard/54 (right)

Both versions are 5mm thick and 75mm long. ExpressCards connect to either
the USB 2.0 or PCIe bus and support Mbps and lower Gbps speeds. While
technically ExpressCard 2.0 cards have USB 3.0 ports, they connect to the
PCIe bus and therefore are not capable of true USB 3.0 Gbps speeds.
Figure 7.28 shows a comparison between ExpressCard/34, ExpressCard/54 and
PC Card.
Figure 7.28 Comparing ExpressCards and a PC Card

Note
The trend for newer and lighter laptops is to include multiple USB
ports rather than ExpressCard or PC Card slots as the means of
connecting peripherals to the laptop.
To insert an ExpressCard, just push it into the slot until it stops. Then attach
any cables or dongles needed for operation. To remove it, remove any cables
or dongles. Click the Safely Remove Hardware or Eject icon in Windows. Stop
and wait for the computer to acknowledge that the card can be removed. Push
in the card to release it and then pull the card out of the slot and store it in its
case or anti-ESD bag.
Page 344 of 1229
7.2.6.4 Replacing laptop expansion cards

You will find these types of expansion slots in a modern laptop: the older MiniPCI or modern Mini-PCIe. The modular models will usually have a compartment
on the bottom that you can get to by simply opening a screw plate. Other
models will have the card underneath the keyboard. The card is often installed
flat against the motherboard.
The Mini-PCIe slot is smaller than a Mini-PCI slot and it does not have clips on
the side of the slot that can be found on a Mini PCI slot. A Mini-PCIe card has
screw holes at the top of the card and a break near the centre of its connector.
As well as avoiding ESD and removing all power, you should also disconnect
wires that connect to the card, which might be screwed into place or snapped
into place. To connect a wireless-enabled laptop to a wireless network, for
instance, it needs to have an antenna. The antenna is commonly found inside
the screen, either at the top, when the display is opened or on one or more of
its edges. Wires run from the antenna to a wireless card inside the laptop. Not
only will you need to connect the wireless card to the slot properly, but you
must reattach the antenna connections and often a separate power cable. Pay
attention to the placement of these vital connections when removing the card
and inserting a new one.
Figure 7.29 shows a wireless card and its two connector wires.
Figure 7.29 Laptop wireless card and wire connectors

This wireless card has two wire connectors, but if a laptop has three wire
connectors, the one wire will not be used. This provides a good example of the
importance of labelling wires when you are taking the laptop apart. One wire
must connect to pin 1 (MAIN) and the other must connect to pin 2 (AUX). If
the wires are not labelled, you should label them. If the laptop has a third wire
connector, it should be labelled MIMO (multiple input and multiple output),
indicating that it is used only if the card supports a wireless standard that
supports multiple antennae, which is not the case in this scenario. The wires
from the wireless card run to an antenna normally found on the top of the
laptop screen; otherwise, on the sides. Remember to store cards in anti-ESD
bags. To reinstall a card, reverse the steps.
If wireless is disabled, the laptop cannot connect wirelessly, even if the device
is enabled in the Device Manager. Many laptops use proprietary software for
the configuration of wireless network connections, instead of using the built-in
Windows wireless program.
Page 345 of 1229
Some modern wireless adapters support multiple wireless standards, allowing

the laptop to connect to different wireless networks. Some laptop models
include a built-in cellular modem that allows you to use your cellphone to
connect to the Internet.
Bluetooth modules and adapters enable a laptop to connect to other Bluetooth
devices over short distances. A Bluetooth module is installed inside the laptop,
and an adapter comes as an individual Mini-PCIe card or as a combo
Bluetooth/WLAN Mini-PCIe card. External USB and ExpressCard Bluetooth
adapters are also available.
7.2.7 Replacing the laptops keyboard and touchpad

You will often have to remove the keyboard to get to the motherboard and
some other internal components. There are different ways for different models,
so it is best to check the laptops documentation before starting. The general
steps are as follows:
Step
Step
Step
Step
1:
2:
3:
4:
Remove
Remove
Remove
Remove
battery and other parts to access the keyboard.

necessary keyboard and other screws.
parts that secure the keyboard.
keyboard.
Partially lift the keyboard up but not all the way up since there is a cable
connector that attaches the keyboard to the motherboard. This cable is known
as a flex cable. Gently work the connector out of the slot. The connector
usually has two locking tabs, one on each end of the flex cable connector. Use
a small screwdriver or toothpick to move these tabs into the unlocked position.
Otherwise, with another connector you must pull it up and away from the
motherboard connector as shown in Figure 7.30. Now you can lift the keyboard
up all the way and you are ready to install the new one.
Figure 7.30 Keyboard flex cable connector

Step 5: Install the new keyboard using the reverse process.
Step 6: Close it all back up and check functionality by testing keys.
Figure 7.31 shows various pictures of replacing a keyboard for a particular
laptop model.
Page 346 of 1229
Figure 7.31 Replacing the laptop keyboard

Tip
A USB keyboard can be used in place of the laptop keyboard when the
laptop keyboard is broken or in for repair.
If you need to remove the touchpad, you can usually do this after removing
the keyboard, and you might have to remove other components such as the
hard drive and optical drive that block access to the screws that hold the
touchpad in place. Details vary from laptop to laptop.
Touchpads are usually held in place with a clip and connected to the
motherboard with a cable. Carefully remove the clip and the cables connector
and you will be able to remove it. Reverse the steps to replace the touchpad.
Figure 7.32 Laptop touchpad
7.2.8 Replacing the laptops speaker

Replacing the internal speakers on a laptop can be simple or difficult,
depending on where the speakers connect. Some laptops have speakers
mounted on the outside of the chassis. You pry off the covers, pull out the
speakers, disconnect the cable, and then reverse the process for replacement
speakers. If the speakers are inside the chassis, you have to take the laptop
apart and remove the keyboard.
Page 347 of 1229
It is often held in place with one or more screws and has a connection to the
motherboard. Remove the screws and the connector and you will be able to
remove the speaker. To replace the speakers, reverse the steps.
7.2.9 Laptop video, graphics and displays

Laptops have a built-in display screen. The size of the screen varies between
models but is typically over 10 inches (diagonally). The display will be one of
the following types:
LCD (TFT) with fluorescent backlight. The backlight is a bulb that

shines light through liquid crystals to create the image, making the screen
bright and clear. By changing the way the crystals are oriented, they
change the light differently and display different colours. The inverter sends
power to the backlight.
LCD with LED backlight. This uses the same type of liquid crystals used
by the LCD screen, only that LEDs are used as a backlight instead of a
fluorescent backlight.
OLED. An organic compound provides the light for the screen, thus
eliminating the need for a backlight and inverter.
Tip
Refer back to Unit 3 for more information on how these display types
work. Plasma displays have not been used for laptops for a long time
because they use a lot of power and their internal design makes them
unsuitable for use in laptops.
Laptops that include a fluorescent backlight bulb use an inverter to convert

invert DC voltage that powers the laptop to AC voltage to power the
backlight. The inverter is a small circuit board connected with screws and has
plug-in connectors. One connector receives DC voltage from the motherboard
and the other sends AC voltage to the backlight. Unfortunately, the inverter
and backlight on a traditional LCD screen are most likely to fail. If the display
flickers or the image is dim, the problem is likely the backlight or inverter.
The inverter sometimes includes a replaceable fuse, but typically you have to
replace the entire inverter board when it fails. Figure 7.33 shows what an
inverter looks like. Dangerous voltages exist on the inverter when the system
is turned on. Do not open a laptop or handle the inverter when the laptop is
turned on, and you should remove the battery before opening the laptop.
Figure 7.33 Inverter board
Page 348 of 1229
Tip
If the screen has an LED backlight, then the entire screen panel must
be replaced. For an OLED screen, there is no inverter and backlight to
replace.
The graphics adapter in a laptop does the same thing that the computer
graphics adapter does: it generates and manages the image sent to the
screen. On lower end laptops the graphics adapter is often built into the
motherboard chipset and most often shares system RAM with the CPU. For
graphic-intensive tasks, shared memory can slow the system down quite a bit.
Despite this, integrated graphics help with battery life and cooling.
Figure 7.34 Laptop GPU

Higher end laptops often come with a dedicated graphics card that most often
comes with on-board RAM. Few laptop graphics cards are upgradeable since
higher end cards tend to have specific power and cooling requirements, though
some are replaceable with the same or a similar spec card. Few laptops have
switchable graphics with both an integrated adapter and card installed. You
can choose between using integrated graphics and a dedicated graphics card.
Figure 7.35 Laptop graphics card

Most modern gaming laptops have a power-efficient, high-end graphics card
that significantly uses battery power and needs an advanced cooling system to
keep it cool. One recent development for gaming laptops is SLI.
One major problem affecting the performance and operation of gaming laptops
is the proper cooling of their heat-intensive components that have to operate
in a fairly small-sized case. Manufacturers have attempted to use the same
performance hardware that is used in desktop computers for these laptops, but
this has resulted in them decreasing the clock frequency of the graphics chips
to reduce the amount of heat created.
Page 349 of 1229
Figure 7.36 Gaming laptop

Some manufacturers sell replacements of the entire screen assembly. In other
models, you will need to take the screen apart to get to the display panel. This
can be easy or difficult depending on the model and parts attached to the
screen. The following are some general steps you can follow to replace the
screen:
1. Shut down the laptop, unplug it and remove the battery. Take ESD
precautions.
2. The screen typically cannot be removed until you have removed parts from
the bottom of the laptop to get to the screws holding the keyboard in place.
This might mean removing the keyboard first. If this is the case, remove
the keyboard.
3. Depending on the model, there might be a few other connections to
unscrew and remove.
4. Remove the screws holding the hinges down to the base of the laptop.
5. Disconnect the flex cable and any other connectors from the screen to the
motherboard.
6. Several screws hold the screen on the plastic bezel (cover) that surrounds
the screen. These screws are covered with plastic domes or some other
cover. Remove the domes and then remove the screws.
Figure 7.37 Laptop screw with dome removed

7. Carefully start separating the plastic bezel from the display back panel.
Insert the pry bar between the bezel and back panel and slowly pry around
until the bezel is removed completely from the back panel.
8. Remove the screws that secure the screen to the display back panel.
9. Separate the screen from the display back panel.
It is important to remember that the wireless adapter includes connections to
the antenna in the screen bezel.
Page 350 of 1229
Therefore, do not try to remove the screen completely without first

disconnecting these cables from the wireless card to the antenna. Additionally,
many screens include other components such as a webcam and microphone so
you will need to remove these connections as well.
10.
With the screen separated, you should be able to get to and unplug the
video (display) cable from the back of the screen. Unplug the video cable
from the connector at the back of the screen.
Figure 7.38 Remove screen video cable

11.
For some screens, when you separate the screen you will see the
inverter card. The inverter (if used) typically has two connectors.
Disconnect these and remove the inverter. As always, hold the circuit
board by its edges and try not to touch any actual circuits or chips. You
can buy inverters from various places online, including the manufacturer
of the laptop or laptop display. Make sure you are getting the right part
number. Connect the flex cable and the other connector to the inverter
board.
Tip
At this stage, the bulb could be replaced (if it failed) on some laptops.
It is usually found on the back of the screen at the bottom. However,
some screens have non-removable bulbs. If this is the case, the entire
screen must be replaced.
To find the new replacement screen, you can search by the part/model number
printed on the back of the screen.
12.
13.
14.
15.
16.
17.
Secure the new screen back into the back panel.

Snap the bezel around the screen and screw it in.
Replace the domes that covered the screws on the bezel.
Reconnect the screen assembly to the rest of the laptop; the hinges
normally connect with a few screws. Make sure the assembly is put
together with a tight fit so that all screws line up well.
Reconnect the flex cable and any other connectors from the screen to the
motherboard.
Finally, reconnect and screw in other components, and youre done!
Page 351 of 1229
Figure 7.39 Replace laptop screen
7.2.10 Replacing the cooling fan, CPU and motherboard

A laptop needs to blow hot air away from its components. To accomplish this, a
laptop might have fans on the side or bottom.
If a port or component on the motherboard fails, you can use an external
device rather than replace the motherboard, unless you have to. If you need to
remove the motherboard, you usually have to remove all other components in
the system. This includes removing all the parts that you can get to from the
bottom of the laptop and then removing the keyboard and other parts from the
top.
One important step you will need to take is removing the CMOS clock battery.
It gives power to the motherboard to keep the clock running and should be
removed before removing the motherboard.
Tip
Because it takes a long time to remove the motherboard, it is very

important to label screws and cables, indicating where they must go.
If the CPU is soldered to the motherboard, you will not be able to replace it,
but if the CPU can be replaced, then you should read the manufacturer's
manual for detailed instructions.
Figures 7.40 to 7.42 show some of the steps for taking a particular type of
laptop model apart.
As you can see in Figure 7.41, the CPU has an elaborate heatsink and fan
assembly that includes both the CPU and chipset. Each of the components
screws down in multiple places, plus the fan has a power connection. Some
models have a fan that is separate from the heatsink. No matter what cooling
system is used, the CPU cannot be replaced without removing the fan and
heatsink.
Page 352 of 1229
Figure 7.40 Remove motherboard
Figure 7.41 CPU under heatsink
Figure 7.42 Remove the CPU

When putting the laptop back together again, all steps are done in reverse.
Tip
Laptop CPUs use different sockets than desktop CPUs. They are not
interchangeable.
Install the CPU first, followed by the heatsink, fan (if not built into the
heatsink) and the rest of the laptop components you took out.
7.2.11 Repairing a DC Jack

Laptops use a power adapter that plugs into an AC wall outlet and converts the
AC voltage to DC voltage. The other side of this adapter plugs into the DC jack
on the laptop, which is soldered to the motherboard. Occasionally, the port can
become loose over time or the DC jack becomes loose and needs to be
replaced. It is not an easy task to replace the jack because it means you will
not only have to take the entire laptop apart, but also unsolder and remove
the old jack and solder the new one into place.
Page 353 of 1229
Then you will rebuild the laptop and hope it works. As with other components,
follow the procedures in the manufacturers instructions in the manual.
Figure 7.43 DC power jack
7.2.12 Reassembling the laptop

Consider the following general steps when putting the laptop back together
again:
Put it back together in the reverse order in which you took it apart.
Be sure to tighten (not over tighten) all screws. Loose screws and other
parts can be dangerous because they can cause an electrical short as they
move about inside the laptop. Make sure there are no loose parts before
turning the laptop on.
7.2.13 Maintaining laptops

Constant handling, travelling and so on can shorten the life of a portable
computer if you do not take care. To manage and keep a portable computer
healthy, you need to deal with heat and dirt. Too much heat and dirt can cause
system lockups and hardware failures, so you should handle these issues
wisely. Try this as a starter guide:
Use power management, even if you are plugged into the AC wall outlet.
Always use a hard, flat surface to allow the cooling fan and vent on the
bottom to work properly.
Page 354 of 1229
Listen to the fan, assuming the laptop has one. If it is running very fast
(you can tell this by a high pitched whirring sound), then take a look at your
power management settings and your environment and change whatever it
is that is causing it to hold on to that heat. Be alert to a fan that suddenly
goes silent. Fans do fail, causing overheating and failure. All laptop fans can
be replaced easily.
Clean the laptop regularly as follows:
o Use a computer vacuum cleaner or compressed air can to clean vents.
o Use compressed air can to clean the keyboard.
o Use a soft cloth and approved cleaning solution (or water and mild
detergent) to clean the screen, touchpad and case.
Although some (not all) laptops can take knocks and can survive being
dropped, it is best to carry the laptop in a suitable case.
7.2.14 Port replicators and docking stations

Port replicators and docking stations add connectivity and expansion
capabilities to laptops and other portables:
Port replicator by plugging this port-based device into your laptop, you can
connect full-sized monitors, keyboards, network and other peripheral devices
to your laptop. You can attach both old and new devices.
Figure 7.44 Port replicator

Docking station this looks and works like a port replicator, providing you
with both old and new single- and multi-function ports, but it also has slots for
expansion cards and storage devices through a media bay. Many laptops can
hot dock, meaning you can connect to the docking station while powered on.
The docking station recharges the laptops battery and possibly a second
battery. It is common for a docking station to be directly connected to a
network.
Figure 7.45 Docking station
Page 355 of 1229
Media bay: A media bay holds a device that you can switch with another.
Although laptops most often connect to port replicators or docking stations
with USB ports, some manufacturers have proprietary connections for
proprietary port replicators and docking stations. To use a port replicator or
docking station, plug all the peripherals into it and then connect the laptop to
the port replicator or docking station. For universal port replicators that can be
used with different laptop models, software drivers must be installed before
connecting the replicator. Standard port replicators might include drivers, or
the driver might come pre-installed.
7.2.15 Securing laptops

If someone really wants to steal your laptop, they will find a way to do it.
There are, however, some measures to make yourself and your laptop less
desirable targets. One physical deterrent is a cable lock. There are a number
of locks available that you can use to chain your laptop to a heavy object, such
as a desk. These locks are operated using either a key or a combination (e.g.
number code) and have a woven steel cable. Just remember to store the key in
a secure place, otherwise if using a combination code lock, remember the
code. Many laptops come with a slot that docks with a lock. The lock, in turn,
is attached to a cable that you can fasten to the desk.
Figure 7.46 Laptop lock

An alternative security measure is to use a software tracking system. Tracking
software sends a signal to a central office if the laptop is stolen and connected
to a phone line or the Internet. The location of the stolen laptop can be tracked
and sensitive files stored on it can be deleted automatically.
7.3 Wearable computers

Wearable computers are computing devices that people wear, such as eye
glasses, shoes and watches. Google glass is a perfect example of
computerised glasses. It has a tiny computer attached to the side of the glass
frame with a small display that you can see and a camera positioned to
capture exactly what you see.
Page 356 of 1229
The specifications include high resolution display, a speaker and microphone

system, CPU, flash memory GB storage linked to cloud storage and a battery.
It also has a touch pad on the side of the glasses that you use to control the
device by swiping through the interface shown on screen. Figure 7.47 shows
the inside of Google Glass.
Figure 7.47 Anatomy of Google Glass

Glass supports wireless connections, such as Bluetooth and Wi-Fi and runs a
version of the Android mobile OS, which enables it to run applications and
access Internet services. There should be a wide range of software for the
device and the ability to connect it to other devices.
A modern smartwatch (or smart watch) is a wristwatch that is both a time
keeper and a mini-computer. Some smartwatches can run mobile applications;
others can run mobile operating systems and have full phone capability, while
some work as mobile media players. Figure 7.48 shows one brand of
smartwatch.
Figure 7.48 Smartwatch

Such watches may include a camera, compass, calculator, colour touch screen,
GPS navigation, map display, speaker, scheduler, storage cards and a
rechargeable battery. It may communicate with a wireless headset, heads-up
display, with a microphone and voice command system allowing you to control
the watch with your voice, or control another device through the smartwatch.
Page 357 of 1229
With the voice control system, you can answer and make phone calls, respond
to messages and perform other tasks. Some smart watches support gesture
control, which means that you can perform a task such as answering a phone
call simply by moving your hand. Additionally, many smart watches
synchronize with a mobile device to exchange data.
Smart talking shoes, such as Google shoes shown in Figure 7.49, have a tiny
built-in computer that can detect your movement and can motivate and give
you feedback while you are performing certain tasks such as walking, running
or exercising. It has speakers and a microphone, a screen, pressure sensors,
an accelerometer to measure the increase of speed, Bluetooth to connect to
social networks and other technologies.
Figure 7.49 Smartshoe
Page 358 of 1229
Unit 8 Printers, Scanners and Bar Code

Readers
Explain basic printing concepts.

Describe how each type of printer works.
Identify how printers connect to a computer and network.
Maintain a printer.
Describe the features of scanners and barcode readers.

Module 3 Unit 2 and 3 (p.190-218)

Review Questions:
o Printer Types (p.204)
o Installing and Configuring Printers (p.218)

(G183eng):
o Lab 8: Installing a Printer (p.23-26)
8.1 Printers
A printer is a peripheral device that places what you see on screen onto media
such as paper. A printed copy of data from the computer is referred to as a
hard copy. A print job is a file that is sent to a queue and patiently waits
there until the printer agrees to print it. Many programmers use the terms
page, workbook and binder in their applications instead of the term paper.
What a printer can and cannot do is largely determined by the type of printer
technology it uses, that is, how it gets the content onto paper.
Figure 8.1 Multifunction printer
Page 359 of 1229
Although different types of printers exist, the principles are the same for most
of them. Each type has its own characteristics that affect how you install,
configure and troubleshoot it. The best way to begin covering printers is to
look at what they have in common. Most printers have the following
subsystems:
Paper transport pulls, pushes and rolls paper through the printer. This
can be done using a belt, tractor feed and rollers.
Marking engine components that are responsible for placing the image
onto paper. This includes ribbons, print cartridges and moving parts that are
inside one of these and anything else needed to print the image.
Print engine the brains of the operation that accepts data and
commands from the computer and translates these commands into action.
It also redirects feedback from the printer to the computer.
Tip
Keep these subsystems in mind when setting up and troubleshooting

a printer. Knowing how a specific type of printer places the image
onto paper will help you troubleshoot that printer.
8.1.1 Choosing a printer

You can use the following criteria to choose the best type and model of printer:
Speed how quickly the printer can print, measured in Pages Per Minute
(PPM). Different speeds are given for different printed outputs (for
example, pages for monochrome text using black ink only will print more
quickly than full colour pages).
Connections almost all printers support USB while some models support
network and wireless connections too.
Image quality the basic measure of print quality is the maximum
supported resolution, measured in dots per inch (dpi) or simply how
many dots the printer can print per square inch of paper. Horizontal
resolution is determined by the print engine and vertical resolution by the
paper handling mechanism.
Some printer specifications use two numbers, such as 600600, to describe
resolution, but when the numbers are the same, you will often see it as one
number (i.e. 600-dpi printer implies a 600600 dpi resolution). The
minimum resolution for a monochrome (black and white) printer should be
600 dpi and for a photo-quality printer 1200 dpi. Higher dpi means the dots
are closer together and the better the quality of the printout.
Page 360 of 1229
Figure 8.2 The print quality dialog for a laser printer with graphics
resolution (text quality is not affected by this option)
Note
Printer dots are not the same as pixels. Multiple dots are needed to
reproduce one pixel.
Paper handling consider the type of paper or media, such as labels,

envelopes and card stock that can be loaded, and the amount of printing for
the type of paper or media and output (monochrome or colour).
Total Cost of Ownership (TCO) the cost of the printer over its lifetime,
including paper and media, replacement components and consumables
(such as cartridges).
Features additional memory, printing on both sides of the paper (known
as duplex), paper size (A3 or larger), a cover holding pages together
(known as binding) and so on. These features might be built in or can be
added as additional units to the printer.
Figure 8.3 Duplex unit removed from the back of a printer
Multi-Function Printer (MFP) also known as multi-function device

(MFD), this device can print, scan, fax, photocopy and might execute other
functions as well.
Page 361 of 1229
Type of printer it is useful to categorise printers by purpose (general or

special), intended use (home or office) and technology. General printers are
used for printing text, pictures and photos. Special purpose printers include
dedicated and near-dedicated photo printers and label printers, mobile
printers, along with others.
8.2 Printer types

The next sections take you through the different types of printers, their
hardware and the technologies they use.
8.2.1 Laser printers

A laser printer uses a laser to put an image onto a rotating drum. The drum
transfers the image to paper using toner, which is then melted onto a sheet of
paper. A printer that prints to individual sheets of paper is known as a page
printer. Most laser printers use lasers as a light source because of their
precision while some lower cost printers use LEDs instead. Laser printers are
fast, quiet, print high-quality printouts, are suitable for large print runs, and
their costs vary depending on the model and technology they use. There are
both grey scale (black and white with grey) and colour models available.
Figure 8.4 Multi-function laser printer
8.2.1.1 Laser printer components

A laser printer includes several components:
AC power supply provides power to the motors that move the paper,
the system electronics, the laser system and the secondary transfer
corona/roller.
Control panel the printers user interface.
System board holds most of the electronic circuitry, processor, ROM and
RAM. A printer might have one or more boards. If a printer does not have
enough RAM to hold a print job, it will often give an error message. You can
add RAM to the printer as long as you search the manufacturers website
for the correct type of RAM it needs.
Page 362 of 1229
Imaging drum also known as organic photoconductor (OPC) or

photosensitive drum, this is a round cylinder covered with a
photosensitive coating that is sensitive to light. When not exposed to light,
it can hold a high electrostatic charge. The drum is grounded to a power
supply.
Primary corona wire/charge roller found very close to the drum
without touching it, it supplies a charge to the surface of the drum and
might also remove any leftover charges from the drum.
High voltage power supply usually provides power to the primary
corona wire/charge roller.
Laser uses light to write the image onto the drum. Any part of the drum
that is struck by the laser becomes electrically conductive.
Toner extremely fine powder that creates the image on paper when
melted. The types of toner vary between the different models.
Toner cartridge a replaceable cartridge that supplies the toner that
creates the image on paper. It typically holds the cleaning
blade/roller/brush, drum, developer roller and toner.
Figure 8.5 shows a toner cartridge (left) and how to remove the cartridge
for this particular type of laser printer (right).
Figure 8.5 Replace toner cartridge
Developer roller rotates to magnetise the toner before it goes onto the
drum.
Control blade prevents too much toner from sticking to the drum.
Tray holds the paper to be printed. Paper should be held by media
guides. Different trays may support different types, sizes and thicknesses
of paper and other media.
Pickup rollers used to pick up a sheet of paper from the tray and begin
feeding it through the printer. Paper in the tray should be held by media
guides.
Separator pad/roller works with the pickup rollers to ensure that only
one sheet of paper is picked up and passed through the printer at a time.
Registration roller holds a page until the next laser process is ready for
it.
Secondary transfer corona wire/roller applies a charge to the paper
to pull the toner from the drum onto the paper.
Page 363 of 1229
Static charge eliminator strip or detac corona removes the charge

from the paper to prevent it from wrapping around the drum.
Fuser assembly has the fusing and pressure rollers and heating unit
that apply pressure and heat to fuse (melt) the toner into the paper.
Cleaning blade/roller/brush wipes away leftover toner from the drum
before printing the next page.
Erase (discharge) lamp might remove any leftover electrical charges
on the drum.
Main motor provides the power to drive several smaller motors that drive
the gears, rollers and drum. Gear systems are packed together in units
generically called gear packs or gearboxes.
Transfer belts used only on some high-end colour laser printers.
Sensors and switches found throughout the printer and used to detect
the type of paper and a range of conditions such as paper jams, empty
paper trays or low toner levels.
Ozone filter the high voltage power supply creates a small amount of
ozone, which is a gas that can be harmful in large amounts to printer
components. To counter this problem, most laser printers have an ozone
filter.
Where should you plug in the laser printer? The best choice is to use a
dedicated surge protector that does not have any additional equipment
plugged into it. The next best choice is to plug it into a grounded wall outlet. It
should not be plugged into a power source that is shared with other devices.
8.2.1.2 Laser printing process
The laser printing process, known as the electro-photographic imaging
process, includes the following stages that work in a specific sequence to place
the image onto paper:
Stage 1: Processing
Process the image. This is also known as the raster image processing
stage. A raster image, also known as a bitmap, is a pattern of dots. A laser
printer uses a chip called the raster image processor (RIP) to create the
raster image. The RIP receives the print job from the printer driver, creates the
raster image and stores it in memory.
Note
If the printer does not have enough memory to store the raster
image, a memory error occurs.
Stage 2: Charging or conditioning

Get the drum ready for use. A high voltage negative charge is applied to the
entire surface of the drum by the primary corona wire/roller, which is powered
by a high voltage power supply. This prepares the drum to accept the image
from the laser.
Page 364 of 1229
Stage 3: Writing or exposing

Place the image onto the drum. Controlled by motors, the laser beam is
activated and moves through one or more mirror(s) and writes a temporary
image onto the surface of the negatively-charged drum. The image on the
drum is nothing more than dots of electrical charges. Where the beam hits the
drum, it selectively reduces the negative charge, line-by-line. Only the written
areas of the drum have a lesser negative charge. Instead of a laser beam, an
LED printer activates its LED arrays to record the image on the drum.
Stage 4: Image development
Get the toner onto the drum (develop the image). The toner is charged
and sticks to the magnetised developer roller. A control blade prevents too
much toner from sticking to the developer roller.
As the developer roller rotates very close to the drum, the toner is attracted to
the areas of the drum written by the laser (i.e. the areas that have a reduced
negative charge). It is not attracted to the other areas of the drum because
both the toner and drum have the same charge and, with electricity, like
charges repel each other. The result is the toner sticks to the drum where the
laser beam has hit and not to the areas where the laser beam did not hit.
Stage 5: Image transfer
Transfer the image to paper. First, pickup rollers roll over the top of the
paper in the tray to pick up a sheet of paper. Separate pads/rollers from
underneath ensure that only one sheet of paper is picked up and passed
through. When the paper reaches the registration roller, a signal tells the
printer to start the image transfer process.
On many printers, the paper moves between the drum and a transfer
corona/roller which gives the paper an opposite charge from the toner (i.e. if
the toner is negatively charged, the paper is positively charged). After the
paper is charged, the negatively-charged toner from the drum jumps to the
positively-charged paper. At this point, the toner, and therefore the text or
image, is on the paper. As the paper leaves the transfer assembly, a static
charge eliminator immediately removes any leftover charge from the paper so
that it does not stick to the drum or curl.
Stage 6: Fusing
Melt the toner into the paper to make the image permanent. If you pick
up the sheet of paper before this stage is complete, the toner will simply fall
off. Toner is made of carbon and plastic particles and if you heat those
particles, they will melt. The paper at this stage passes between two rollers:
the pressure roller which presses against the bottom of the paper and the
heated roller which presses down on top of the paper, melting the toner into
the paper to make the image permanent. The printed image is slightly raised
above the surface of the paper.
Page 365 of 1229
Stage 7: Cleaning
Clean the drum. To prepare the drum for the next sheet of paper, a rubber
blade, pad or roller cleans the drum by scraping any leftover toner for reuse.
An erase (discharge) lamp or primary charge roller removes any leftover
charge on the drum.
Figure 8.6 Laser print process

At this point the whole process can start again. You might come across
manuals that say that the cleaning stage comes first in the process. A laser
printer will typically start processing the next image before the current image
is complete, so this is actually the first step.
If a duplex unit is installed, the paper passes through the fusing stage and is
then turned over and sent back to the developer unit for printing on the
second side; otherwise, the paper is directed to the selected output bin using
the exit rollers.
Caution Be careful when working inside a laser printer. It has high voltages
in various parts and high temperatures in the fusing assembly. Turn
off the printer, remove the power and let it cool down before
servicing it.
8.2.1.3 Colour laser printers
Colour laser printers follow the same general process as black and white
printers, but are a little more complex. These printers use four different
colours of toner (cyan, magenta, yellow and black [CMYK]) to create printouts
and have a separate replaceable toner cartridge for each colour. Most models
send each page through four different passes, adding one colour at each pass
to create the printout, while others place all the colours onto a special transfer
belt and then transfer them to the page in one pass. In some cases, the printer
uses four separate toner cartridges and four lasers for the four toner colours,
and in others the printer simply places one colour after the other on the same
drum, cleaning after each of four passes per page.
Laser printers create far better quality than dot matrix printers because of
resolution enhancement technology (RET). RET enables the printer to
insert smaller dots among the characters, smoothing out the jagged curves.
Page 366 of 1229
8.2.2 Inkjet printers

Inkjet printers (more generally known as ink dispersion printers) are line
printers, meaning they print line-by-line. They can create good quality black
and colour printouts and are relatively cheap to buy but expensive to run due
to the cost of consumables, such as ink cartridges and media. Some inkjet
printers can print directly onto specially coated optical discs or fabric such as
T-shirts.
They are great for home use or small office environments that do not have
large print jobs. Compared to laser printers, they are slower and often noisier,
but they do not have as many serviceable parts.
Figure 8.7 Inkjet printer
8.2.2.1 Inkjet print process

Inkjet printers work by firing droplets of ink onto the paper through tiny
pinholes or nozzles in the print head, which has a reservoir of ink. The print
head is moved across the paper from side to side by a carriage system as the
paper is fed through the printer so that the ink can cover the entire page. The
carriage system has a stepper motor to drive the system, a pulley and belt to
move the print head and attach it to the stepper motor, a guide shaft to keep
the print head stable, voltage-charged deflection plates to guide droplets to the
proper position, and sensors to find the position of the print head and paper.
The printer will also have a paper feeder mechanism and input and output
trays where the paper gets inserted and ejected, one or more roller(s) that pull
the paper through the printer and maybe a lever to adjust the platen gap
(distance between the print head and paper); otherwise, the printer may
automatically adjust this distance depending on the driver settings. A data
cable connects the print head to the printers circuit board.
Figure 8.8 shows a typical inkjet printer.
Page 367 of 1229
1.
2.
3.
4.
5.
6.
7.
Cover
LCD panel
Control panel
Belt for print head
Output tray
Ink cartridges
Flash memory card reader
Figure 8.8 Components of a typical inkjet printer

The general printing process for an inkjet printer is as follows:
1. The paper or other media in the feed tray is pulled into position by a roller.
2. The print head is suspended on the carriage over the paper and moved
across the paper by the belt. As the print head moves across the paper, it
places the ink droplets onto the paper according to the directions of the
printer driver.
3. When the print head reaches the end of the line, it either goes back in the
opposite direction or returns to the left side of the page to continue to print
from left to right.
4. After the page has been completed, the media is ejected.
Figure 8.9 Inkjet print process

Some inkjet printers can use two printing methods:
Unidirectional the printer prints only when the print head is moving
from left to right.
Bidirectional the printer prints when the print head is moving from left
to right or right to left. This method is usually enabled in the Printers
Preferences page and might be named High Speed.
Note
Many inkjet printers support duplexing assemblies so that they can

print on both sides of the paper.
Page 368 of 1229
8.2.2.2 Inkjet ink cartridges

Inkjet printers use the same CMYK colour model used by colour laser printers.
They use small containers called ink cartridges filled with liquid ink for
printing. Depending on the manufacturer and model of printer, ink cartridges
come in various combinations, such as separate black and colour cartridges,
colour and black in a single cartridge, or even a cartridge for each ink colour.
Others support many more cartridges for different CMY colours, such as light
cyan and dark cyan for high quality printed pictures.
The location of the ink cartridge varies from one printer to another. In many
printers, the cartridges are close to the print head or even include the print
head while in others the cartridges are found further away. Either way, ink
cartridges when empty must be replaced and this is generally an easy
procedure. Figure 8.10 shows how to replace an ink cartridge for a particular
model of inkjet printer.
Figure 8.10 Replacing ink cartridge

Note
Ink cartridges can be attached to the print head or found elsewhere.

Some models enable you to replace the cartridge only or the print
head and ink cartridge inside an assembly.
Owing to the cost of the ink cartridges, many people look for alternatives. You
can get kits to refill the cartridge, but this practice is generally not
recommended. Most ink cartridges are vacuum-sealed and it is difficult to
replace the ink and keep the seal. Without the vacuum seal, the cartridge can
leak and damage the printer. However, there are professional companies that
use high quality ink and have the equipment necessary to refill cartridges and
keep the vacuum seal.
8.2.2.3 Inkjet print heads and cleaning cycle
There are two primary Ink Delivery Systems (IDS) used by inkjet printers:
Thermal (or bubble) uses heating elements to heat up the ink. Each
nozzle attaches to a small ink chamber that attaches to a larger ink
reservoir. Ink inside the chamber heats to a boiling temperature. Once the
ink boils, a bubble forms. As the bubble gets hotter, it expands and is
forced out of the nozzle onto the paper. Ink is sent through the print head
only when it is needed.
Page 369 of 1229
Many manufacturers, such as the one that makes bubblejet printers, use
this process or a similar process, but they all generically referred to as
thermal inkjet printers.
Piezoelectric moves the ink with electrical charges. The print head
nozzles have piezoelectric crystals, which vibrate and change shape when a
charge is applied to them. This vibration of the crystal controls the flow of
ink onto the paper. Ink is sent through the print head in a continuous
stream whenever the printer is printing.
Figure 8.11 Inkjet print head operation

The print head can be either fixed or disposable:
Fixed intended to last the lifetime of the printer and costly to replace. If it
fails, it is usually cheaper to replace the printer.
Disposable usually built into the ink cartridge. When you replace the ink,
you are also replacing the print head. Other disposable print heads are
separate from the ink, but they are usually easy to replace.
8.2.3 Dot matrix printers

A dot matrix printer is an impact printer; it uses pins that work like hammers
to force ink from a ribbon onto paper. It is primarily used for printing on
multiple-part forms, such as invoices, purchase orders, pay slips and shipping
documents. Systems that print multi-part forms, such as point of sale (POS)
machines, use special impact paper that can print receipts in multiple copies.
Figure 8.12 Dot matrix printer

Note
A multi-part form has multiple sheets of paper separated by carbon

paper. The force from the pins in a dot matrix printer goes through
the first sheet and onto the second, third and so forth.
Page 370 of 1229
Although dot matrix printers are relatively slow and noisy and do not create
good quality printouts as inkjet and laser printers do, when all these
requirements are not important, they provide acceptable results.
Tiny metal pins, called print wires, are located in a print head. Paper moves
under the print head by pull or push tractors. A motor and carriage assembly
move the print head from side to side across the paper as it prints. The pins
are fired by coils of wire called solenoids.
When a coil is energised (given voltage), it creates a strong electromagnet that
makes the pin move forward and strike the inked ribbon against the paper,
leaving tiny dots.
All the possible dots in a certain area represent a dot matrix and collectively
they all create the image on paper. As soon as the pins have been fired, a
strong permanent magnet returns them to their resting position. A ribbon, a
long strip of cloth soaked with ink, is also moving during the printing process
to reduce wear.
Figure 8.13 Print head pins creating dots on paper

Caution Although most print heads are built into a metal case that is cooled
as quickly as possible, you should never touch the print head after
using the printer because it might be very hot.
The speed that the print head can place characters on the page is its cps
(characters per second) rating. The number of print wires in the print head
determines the print quality; the more print wires, the better the print quality.
The most common dot matrix printers use a 9-pin print head, which are
generically called draft quality, or the 24-pin print head, which are known as
letter quality or near-letter quality (NLQ). More sophisticated printers use
48-pin print heads, although if you need this level of quality, it is more
common to use an inkjet or laser printer. The extra pins fill in the gaps
between the dots.
Dot matrix printers can be used with:
Plain paper held against a moving roller (the platen), which rotates and
pulls the paper through the printer by friction. A cut-sheet feeder may be
added to some printers to automatically provide the next sheet of paper.
Tractor-fed paper also known as fan-fold, continuous or even paper
with holes, it is suitable for multi-part forms. The sheets are attached to
each other and include sprocket holes on each side. The holes in the sides
are secured over rollers at each end of the roller.
Page 371 of 1229
A tractor feed mechanism feeds the paper using these sprocket holes. Each
sheet includes perforated sides that you can tear off and separate the
sheets after printing.
The feeder passes the paper to the printer and is specific to the printer model.
Pin feeders and tractor feeders are used with continuous paper. The sprockets
and pins on the side of the printer advance the paper through it. These can be
adjusted to suit the type of paper and different paper widths.
A platen gap lever is often fitted to printers capable of printing on multi-part
forms. While some printers allow you to use this lever to adjust the gap
between the print head and the platen to different paper thicknesses, more
sophisticated printers adjust the gap automatically. Incorrect adjustment of
the platen gap can cause faint printing (gap too wide) or smudging (gap too
narrow).
Figure 8.14 shows a dot matrix printer.
Figure 8.14 Top of dot matrix printer

If the print head fails, check the cost of replacing it versus the cost of buying a
new printer. The printer will have some form of replaceable ribbon. Most units
have a cartridge device that slots over or around the carriage of the print
head. When the ribbon on a dot matrix printer fails to create sufficiently good
print quality, the ribbon-holder and contents are normally replaced as a whole.
Some printers can use a re-usable cartridge.
Figure 8.15 Ribbon cartridge
Page 372 of 1229
8.2.4 Thermal transfer printers

Portable or SFF thermal transfer printers use heat to create images on paper.
Some printers heat up heat-sensitive thermal paper whereas others use a wax-,
resin- or dye-ribbon to create printouts. These printers are used in point-ofsale and retail environments for printing barcodes, labels, price tags, receipts
and Automatic Teller Machine (ATM) slips.
Figure 8.16 Thermal printers

Thermal printers include:
Direct thermal printer uses a print head that burns dots onto the
surface of heat-sensitive thermal paper to create the image. The special
thermal paper is covered with a chemical that when heated changes colour.
Thermal wax printers uses a print head that melts ink from a waxbased ribbon onto the paper to create the image.
Both printers use a print head that is the width of the paper. When a printer
needs to print, a stepper motor turns a rubber roller which feeds the paper
past the print head. A heating element heats certain spots on the print head to
a certain temperature. The paper below the heated print head changes colour
in those spots to create the image.
Thermal printers can print in one or two colours with paper available in
different sizes and colours. Their speed is measured in inches per second (ips).
Paper may be in a fan-fold or roll format.
You need to clean thermal printers periodically with compressed air or an ESDsafe vacuum to remove dirt. You can clean the print head with isopropyl
alcohol and a lint-free cloth or a cotton swab. Cleaning the print head extends
its life, but you can replace it if it fails.
Note
Laser printers are used in larger companies. Inkjet printers are used
by home users and small office environments. Impact printers are
used in companies that need multi-part forms. Thermal printers are
used for receipts, labels and barcodes.
Page 373 of 1229
A variation of thermal printing is dye-sublimation printing. The sublimation

process involves changing a solid into a vapour and the vapour back into a
solid. People use dye-sublimation printers for printing photos for which fine
detail and high quality colour printouts are more important than cost and
speed.
Inside the dye-sublimation printer is a print head, which has many heating
elements, capable of precise temperature control, that moves across a heatsensitive plastic film containing sections of cyan, magenta, yellow and
sometimes black dye. The solid dye is vaporised and soaked into specially
coated paper underneath the print head, before it is cooled down into a solid
again.
This process needs one pass for each colour on each page. Some printers also
use a final finishing pass that applies a protective and shiny laminate coating
to the paper.
8.2.5 Mobile and 3D printing

Printers can also be built into other devices. For instance, the digital camera
shown in Figure 8.17 has a printer built into it. This printer uses special paper
coated with colour dye crystals instead of ink. The printer uses heat to activate
and colorize these dye crystals when a photo is printed, creating a full colour
photo.
Figure 8.17 Instant camera with a built-in photo printer

Figure 8.18 shows different kinds of mobile printers that are lightweight, small
and work on battery power. You can connect them to a portable device using a
USB or wireless port. Mobile printers mainly use inkjet, thermal or dyesublimation technology to print high quality printouts.
Figure 8.18 Mobile and photo printers
Page 374 of 1229
3D printing or additive manufacturing is the process of making a physical

object of any shape from a 3D digital design by laying down many thin layers
of a liquid, paper, powder, plastic, steel, wax or other material, one layer after
the other from a series of cross sections. Each 3D-printed object begins with a
file, created with a 3D modelling application or which was scanned into the
application with a 3D scanner, which performs a scan of the object.
To convert a digital file into instructions that the 3D printer understands, the
software must break down the design into hundreds or thousands of layers.
The 3D printer reads the design in this file and then creates each layer exactly
to the requirements of that design. The layers, which correspond to cross
sections from the software design, are joined together or automatically fused
to create the final 3D shape. Figure 8.19 shows a 3D printer with printed 3D
objects inside it.
Figure 8.19 3D printer with printed 3D objects

Generally, the main items to consider with 3D printers are speed, what printing
method to use, the cost of the software and printer, choice and cost of the
materials, colour capabilities and print speeds. Printer resolution may be stated
in layer thickness, dots per inch (dpi), pixel size, beam size, spot size or some
other measurement while print speeds may be stated in inches or millimetres
per second (mm/s), or in times needed to print a specific part or part volume
or some other measurement.
8.3 Paper
There is a wide variety of paper types and forms available for printers,
including single sheet paper for inkjet and laser printers, continuous paper for
dot matrix printers and thermal paper for thermal inkless printers.
Manufacturers recommend the best paper to use for the printer in different
situations. This is most important when printing colour printouts.
Page 375 of 1229
8.4 Printer connections

When you connect a printer directly to a computer without sharing it, it is
referred to as a local printer. When you can access the printer over a
network, it is called a network printer.
8.4.1 Using USB to connect printers

Most modern printers use a USB port, which makes it easier to install many
printers on one computer. With USB, Windows will configure the printer
automatically as soon as you plug it in. In almost all cases, you must install
drivers before you plug a USB printer into the computer. Even though the USB
port is powered, you still need to connect the printer to a mains power because
the printer needs more power than that which the port can provide.
8.4.2 Networked printers

Many home users and companies use networked printers or multifunction
devices. A networked printer or multifunction device is used by more than one
computer. Printers can be networked in the following ways:
Local sharing a local printer that is directly attached to a single

computer, acting as a print server, can be shared from that computer to
other computers through the OS. The shared printer can be attached to the
computer using a USB or Ethernet cable. The remote computers must be
networked so they can connect to the shared printer and have the printers
driver installed.
Use a print server one or more printers can be connected to a print
server and the print server is connected to the network. The print server
can be a networked computer, server or a stand-alone device, such as the
one shown in Figure 8.20. The print server can connect to a USB or
Ethernet port on the printer and to the network through an Ethernet or
wireless connection. The OS or manufacturers management software for
the print server is used to find, configure and share the printer. Essentially
the print server is a place where all printers can be managed and print
drivers can be distributed. Any computer (wired or wireless) can print to
the printer that connects to the print server.
Figure 8.20 Print server that supports an Ethernet, wireless and USB
Page 376 of 1229
Directly attached a printer, acting as a print server, can be directly

attached to the network with its own internal Ethernet network adapter or
network card that allows it to participate as a network device. Instead of
using cabled Ethernet, the printer can be fitted with a wireless adapter or
card to participate on a wireless network. Otherwise, both cabled Ethernet
and wireless networks can be used together.
Figure 8.21 Attaching an Ethernet network cable to a printer

Take a look at Figure 8.22. It shows two networked printers. The one printer is
directly attached to the print server (named Server) through either a USB or
Ethernet cable and the print server is attached to the network through an
Ethernet cable. The other printer is directly attached to the network through a
switch by way of an Ethernet cable. In simple terms, a switch is specialised
hardware and software that forwards data back and forth between devices on
the network.
Figure 8.22 Network print connection

Each printer that participates on the network must be configured with a valid
Internet Protocol (IP) address which is used by each device to
communicate. You can set an IP address on the printer or configure the printer
to get an IP over the network from a special server called a Dynamic Host
Configuration Protocol (DHCP) server.
Page 377 of 1229
To set an address yourself, you usually have to navigate through a menu

system using the printers on-board screen or buttons on the front of the
printer. Also, to configure a printer for network use, you might need to install a
network printer driver instead of the normal printer driver.
8.4.3 Wireless connections

Many printers have wireless capabilities that allow wireless devices to connect
to them without a cabled connection. Most wireless interfaces are built into the
printer, while some may be available as an installable upgrade. The common
types of wireless connections are:
Infrared (IrDA) uses line-of-sight light communication over a short

distance. Infrared supports low Mbps speeds, so printing a large document
can take some time. Also, line-of-sight communication can be affected by
someone walking between communicating devices or by bright sunlight.
Bluetooth a short-range radio communication that is supported by some
printers. Bluetooth supports low Mbps speeds, so printing a large document
can take some time. Although line-of-sight is not needed, the further you
move away from the printer to print something, the weaker the signal
becomes.
Wi-Fi uses radio signals for communication over much longer distances
and with much faster Mbps speeds, but Wi-Fi is costly and fairly difficult to
configure and secure. Wi-Fi printers use the 802.11 wireless standards to
network with devices.
8.4.4 Older printer connections

You must use a compatible IEEE 1284 parallel cable if you need to connect a
printer to the old parallel port. A parallel printer cable uses a DB25 (25-pin)
connect on one end for the computers parallel port and a 36-pin centronics or
mini-centronics connector for the printer. Parallel connections do not always
support PnP, so if this is the case then you will have to add the printer yourself
using its setup software or the Windows Add Hardware Wizard.
Also remember that parallel connections are not hot swappable. While very
rare, it was also possible to connect some old printers to the serial DB-9 port.
8.5 Printer support and research

The printers manufacturers website is an important place to go when
supporting printers. Here are some resources to look out for:
Online documentation for managing the printer. Look for information

and printer parts, warranty, compatibility, specification and features of your
printer and how to recycle or dispose of a printer.
Knowledge base technical support for common problems.
Updated device drivers to solve problems and add new features and
options. Match the driver to the OS used.
Page 378 of 1229
Options and upgrades look for memory upgrades, paper trays, feeders,
sorters, staplers, and printer stands.
Replacement parts look for parts made by or approved by the printer
manufacturer or vendor. This includes maintenance kits.
Additional software to use with your printer, such as software to create
business cards or edit photographs.
Firmware updates some printers have flashable firmware to solve
problems and add features. Download the correct update for your printer.
8.5.1 Researching
There is a lot of information on the Internet about printers. All of the top
printer manufacturers, for example, HP, Lexmark, Canon, and so on, have
websites that can provide insight into modern printers. As a computer
technician, you will need to visit these sites for information about new printers
and to download the most current drivers for those printers. It is
recommended that you visit one of the major printer manufacturer websites
and take a look at the various printer features and download pages for the
different types of printers available.
8.6 Basic local print installation process

Generally,
connecting
the printer
PnP printer
the proper procedure is to install the driver before physically

the printer. However, if the driver already exists on the computer,
can simply be connected. The basic installation process for a local
is as follows:
1.
2.
3.
4.
Install the print driver and software.

Connect the printer to the computer using a suitable adapter or connection.
Plug the printer into the mains power and switch it on.
The Windows Add Printer Wizard will run and allow you to configure the
driver.
5. After installation, check the printers setup and default options and make
changes if necessary.
6. Print a test page.
The keys to successfully installing a printer are to read the printer
documentation, use a good cable, load the latest driver and test.
8.7 Upgrading printers

You can upgrade printers in many ways and the options available are vendorand printer-specific. The most commonly upgraded printers are inkjet and laser
printers. The most common upgrades include memory and tray/paper feed
options. Always follow the manufacturers installation instructions.
Page 379 of 1229
8.7.1 Upgrading RAM

The most common upgrade for laser printers is memory. The amount of
memory available for printers (especially those shared by multiple users) is
very important because printing errors can occur with too little memory. Laser
printers use memory modules to hold more page information, to reduce or
remove the need to compress page information when printing, or to enable
higher resolution printing with complex pages. Many recent printers use DIMM
memory modules, but printers do not use the same DIMMs as desktop or
laptops. To order additional memory, you can:
Contact the printer manufacturer.

Contact a third party memory vendor that offers compatible memory.
To install a DIMM or SO-DIMM-based memory module, it is best to refer to the

printers manual to find out how to upgrade printer memory properly. Figure
8.23 shows the Device Settings tab in the Properties page for a laser
printer, with the option to choose the amount of memory.
Figure 8.23 Printers installed memory
8.7.2 Upgrading firmware

You can update the printers firmware to change the printer in one way or
another, add features to it or fix problems. You can update the printers
firmware in different ways, including:
Update using a USB cable.

Update a flash memory card or USB flash drive.
Install a personality DIMM.
Update flash memory by sending the update file to a network printer. This
method also works if a directly attached printer is connected to a USB port
and is shared on the network.
Page 380 of 1229
The method you use depends on the printer. Go to the support website for the
printer to find out whether a firmware update is available, what the benefits
are for updating the firmware and how to install the update.
8.7.3 Upgrading paper trays and feeders

The paper storage trays and feeders are another common upgrade. Laser
printers often come with various paper tray options. Inkjet printers often have
different paper feed options relating to photograph printing.
8.8 Printer maintenance

To keep printers in good running condition and to get the best print quality,
they need to be maintained periodically. Routine printer maintenance can differ
from manufacturer to manufacturer and from printer to printer. For each
printer you support, research the printer documentation and the
manufacturers website for specific maintenance steps and how often
maintenance should be done for each printer you support.
Users must be trained on how to clean, use and configure the printer. Training
may involve setting IP addresses, connecting to the printer, reloading paper,
changing cartridges, setting duplex printing, printing to labels or envelopes,
setting the default paper size, printing securely and collating multiple print
copies. Typically problems to avoid when working with printers include:
Static electricity and components that generate heat.
Overloading trays and not collecting jobs when printed.
Breaking trays or covers.
Using the wrong type of paper or other media and using creased, folded or
dirty media.
Installing ink or toner cartridges incorrectly.
Paper jams (where the paper gets stuck inside the printer).
8.8.1 Common maintenance tools

Cleaning the printer periodically of dirt, dust and ink/toner spills is critical to its
health and well- being. There are several common tools you will use, including:
Compressed air available in a can or from a compressor, use it to blow

out paper dust (tiny pieces of paper).
Computer vacuum use to blow dirt and dust out of the printer. Regular
vacuum cleaners cause ESD damage, so only ESD-safe vacuums should be
used. Vacuum outdoors.
Isopropyl alcohol apply it to a non-scratch cotton swab or lint-free cloth
and then clean dirty printer rollers. It evaporates quickly and does not leave
any residue.
Page 381 of 1229
8.8.2 Laser printer maintenance

Even though there are many different models of laser printers, you will find
that many of them share common maintenance tasks.
8.8.2.1 Safety
It is important to realise that a laser printer includes a high-voltage power
supply which can be deadly. Stay safe and unplug the laser printer before
cleaning and doing other work on it. Capacitors within a power supply can still
hold a charge after the printer is unplugged. Even after you unplug the printer,
be careful of what you touch. The fuser assembly can get very hot and burn
you. Even after you turn the printer off and unplug it, this will still be hot.
Caution A laser printer has potentially deadly voltages and extremely hot
components. Turn the printer off and unplug it before servicing it.
8.8.2.2 Cleaning
Use the following general guidelines when cleaning the laser printer:
Use a damp cloth to clean the outside of the printer.

Use only approved cleaning solutions designed for cleaning laser printers.
Excess toner and paper dust can coat the inside of the printer and must be
cleaned. Wipe dust and toner away with a soft cloth.
Toner is fine powder and it might be best to use an ESD-safe toner vacuum
cleaner to clean it. If you need to vacuum a toner spill, you should use a
vacuum with a high efficiency particulate arresting (HEPA) filter. Without an
HEPA filter, the toner particles might just blow right back into the air.
Be careful using compressed air to clean a laser printer that has loose toner
in it. The compressed air could push the toner in to hard-to-reach places or
to parts that heat up and cause the component to fail.
Wash toner that is spilt on skin or cloths with cold water. If it spills on a
desk, you can remove it with paper towels soaked with cold water.
Apply isopropyl alcohol solution to a non-scratch cotton swab or lint-free
cloth to clean rollers.
Check the manufacturers recommendations when replacing the printers
dust/ ozone filters (if fitted).
8.8.2.3 Paper
The printers software will notify you when the tray runs out of paper. When
loading new paper:
Use good quality paper designed for the model of printer and print function.
Do not overload the paper tray.
Do not use creased or dirty paper.
With paper jams, the printers display screen will notify you of the area of the
printer that is jammed. Check the manufacturers manual to find out how to
remove components that might prevent you from removing the paper. Do not
rip or tear the jammed page. Look for a release mechanism or lever to remove
the page stuck in the fuser or developer assembly.
Page 382 of 1229
8.8.2.4 Replacing toner

As the toner runs low, the print quality of your printouts degrades. Software on
most laser printers gives you a message that lets you know the toner is
running low. Removing the toner cartridge and shaking it gently from side to
side loosens the toner that sticks to the sides of the cartridge and helps ensure
that you get full usage out of the cartridge. Once the toner cartridge is empty,
simply replace it with a new one.
Note
The toner cartridge in some laser printers includes the drum, the
developer and/or a cleaning blade. Therefore, when you replace the
toner cartridge, you might also be replacing other components.
The toner cartridge/drum is light sensitive. When removing it, make sure that
it is removed for a short period of time and place it in its storage bag or in a
dark area. Also, you should be careful not to touch it. You can easily scratch it
or leave marks that will not be cleaned during a print cycle. These scratches or
marks will appear on every printout until the drum is replaced.
Figure 8.24 Replacing the image drum/toner

There are different ways of replacing the toner cartridge or cartridges (for a
colour laser printer) depending on the model of printer, and it is important to
follow the manufacturers instructions. Figure 8.25 shows an example of how
to do this.
Figure 8.25 Replace toner cartridge
Page 383 of 1229
Note
Recycle the old cartridge in an environmentally responsible way. Many

companies will buy used cartridges, restore and fill them with toner,
and sell them again.
Most laser toner cartridges include replacement filters and instructions about
what should be cleaned. It is common to replace the ozone filter when
replacing the toner cartridge. Other filters can usually be cleaned by
vacuuming them. Follow the manufacturers recommendation.
8.8.2.5 Calibration
Colour laser printers have the potential to create colours or lines that are not
aligned properly. Many printers use a transfer belt to minimise this problem,
but the problem can still occur. The solution is to run a calibration test done
manually using the printers screen or driver software. This will ensure that the
printer heads are aligned.
8.8.2.6 Replacing the maintenance kit
Your source for determining the parts that need to be replaced and when to
replace them is the printer manufacturer. Many laser printers have
components, such as the fuser, rollers or pads, that wear out over time and
should be replaced according to a regular schedule. These components can
usually be bought as a maintenance kit or separately. Many laser printers
that use a maintenance kit display a message or error code with a meaning
such as Service Required, Perform Printer Maintenance, Maintenance Kit
Replace or Perform User Maintenance after the printer has printed a specific
number of pages (its copy or page count). The maintenance kit may also
include step-by-step instructions and any special tools or equipment you need
in order to perform maintenance.
Depending on the model and whether the printer uses colour or monochrome,
the recommend page count can be up to hundreds of thousands of pages. To
determine how many pages the printer has printed so that you know when to
perform maintenance, you need to get a page count from the printer since its
last maintenance period. This can be done with buttons on the printer to print
a printout or by using the printers program from a computer connected to the
printer.
Figure 8.26 Laser multifunction printer page count information from

printout
Page 384 of 1229
Note
If the printer is under warranty or being charged on a per-page (or

click) basis, it is not recommended to reset the page count after
servicing. However, most laser printers print the page count when you
do a self-test.
To replace the maintenance kit, it is best to follow the manufacturers

instructions carefully. Figure 8.27 shows an example of how to do this.
Figure 8.27 Replace fuser assembly

Figure 8.28 shows you how to replace the waste toner tank for a laser printer.
The waste toner tank is where extra toner is collected during print jobs.
Figure 8.28 Replace toner waste container
8.8.3 Inkjet printer maintenance

Manufacturers do not recommend cleaning the inside of the inkjet printer but
for the outside you can use a soft damp cloth to clean it. The main
maintenance tasks you need to consider include the paper path, ink and print
heads.
8.8.3.1 Paper path
Paper jams can occur and if they occur often, the two things to check are
rollers and paper. Clean the rollers with isopropyl alcohol and a lint-free cloth
or cotton swab. Use the right paper and ensure that it is not exposed to high
humidity. You can clean the path with compressed air or an ESD-safe vacuum.
8.8.3.2 Replacing ink cartridges
The driver software for most inkjet printers allows you to check the current ink
levels. The inkjet software driver will inform you when the ink runs out and
when it does, just replace the cartridge. Check the printers instruction manual
on how to do this.
Page 385 of 1229
8.8.3.3 Inkjet print heads

You need to do two other tasks periodically:
Print head cleaning print heads can become blocked or clogged with dried
ink, especially when the printer has not been used for a while. Use a cleaning
tool (usually as part of the driver software or on-board menu or in another
place) to clean the nozzles. The nozzle check tool on the Properties page (see
Figure 8.29) sends ink through the nozzles and is wiped away into a waste
tank.
Figure 8.29 Inkjet Maintenance page

Note
If you use a Windows-provided driver, the options in Figure 8.26

might not be available. Install a driver from the printer manufacturer.
Print heads can also develop minor alignment issues over time. This means
print head alignment must be done. Again use software program (usually the
driver software) to align the print head. This is typically done when replacing
ink cartridges.
8.8.4 Impact printer maintenance

The primary maintenance issues with impact printers are:
Paper when loading tractor-fed paper, ensure the holes in the paper are
engaged in the sprockets and the paper enters the printer cleanly. Also
check for torn sprocket holes, separated tear-offs and damaged sheets.
Paper dust it is very common for these printers to build up paper dust,
especially with tractor feed paper. You should clean them out regularly with
compressed air or an ESD-safe vacuum cleaner.
Page 386 of 1229
Paper path the paper path can get jammed. You can normally see the
entire path of an impact printer, so it is usually fairly easy to clear a paper
jam.
Ink ribbon as the ink ribbon is used and becomes worn, the print quality
goes down. Replace the ribbon.
Print head the pins on the print head can become damaged and no longer
fire. It might be because of paper dust, so when you clean out the printer,
you should also clean the print head. Compressed air works well. When a
pin stops firing in a print head, the only option is to replace the print head.
Platen the roller or plate on which the pins impact can develop dents over
time, but you can often rejuvenate it by rubbing it with isopropyl alcohol.
Check the platen gap carefully. An incorrect platen gap can lead to ribbon
and print head damage.
Gears and pulleys be sure to keep these oiled according to the
manufacturers instructions.
8.8.5 Thermal printer maintenance

Thermal printers need to be cleaned periodically with a soft brush or an ESDsafe vacuum or other cleaning materials recommended by the manufacturer to
remove paper debris. You can clean the print head (heating element) with
isopropyl alcohol and a lint-free cloth or a cotton swab. You can also feed
cleaning cards or film through the printer to clean the print head safely.
8.9 Scanners
A scanner scans photos, documents and other items and converts them into
digital files for the computer to store and process. After the document has
been scanned, it can be saved, changed and emailed to another computer, as
you would with any other file. Task-specific scanners, such as receipt
scanners and business card scanners, are also available. The following
sections discuss the different types of scanners:
8.9.1 Flatbed scanner

The page is placed face down on the glass plate and the lid is closed.
Software is used to start the scan. A bright lamp underneath the glass turns
on and lights up the page. The lamp is typically a cold cathode fluorescent
lamp (CCFL) or another lamp. Light reflects from the page. A system of
mirrors, lens, charge-coupled device (CCD) array and other parts makes up
the scan head, which captures the reflected light.
The scan head underneath the glass moves across the glass one or more times
by a belt that is attached to a stepper motor. The scan head is attached to a
stabiliser bar that ensures it keeps steady during the scan process. The
image of the page is reflected by a number of angled mirrors, each of which is
tilted to focus the image it reflects onto a smaller surface.
Page 387 of 1229
The last mirror reflects the image onto a lens, which uses either a prism to
split the image into red, green and blue (RGB) colour or focuses the image
onto sensors covered with different coloured filters.
Figure 8.30 Flatbed scanner
8.9.2 Sheet-fed, MFD and handheld scanners

A sheet-fed scanner uses a scan head that is fixed in place. You insert the
paper to be scanned, and the feeder (Automatic Document Feeder) passes the
paper over the fixed scan head.
Contact Image Sensor (CIS)-based scanners gather light from RGB LEDs,
which work together to create white light and direct the light at the paper
being scanned. A lens system gathers the light reflected from the paper and
directs it at an image sensor array that rests under the paper being scanned.
The sensor records the image according to light that hits the sensor.
Figure 8.31 CCD and CIS scanning process

CIS-based scanners are more compact and need less power than CCD
scanners, and can often run off battery power or the power from a USB port.
This technology is used in both flatbed and sheet-fed scanners and in all-inone multifunction devices (MFD), which allow you to print, scan, fax and
copy documents. See Figure 8.32.
Page 388 of 1229
Figure 8.32 Multifunction device

This multifunction device includes a touch screen control panel that you can
use to make a copy by simply choosing Copy or scan by choosing Scan.
Alternatively, you can use software provided by the manufacturer to capture
the image and save it as a file. This software supports saving the file as a
Portable Document Format (PDF or .pdf) file, a Joint Photographic Experts
Group (JPEG or .jpg) graphics file and several other common graphics formats.
Scanners commonly include optical character recognition (OCR) software
that allows you to scan a text document or image and save it as editable text.
OCR basically allows the device to recognise characters. Some also include
intelligent character recognition (ICR) software that can read handwriting,
although ICR is more commonly used on tablet devices.
One scanner you might run into as a computer technician is a handheld
scanner. You hold the scanner in your hand and move it over the page to scan
it. You should have patience and a steady hand when working with this device.
Figure 8.33 Handheld scanner
8.9.3 3D scanner
A 3D scanner scans a real-world object, such as a car, to gather data about its
shape and how it looks, such as its colour. The collected data is converted into
digital data, usually having many points (vertices) and processed by 3D
software.
Page 389 of 1229
Figure 8.34 Using a 3D scanner to scan a 3D object
8.9.4 Choosing a scanner

Consider the following when choosing a scanner:
Resolution measured in dots per inch (dpi), the maximum number of

dots determines how well you can capture an image and how the image will
look when made bigger. The higher the resolution, the better the scanned
image will look and scale in size. Manufacturers might report two
resolutions: the resolution it achieves mechanically, called optical
resolution, and enhanced resolution which it can achieve with help from
some on-board software.
Colour depth defines the number of data bits the scanner can use to
describe each individual dot. This number determines colour shade, hue
and so on so a higher number makes a big difference in image quality.
Grey scale depth defines how many shades of grey the scanner can
save per dot. Scanners come in 8-bit, 12-bit, 16-bit or better depths.
Connection almost all modern scanners plug into the USB port, although
some models offer FireWire and network/wireless connections too.
Scan speed the time needed to complete a scan, defined by the
manufacturer. This is affected by the parameters you set for the scanner;
the time increases as you increase the amount of detail captured. A fast
connection also contributes to a faster scan speed.
You should be able to adjust the resolution, colour depth and grey scale depth
on the scanner.
8.9.4 Installing a scanner

For most scanners, you need to install drivers before plugging in the device for
the first time, but there might be exceptions, so it is best to read the scanners
documentation before the installation. Once the driver is installed, connect the
data or network cable as well as the power cable and turn the scanner on.
Some scanners have a calibration test that must be done. Once this is done,
configure options and default parameters and then scan a document to test the
scanner. Finally, ensure the customer is trained and has all the documentation
for the scanner.
Page 390 of 1229
8.9.5 Maintaining a scanner

The scanners plate glass needs to be cleaned periodically. Clean it with optical
surface cleaning liquid on an antistatic cleaning cloth. A commercial glass
cleaner and denatured alcohol can also be used. Be careful to use a soft cloth
and remove all cleaner residuals from the glass. To test the cleaning, scan a
full page without a document loaded onto the scanner. See if the output has
any smudges or streaks.
8.10 Barcode and RFID readers

A barcode is an optical code that represents data with bars. The data typically
identifies a product or even a website. Popular barcodes include the Universal
Product Code (UPC) found on goods in retail shops, and International Standard
Book Number (ISBN) used with books. A barcode reader or scanner reads
barcodes. It uses a sensor mechanism (photo diode, laser or CCD) to read the
intensity of light reflected back by the barcode and typically makes a sound to
let you know the scan was successful. The reader then reports the code back
to an application, which links it to a database or hardware inventory tracking
system.
QR code
UPC code
ISBN
Barcode reader
Figure 8.35 Different kinds of barcodes and a barcode reader

Two types of bar code readers are commonly found with computers: a
handheld barcode reader that you hold in front of the barcode and press a
button to scan it, and a pen-shaped reader that looks like a pen and must be
swiped across the barcode. In addition, mobile devices, such as smartphones
and tablets with built-in cameras, can act as barcode scanners. You download
a barcode or QR code reading application to the phone and use its camera to
scan the barcode.
Modern readers use the PS/2 keyboard or USB port, while some support
wireless connections. A barcode printer and software can be used to create
custom barcodes.
8.10.1 Radio Frequency Identification (RFID) readers

Radio frequency identification (RFID) is a system that allows us to identify and
track objects with RFID tags or smart labels.
Page 391 of 1229
RFID tags are intelligent bar codes that have chips and radio antennae which
can communicate to a networked system over the air with radio waves so that
people can track information about the object the tag is attached to.
The networked system is linked to a database or hardware inventory tracking
system.
You can attach an RFID tag to products, price tags, shipping labels, ID cards,
and more items. An RFID reader is used to read data in an RFID tag. You can
also get RFID printers.
Figure 8.36 RFID tags
8.11 Additional exercise

o Lab 8: Installing a Printer (p. 23-26)
Page 392 of 1229
Unit 9 Preventive Maintenance
Preventive maintenance is the regular inspection, cleaning and replacement

of parts to make computing devices live longer.
Use proper procedures and equipment to clean devices.

Create a suggested maintenance schedule.
Use power devices such as power strips, surge suppressors
and UPS to protect systems from power issues.
Describe the function of an MSDS and identify correct
procedures for handling parts.
Identify means for throwing away and recycling parts and
consumables in line with environmental protection laws.
Understand green computing and ergonomics.

Module 3 Unit 4 (p. 219-230)

Review Questions:
o Preventive Maintenance (p. 230)

(G183eng):
o Lab 9: Cleaning and Preventive Maintenance (p.27)
9.1 Environmental controls

The environment is a factor in keeping computing devices in good running
condition. Proper environmental controls help protect computer devices
from the environmental impact of too much heat, dust and humidity. Such
environmental controls mean air conditioning, proper ventilation (clean fresh
air), air filtration and monitors for temperature and humidity. As a computer
technician, you must be aware of the following:
Dirty air dust, debris and other dirt particles can block air vents and
create thick layers of dirt on parts, causing them to overheat, short circuit
and even stop working. Clean them regularly to avoid problems. You can
also use air and dust filters on vents, or place the computer within an
enclosure with its own air filters and fans to keep out dust.
Page 393 of 1229
Temperature too much heat can make computers unreliable. Most

computers are designed to work at room temperature, which is around 20
Celsius:
o A temperature that is too hot can cause random reboots, overheating
and failure. Keep the device out of direct sunlight.
o A temperature that is too cold can cause stress on components that
have moving parts and make them more susceptible to ESD.
o Do not allow the temperature to vary too much as this can cause
condensation (water that collects as droplets on a cold surface when
humid air is in contact with it), which can lead to short circuits or
corrosion. A temperature that varies can also cause components to
contract or expand. Chip creep can occur over time this is where
connectors work loose from their sockets and cause errors.
o Leave new equipment that has just been delivered in its packaging for a
few hours to adjust to room temperature.
Humidity level humidity is the amount of water vapour in the air and it
should be kept to around 50%. When humidity is too low, static can build
up and result in ESD damage. When humidity is too high, it results in
condensation and water damage.
Heating, ventilation, air conditioning (HVAC) is a building control system

that provides climate and dust control to help keep the best conditions in the
environment.
Regular inspection and cleaning of computer components and the environment
they are used in can increase their lifespan without failing. The average time
that a component will work without failing is called mean time between
failure (MTBF) and it is usually measured in hours.
Note
Computer devices work best in an environment where the air is clean,

dry and at room temperature.
9.1.1 Cleaning computer components
Use a compressed air can, computer non-static vacuum cleaner or natural

bristle anti-static brush to remove dust from the computer parts. Do not
blow dust away with your mouth.
Put cleaning liquid (not too much) onto a lint-free cloth and clean parts
with that cloth.
Display screens and plastic using the wrong cleaner can damage screens
and other surfaces. Do not use standard glass cleaning products on glass
screens. Clean screens by wiping them down with a lint-free cloth and
approved screen cleaner which provides anti-static protection. You can also
use a lint-free cloth with mild detergent and water or a mixture of isopropyl
alcohol and water. Anti-static monitor wipes are also available. Clean the
monitors case with a damp (not wet) soft cloth and non-scratch soap or
cleaning solution.
Page 394 of 1229
Mouses mouse cleaning kits are available. For an older mouse, clean the
trackball if it is dirty using a mild detergent, soapy water, contact cleaner
or isopropyl alcohol. Rinse the ball and dry completely with a lint-free cloth.
Use a cotton swab or lint-free cloth with isopropyl alcohol to clean the
rollers inside the mouse. For an optical mouse, simply wipe the bottom of
the mouse with a damp, lint-free cloth. Use the mouse on a clean, flat
surface.
Keyboards keyboard cleaning kits are available. Keep food and liquids
away from the keyboard and other parts. Use a compressed air canister,
computer vacuum cleaner or brush to clean debris from the keyboard and
wipe down the surfaces with a lint-free cloth and approved cleaner. Use a
key puller to remove and clean dirty keys or replace them.
Figure 9.1 A vacuum cleaner kit with an ESD-safe vacuum cleaner

that has a HEPA filter that is effective in collecting dust particles
Note
Turn the device off and disconnect it from the power supply before
cleaning it. After cleaning the device, power on the computer to make
sure it works as it should.
9.1.2 A maintenance schedule

You should perform maintenance tasks regularly and also train users on how to
perform maintenance tasks and with the correct cleaning products. Table 9.1
provides a suggested schedule that can be followed on a regular basis.
Table 9.1 Suggested maintenance schedule
Frequency Checks
Daily
Make sure nothing is blocking air flow.
Ensure equipment is installed securely (no damaged or loose
cables, or overloaded power points, etc.).
Weekly
Clean the outside of the monitor and case.
Clean the keyboard and mouse.
Check for OS and driver updates.
Check for security and operational alerts.
Page 395 of 1229
Frequency Checks
Monthly
Make sure the fans are working correctly.
Run hard drive checks.
Ensure all cables are correctly seated and connected to the
chassis, components and peripherals.
9.1.3 Handling and protecting components

Parts such as memory and expansion cards are considered FRUs. These often
come in ESD-safe bags of different sizes, shapes and colours and you should
keep these parts in these bags when they are not used:
Anti-ESD shielding a bag with conductive material that prevents static

electricity from discharging through the inside of the bag. Seal the bag to
protect its contents.
Figure 9.2 Anti-ESD shielding bag with zip lock
Dissipative packaging a bag or foam packaging that is sprayed with antistatic coating or other chemicals. It is used to hold non-static sensitive
parts that are packed close to static-sensitive components.
9.2 Protecting against power problems

Power from the power company is not always stable and there are a number of
power problems that can harm computers in some way. Unsteady voltages are
called power fluctuations. Table 9.2 explains power problems.
Page 396 of 1229
Table 9.2 Power problems

Major type
Overvoltage
Sub-type
Surge
Spike
Undervoltage
Sag
Brownout
Blackout
Noisy power
EMI
(Interference)
RFI
Explanation
A short (typically under 1 second) temporary
increase in voltage above the normal voltage line.
Also called transient voltage. Caused by turning
off a light and lighting strikes, and from both
power and data (network) cables. Many surges
are too short to harm the computer but longer
ones can cause the PSU to crash, reboot or even
damage it.
A short yet powerful surge (larger increase in
voltage) that can destroy computer equipment.
Lightning strikes are common causes of spikes. It
can come from power and data (network) cables.
A short drop in voltage that occurs for less than a
second. Motors, transformers and power tools
can cause sags. Sags can stop computer
equipment from working properly.
A drop in voltage that lasts for longer than a
second. Overloaded power circuits can cause
brownouts. Brownouts typically cause lights to
dim and computers to restart or shut down.
A complete power failure. Blackouts might be
caused by a blown fuse, tripped circuit breaker or
power line or power that is down.
Stands for Electromagnetic Interference, a
magnetic field that interferes with electronic
equipment. EMI can cause permanent damage
and erase data on some storage devices.
Stands for Radio Frequency Interference,
electromagnetic noise where radio waves cause
interference with other signals.
9.2.1 Power protection devices

PSUs have built-in protection against power problems. However, the best
protection for a computer is to unplug it from the AC wall outlet and unplug
network cables during a power outage or thunderstorm. A range of devices
that stand between the AC wall outlet and computer equipment are available,
each of which has a specific purpose and protects against certain conditions or
provides no protections at all. Let us take a look at these devices.
9.2.1.1 Power strip
A power strip is an extension cable with a group of sockets and a cable that
plugs into the AC wall outlet. Although many power strips only protect against
overloading and not against surges and spikes, there are power strips available
with built-in surge protection (known as surge protectors) that have a sticker
indicating so.
Page 397 of 1229
Overloading happens when the power strip pulls too much current from the
wall outlet or when too much current is sent to the power strip. To prevent
overloading, it might come with an on/off switch and circuit breaker that trips
and cuts off the power. The strip can usually be reset by pressing a button.
Figure 9.3 Power strip with overload protection

Caution Do not overload power strips.
9.2.1.2 Surge protector
Also known as a surge suppressor or surge strip, a surge protector is an
adapter, power strip or filter plug that has a metal oxide varistor (MOV) and
sensors that protect against overvoltage (surges and spikes).
Figure 9.4 Surge protector with South African plug

Note
Although better surge protectors filter out EMI/RFI and overvoltage

problems, surge protectors overall do not provide the best protection
against other power problems.
9.2.1.3 Line conditioner

Also known as a power distribution unit (PDU) or power conditioner, a
line conditioner unit adjusts power during surges and brownouts so that the
electricity is stable and continuous, but it does not protect against blackouts.
9.2.1.4 Uninterruptible power supply (UPS)
A UPS is another name for a battery backup unit. You can use it for
temporary AC power when power completely fails (a blackout) or when it falls
below the minimum levels (a sag or brownout).
Page 398 of 1229
The UPS has a bank of batteries that give steady power for a limited period of
time, ranging from a few minutes to a couple of hours just enough time for
the power to be restored, a backup generator to switch on, or for the computer
to stay on and be shut down properly. This stops hardware and software
problems caused by unexpected power outages.
Figure 9.5 Front and back of UPS

The main types of UPS are:
Standby UPS (SPS) also referred to as an offline UPS, its battery is

used only when AC power fails. Another type of UPS similar to this one is
known as line-interactive because the battery interacts with the AC power
line rather than going directly to the computer and other components.
Online UPS runs the computer and other devices from its battery at all
times, always providing clean power. There is no switchover time when the
AC power fails.
Although you can perform your own calculations using ratings such as the
UPSs volt-amps (VA) and watts, which takes a long time to do for each
computer component, a far better and quicker way is to visit the UPS
manufacturers or vendors website and use their configuration wizard or
calculator to find out how much power you need and what UPS to get. Figure
9.6 shows one of these UPS selector wizards.
Page 399 of 1229
Figure 9.6 Using the vendors website to choose a UPS

Consider the following additional factors when choosing a UPS:
Runtime the time the computer will keep running on power from the UPS,
usually measured in minutes.
Connections look for USB; other ports might be supported as well.
Display screen some UPS units have display screens that show line power
status, battery power status, battery low/replace status and other
information. Others have light indicators and switches.
Self-test some UPS units have a self-test procedure and include a selftest button.
Software many UPS units come with monitoring and maintenance driver
software, as shown in Figure 9.7.
Figure 9.7 UPS software
Page 400 of 1229
Network support UPSs made for networks come with software that
notifies network users that the server is going to be shut down shortly.
Automatic shutdown essential for network servers or other unattended
systems, it needs a USB or serial port and software from the UPS vendor.
After a shutdown, it allows startup from a remote location over the
Internet.
Note
The more components you connect to the UPS, the less time the
battery can last if a power outage occurs. Thus, many UPS vendors
limit the amount of battery ports on the unit.
To use the UPS, simply plug the computer and monitors power cable into the
UPS and plug the UPS power cable into the AC wall outlet and turn the UPS on.
A UPS also normally connects to the computer using a serial or USB port to
provide status information and alerts. You can configure the UPS through its
driver software or by using the Windows Control Panel applet (the UPS may
add a tab under Power Management).
Many UPS units beep or sound an alarm at a different rate when the battery is
low and power is lost. Recharge or replace the battery. When the UPS is not
used, store it according to the manufacturers instructions. UPS batteries hold
less charge as they get older. Many vendors have trade-in programs for old
batteries and models.
9.2.1.5 Backup generator
For power outages that last for a longer time period, a backup generator can
be used. Using diesel, propane or natural gas as a fuel source, the backup
generator can give power for days to an entire building. Generators might take
time to start up, so UPS units should be used for a smooth transition to the
power generated by the backup generator.
9.3 MSDS documentation

You can get a material safety data sheet (MSDS) for most products that
have the potential to cause harm to people or equipment. This includes
materials such as cleaning products, toner, paints and chemicals. The MSDS
identifies important safety facts about the material, including its contents, its
characteristics, how to handle and store it safely, what to do if the material is
spilt or leaks or comes into contact with your skin, and how to recycle or throw
it away. It will also list first aid steps to take if the material presents a danger.
See Figure 9.8.
Page 401 of 1229
Figure 9.8 MSDS for a laser toner cartridge

It is easy to find MSDS documentation; you can search for it at the
manufacturers website or with a search engine. It is important to know what
to do in a situation when someone is affected by a product containing
chemicals, so that you can help the affected person.
If you do not have direct access to the MSDS, you should contact the relevant
person or department. It is better to review all MSDS documents and be
proactive.
Note
Generally, substances that have chemicals should be stored in a cool,

dry place, away from sunlight.
9.4 Throwing away and recycling components

When you replace an old component, whether it is a monitor, battery, print
cartridge or hard drive, you have a responsibility to throw away that old
component properly. You are not allowed to throw away many computer
components in a normal rubbish bin because they could have hazardous
material that might damage the environment. Local government laws control
the process of throwing away hazardous materials. If you break these laws,
you could be fined.
Page 402 of 1229
An important and relatively easy way to be an environmentally-aware user is

to recycle using an approved waste management process. Recycling products
such as monitors, paper, batteries and print cartridges not only keeps them
out of landfills, but also ensures that the more toxic materials they have are
thrown away in the right way, protecting both people and the environment.
They must be recycled according to the countrys environmental rules.
Luckily, many companies specialise in computer recycling and will gladly accept
your old computer or component and some will even pick them up from you. If
you cannot find a recycler, call your local government department to see where
to drop off your computer. An even better alternative for your old computer is
to donate it to a charity or school.
Do the following for the various components:
Print cartridges always recycle cartridges (especially toner cartridges)

using the manufacturers or vendors recycling scheme. Toner cartridges
can cause breathing problems with people who suffer from asthma or
bronchitis, so be careful when working with them.
Batteries always recycle batteries where possible, as they have
hazardous materials. If you cannot recycle the battery, find out from the
local government or battery manufacturer how to properly throw it away.
CRT and LCD monitors donate or recycle them if they do not work.
Storage media delete data and software from drives and discs completely
before disposing, recycling or donating them.
Green computing or Green IT involves practices including: recycling and

properly throwing away computer devices without damaging the environment,
designing energy-efficient computer devices, extending the life and reducing
the amount of electricity used by devices, creating laws for minimising the
waste created during manufacturing processes, and immediately donating
computer devices.
Page 403 of 1229
Note
People define e-waste (electronic waste) differently, but you can

think of it as electronic equipment that is near or at the end of its
useful life. It includes electronics that will be reused, resold, salvaged,
recycled or disposed of.
9.5 Compliance with laws

Any government laws about safety, disposal and environmental controls must
be followed. You, as a computer technician, and companies have a
responsibility to learn what laws apply, where the laws apply, and how they
should be obeyed.
9.6 Additional exercise

o Lab 9: Cleaning and Preventive Maintenance (p.27)
Page 404 of 1229
Unit 10 Soft Skills and Incident Response
Computer technicians must be good communicators, have good social skills

and work ethics, and know how to talk to and treat customers in a professional
and respectful way. The term customer refers to both people who buy a
product or service and users of a support service.
Identify some job roles and responsibilities of people who

sell, fix or support computers and other devices.
Understand professionalism.
Communicate to customers in a professional, productive
manner.
Handle complaints fairly and productively.
Follow proper incident response procedures.

Module 3 Unit 5 (p. 231-252)

Review Questions:
o Professionalism and Communication (p.250)
10.1 Job roles and responsibilities

As a computer technician, you might fulfil several roles:
PC technician works on site (at a repair centre, for example),

interacting with customers and is responsible for on-going maintenance.
Also known as IT administrator and PC support technician.
PC service technician travels to the customers site in response to a
call and might attempt to repair the customers computer or printer on site.
He or she is not usually responsible for on-going maintenance but does
interact with the customer. Also known as a field service technician.
Bench technician works in a lab environment and might or might not
interact with the customer of the computer being repaired. Also known as a
depot technician.
Technical retail associate responsible for selling computers and other
IT devices.
Help desk technician interacts with the customer over the phone, chat
session or by remote control of the customers computer. Also known as
remote support technician and call centre technician.
Page 405 of 1229
10.2 Professionalism and communication skills

Professionalism means taking pride in your work and treating people fairly.
Communication refers to passing information between people. Being an
effective communicator and having a professional attitude are very important
customer service skills to have when interacting with customers and coworkers. They will help you collect information about a problem, handle
difficult situations in a positive way and get the customer working with you
instead of against you. Lets take a look at professionalism and
communication.
Initial contact with the customer
When visiting or expecting a visit from the customer, prepare for the visit by
reviewing information given to you. Know the problem you are going to
address, how urgent the situation is and what needs servicing. If making an
onsite call, arrive with a complete set of equipment. Always greet the customer
in a friendly manner by saying Hello or Good morning.
For phone calls, when you answer the phone, introduce yourself and your
company. Be loud enough to be heard but not too loud. Then ask for and write
down the name of the caller (and company). Ask for spelling, if necessary.
Follow company policies on what to say and what other specific information
you must get when answering the call.
To understand a problem and also to give clear step-by-step instructions, you
must visualise what the customer sees on their computer. Be specific with your
instructions: click here, right-click here, etc. Frequently ask the customer what
is displayed on screen to help you track the keystrokes, touch and action.
Follow along at your own computer. Do not ask the customer to do something
that might destroy files or settings without first performing a backup. If the
customer cannot do what you ask him or her to do, then ask to send someone
to their site to help out or give another solution. Give the customer plenty of
time to ask questions.
Page 406 of 1229
Use phrases such as Yes, I see or Uh-huh from time to time so that the
customer knows you are paying attention. Do not eat food or drink while on
the phone. Tell the customer that you are putting him or her on hold and
explain why. Do not keep a customer on hold for long periods without getting
back to him or her.
Body language and appearance
A customer can see how you look and dress and your body language. Every
company has a dress code for technicians; follow it. Body language means
visual communication, such as your stance, hand movements and eye contact.
Try to make regular eye contact when speaking with the customer (but do not
stare).
Punctuality
Be on time for a visit, call or email. If you are running late, contact the
customer, apologise and let them know that you will be late, or reschedule.
You might also need to inform your manager as well.
Use proper language
Speak clearly and slowly so that the customer understands what you are
saying. Try to make sense of what you are saying. Stay away from using
technical language, jargon and acronyms (for example TCP/IP) that the
customer might not understand. While you do not have to speak too formally,
avoid being over-familiar with customers by using slang words such as hey.
Be positive and helpful
No matter what the situation, always keep a positive attitude and tone of
voice. Your tone of voice tells the customer whether you are tired, bored, keen
to help, angry or impatient. Dealing with angry customers is a part of anyones
job who works in the service industry. Allow the customer to vent until he or
she has calmed down. You will be able to collect more information about the
problem with less anger mixed into the conversation.
As long as you keep positive, you have a much better chance of getting him or
her to remember that you are there to help. You can use statements such as I
know how frustrating it feels to lose data or I know how it feels when I
cannot do the work to cool off the situation and let the customer know you
are on their side.
Be confident, friendly and helpful.
Deal with customers professionally
Be patient and understanding. Never argue with or shout at the customer or be
defensive or offensive (attacking). Avoid being judgemental and avoid using
the word you, as it can sound as if you are accusing someone of doing
something. Never ask questions such as What did you do? or Who was
working on this?
Page 407 of 1229
Listen without interrupting

Do not interrupt the customer when he or she is speaking. Listen carefully,
giving your full attention, and allow the customer to explain the problem fully
while you record information. Once the person has described the situation,
only then must you ask questions. This process is called eliciting answers.
Clarify the problem
Your job as a computer technician is to fix the problem, and the best way to
start is to find out what the computer is doing or not doing. You must start by
talking to the customer and asking questions. Depending on the problem, you
might have to ask an open-ended question or closed question.
An open-ended question cannot be answered with a one word response,
such as yes or no. For example, What type of symptoms are you seeing? or
What can you tell me about this computer?
A closed question allows you to start working through a series of symptoms
to try and diagnose the problem. For example, Can you tell me whether the
light on the monitor is green?
After you understand what the problem is, always clarify by repeating the
problem back to the customer to reassure him or her that you understand
what the problem is. Ask the customer to repeat anything you did not
understand.
Work ethics
Ethics are right and wrong principles by which we live and work. Companies
want employees who are honest, dependable and responsible, and have
integrity. Honesty means telling the truth, while integrity means doing the
right thing. Do not sell people goods and services they do not want and need.
Do not lie to your customers about a problem and do not hide your mistakes.
Do not be afraid to say I do not know and do not make a promise that you
cannot keep.
If the customer asks you to do something that is inappropriate, make sure you
know exactly what the customer wants you to do, then take the appropriate
action. For example, if you are asked to install company software on the
customers home computer, then check with that company if you are allowed
to do the installation under the companys licensing agreement. If allowed,
then proceed. If not, you will have to politely refuse the request. This type of
customer behaviour should be reported to your manager.
Page 408 of 1229
Responsibility means you are answerable for your actions. Dependability

means you can be counted on to carry out your actions.
Be proactive
A good computer technician is proactive, meaning that he or she thinks of
ways to improve a situation or anticipates problems and fixes them before
being told to.
Adaptability and versatility
Adaptability means how you adjust to changes. Versatility is bringing a wide
set of skills to the repair process. Every repair job is to some degree a
guessing game. That is, there is no universal repair book that tells you how to
fix every problem out there. Good technicians must be versatile (or flexible)
and be able to adapt to any situation, both technically, socially and in the
environment.
Respect the customer and their property
Respect means treating others as you would like them to treat you. Here is
how to be respectful:
Do not be rude or offensive.

Avoid any interruptions in general. Keep your smartphone off or left to
voicemail and answer it only if it is an emergency. If other people call and
the call needs to be taken, let the customer finish describing the problem,
then apologize to the customer that the call must be taken, and explain to
the caller that you are with a customer at the moment and will call them
back shortly or have another co-worker or manager call them if available.
Be sensitive. Sensitivity is the ability to appreciate another persons
feelings and emotions. Understand that customers come from all walks of
life and different cultures. A culture has a set of customs, values, practices
and habits that are shared among people within that culture. Being
culturally sensitive means observing other people closely, taking time to
appreciate their feelings and customs, and acting in such a way that makes
them feel comfortable and appreciated.
Do not stereotype. Stereotyping is when you see a person of a particular
gender, culture, race or other group behave in a certain way and you
believe everyone in that culture, gender, race or group behaves in the
same way.
Even if you have encountered the same problem many times before, do not
act as if the problem is unimportant. Empathy goes a long way. Empathy
means understanding the customers situation and their feelings and
reacting accordingly.
Think about using visual aids or demonstrations when dealing with
language barriers (accents, dialects and languages) that make it hard for
you to understand the customer, and vice versa.
Do not be careless when dealing with the customers property.
When working at the customers site, you should first ask the customer for
their permission to use their equipment or make a change to their system,
and only do so when given the go ahead.
Do not use the customers equipment for personal tasks and phone to
make phone calls.
Page 409 of 1229
Do not help yourself to food and drink, and ask for permission to use the
bathroom.
Do not look around the customers files and folders unless it is necessary to
solve the problem and you have been given permission to do so. This is
especially important when dealing with private information at a desk,
printer or within files and folders. Ask the customer to move the private
information to another area where you cannot see it or close the file or
application, etc. Do not look at or touch confidential information.
When making changes to the computer during troubleshooting, reset (if
possible) the change back to what it was. For example, if you need to
change the resolution on the screen for troubleshooting, change it back
when you are done.
Keep your equipment out of the customers way and when at the
customers site, keep the working area clean and tidy and leave it as you
found it.
Avoid learning other peoples passwords. If you know a password that gives
you access to a mission-critical system and that system ends up
compromised or with data missing, who might be blamed? If you anticipate
accessing something many times (the more usual situation), ask the
customer to change the password temporarily.
Escalation
Escalation is the process of passing a request to another person, most likely
to someone who has more knowledge and experience and possibly more
resources to take on the job. Do not be afraid to escalate; not everyone can fix
every problem. Remember there is always someone to help you; it is just a
matter of finding them.
You should escalate when you cannot solve the problem, when you do not
have an answer to something, when you are not allowed to configure
something, or when the customer becomes difficult or abusive and demands
help with something you cannot provide support for. Tell the customer you are
escalating the problem to a more knowledgeable expert.
Know your companys escalation policy: what documents to fill out or software
to configure, who to pass the problem on to (your manager, co-worker, online
support, etc.), how to pass the problem on (by email, phone call or online
entry), whether you are still responsible for the problem, and who should keep
in contact with the customer after escalation.
Page 410 of 1229
Figure 10.1 Escalation Policies

Information resources
As a computer technician, you will have access to several communication and
research tools to gather information for the troubleshooting process. Some
examples are:
Personal experience
Websites
Search engines
Online frequently asked questions (FAQs)
Co-workers
Support vendors
An expert system is software that uses a database of known facts and rules
to simulate the reasoning and decision-making ability of a human expert for
the purpose of helping the human to solve problems. These systems ask a
question about a problem that the computer technician or user must answer.
The response to each question triggers another question until the system
arrives at one or more possible solutions.
Many systems are intelligent and are listed in the general category of
computer software known as artificial intelligence.
Manage work activities in a timely and stress-less way
Problem management means tracking and documenting support requests.
Many companies use a Call Management or Problem Management System for
this. The system uses an incident or job ticket to track the name and other
information about the caller or company looking for help, the date, time and
length of the help desk or onsite call, the causes of and solutions to the
problem addressed, who did what and when, how each call was resolved, and
whether a follow up was done.
When someone calls for help, the computer technician creates the job ticket by
entering it into the system, which stays open until the issue is resolved and a
follow up is done. The ticket might be escalated.
Page 411 of 1229
Figure 10.2 Help desk software

For time management, it is important to prioritise your activities. A formal
call management system can usually assign a priority code to a help desk or
onsite call that depends on factors determined by the company, such as how
urgent and difficult the problem is, how much effort is needed, etc. Open
tickets can be monitored, updated and re-prioritised to ensure they meet the
agreed service and performance levels.
For stress management, take a break between calls if you can and try to cool
off and relax. Do not carry any frustrations from one call to the next.
Taking ownership
Ownership is a question of who takes responsibility for a ticket when the
problem is escalated. Consider the following types of ownership:
Actual the person dealing with the problem. If escalated, the other
person has ownership.
Perceived the customer perceives that you, who initially took the call, has
ownership of the problem even though another person is handling the
problem. The customer expects you to keep in touch with them with
updates on how the troubleshooting process is coming along.
Ownership builds trust and loyalty because the customer knows that the
responsible person can be counted on. When escalating, always confirm that
either you or the escalated person has stayed in contact with the customer
and kept them up to date.
Set expectations
Keep the customer up to date and offer options. When you understand what
the problem is, tell the customer how you plan to fix it, what will be involved
and if not using a call management system, give them a reasonable
assessment of how long it will take to fix it.
Page 412 of 1229
If you truly do not have a feel for the time involved, tell the customer that you
cannot give an exact or predicted timeframe and then tell them what you will
need to know before you can set a time. Stay in contact with the customer
often, giving him or her updates at certain intervals. If applicable, give
different repair or replacement options as the job progresses.
Documentation
The customer decides when the job is done. For onsite support, provide the
customer with documentation about the services you provided, including costs
of replacement parts, hours worked, cost per hour, etc. Give the
documentation to the customer at the end of the service and keep a copy for
yourself or for your company. If the customer owns the replaced parts, offer
them to the customer (this is especially important if you replace any storage
media).
Quality assurance and SLAs
Although the word quality means different things to different people, many
people will agree that it means giving a product or service that is done well,
looks good and does its job well. Quality assurance in IT is the process of
giving quality products and services, and setting and measuring performance
targets against company goals.
Most service contracts are overseen by a Service Level Agreement (SLA).
The SLA is a contract or agreement between a service provider and a customer
that describes the level of service that the service provider agrees to give to
the customer.
Quality assurance and SLAs go hand in hand. SLAs must measure key quality
aspects of a service and should define exactly what the customer can expect
from the service provider, which specific equipment the service provider will
support and for how long, costs, diagnostics, preventive maintenance and
penalties for failing to follow these descriptions.
The SLA aims to:
identify clear and consistent customer expectations

set out roles and responsibilities
provide mechanisms for resolving problems
provide services that are measured, monitored, reported and reviewed for
improvement.
Page 413 of 1229
Figure 10.3 SLA example

A service provider needs standards against which to measure quality. The
service provider uses its own service standards to measure how it follows its
targets of giving quality services to its customers. Standards cover aspects of
dealing with customers and are not appropriate to put in an SLA.
Companies use performance measurements called metrics to look at the
performance of their services and employees against the customers
expectations. Key Performance Indicators (KPI) are metrics that
performance and quality information can be set and measured by when
creating an SLA. The KPI tracks performance over a period of time and helps
improve procedures. Some KPIs for technical support include quantity, quality
and time of calls taken, and availability of the person taking the call.
Customer satisfaction is how products and services meet or surpass the
customers expectation and is important for keeping current customers and
attracting new ones. You can tell how satisfied customers are by getting
feedback from them through monitoring your calls and doing follow ups or
surveys (a series of questions that need specific answers).
Page 414 of 1229
Follow up
After you finish the job and complete the documentation, follow up with the
customer at a later date. Make a simple phone call to the customer to confirm
that the customer is happy with your work. If they are not, you will have an
opportunity to fix the problem. If they are happy, this follow up helps to build a
relationship with them.
Handling complaints and dealing with difficult customers

There are times when you might have to deal with a difficult customer. Here
are a few tips in this situation:
When a customer is overly confident and knowledgeable, such as when he

or she wants to give you advice, it is best to compliment him or her on
their knowledge, experience or insight. Slow the conversation down by
saying, for example, please slow down or help me catch up. Do not
back off from using problem-solving skills. The customer must still check
the simple things. Do not accuse the customer of making a mistake and
keep to your policy of not using technical jargon.
Listen carefully and do not ignore the customer.
Give a frustrated or angry customer time to vent before calming down and
apologise when you can. Calm him or her down using a low voice and
soothing language, and focus on positive statements and actions.
Do not be aggressive, threatening, bullying, sarcastic (insulting in a teasing
way) or show behaviour or actions that belittle others. You should be
passive by apologising often while the customer is explaining a problem
and be a little assertive showing respect but not letting the customer take
advantage or dominate the situation.
Leave the customer with the impression that you and your company are
willing to admit mistakes. Make sure any problems caused by you are
investigated to ensure they do not happen again.
Do not take complaints personally.
If the customer complains about a product or service that is not provided
by your company, do not say that is not my problem. Be positive and
helpful.
Point out ways in which communication can be improved.
If the customer keeps on being abusive or threatening, warn them about
their behaviour and if they cannot be reasonable, inform them that you are
either going to escalate the call or hang up in a polite way. For example,
you could say Im afraid I cannot continue with this conversation. Ill refer
the problem to my manager and have him/her call you back. Goodbye.
Page 415 of 1229
10.3 Incident response and documentation

You might occasionally run across information or an activity that goes against
the companys policies or the countrys law (making it illegal). Two of the
common company policies that oversee what you can and cannot do include:
Security policy indicates what security means to the company as a

whole and covers clear and understandable aims, rules, risks,
responsibilities and procedures for security.
Acceptable use policy sets out what type of activity is acceptable and
unacceptable when using the companys equipment, resources and services
including email and the Internet. This policy protects the company from
both security and legal implications.
Within IT, the activities that are not allowed are security incidents. In other
words, if the activity is not allowed by the companys security policy, it is an
incident. Examples of incidents:
Installation of unauthorised applications.

Insertion of unauthorised flash drives.
Allowing unauthorised people in secured areas of a building or allowing
unauthorised people access to private data.
Any types of attacks an attack is an activity that is taken against a
system or something else that is designed to cause harm or some kind of
loss or theft. Attacks commonly come from external people, systems or
other sources but can also come from someone on the inside.
Online activities some online activities might be illegal and not allowed.
For example, gambling during company working time.
Not allowed offensive pictures and videos might be more than just
inappropriate in the workplace; they could be illegal, depending on the
content.
How you follow up on an incident is a good measure of your ability to a

company. Incident response is the set of procedures that any investigator
follows when looking at an incident. How you first respond, how you document
the situation and how you create a chain of custody are important investigation
skills to have.
Within IT security, the first IT professional on the scene of an incident is called
the first responder. Bigger companies have an entire team called the
Computer Security Incident Response Team (CSIRT) to respond to and
handle incidents.
You, as a computer technician, might be the first responder to an incident, and
as such you will not be expected to know how to be a computer forensics
expert, but you will be expected to identify whether an incident has taken
place, and know how to report it and how to protect the evidence. To help you
understand how companies deal with and manage incidents, you should know
what an incident response policy is and what the stages for the incident
response lifecycle are.
Page 416 of 1229
An incident response policy defines how a company responds to an incident.

It lists the steps to take when dealing with an incident and the people to
contact when an incident occurs. These contacts will be able to investigate the
incident. The following is a list of the stages of the incident response lifecycle:
1. Preparation involves being ready to handle an unforeseen incident.
Involves writing procedures and guidelines, creating resources, training
people, and making systems, networks and applications secure to prevent
incidents from happening.
2. Detection and analysis involves determining whether an actual incident
has taken place, and assessing its impact. This is done by gathering and
recording information and then reporting it. If you run across information or
an activity that is illegal, report it to the correct authority (your manager,
law enforcement or a CSIRT team). If you do not, you could be considered a
part of the incident.
3. Containment, eradication and recovery containment means limiting
the damage and preventing any further damage from occurring. This
involves making decisions and taking actions such as shutting down affected
systems, disconnecting affected systems from the network, disabling
functions, or allowing attacks to continue to monitor and learn from them as
long as valuable systems and data are not at risk. After limiting the
damage, eradication and recovery means removing and restoring affected
systems.
4. Post-incident activity this stage involves completing documentation,
learning from and improving on the entire incident response process and
security measures.
Policy, standard, guideline and procedure: A policy is a high level
document about the companys goals, objectives, resources, requirements,
level of protection, etc. A standard can be thought of as a rule, action or
requirement that gives the policy the support structure to make it meaningful
and effective so that people obey it. As an example, a standard might set a
requirement that all emails be encrypted. A guideline is a recommendation or
suggestion as to how things should be done; it provides a framework for
procedures to be used. A procedure provides step-by-step instructions that
indicate exactly what must be done; it outlines specifics of how policies,
standards and guidelines will actually be used.
10.3.1 Forensic investigations

Any data or devices involved in the incident must be protected as evidence.
Turning a system off or working on the keyboard can destroy or change
evidence. Therefore, the best thing you can do is do not touch anything that
can be evidence and do not allow anyone else to touch it until help arrives.
Computer forensics is the process of collecting, preserving, understanding,
reading and documenting electronically stored information in such a way that it
can be used as evidence in a court of law to prove that an illegal activity
involving a computer has taken place.
Page 417 of 1229
Getting and protecting evidence is a challenge, because the people involved

may not be technically educated and therefore will not fully understand what
has happened, and the digital evidence cannot be sensed with your physical
senses (It is latent). Latent means you can see printed characters, but you
cannot see the bits where data is stored and therefore a machine or process
must be used to understand and read it.
10.3.2 Collecting evidence

If there is any possibility that evidence needs to be collected and looked at for
an incident, the first step is to protect it. For example, if a computer is running
and an incident happens, do not turn the computer off or reboot it. Forensic
tools can be used to get data inside RAM, but if you turn it off, that data is lost.
Similarly, you should not access any files that have attributes that identify
when they were last accessed or changed. If you access or change files during
an incident, their attributes will be changed and the evidence will be lost.
When an incident occurs, information needs to be collected to help with the
investigation. If someone is committing a crime or going against a policy, that
person will likely try to cover their tracks. Therefore, the forensic person
should collect as much information as soon as he or she can. Two main
questions that must be asked when collecting evidence are:
?
What evidence must be collected? the evidence must be convincing

and measure up without question; it should be reliable and must be
relevant to the case, for example, evidence such as eyewitness statements,
data on physical items and so on.
How should the evidence be collected? although it is difficult to
capture evidence from a digital crime scene, the general procedure is to
record every action using videos, sound, photos; collect evidence with
another person around (a witness); store and label evidence properly; and
use forensic tools and programs.
Page 418 of 1229
Figure 10.4 Forensic hard drive set
Figure 10.5 Computer forensic program
10.3.3 Preserving evidence

Once evidence has been collected, it must be protected against the risk of
someone changing or damaging it. This means documenting and recording
each step. Evidence must be moved and stored in a controlled way. A chain of
custody shows where the evidence was at all times and who had it. Every
person who has the evidence must sign the chain of custody document and
state what they were doing with it. This ensures that a person who should not
be near the evidence was not able to corrupt it in some way.
When experts analyse evidence, they work on a copy of the evidence and not
on the original.
Page 419 of 1229
Unit 11 Local and Wireless Networking
Explain what a network is and define common networking

terms.
Describe different types of networks and network topologies.
Compare and contrast network devices, how they work and
the features they have.
Recognise the different types of cables and their connectors
and what they are used for.
Identify the function of cable installation and testing tools.
Explain the basics of TCP/IP.
Describe protocols and ports.
Explain how the basic components of a wireless network
work.
Analyse and explain wireless networking standards
(802.11x, infrared, Bluetooth).
Understand how a typical wireless/wired router is installed,
configured and made secure.

Module 4 Unit 1, 2 and 3 (p. 253-303)

Review Questions:
o Network Hardware (p. 275)
o TCP/IP Essentials (p. 293)
o Wireless Networking (p. 303)
11.1 Network building blocks

A computer or data network is a combination of hardware and software
which together allow computers, laptops, printers and mobile devices to
communicate over cables or over the air. Devices use protocols (rules) to
communicate with each other.
Page 420 of 1229
Sharing information over the network
Note
In the networking world, data travelling over a network can be

referred to as traffic, messages, packets, frames, bits, signals, waves,
pulses or even packages, depending on the context.
11.1.1 Network architectures

The term network architecture refers to plans or structure on which the
network is built. A node is a device such as a computer, server or printer that
is part of a network. Similarly, a host means any device that is part of a
network and is assigned with a network address that enables it to
communicate with other network devices.
A host can be one of the following:
A client who asks for data and services; a client is sometimes referred to as
a workstation.
A server who provides data and services. A server is a computer that
provides a central place where access to hardware, software and other
resources can be controlled, managed and distributed. The server can be
dedicated to providing resources and services or it may be used as a client
as well, using applications and data stored on other servers.
A peer who both asks for and provides data and services.
Because of the different functions of peers, clients and servers, multiple

network architectures have been created, including:
Peer-to-peer all hosts can both ask for and provide data and services. For
example, two peers set up to share files are considered a peer-to-peer
network. On a Windows network, this is known as a workgroup.
Figure 11.1 Peer-to-peer model

Page 421 of 1229
Client/Server in this model, clients ask for data and services from one or
more servers, which allow the data and services to be easily managed and
secured. A client/server network is also called a server-based network.
11.1.2 Local vs. remote

If the source and destination hosts are on the same network, the destination
host is said to be on the local network. If two hosts are on different
networks, the destination host is said to be on a remote network.
11.1.3 Types of network

The type of network is often defined by how it operates or its size. The
following sections look at the common types of networks.
11.1.3.1 Local Area Network (LAN)
A LAN is a high-speed network that spreads out over a small geographic area,
usually a room, office, floor, building or campus. A LAN is usually owned and
managed by a single company. Ethernet is the most common LAN technology
(also known as a protocol or a series of standards). Figure 11.2 shows a LAN.
Figure 11.2 A LAN
11.1.3.2 Wide Area Network (WAN)

In general, a WAN is a network that is spread out over a large geographical
area, usually to connect multiple LANs that are far away from each other. A
more practical definition of a WAN is that it is a network that crosses a public
or commercial carrier, such as the Internet or phone system, using one of
several WAN technologies. A WAN is often owned and managed by several
companies (or providers) and it does not necessarily have to spread out over a
large geographic distance.
Figure 11.3 shows a WAN for a big company with its main office LAN and small
remote office LAN.
Page 422 of 1229
Figure 11.3 A WAN
11.1.3.3 Metropolitan Area Network (MAN)

A MAN is a network that connects a companys LANs across a city. It is
generally smaller than a typical WAN but bigger than a LAN. The term MAN is
not commonly used.
11.1.3.4 Personal Area Network (PAN)
A PAN connects devices such as printers, smartphones, laptops and tablets at
close range (within metres). Connectivity is through a wireless or cellular
connection. A PAN will often use wireless technologies such as Bluetooth and
infrared, so it is sometimes referred to as a wireless PAN (WPAN).
11.1.3.5 Internet, private and public networks
An internetwork is a general term that describes a collection of two or more
LANs connected by WANs. The Internet is the biggest and most well-known
internetwork that connects different sized networks together from all over the
world and is open for everyone to use. Companies or providers that connect
their customers to the Internet are called Internet Service Providers
(ISPs).
A public network is a network that is open for anyone to connect to, such as
the Internet. A private network is any network where access to it is
restricted, such as a school or home network. Another kind of network to know
about is a converged network, which allows users to use voice, video and
data on the same network using both network and telephony equipment.
An intranet is a private network or a website that the company creates to
share information only with employees who work for the company. Intranets
use Internet technologies. Another type of network a company can create is an
extranet, which is extended to users outside of the company, such as
business partners and vendors.
One way to secure access to the extranet or any network from a remote
computer, device or another network is to set up a virtual private network
(VPN). A VPN allows two or more devices on different networks to connect to
each other over a secure LAN or WAN connection using encryption.
Page 423 of 1229
11.1.4 Standards and standards organisations

Standards are technical documents published by different organisations that
allow products from different manufacturers to work together. Standards
define rules that must be followed by anyone who creates products, including
media, hardware and software. While studying networking, you will encounter
the following standards organisations:
IEEE (Institute of Electrical Engineers) a standards organisation that

develops standards for cabling, connectors, access methods and other
technology related to electricity. It is commonly pronounced as eye triple
E. For more information, go to www.ieee.org or standards.ieee.org.
ISO (International Organization for Standardization) an international
standards organisation that promotes standards around the world. Some
standards are developed with the International Electrotechnical Commission
(IEC) and shown as ISO/IEC. For more information, go to www.iso.org.
Telecommunications Industry Association/Electronic Industries Alliance
(TIA/EIA) two organisations that work together to develop and publish
standards on how cables for data networks should be installed. These
standards are called the Commercial Building Telecommunications Wiring
Standards. For more information, go to www.tiaonline.org.
Telecommunication
Standardization
Sector
of
the
International
Telecommunication Union (ITU-T) an international organisation that
coordinates the operation of telecommunication networks and services and
advances the development of communications technology. For more
information, go to www.itu.int.
Internet Society (ISOC) an international organisation that promotes open
discussions on Internet policies, technology and future development among
people, companies and governments. For more information, go to
https://www.internetsociety.org.
Internet Architecture Board (IAB) a technical advisory group of ISOC that
oversees the technical and engineering development of the Internets
architecture. For more information, go to www.iab.org.
Internet Corporation for Assigned Names and Numbers (ICANN) an
organisation that took over the responsibilities of the Internet Assigned
Numbers Authority (IANA) for assigning parameters for Internet protocols,
managing the IP address space, assigning domain names and managing
the top level domain space (root server functions). For more information,
go to www.icann.org.
World Wide Web Consortium (W3C) an international organisation that
handles the development of standards for the World Wide Web. For more
information, go to www.w3c.org.
IETF (Internet Engineering Task Force) an organisation or community of
network designers, operators, vendors and researchers working under the
IAB that are responsible for developing and promoting protocols, standards
and best practice. For more information, go to www.ietf.org.
RFC (Request for Comment) when the IETF develops a standard, it first
publishes it as an RFC with a number. For example, RFC 1918 defines what
IP addresses should be reserved for private networks. For more information
on the thousands of RFCs available, go to www.ietf.org, www.rfceditor.org and in Web format at tools.ietf.org/html.
Page 424 of 1229
11.1.5 Characteristics of IEEE 802 standards

Although you do not need an in-depth understanding of all the IEEE standards,
a general understanding of some of the standards will be extremely helpful to
you.
11.1.5.1 Media
To create a network means to create a communication pathway between hosts.
An adapter on one host sends data as signals over the communication
pathway and the networks communication or transmission media carries the
data signals to the other host. There are two main types of network media:
Wired uses cable to carry data signals between devices. This is known as
bound media.
Wireless uses electromagnetic waves (radio signals) to carry data over the
air between devices. This is known as boundless media.
11.1.5.2 Network connection speeds

Many factors contribute to the speed of a network, such as the type of media
used and type of network devices. There are different ways to look at the
transfer speed of data signals on the media:
Theoretically as bandwidth in everyday use, Ive got a lot of bandwidth

is taken to mean you can transfer data quickly. It measures how much data
can be transferred over the media at one time. Bandwidth is also known as
data transfer rate, bit rate or transmission rate. Bandwidth relates to
how much data can pass over the media at one time, but other factors
determine what top speed the media supports.
Practically as throughput the actual amount of user data that can be
successfully transferred over the media at one time.
Although both bandwidth and throughput are related and are often used
interchangeably, they are technically not the same. Bandwidth is the
theoretical or potential speed that is rarely reached because of factors such as
interference and errors, while throughput is the real speed of the network.
The standard measure of both bandwidth and throughput is in bits per
second (bps) because networks usually transfer data serially or one bit at a
time. However, it is more practical to measure bandwidth and throughput in
kilobits per second (Kbps), megabits per second (Mbps) and gigabits per
second (Gbps). Mbit(s) and Gbit(s) are used interchangeably with Mbps and
Gbps.
Both the signalling speed, measured in MHz (millions of clock cycles per
second), and encoding method are important factors to achieve higher
bandwidths. Encoding simply means taking data bits and turning them into
the correct electrical, light or electromagnetic signals so that they can be sent
over the network media.
Page 425 of 1229
Note
The IEEE standard defines a networking systems maximum speed.

Some networks are faster than others and many factors affect the
maximum speed that can be achieved on a network. There are very
few, if any, networks that can achieve 100% of their potential
bandwidth.
11.2 Network topologies

If a group of computers connect together to create a network, then a map
must describe the way they connect. This map is called a topology and it
describes the way computers connect to each other in a network:
Physical topology describes how the network actually looks, in other

words, the layout of computers and network devices, cables and how the
cables run between devices and through the ceiling space and walls.
Logical topology describes how a network works, in other words, how
data is actually sent from one device to the next in the network.
No topology is simpler than a point-to-point (one-to-one) one, which is not

so much a network topology as it is a piece of one. In a point-to-point
topology, one node is directly connected to another node, such as with a
computer connected to a printer. In contrast, a multipoint (multi-drop or
point-to-multipoint) is a connection between one node and two or more
other nodes. All nodes share the available bandwidth.
Figure 11.4 Point-to-point (left) and multipoint (right) topologies

Note
Active connections are commonly referred to as links in the

networking world. Links are also known as channels or lines.
11.2.1 Types of topologies

To help you understand the different topologies described next, take a look at
Figure 11.5.
11.2.1.1 Star topology
In a star topology, each host has an individual cable connection to a central
connectivity device, making the network look like a star. This central device is
typically a switch for todays networks or a hub for older networks. If a host
wants to send data to another host, it must send it through the central device.
The star is the most common topology used.
Page 426 of 1229
11.2.1.2 Bus topology

In a bus topology, all hosts connect to a single drop cable (called the bus,
backbone or segment) to communicate. The data signal sent by one host is
received by all hosts, but only the host the data is meant for will copy and
process that data. Both ends of the cable must be terminated with a
terminator to absorb the signal, otherwise it will bounce back and collide with
other data signals placed on the bus. You will rarely see this topology and it is
easy to understand why.
11.2.1.3 Ring topology
A ring topology is created when one host is connected to the next one, with
the last host being connected to the first, creating a single circle or ring. Hosts
are directly connected to each other with a network cable or through a special
device (such as a multistation access unit [MAU]). Data travels in one
direction, passing from one host to the next until it reaches its destination. The
hosts in the ring topology are not generally arranged in a physical ring like that
shown in Figure 11.5, but rather in a logical ring. Although no longer used on
LANs, you will find ring topologies used on WAN networks. Fiber Distributed
Data Interface (FDDI) is a type of token ring topology that uses two rings
for redundancy so that if the first ring fails, the other one can be used.
11.2.1.4 Mesh topology
A full or fully connected mesh topology is where every host connects to
every other host. Many paths exist to and from each host (giving you
redundancy). The number of connections needed for a full mesh rises each
time you add a new host to the network. The formula for calculating the
number of point-to-point connections needed to create a full mesh is n(n1)/2. Using the mesh topology in the Figure 11.5 as an example, with five
hosts (each host needing four connections), the formula is 5 x (5-1)/2 or 5 x 4
(20) divided by 2 = 10 links in total. A more cost-effective mesh is a partial
mesh, where only a few important hosts are set up in a full mesh while other
hosts are connected to at least two other hosts. Mesh topologies are
impractical and expensive for LANs but are often used for networks such as the
Internet and certain wireless setups.
11.2.1.5 Hybrid topology
A hybrid topology means to use two or more different topologies within the
same network, allowing you to use their strengths and minimise their
weaknesses. For example, connecting two or more physical star networks to a
common network bus (working as the networks backbone or trunk) allows you
to create what is known as a star bus topology. Now take this to the next
level. Use a powerful central switch as a backbone or root host and connect
several other switches to it (creating branches), each with its own star
topology (with hosts being the leaves), and you are creating what is known as
a hierarchical star or tree topology (because it looks like a tree). A
hierarchical star topology is common in large networks.
Page 427 of 1229
Hybrid
Star
Bus
Full Mesh
3 different Rings
Figure 11.5 Network topologies

Note
The physical topology of the network will most likely not be the same
as the logical topology.
11.3 Networking models

A network reference model helps people understand, teach and work with
networks. It describes how data moves from an application on one computer
through the network to the application on another computer, and ensures that
hardware and software from different manufacturers can work together
(interoperability). Models are broken down into layers making it easier for
people to understand networking, with each layer representing a specific
network function controlled by protocols. Protocols are rules that provide the
common language or an agreement for devices to understand and
communicate with each other.
While some protocols only work at one layer, others work across many layers.
Protocols on one layer interact with protocols on the layer above and below
them, creating a group of protocols called a protocol suite or stack. The
most common protocol suite is TCP/IP (Transmission Control
Protocol/Internet Protocol) which is the building block suite of the
Internet.
11.3.1 OSI model

One of the most widely used networking reference models is the Open
Systems Interconnect (OSI) model, which was created by ISO. The OSI
model outlines how data should be sent across the network and breaks various
aspects of a computer network into seven distinct layers, making it easier for
people to understand and troubleshoot network problems.
Page 428 of 1229
Figure 11.6 OSI 7 layer model

Each layer provides services to the layer above it and uses the services from
the layer below it. Lets take a brief look at each layer of this model.
Layer 7 Application
Any application you use that can store, send or receive data over a network is
a Layer 7 application. Layer 7 is sometimes called the user interface layer. For
example, when you save a document to a file server, you create some data
with a network-aware layer 7 application on one computer and send that data
over the network to another computer, which has its own network-aware
application that a user can use to read the data.
Figure 11.7 Application layer

There are many protocols that work at the application layer. Two common
application layer protocols (and their acronyms) are:
HTTP (Hypertext Transfer Protocol) enables users to browse web pages

and to send and receive files.
DNS (Domain Naming System) used to map names (easy for people) to
IP addresses (easy for computers).
Note
It is the application protocol that works at Layer 7; not the

application.
Page 429 of 1229
Layer 6 Presentation
The presentation layer is responsible for formatting data so that application
layer protocols (and then the users) can understand and work with that data.
Some common file formats handled by the presentation layer include JPEG,
ASCII, MP3 and MP4. Other examples of presentation layer formatting are
compression/decompression and encryption/decryption.
Encrypted text
Hello
1@2!m
Hello
Figure 11.8 Encryption is performed at the session layer

However, encryption can also be done at lower layers as well. For example, the
Internet Protocol Security (IPSec) protocol that works at the Network layer
encrypts data.
Layer 5 Session
The session layer has several functions. Some important session layer
functions include setting up, maintaining and closing dialogs (connections),
providing instructions to connect, authenticate and authorise (optionally) and
disconnect from network resources and maintain efficient dialogs between
applications.
Session communication falls under one of three categories:
Simplex data moves in one direction only.

Half-duplex data moves in both directions, but only in one direction at
one time.
Full-duplex data moves in both directions at the same time.
Simplex
Half-duplex
Full-duplex
Figure 11.9 Simplex and duplex connections
Page 430 of 1229
Note
Simplex is one-way only, half-duplex is two-way but only one-way at

a time, and full duplex is two-way at a time.
Layer 5 Transport
The transport layer deals with exactly how computers are going to send data.
Protocols at the transport layer do not actually send data. Two methods of
transport layer communication are connection-oriented and connectionless:
Connectionless communication is unreliable and done by the User

Datagram Protocol (UDP). UDP needs no connection to be set up before
data is sent. It provides best-effort data delivery and is used when data
must be sent quickly and efficiently, leaving the application layer protocols
to check that data was delivered. Many applications that can tolerate a few
missing data bits use UDP, such as audio and video streaming applications.
Connection-oriented communication is reliable and done by the
Transmission Control Protocol (TCP). TCP breaks user data into smaller
pieces called segments and makes sure segments reach their destination
error-free and in order. Parameters must be agreed upon by both the
sender and receiver before the connection (called a session) is created, kept
open, data is sent and the connection is then ended between computers.
TCP is used with web and email applications and data files.
To pass data over the network to the correct application at the destination, the
transport layer must identify the target application that can work with that
data. To do this, the transport layer assigns an identifier to a TCP and UDP
application. This identifier is called a port number or port address. It is a
software or logical port, not a hardware or physical port. For example, web
servers typically open port 80 for web browsers to use this port to get web
pages from it. When a computer sends a segment, it specifies the destination
port that matches the service it wants to connect to. It also includes a source
port that acts as a return address for that connection.
Note
Some protocols actually work at the application, presentation and

session layers. For example, the Server Message Block (SMB) protocol
thats used for sharing files in Windows networks works at all three
layers.
Layer 3 Network
The network layer packages segments into packets (sometimes called
datagrams) and moves those packets between different networks, LANs and
WANs. It has the following key responsibilities:
Logical addressing provides a unique IP address that identifies the host

and the address of the network the host is on. The IP address of the
sending host is known as the source IP address, and the IP address of
the receiving host is known as the destination IP address.
Page 431 of 1229
Routing the process by which a packet gets from one place to another.
It includes choosing the best path to a particular computer or network and
forwarding packets on that path to the destination (called path
determination).
Logical address: A logical address is one that can be managed, changed and
assigned by a user or system. For example, an IP address.
Internet Protocol (IP) is the protocol that gives devices an IP address, Internet
Connection Management Protocol (ICMP) is the protocol used for testing
network connections, and routing protocols are used by routers to learn about
networks and the best paths to them. All of these protocols work at the
network layer. Routers and advanced switches called multilayer switches work
at this layer.
Sending an IP packet
Figure 11.10 Network layer communication

Layer 2 Data link
The data link layer has two main tasks:
Allows the upper layers to access the media.

Controls how data is placed onto the media and received from the media.
Layer 2 takes the Layer 3 packet and packages it into a frame and prepares
the frame to be sent over the media (which happens at the physical layer) so
that it goes to the correct host inside the network.
Page 432 of 1229
The data link layer is different from the other layers because it has two sublayers:
Logical Link Control (LLC) places information into the frame that
identifies the Layer 3 protocol to use for the frame (i.e. IP). LLC is
implemented by network software. It also controls the flow of frames (flow
control) and error checking.
Media Access Control (MAC) it turns packets into frames, controls how
frames are placed on the media and is responsible for picking up errors that
happen at the physical layer (only error detection, not correction). It is also
responsible for the logical topology of the network, MAC addressing and
delivery of frames to the correct host inside the network. In Ethernet, the
address used at this layer is called the Media Access Control (MAC) address.
Two protocols that work at this layer are the address resolution protocol (ARP),
which learns a MAC address from an IP address, and Reverse ARP (RARP),
which learns an IP address from a MAC address. Devices that work at Layer 2
include basic switches, wireless access points and bridges.
Sending an Ethernet Frame
Figure 11.11 Layer 2 communication

To use a Layer 2 protocol/address, you need the following Layer 2 hardware
and software:
Network
Network
Network
Network
card
card driver
cables (or other media) and other connecting hardware
basic switches, hubs or wireless access points
Layer 1 Physical
The physical layer, also called the PHY, is where the actual data bits inside
frames travel over the media as signals. All signalling at Layer 1 is digital.
Page 433 of 1229
This can mean energising a copper wire with electricity, where electricity on
means a binary 1 and electricity off means a binary 0; or it can mean blinking
a light pulse down the cable where on equals 1 and off equals 0. Wireless
devices do much the same function but over the air.
Figure 11.12 Physical layer communication

Ethernet, wireless and digital subscriber line (DSL) protocols and services work
at this layer. Devices such as network interface cards (NICs), wireless radios,
hubs and repeaters also work at this layer.
A repeater is simply a box with two ports that amplifies (regenerates) or
strengthens any signals arriving through one port and sends them out through
the other port. You use it when you need to make the cable longer than what
is allowed by the physical layer standard to extend the cable length and to
avoid attenuation (weakening of signals). Hubs are technically known as
multiport repeaters because they regenerate every signal they get on any port
to all other ports.
The IEEE 802.3 Ethernet and 802.5 token ring standards are among various
standards that can be partially defined at the physical layer. Whereas Layer 2
sees the network from a logical topology perspective, Layer 1 sees it from a
physical topology perspective.
11.3.1.1 Moving data down and up the OSI layers
The OSI describes the framework for data flow. As we move down the layers
from the application to the physical on the sending computer, headers (and
sometimes trailers) are added to user data (known as the payload) by each
layer (except the physical layer). Adding headers and trailers is called
encapsulation. A header is extra bits of control information, such as source
and destination IP addresses and port numbers specific to each layer. As we
move up the layers from the physical to the application on the receiving
computer, the computer takes away the headers and trailers until the user
data is shown to the user by the application. Removing headers and trailers is
called decapsulation.
Payload, headers and trailers are generically called Protocol Data Units
(PDUs). Headers are added at the beginning of the PDU and trailers to the
end. A trailer is added for error checking purposes. The PDU of each layer is
known by a different term (data, segment, packet, frame and bits) as shown in
Figure 11.13.
Page 434 of 1229
Figure 11.13 PDUs at the sender and receiver

Each layer on the sending computer communicates to the same layer on the
receiving computer (for example, Layer 3 communicates to Layer 3, Layer 4 to
Layer 4 and so on). This is known as peer communication. Figure 11.14
illustrates how data moves through the layers of the OSI model from the
sending computer (on the left) to the receiving one (on the right).
Figure 11.14 Data moving through the layers of the OSI model
11.4 Introduction to Ethernet

Ethernet is a series of network standards and specifications for protocols,
speeds, cables and other items for cabled LAN networks. The IEEE
continuously oversees these standards and gives Ethernet the specification
802.3. Most Ethernet networks are usually built, owned and managed by a
single company and are most commonly set up in star or star-bus topology.
As an introduction to Ethernet cabling, a twisted-pair cable is commonly used
in networks. You will find Registered Jack (RJ-45) connectors at each end of
the twisted-pair cable. These connectors plug into RJ-45 ports.
Page 435 of 1229
11.5 Basic network hardware

All networks have basic hardware that you can use to connect computers,
printers and other hosts to the network and to other networks. This part of the
unit looks at network adapters, hubs, switches, routers and home routers. It is
important to remember the following points about these devices:
You use a hub or switch to connect devices, such as computers, to the

network.
Although you can use routers to connect hosts to the network, it is more
common to use routers to connect networks together.
11.5.1 Ethernet and wireless network adapters

A network adapter, also known as network interface card (NIC), network
interface controller, LAN adapter or simply network card prepares, sends
and receives frames as electrical, light or electromagnetic radio signals over
the network medium (cable or wireless) between hosts.
Figure 11.15 Ethernet network card

Note
There is some discussion as to whether an NIC is just a Layer 2

device or both a Layer 1 and Layer 2 device. This is because although
it provides addressing and media access (Layer 2 functions), it is also
responsible for placing signals on the network medium, which is a
Layer 1 function.
Every device on a network needs a network interface to send and get data.
Many types of network interfaces exist:
Most network adapters are built into the motherboard (on-board LAN);
otherwise, you can add an expansion card into an available expansion slot
on the motherboard.
Most laptop network interfaces are either built into the motherboard or fit
into an expansion bus or card slot.
USB network adapters plug into a USB port and can be used with both
computers and laptops.
Page 436 of 1229
Figure 11.16 USB Gigabit network adapter

Every wireless and cable network adapter has a unique address that identifies
it within the local network so that it can receive frames. This address is called
the Media Access Control (MAC) address. This address is also known as
hardware address, physical address, or Ethernet address.
It is a hardware address because the manufacturer burns or hard codes the
address into the adapters firmware. It is unique because two network adapters
made by any manufacturer in the world should not have the same MAC
address.
A MAC address is a 48-bit binary number for IP version 4 (IPv4) or a 64-bit
number for IP version 6 (IPv6) that identifies both the manufacturer and the
individual adapter. MAC addresses are sent over the medium in binary 1s and
0s and because it is difficult to keep track of all the many 1s and 0s, MAC
addresses are shown as hexadecimal characters (0 to 9 and A to F)
separated by a colon (:), hyphen (-), full stop (.) or with no separators.
Remember one hexadecimal character is four binary numbers. Some example
MAC address formats include:
00-50-56-C0-00-08
00:50:56:C0:00:08
0050.56C0.0008
To understand MAC addresses, you need to understand frames. Inside a frame
is the MAC address of the destination network adapter, the MAC address of the
network adapter that sent the frame, user data and some type of error check
to make sure the frame got to its destination in good order.
11.5.1.1 Choosing a network card
The following factors will help you choose a network card:
Network compatibility choose a network card that will work with the
cables and hosts on your network. For Ethernet, look for 802.3
compatibility, for wireless (Wi-Fi) look for 802.11 compatibility. Both
Ethernet and wireless can exist on the same network and often do.
Bus compatibility new network cards will most likely use the PCIe bus
while those for laptops will most likely use PC Card or Express Card
(CardBus).
Page 437 of 1229
Media type and connectors the card you use must have connectors
that match the type of cable you use. The most common Ethernet cable is
unshielded twisted pair (UTP), which uses an RJ-45 connector but you can
also get fibre-optic cables and connectors. Wireless cards usually have one
or more fixed or detachable radio antennae.
Figure 11.17 Wireless card with detachable radio antennas
Combo cards these cards have two or more network connectors. Some
cards have different ports while others have the same.
Speeds network cards support different speeds, the most common being
100 Mbps (known as Fast Ethernet) or 1000+ Mbps (known as Gigabit
Ethernet) over twisted pair cabling. Wireless cards support different
speeds depending on the wireless standard supported. Many cards are
listed as 10/100 or 10/100/1000 Mbps cards, which means they will detect
the network speed of 10 Mbps, 100 Mbps, or 1000 Mbps and automatically
use that speed. Most Ethernet and wireless cards can fall back to a slower
speed by using an autonegotiation process. All modern Fast and Gigabit
Ethernet cards can work in full-duplex mode. You can also get faster fibreoptic cards.
Figure 11.18 Ethernet NIC packaging indicating supported speeds
Additional features a network card might have features that are important
enough for you to go out and buy the card. Some examples include:
o PXE this might mean the difference between automatically installing
an OS on 100 computers instead of walking around and performing the
100 installations yourself.
Page 438 of 1229
o Wake-On-LAN (WOL) might be listed as WOL, Wake On Magic

Packet, Wake On Pattern Match, Shutdown Wake-On-LAN or something
similar. WOL enables a computer to turn on when it is sleeping or in a
lower power state or even when it is completely turned off.
o QoS (Quality of Service) this might be called QoS, Quality Of
Service, Flow Control or something similar. Some networks use QoS to
control traffic by assigning different priorities to different types of traffic.
For example, you might want to limit the amount of streaming video that
is allowed on a network and use QoS to give streaming video traffic a
very low priority. QoS is or can be enabled on the NIC and configured on
multiple devices throughout the network.
o PoE (Power over Ethernet) some NICs on mobile devices can be
powered from an Ethernet cable.
o Speed and duplex an NIC is normally set to automatically configure
the speed and duplex mode based on the connection.
o Costs there are differences between cheaper and expensive network
cards. If you work with servers, it is worth looking into a fault-tolerant
network card solution that provides performance benefits, such as
adapter teaming or NIC teaming which uses multiple network cards
that work together and appear to the network as one card.
11.5.1.2 Installing a network card
NICs are made to work on specific media and network types. Follow the
manufacturers instructions for installation. Here are some of the main points
to consider before installing the NIC:
Driver almost every new network card comes with a driver disc, but the
latest drivers can be downloaded from the manufacturers website.
Physical slot availability check to make sure that the appropriate slot is
available before you begin.
Built-in network adapter if you have to install a network card, disable the
on-board network adapter. This can be done by going into CMOS Setup or
on some systems, a system configuration program.
As a computer technician, you will be building, maintaining and

troubleshooting a small office/home office (SOHO). A SOHO network is a home
office network or small office network with a few people. Many SOHO networks
function well as workgroups. One of the tasks that you will be doing when
building a SOHO network or other network is installing a network card.
To install an Ethernet or wireless network card into an
expansion slot, complete the following:
1. If the computer has an on-board adapter, disable it in CMOS Setup.

2. Turn off the computer, unplug it and remove the side panel cover. Take ESD
precautions. Inserting an expansion card into a slot while the computer is
on can damage the card.
3. Look for a free expansion slot that matches the cards design, for example,
PCIe.
Page 439 of 1229
Figure 11.19 PCIe network card

4. Remove the slot cover with a screw or latch.
5. Insert the card into the slot. For wireless cards, you might have to unscrew
and remove the antenna from the card before inserting them into the slot.
Line up the edge connector on the card with the slot and press the card
down until it is fully seated in the slot.
6. Fasten the card in the slot with a same screw that held the slot cover or
close the latch. Screw in the antenna from the outside.
7. Turn the computer back on.
8. If you are using a PnP card with Windows, the card will be detected,
installed and configured automatically by Windows. You might need a driver
disc or a driver download from the manufacturers website. See the
installation instructions that come with the network card for details. If, for
some reason, Windows does not automatically find a new network card after
you turn the computer back on, go to Start > Devices and Printers and
click on Add a device in Windows 7 to install it.
9. Once installed, the network card should be listed in Device Manager and in
the Network and Sharing Center applet in Control Panel. Open Control
Panel and click Network and Internet > Network and Sharing Center.
Click the Change adapter settings link on the left to open the Network
Connections folder. The network card will be given the name Local Area
Connection or if a second network card is installed Local Area Connection
2 and so on.
Figure 11.20 shows the Network Connections folder in Control Panel, with
various network connections listed. The Local Area Connection is for an
Ethernet network card, Mobile Broadband Connection is for a USB modem
that has been connected to a cellphone providers network for Internet
connectivity, a VirtualBox Host-only Network for a virtual machine that has
been installed on the computer, and a Wireless Network Connection
represents the wireless adapter built into the computer. A red X symbol
tells you there is no connection to a network, maybe because the cable is
not plugged in or some other connection problem has occurred. Device
Manager is shown on the right of Figure 11.20, with the various network
adapters listed.
Page 440 of 1229
Figure 11.20 Network adapters in Control Panel and Device Manager

10. Once you have installed the card correctly, you must test network
connectivity by plugging in cables, checking connectivity LEDs on the
network card, setting up address parameters, running network test
commands, sending files over the network and so on.
11. Put the side panel cover back on and secure it.
Although USB adapters are PnP devices, you might need to install the driver
provided with the adapter before you attach the adapter to the computer. After
the driver is installed, the device will be recognised as soon as you plug it into
a USB port. With a wireless USB adapter, you can improve the strength of the
signal by using an extension cable between the adapter and USB port. Like all
other USB devices, get the latest USB version to support the fastest signal
speeds.
Each network adapter has a driver that allows it to work with a particular OS,
which usually has a Properties page that you can use to configure the adapter.
You might need to configure the adapter with various address parameters, or
for some adapters, the type of media it uses, the speed of the connection
(half-duplex/full-duplex for Fast and Gigabit Ethernet) and with wireless
adapters, the security parameters that are used on the wireless network.
NICs have some type of light-emitting diode (LED) light that gives information
about the state of the connection to whatever is on the other end of that
connection. Although there is no real standard for NIC LEDs, you should know
more or less de facto LED meanings. You should know that a solid green
light means connectivity to another device, a flashing green light means
data is being sent and received (network activity), no green light means no
connectivity, and a flashing amber (yellowish brown) light means there are
collisions on the network (which is sometimes OK). This is one of the first
items to check when you are having connectivity issues.
Page 441 of 1229
11.5.2 Hubs
A hub connects several devices together. For example, you can connect a
number of computers and a printer to a hub and all of these devices will be
able to communicate with each other. Most hubs have a number of RJ-45 ports
and you can run twisted pair cables from each of the network devices to the
hub. Figure 11.21 shows several network devices set up in a star topology
through a hub. You can also join multiple hubs together to create bigger
networks.
Figure 11.21 Hub

As a Layer 1 device, a hub cannot learn about the network whatsoever. When
it gets data from one port, it always forwards that data out of all its other
ports. Only the computer the data is meant for will process the data; the other
computers simply drop it. Also, all devices connected to the hub share the
available bandwidth. As more data travels in and out of the hub, more
collisions occur, meaning computers will have to recover from them more
often, resulting in their using up more bandwidth. On top of this, devices
connected to hubs can only work in half-duplex mode.
Note
All of these drawbacks mean that many companies have replaced

hubs with switches to provide much better performance.
11.5.3 Switches
You do not usually connect computers directly to each other, especially on a
network that has many computers. Instead, you connect each computer by
cable (usually twisted pair) to a switch. You, in turn, connect the switch to the
rest of the network. Many LANs have a number of switches connected to each
other, a process called daisy chaining, while SOHO networks typically use
one switch. Each Ethernet switch has a certain number of RJ-45 ports into
which you can plug networking cables. An eight-port switch, for example,
allows you to connect up to eight computers to it; one computer to each port.
Page 442 of 1229
Figure 11.22 8-port Gigabit Ethernet switch

A switch learns the MAC addresses of the computers connected to its ports and
keeps track of each MAC address and associated port in a table in memory
called the MAC address table. The switch uses its table to forward frames out
of the correct port to specific computers.
Figure 11.23 Switch forward frames to specific computers

Connecting each computer directly to a switch port increases the bandwidth of
the network and creates a point-to-point connection.
You need three components to use a full-duplex connection: a switch, the
appropriate cable and an NIC (driver) that supports full-duplex. Although
modern NICs are full-duplex ready, many NICs are not configured to work in
full-duplex mode but can be configured when needed. Most NICs and some
switches have an auto-sensing function that discovers whether the
connection is full-duplex and can change to that mode automatically.
Setting up a switch is easy. Just plug in its power adapter, plug in the cables
from computers or network devices to switch ports and then turn the switch
on. Each switch port has an LED light that lights up when there is connectivity
between the switch and the device at the other end. Some switches can be
managed while others cannot:
Unmanaged switch has no configuration interface or options. It is

simply plug-and-play. Commonly used in SOHO and medium-sized
networks.
Managed switch allows the administrator to monitor and control how the
switch works from a remote computer, either through a command-line
interface (CLI), console or web interface. Ports can be enabled and disabled
as well.
Page 443 of 1229
An Ethernet or basic switch works at Layer 2. Some enterprise switches work

at Layers 2 and 3. These are called multilayer switches and they perform
both Layer 2 and 3 functions: performing switching, routing and other complex
functions.
Note
The terms bridge and switch are often used interchangeably when
talking about how they work. Both switches and bridges break up one
large overloaded network into smaller sections to achieve better
performance, and both look at MAC addresses to build a table and
make forwarding decisions so that frames are sent to specific devices.
A switch is simply a faster bridge with more ports and features. There
are other differences between them: a bridge performs its bridging
function using software; a switch uses a hardware processor chip
called Application Specific Integrated Circuit (ASIC) to switch
frames more quickly; a switch supports different port speeds, a bridge
does not; a switch supports full-duplex, a bridge only half-duplex.
Both basic switches and bridges work at Layer 2.
11.5.3.1 Power over Ethernet (PoE)

Power over Ethernet or Power over LAN allows a PoE switch or router to send
both data and electrical power to network devices over Ethernet cables (Cat
5+). The device that provides power is known as Power Source Equipment
(PSE). Although PoE only gives 13w (802.3af) or 25W (802.3called PoE+) of
usable power, which is not enough for the computer to run, it can power
devices such as remote switches, Voice over IP (VoIP) equipment, wireless
access points, video cameras, thin clients and tablet computers. PoE cannot
give power over fibre-optic cables, which do not carry electrical signals.
Advantages of PoE are:
You do not need to have an AC wall outlet at every network location.

It allows you to configure network management software to control and
power up and power down devices and make unused devices go to sleep.
There is no need for a UPS where PoE is used.
A PoE, or more commonly an 802.3af-compliant switch, finds out if the device

can use PoE. If it can, the switch finds out how much power it needs and sets
the power accordingly; otherwise, if it cannot, the switch does not send it
power to avoid damaging it. The power supplies in the switch must be large
enough to support both the switch itself, and the devices it is powering.
11.5.4 Routers
A router connects networks together to create an internetwork. As a Layer 3
device, the router works by understanding packets and protocols to find out
what network packets are coming from and what network must they go to. You
can have multiple routers on a network and all of them will monitor the
network and choose the best path to forward packets to their destination. If
part of the network is very busy, a router can automatically forward packets
along a less busy path.
Page 444 of 1229
A router can connect networks that use the same and different networking
technologies, such as in LANs, WANs and on the Internet. You can join your
Ethernet LAN to the Internet to give LAN users Internet access using a router,
and you can use it to break up a large Ethernet LAN into smaller sections
called subnets (which are identified by a unique network address).
Departments and groups that share computers and servers are good
candidates for dividing a large network into smaller subnets. Once divided,
computers and servers for each department can be placed into their own
subnet to communicate with each other.
Take a look at Figure 11.24 which shows two separate networks on either side
of the router connected by the router. As you can see, the router gives all
users in both networks access to the Internet.
Figure 11.24 Using a router to connect networks together

An IP address is divided into two parts: network and host. The network part of
the address tells routers where to find the general neighbourhood of a
network. Routers, functioning as a default gateway, forward packets between
networks by only looking at the network part (network address). When the
packet arrives at the last router, the host part of the IP address identifies the
destination host from all other hosts.
Figure 11.25 shows you the front and back of a particular security router. This
router has LEDs on the front for power, Ethernet and Internet connectivity,
intrusion detection and firmware updating. On the back it has a few Ethernet
ports, one Internet (WAN) port, a power jack and a reset button to either
reboot the router or reset its configuration parameters back to the defaults
parameters.
Figure 11.25 Front and back of a router

Page 445 of 1229
There are different types of routers that are used for different reasons, and
each type has different security and connectivity features. A router will have
an OS, memory for storing routing instructions and routing information, a
processor for processing instructions, LAN, WAN and management ports called
interfaces, and a web-based program or command line interface that can be
used to set it up.
11.5.5 Link, Activity and Speed Lights

Like network cards, hubs, bridges, switches and routers have LED lights to
show connectivity and other information about the connection. One LED might
be named Link giving you the status of the connection. Another LED might
be named ACT (for activity) that turns on when the device detects network
traffic, so it flickers when working properly. It is common to have a
combination Link/Act LED instead of two separate LEDs. These lights can have
slightly different meanings for different vendors or models, but some common
meanings are:
Solid green indicates there is a connection on the port.

Flashing green indicates there is a connection and the device is sending
and receiving data over that connection.
Not lit (off) either nothing is connected or the device cannot sense the
connection. If you have a cable connected, this often means there is
something wrong with the cable, the device on the other end of the cable is
not connected or something is wrong with the other device.
Figure 11.26 shows the LED lights for switch ports on the left and NIC LEDs on
the right.
Figure 11.26 Network device LEDs

Note
Switches and routers usually allow you to disable a port. When

disabled, the LED for the port will not be on even if you have a good
connection. You need to enable the port.
Network devices are rated for specific speeds. Many can work at multiple
speeds. Devices that can communicate at different speeds usually can
autosense or auto-negotiate speeds.
Page 446 of 1229
A switch might be using 100 Mbps for an older, slower computer connected to
one port and 1000 Mbps for a newer computer connected to another port.
Autosense is built into most network devices and it is best to leave it enabled.
Note
Some devices cannot autosense and might switch to the slower

speed. If the speeds are slower than they should be, you might need
to set up the devices to use a faster speed.
Devices also often have lights for the speed of the connection. Again, the
meaning of the light might be different for different vendors, but some
common meanings are:
Solid green the connection is using the fastest speed, such as 1000
Mbps.
Amber or brownish yellow the connection is using the slowest speed,
such as 100 Mbps.
Not lit no connection.
Note
Network devices often show an amber LED for the connection when
running in half-duplex and a green light when running in full-duplex.
This is different for different devices, so it is best to refer to the
devices documentation to find out what the different lights mean.
Switches and routers are similar to computers. Occasionally something goes

wrong and they do not work as they should. Rebooting the computer is often a
good step, as it solves some problems. If a switch or a router stops forwarding
data, you can occasionally turn it off and turn it back on again to get it to
work. This is known as power cycling the device.
11.5.6 Home router

You will likely install a home router on a SOHO network. A home router might
be called a wireless router, SOHO router or broadband router. These routers
are multifunctional devices because they generally have all the network
components needed for a SOHO network. They might come with some or all of
the following features:
Router it is mainly used to connect the WAN port to the ISPs network
and to forward data between the LAN and the Internet. This allows the
home router to work as a default gateway for all devices on the LAN,
giving them access to the Internet.
WAN connection or modem a port for a connection to a cable or digital
subscriber line (DSL) modem.
Switch has a group of ports that allow you to connect multiple
computers or other devices directly to the LAN.
Wireless Access Point (WAP) allows computers with wireless network
adapters to access and use the network. Most home routers are also
wireless routers. The wireless client sends data to the router, which then
forwards the data to the Internet through the WAN port.
Page 447 of 1229
DHCP server provides computers with IP addresses and other

addressing parameters who ask for it. This enables computers and other
devices to access and use the network.
Firewall protects one network from another by blocking and allowing
certain types of traffic. This can be used to stop bad people on the Internet
from connecting to the devices on your LAN.
Web site filters controls what Web information users on the LAN can
look at. By configuring a home router, you can limit which websites users
on your network can access. You can also set schedules that control when
users can use the Internet.
Internet sharing the home router can also share the Internet
connection that is plugged into the WAN port with all the users on the LAN.
This is provided through Network Address Translation (NAT).
Some home routers offer other functions not listed above. Once you have
chosen your home router, you must decide whether to go with wired or
wireless. If you go for wired, you need to choose the appropriate type of
cabling. If you go with wireless, make sure you get a wireless router. After the
networking nuts and bolts are in place, consider security.
To use the home router, simply connect the WAN port to your Internet
connection and then connect your devices to any of the LAN ports on the
router; otherwise, connect the devices to a switch which in turn is connected to
a LAN port. These devices should get an IP address from the DHCP server built
into the router and as long as they are set up properly with the correct
addressing information, they should be able to access the Internet.
Figure 11.27 shows you how to set up a particular wireless router for a wired
connection (top) and its user interface (bottom). This home router supports
over 1 Gbps wireless speeds; it has Gigabit LAN and WAN ports for network
and Internet connectivity and USB ports for printers and external storage. It
also supports cloud-based storage along with many other features.
Page 448 of 1229
Figure 11.27 Wireless router setup and interface
11.6 Common network cables and connectors

Cable provides the physical connection between networked devices. Twisted
pair and coaxial cables use copper wires to send electricity over the wires.
Fibre-optic uses glass or plastic to send light over the cable. In this section,
you will learn about these different types of cables, their connectors and
cabling tools used on modern networks.
11.6.1 Ethernet twisted pair

Twisted pair is the most common type of cable used in networks. It is so called
because the copper wires inside of the cable are twisted together into pairs
throughout the entire run of the cable. It has four twisted pairs of copper
wires. Each pair has a specific number of twists per metre, with different pairs
having a different number of twists.
Page 449 of 1229
Even though the pairs are right next to each other in the same cable, these
twists stop signals from jumping over from one wire to another wire,
interfering with each other completely or reducing the interference.
11.6.1.1 Twisted pair connectors
A registered jack (RJ-45) connector is used on both ends of the Ethernet
twisted pair cable. For example, one end can plug into the RJ-45 port of the
computers network card and the other end can plug into a switch. RJ-45
connectors are technically called 8P8C (eight pins eight contacts), but
technicians call them RJ-45 connectors. RJ-45 is the most common connector
used for network data cabling.
The RJ-45 connector is similar to the RJ-11 connector used for telephones.
However, RJ-11 connectors are smaller than RJ-45 connectors and RJ-11
cables have only two pairs of wires (4 wires in total), while Ethernet twisted
pair cables using RJ-45 connectors have four pairs of wires (8 wires in total).
Figure 11.28 shows the RJ-45 port and RJ-11 port on a laptop. Figure 11.28
also shows two LEDs on the RJ-45 port. The LED on the top left is the Link light
used to show connectivity and the LED on the top right is the Activity light, and
it flashes when it detects activity on the port.
RJ-45 port
RJ-11 port
Figure 11.28 RJ-45 and RJ-11 port

Figure 11.29 shows an example of a twisted pair cable commonly used in
Ethernet networks. One end of the cable is cut so that you can see the four
pairs of twisted wires. The other end shows the RJ-45 connector common in
Ethernet networks. For comparison, an RJ-11 phone connector is shown next
to the RJ-45 connector on the far right.
Figure 11.29 Twisted pair cable with an RJ-45 and RJ-11 connector
Page 450 of 1229
Several newer twisted pair connectors are available, including GG45 and
TERA:
GG45 (where GG stands for GigaGate and 45 as a reminder of the backward
compatibility with RJ-45) is a new connector for very high-speed twisted pair
cabling. It is a 2 in 1 connector that has a full RJ-45 interface but with four
additional conductors (12 conductors in total) for high-speed networks. This
means you can plug in Cat5e or higher RJ-45 connector into a GG45 port but it
will only run at the cable speeds supported for that twisted pair category.
Figure 11.30 shows a comparison between GG45 port, connector and RJ-45
connector.
Figure 11.30 GG45 port (left) and connector (middle) and RJ-45
connector (right)
TERA is a connector that supports high frequencies to carry more data over
very high-speed networks. This non-RJ45 style connector is not backwardcompatible with RJ-45 connectors. See Figure 11.31.
Figure 11.31 TERA connector and port

Note
A twisted pair cable should not be longer than 100 metres. Therefore,
the distance between a computer and switch or a switch and router
should not be more than 100 metres. If the distance between them is
longer than 100 metres, you need to use a repeater to amplify the
signal so that it can go another 100 metres.
11.6.1.2 UTP vs. STP

Most Ethernet cable is unshielded twisted-pair (UTP), shown on the left in
Figure 11.32. Now and for the foreseeable future, twisted pair is the network
cable of choice and is used on most Ethernet cabled LANs in office
environments. UTP is thin, easy to work with and well suited to the needs of
the modern network.
Page 451 of 1229
However, in some situations, RFI and EMI interference or crosstalk (signals on

different wires interfering with each other) can cause problems with unshielded
cable. You can use shielded twisted-pair (STP) to prevent these problems.
Figure 11.32 shows you a comparison between UTP and STP.
S/STP Cable
UTP Cable
Outer Jacket
Outer Jacket
4 twisted pairs with
colour insulation
sheaths (2 wires twisted
around each other)
Braid shield
Foil shield
Copper wire conductor
Drain wire for

grounding
Twisted pairs with colour insulation
Figure 11.32 UTP and STP

There are different types of shielding for twisted pair. All types of twisted pair
have an insulated jacket over them to protect them.
STP cables also have extra shielding to protect against interference and
crosstalk. Some STP cables have shielding inside the jacket around all of the
pairs. This type of shielding is called screening and protects against
interference from outside sources. Some cable types have both shielding and
screening, giving the best protection. Because the shielding is made of some
kind of metal, it may also serve as a ground. However, usually a shielded or
screened twisted pair cable has a special grounding wire added called a drain
wire.
Fully shielded STP cable is thicker, heavier, more expensive and more difficult
to install than screened STP. Screened twisted pair (ScTP) cable, which only
has a thin outer foil or braided shield, is lighter and more flexible than fully
shielded cabling.
Tip
Although not immune to interference, STP does protect against EMI,

RFI and problems related to crosstalk. STP costs more than UTP, so
UTP is more commonly used. However, in places that have problems
with EMI and RFI, such as in factories, or if data must be protected
from crosstalk, it is worth paying extra for STP.
11.6.1.3 Comparing categories

Twisted pair is identified using different categories. The Telecommunication
Industry Association/Electronics Industries Alliance (TIA/EIA) creates the
categories.
Page 452 of 1229
Each category has different specifications, with higher numbers meaning newer
cables and faster speeds. Each category is usually shortened to CAT with a
number, as shown in Table 11.1. The table lists the top speed of each category
and frequency with comments.
Table 11.1 Categories of twisted pair cable
Category Top speed
CAT 5
100 Mbps
CAT 5e
1000 Mbps
Frequency
100 MHz
100 MHz
CAT 6
10 Gbps
250 MHz
CAT 6a
10 Gbps
500 MHz
CAT 7
10 Gbps
600 MHz
CAT 7a
40 Gbps
1000 MHz
CAT 8
1200 MHz
Comments
Recommended top speed of 100 Mbps.
Extended version of CAT 5. Used on
networks that run at 10/100 Mbps and
even
theoretically
1000
Mbps,
depending on how it is used. Available
for UTP and STP.
Used with 10/100/1000 Mbps speed
networks, along with 10 Gbps over
shorter
distances.
A
longitudinal
separator separates each of the four
pairs of wires from each other, reducing
interference, and resulting in faster
speeds. Available for UTP, STP and
SFTP.
Used with Gigabit and 10 Gigabit
networks. Backward-compatible with
CAT 5 and CAT 5e. Available for UTP,
STP and SFTP.
Used with Gigabit and 10 Gigabit
networks. Backward-compatible with
CAT 5, CAT 5e and CAT 6 and CAT 6a
Ethernet cable using GG45 connector.
Also available with the TERA connector.
Available in STP.
A fully shielded and screened cable
running at 40 Gbps (possibly higher
speeds). Uses GG45 or TERA connector.
Category in development; this will most
likely support 100+ Gbps over short
distances.
Today, the most often used twisted pair types are Category 5e or higher. The
number of twists is one factor in determining the bandwidth of the cable. When
we talk about bandwidth and Mbps rating, we refer to a rate of data transfer.
For example, Category 5e cable has a 1000 Mbps data transfer rate. When we
refer to MHz and bandwidth, we talk about the width range of frequency of the
media.
Page 453 of 1229
Tip
You should know the category of cable needed for different speeds.
For example, if you are installing a Gigabit network, you must use at
least CAT 5e or higher cables. It is recommended that to run high
bandwidth applications such as streaming video, consider installing
CAT 6 or higher. The category number should be clearly printed on
the cable.
11.6.1.4 T568A vs. T568B

A twisted pair cable has four pairs of wires and each pair is twisted around
each other. The order of the wires in the pinouts is defined by two TIA/EIA
standards: T568A and T568B. Table 11.2 shows the pinout (wire positions
and colours) for each standard.
Table 11.2 T568A and T568B colour codes
T568A Colour
White, green stripe
Green
White, orange stripe
Blue
White, blue stripe
Orange
White, brown stripe
Brown
RJ-45 Pin
1
2
3
4
5
6
7
8
T568B Colour
White, orange stripe
Orange
White, green stripe
Blue
White, blue stripe
Green
White, brown stripe
Brown
Figure 11.33 shows how the wires for both standards must be set out and the
pin positions. Brown is Pin 8 for both standards.
Figure 11.33 T568A and T568B colour wires and pin position
For more information on cabling standards, you can visit the TIA website at:
www.tiaonline.org
Page 454 of 1229
11.6.1.5 Straight-through vs. crossover cable

Two types of twisted pair cables can be used to connect devices: crossover
cables and straight-through cables. A straight-through cable uses either
T568A on both ends of the cable or T568B on both ends of the cable. An
Ethernet straight-through cable is used to connect a:
Computer to a switch
Computer to a hub
Router to a switch
Router to a hub
Wireless Access Points Ethernet port to a switch
If you wire one connector on one side of the cable using T568A and the other
connector on the other side using T568B, you have created a crossover
cable. An Ethernet crossover cable is used to connect a:
Computer to a computer
Switch to a switch
Router to a router
Computer to a routers Ethernet port
Hub to a switch
Note
CAT 6 or higher devices sense when a crossover cable is needed and

automatically adjusts the connection internally. Because of this, you
do not need CAT 6 crossover cables.
Figure 11.34 shows an example.
Figure 11.34 Connecting straight-through and crossover cables

between devices
Note
It is common to mark a cable with an X to indicate it is a crossover

cable. There are more wires and more colours, but the solid orange,
blue and green wires stand out.
Page 455 of 1229
Many devices can automatically detect when the connection needs to be

crossed over and rewires the port, which means you can connect a router to a
switch using the regular straight-through cable instead of a crossover cable.
These devices have a Button called MDI/MDIX, short for medium dependent
interface (MDI)/medium dependent interface crossover (MDIX). Newer devices
such as routers have the auto-MDIX capability. They do not have the
MDI/MDIX button but can automatically sense the correct connection and
choose the correct mode. Although auto-sensing ports mean that you do not
need to consider whether you are using a crossover or straight-through cable,
it is best to remember and practise safe networking rules when it comes to
cabling and connectivity.
11.6.2 Fibre-optic cable

If you need to send data very quickly over a long distance, you use a fibreoptic cable. Optical fibres are long, thin strands of glass or plastic about the
thickness of a human hair that carry light signals from one end to the other.
They are arranged in bundles called optical cables. If you look closely at an
optical fibre, you will see that it has the following parts:
Core thin glass or plastic centre of the fibre where the light travels.
Cladding outer glass or plastic material surrounding the core that
reflects the light back into the core. The light pulses bounce back and forth
off the reflective cladding walls as they move forward through the cable.
This process is called total internal reflection.
Buffer coating plastic coating that protects the fibres from damage and
other outside factors.
Strength members or fibres surround the buffer

core against crushing forces and from too much
cable. The outer protective layer of the cable is
11.35. The ends of the cable are terminated using
coating to help protect the

tension when installing the
called a jacket. See Figure
connectors.
Figure 11.35 Looking inside a fibre-optic cable
Page 456 of 1229
Fibre comes in two types:
Multi-mode fibre (MMF) allows multiple light signals to travel in the

same cable. Devices that use MMF use LEDs to create the light that travels
through the cable. However, high bandwidth devices are now using lasers
called Vertical-Cavity Surface-Emitting Lasers (VCSELs) with MMF cable.
MMF is often used as cabling inside a building, connecting the different
parts of the building.
Single-mode fibre (SMF) allows only one light signal to travel in the
cable, meaning the light travels straight down the fibre and does not
bounce off the walls. Data can travel further on an SMF cable than it can
on an MMF cable and SMF supports higher bandwidths too. SMF uses a
laser to create light. SMF is commonly used outside the building over long
distances.
Table 11.3 lists some MMF and SMF characteristics.

Table 11.3 MMF and SMF fibre characteristics
Characteristic
Size
Maximum distance
Top speed
Core
Wavelength light
MMF
Bigger core
Up to 2 km
Up to 10 Gbps
Plastic core
Shorter
SMF
Smaller core
Up to 40+ km
Up to 10 Gbps
Glass core
Longer
There are number of different fibre-optical connectors. The type of connector

you choose to use is a matter of compatibility with your existing equipment
and personal preference. Most connectors are spring loaded so that the faces
of the cores are pressed together under pressure. Some common connectors
include:
ST short for straight tip; the connector is round and

uses a push-and-twist locking mechanism.
SC short for square or subscriber connector, it is

shaped like a square and uses a push-and-twist locking
mechanism.
LC short for lucent or local connector, it is half the

size of the SC connector.
Fibre is more expensive and more difficult to work with than twisted pair
cables. The connectors can get damaged quite easily, so do not repeatedly
plug and unplug them. It is unlikely that you will find fibre cables used in
SOHO networks, but many bigger companies are using them more and more.
Fibre has three important benefits over twisted pair cable:
Page 457 of 1229
Signals can travel much further (in kilometre ranges).

It can carry more data, sending and receiving at faster speeds (multiple
gigabits per second).
Because signals travel as light pulses, EMI and RFI interference does not
affect the signal. Additionally, the light pulses cannot cross over to other
cables, so there are no crosstalk problems.
Caution Never look directly into a fibre-optic port as it could negatively
affect your eyesight.
11.6.3 Coaxial cable

Coaxial cable or simply coax is made of a copper core conductor at the centre
of the cable that carries the electrical signal. This conductor is surrounded by a
layer of insulation (made of plastic and called dielectric). Surrounding the
insulation is braided metal shielding, typically copper mesh, which provides
grounding and makes the cable quite resistant to EMI. The entire cable has an
outer plastic insulation jacket or sheath. See Figure 11.36.
Insulation (dielectric)
Conducting core
Outer jacket
Copper wire mesh
Figure 11.36 Coaxial cable

Caution Coaxial cable shown with a /U suffix tells us that the cable has a
solid core. The A/U suffix tells us that the cable has a stranded
core.
Many older networks used coaxial cable, but it has been replaced by twisted
pair and fibre cable, so you will hardly find coaxial cable used in networks.
However, it is commonly used for TV and cable TV (CATV) connections and in
some cases, for network TV devices.
Coaxial cables are rated using a radio grade (RG) name. There are many RG
ratings, but the ones you need to know about are listed in Table 11.4:
Page 458 of 1229
Table 11.4 Coaxial RG standards

RG standard
RG-6
RG-59
Characteristics
TRG-6 cable has a larger centre conductor than RG-59
does and it has extra shielding.
RG-6 is the standard for cable TV (CATV) or satellite TV
systems because it is more efficient when sending any
digital signals, including High Definition (HD) signals.
It is used for receiving television signals, distributing video
applications and for camera system (CCTV) connections.
RG-6 uses the F-type screw on connector.
Networks using coaxial cable today will use RG-6.
RG-59 was originally used with cable TV connections and
is good for sending analogue signals.
It was used in some early networks but can send only a
limited amount of data.
It can be used to send data between video systems, such
as between a DVD player and a TV.
RG-59 uses a BNC connector, which uses a push-and-turn
connection. Video applications and cable TV are provided
by this standard.
Coaxial cables use British Naval Connectors (BNC) and terminators to

attach to systems on networks. See Figure 11.37.
F-type connectors would be used to attach the coaxial cable to devices,
such as cable modems, that provide broadband services. See Figure 11.37.
Hybrid Fibre Coaxial (HFC) uses both coaxial and fibre-optic cable. HFC is
used by many TV and telephone companies that provide high bandwidths to
home users and companies. HFC involves replacing parts of the network
that have existing coaxial cable already installed with fibre-optic cable,
while still using coaxial cable to provide services to end users.
Figure 11.37 Coaxial cable BNC (left) and F-type (right) connector
Note
BNC is an acronym for Bayonet Neill-Concelmen, British Naval

Connector or Barrel Nut Connector.
Page 459 of 1229
Coaxial cable is more difficult to install than twisted pair. Coaxial cable with
multiple shielding provides better protection against eavesdropping and
interference.
11.6.4 Networking with Firewire and USB

FireWire and USB can be used for networking, typically for very small
networks.
11.6.5 Network signal types

Two types of signalling are used to send data over network media:
Baseband can carry only one signal over a network medium at one time.
The signal, usually sent as an electrical pulse or light, takes up all the
bandwidth of the media. Ethernet networks use baseband signalling.
Broadband can carry multiple analogue signals on one network medium
(light or electromagnetic waves). For signals to be both sent and received,
a technique called multiplexing is used to divide the bandwidth (media)
into separate channels, each of which can carry a different signal.
Alternatively, two cables can be used: one to send and one to receive
signals.
11.7 Ethernet specifications and speeds

The 802.3 working group updates Ethernet standards by publishing
amendments changes with additional specifications and descriptions of new
technologies. They publish the amendments with a letter and a date. The IEEE
802 standards are available for downloading from the institutes website at:
http://standards.ieee.org.
Figure 11.38 IEEE logo, with Ethernet UTP cable and a common
Ethernet network symbol
Ethernet has become faster and has used different types of cabling over the
years. As a result, there are a number of Ethernet versions, often called
Ethernet types or flavours. Even though there are different speeds and
types of cables, all flavours of Ethernet use the same Ethernet frame. This
means all Ethernet flavours are compatible with each other, and you can mix
and match them on the same Ethernet network by using devices such as
switches to link network segments that use different types of cable. Ethernet
uses a specific naming format for the different flavours. By learning this
format, you will usually be able to identify the speed and what type of cable it
is using.
Page 460 of 1229
If you know the cable, you will have an idea of the connector it needs.
The basic format is:
nBASE-x
n the speed
BASE means the cables can carry only one data signal per wire at one time
(baseband).
x the type of cable
Table 11.5 shows some Ethernet specification examples.
Table 11.5 Ethernet specification examples
Specification
10BASE2
100BASE-T
Speed
10 Mbps
100 Mbps
1000BASE-LX
10GBase-T
1000 Mbps
10 Gbps
Note
Cable and connector

Coaxial cable using a BNC connector
Twisted pair (notice the T) using an RJ45 connector
Fibre cable using an ST or SC connector
Twisted pair using an RJ-45 connector
There are many more identifier letters. The speed is easy because it is
just the first number. The cable is more difficult but the identifier
gives you a clue. If it is 2, 5 or C, it is coaxial. If it starts with a T, it is
twisted pair. The rest are fibre.
You can see that if the first number is 10, the speed is 10 Mbps. If it is 100,
the speed is 100 Mbps, and 1000 means 1000 Mbps (or 1 Gbps). The last item
in the table uses 10G to mean 10 Gbps.
11.7.1 Ethernet speeds

Ethernet speeds are measured in millions of bits per second (Mbps) or billions
of bits per second (Gbps). Ethernet currently comes in the following different
speed versions or variants thereof:
10 Mbps known as Standard Ethernet

100 Mbps known as Fast Ethernet
1000 Mbps known as Gigabit Ethernet
10 000 Mbps known as 10G Ethernet
Traditional standard Ethernet networks ran at 10 Mbps. This speed has been
increased to 100 Mbps, 1Gbps, 10 Gbps and faster speeds over the years. Most
network devices can work at speeds faster than 10 Mbps, with 1+ Gbps
common in many networks. Keep in mind that these speeds are the top speeds
that can be achieved over the network under ideal conditions. In reality, the
actual speeds are rarely reached.
Page 461 of 1229
Note
It is the networking equipment, manufactured to meet certain IEEE

standards, that defines network speeds, not the network cabling. All
the network cabling needs to do is support that speed as a minimum.
11.7.2 Media safety and environmental issues

When working with cables and connectivity, you need to be aware of some
basic safety and environmental issues.
11.7.2.1 Cable management and trip dangers
Cable management means to keep cables neat. This often makes it easier to
troubleshoot connectivity issues, and it can also reduce safety dangers caused
by cables. Cables should not be run across a floor where someone can trip over
them and cause the cable to fail. If you must run a cable across a floor, you
should cover it with heavy tape. This is not ideal, but will significantly reduce
the trip hazard.
11.7.2.2 PVC vs. plenum-safe cable jackets
The jacket (the cables protective covering) is typically made of polyvinyl
chloride (PVC), a type of flexible plastic. PVC is fine for most installations,
but when PVC burns, it gives off toxic fumes that can cause problems if the
cable is run through areas such as a plenum. Plenum is the open space
between the buildings walls, floors and ceilings where air is forced through for
heating and cooling.
If a fire spreads or ignites in the plenum space and PVC cable is installed in
that space, the air system will spread the toxic fumes from the burning PVC to
all the spaces getting heated or cooled air. To avoid this, all cable running
through the plenum must be rated as plenum-safe or plenum grade. Although
it is more expensive than non-plenum cable, plenum-safe cable is fire-resistant
and does not give off toxic fumes if it burns, and building codes in many
countries require it when you install data network cables in air spaces.
11.7.2.3 Signal interference and crosstalk
Many cables and connections are affected by interference or noise that can
disrupt or damage the signals. Lets take a look at interference, eavesdropping,
attenuation and crosstalk:
Electromagnetic interference (EMI)
EMI comes from magnetic fields created by magnets (in CRT monitors and
UPSs), motors, fluorescent lights and power cables, that can interfere with
data signals. You will not be able to see the EMI field, but if you could, it would
look similar to Figure 11.39.
Page 462 of 1229
Figure 11.39 EMI field around signal cable

On the bottom in Figure 11.39, you can see a signal cable next to a power
cable. If you run a signal cable alongside a power cable, the EMI field can
easily overwhelm the signal cable and disrupt the signal. Therefore, do not run
power cables right next to signal cables.
Radio frequency interference (RFI)
RFI comes from radio frequency (RF) signal transmissions. Some common
examples are cordless phones and microwave ovens. They send frequencies in
GHz wireless ranges and can interfere with RF transmissions used on wireless
networks.
Note
EMI and RFI are sometimes combined into the same type of
interference, listed as EMI/RFI. There are technical differences, but
technicians commonly protect against both EMI and RFI with shielded
cables or cable that is not affected by EMI/RFI, such as fibre-optic
cables.
Attenuation
Attenuation refers to the weakening of the signal as it travels down the cable.
The signal weakens to such an extent that it cannot be understood by the
receiving device. All types of cables have a maximum cable length that
indicates how long the cable can be without suffering from attenuation.
Consider the attenuation when choosing a cable type. You can use a repeater,
hub or switch to extend a twisted pair cable run, otherwise use fibre-optic
cables.
Eavesdropping
Eavesdropping happens when someone physically taps into the cable and
connects a device to the cable run. Physically securing your cables and using
encryption are some of the ways of protecting against eavesdropping.
Crosstalk
Crosstalk occurs when wires, carrying voltage, create an electromagnetic field
that causes interference on other wires in the cable. That is, data from one
cable crosses over to another cable. This can weaken the signals on each cable
or result in unauthorised users having access to data.
Page 463 of 1229
For example, Figure 11.40 shows how data can cross over from one cable to
another. In this case, one cable is carrying secret data and the other is
carrying unclassified non-secret data. If these two cables are right next to
each other, secret data can cross over to the unclassified data cable.
Figure 11.40 Crosstalk between devices

Because fibre uses light instead of electrical pulses, EMI, crosstalk and
attenuation are not issues with fibre cabling. Also, fibre-optic is the most
secure of all cable media. Anyone trying to access data signals on a fibre-optic
cable must physically tap into the cable. Given how the fibre-optic cables are
made, this is particularly difficult to do.
11.8 Structured cabling

If you want a working real world network, you need a good understanding of a
set of standards that together are called structured cabling. These
standards, defined by the TIA/EIA, give professional cable installers detailed
standards on every aspect of a cabled network, from the type of cabling to
use, to standards on running cables in walls, and even the position of wall
jacks.
11.8.1 Stranded vs. solid cables

The actual copper wire that makes up the UTP cable comes in two varieties:
Solid cable uses one thick inflexible wire for each conductor and is used
for the horizontal twisted pair cable that runs within the walls and ceilings
of the building.
Stranded cable each conductor is made up of a group of thin wires
twisted together. Stranded cable is flexible, so it does not break easily.
Stranded cable is best used for patch cables that run between computers
and the wall jack, and between computers and switches in work areas.
Technically, the cable that connects a computer to the wall jack is a
station cable not a patch cable but the word patch cable is an
appropriate reference for stranded cable and therefore is referred to as a
patch cable. A patch cable is not supposed to be longer than 5 m.
Page 464 of 1229
Figure 11.41 Solid vs. stranded copper cables
11.8.2 Making your own UTP patch cable

Even though you can make your own patch cables, most people buy pre-made
ones, as shown in Figure 11.42.
Figure 11.42 Patch cable

Although most people prefer to buy pre-made patch cables, making your own
is fairly easy. To make your own, use stranded UTP cable that matches the
CAT level. Making your own UTP cables requires a few tools that are not found
in a typical toolbox. You need the following tools and supplies to build your
own twisted pair cables:
UTP cable (Category 5e or better)

8P8C (RJ-45) connectors
Cable cutter/snips use to make a clean cut on the end of the network
cable. Do not use normal scissors; cut pliers or other cable cutting tools will
be necessary.
Wire strippers use it to cleanly strip off the outer jacket. Wire strippers
come in different shapes and sizes.
8P8C (RJ-45) Crimper use it to attach connectors to the ends of cables.
You can get a combo wire stripper/crimper.
Page 465 of 1229
Wire Stripper
Cable
Cutter
Cable
Tester
2x RJ-45 Plugs
RJ-11 & RJ-45

Crimper/Stripper
Figure 11.43 UTP cable tools

The steps for creating a twisted pair cable are beyond the scope of this
module, but Figure 11.44 gives you an idea on how to do it. You can create
your own crossover or straight-through cables according to the T568A and
T568B standards.
Figure 11.44 Making a UTP cable using a wire stripper (far left) and
crimper (far right)
11.8.3 Testing cables and cable runs

After making cables, the cables should be tested to ensure they work properly.
Figure 11.45 shows a handy cable tester that can be used to verify all the
individual wires are properly connected and in the correct place.
Figure 11.45 Typical cable tester
Page 466 of 1229
Testing cable runs can be done both after installing cables and when
troubleshooting cables.
Note
Plugging the two ends of a cable run into a computer and a switch, or
between two computers by using patch cables, is sometimes used as
a temporary way of testing the cable, but it is not the best or
recommended way to test. There are many types of cabling errors
that can cause problems that you will not find out about immediately.
When it comes to testing patch cables in work areas, the easiest and most
efficient test you can do is to use a cable that you know works (a known good
one) in place of the suspected faulty cable. If the problem is not with the
patch cable and you know for sure the problem is not with network hardware
(NIC, switch, etc.) and software (drivers, configuration errors, etc.), then you
need to look at testing the cabling running in the walls and ceilings (called
horizontal cabling). The following sections look at some tools that will help you
troubleshoot cables.
11.8.3.1 Identifying cables
You can use a tone generator and probe to trace and identify the one cable
you need in a bundle of cables. Figure 11.46 shows a tone generator and
probe, which is also called a toner probe, toner generator and locator or
fox and hound tester. You connect the tone generator to one end of a cable
to send a signal over it and touch the probe at the other end of the cable to
detect the signal. The probe makes a sound when it detects the signal.
Figure 11.46 Toner generator (left) and probe (right)
11.8.3.2 Testing for continuity

The most important test that installers must perform on every cable run is a
continuity test to make sure that each wire on both ends of the cable is
connected to the correct pin. It is possible to test cable continuity by using a
standard electrical multimeter. By touching the meters probes to opposite
ends of the cable and setting the readout to ohms on the device, you should
see a result close to 0 ohms if you have a good proper connection, and
infinite ohms if you do not.
Page 467 of 1229
Note
Network multimeters can do much more than test electrical

current, that is, there are network multimeters that can send test
packets and test the response times of key networking equipment,
find cable faults, and find cables using digital tones.
You can also get a wiremap tester that works like a multimeter but connects
to all eight wires at once on both ends and tests them at the same time. The
wiremap tester can check if an RJ-45 plug has been wired correctly. Wiremap
testers, like most cable testers, have a main handheld unit that you connect to
one end of the cable and a loopback device that you connect to the other end.
11.8.3.3 Testing cable length
You can find cable testers that can work out how long the cable run is, find a
break in any one of its wires, and identify where the break is in terms of the
distance from the cable end. The technique that gives this capability is called
time domain reflectometry (TDR). The tester sends a signal over the cable
and measures how long it takes to come back from the other end. Using this
information, the TDR device can work out how long the cable run is.
11.8.3.4 Testing performance
Cable certifiers, scanners or media testers are more advanced handheld
testing and certifying devices. You connect the cable certifier to one cable end
and a remote unit to the other end. Then you can choose various performance
tests that the certifier must run through. A certifier can, for example, see if the
cable is compliant with a TIA/EIA cable standard and can be used to test
continuity and termination, and determine cable lengths and distances, all
within seconds.
11.8.3.5 Testing fibre-optic cables
Fibre-optic cables have different types of interference and different
performance level requirements. Cable lengths and cable breaks are something
to consider when installing fibre-optic cables. There are cable certifiers you can
get to test fibre-optic cables. You can use a TDR device called optical time
domain reflectometer (OTDR) to work out the length of the fibre-optic cable
and if the cable has any breaks, just like with the TDR copper testing device.
See Figure 11.47.
Figure 11.47 Using an OTDR to test fibre cables

Page 468 of 1229
11.8.3.6 Testing ports

A loopback plug is a device you plug in to a port that sends all incoming
signals it receives back to the same port (or where the signals came from) as
shown in Figure 11.48. The plug causes the link light on a device, such as the
NIC, to come on. The NIC or device believes it is both sending and receiving
data. Use it to test the port to see if data is being sent and received properly.
The loopback cable uses UTP cable and RJ-45 connectors.
Figure 11.48 Loopback plug
11.8.4 Work areas

The work areas are places such as offices where devices such as switches and
computers are used by users. From a cabling point of view, a work area is a
wall jack where you connect user computers or network devices and
telephones. A wall outlet has one or two female jacks to accept a cable, a
mounting bracket and a faceplate. You use patch cables to connect individual
devices to these wall jacks. See Figure 11.49.
Figure 11.49 Wall outlet

Note
A straight-through patch cable is used in the work area to connect

end devices, such as computers, to the network while a crossover
cable is typically used to connect switches that are placed in the work
area to wall jacks.
Page 469 of 1229
11.9 TCP/IP essentials

Transmission Control Protocol/Internet Protocol (TCP/IP) is a suite of
protocols used by devices on networks of different sizes and shapes, including
SOHO networks and the Internet. TCP/IP is a number of protocols that work
together from the network layer up to the application layer of the OSI model.
TCP/IP got its name from the two most commonly used protocols in the suite:
TCP and IP.
Figure 11.50 lists various TCP/IP protocols (on the right) and network
technologies and where they all fit into the seven layers of the OSI model (on
the left).
Application
Presentation
Session
Transport
DHCP, DNS, FTP, SFTP, TFTP, HTTP, HTTPS, SMTP,

IMAP POP, SNMP, Telnet, SSH, SSL, TLS, NTP, LDAP,
SIP, RTP...
TCP and UDP
Network
IPv4 and IPv6, ICMP, ICMPv6, IGMP and various

routing protocols
Data Link
Ethernet, xDSL, wireless, ARP, RARP, PPP, PPTP and

L2TP
Physical
Ethernet, xDSL and wireless
Figure 11.50 TCP/IP suite compared to OSI model

There is a great deal of depth to what the protocols in the suite control. For
example, when you transfer files, TCP/IP makes sure files reach their
destination. It does this by breaking the files up into smaller pieces called
packets (which have a better chance of reaching their destination
successfully), sends the smaller packets and puts them back together again on
the receiving end. If any single packet does not make the trip successfully,
TCP/IP senses the failure and asks for the missing packet.
As you know, routers choose paths that packets take between the sender and
receiver. To stop packets that cannot find a path to the destination from going
around the network forever, TCP/IP at the sending device gives each packet a
lifetime known as Time To Live (TTL). The TTL is the number of hops
(routers) a packet can go through before it is destroyed by the network device.
This is typically 128 by default in Windows and anywhere between 64 and 255
in Linux. The TTL enables a router to keep lost packets off the network and the
Internet.
Tip
Most, if not all, operating systems use TCP/IP by default and if they
do not, they will provide a way for you to use it.
Page 470 of 1229
The next few sections examine the protocols that make up the TCP/IP protocol
suite.
11.9.1 Connectivity protocols and ports

Transmission Control Protocol (TCP) and User Datagram Protocol
(UDP) are two essential protocols used within TCP/IP. TCP/IP needs to know if
packets are moved from one system to another reliably and completely with
TCP, or unreliably but quickly with UDP. Table 11.6 compares important points
about the two connectivity protocols.
Table 11.6 Comparing TCP to UDP
TCP
Connection-oriented
Guarantees packet delivery
Reliable, but slower than UDP
Resends dropped packets
Checks packets
Note
UDP
Connectionless
No guarantee; best effort packet delivery
Unreliable, but faster than TCP
Does not resend dropped packets
Checks packets
It is application developers that choose to use either TCP or UDP for

their applications. Also, UDP and TCP are used on cable and wireless
networks. The terms connection-oriented and connectionless refer
to creating a logical connection, not a physical network connection.
11.9.1.1 Understanding ports

Every computer on a network using TCP/IP has at least one IP address. This
does not mean that if your computer has only one IP address it can work with
traffic for only one application at a time. You can, for example, use your web
browser to navigate the Internet and your email application to send and
receive email at the same time. To be able to run many applications at the
same time on a computer with only one IP address, TCP/IP uses port numbers
to identify specific protocols and services. When TCP/IP packets get to a
computer, it uses the port number to determine what service or application the
data inside the packets must go to. For example, web browsers and web
servers use Hypertext Transfer Protocol (HTTP) to transfer web traffic. Instead
of using the words Hypertext Transfer Protocol in the packet, TCP/IP uses port
number 80 to identify HTTP.
11.9.1.2 Port ranges
The Internet Assigned Numbers Authority (IANA), a part of the Internet
Corporation for Assigned Names and Numbers (ICANN), chooses port numbers
for specific protocols. Table 11.7 shows the three ranges of software ports for
both TCP and UDP.
Page 471 of 1229
Table 11.7 Port ranges

Name
Well-known
Port range
0 to 1023
Registered
1024 to 49 151
Dynamic
(ephemeral)
49 152 to 65 535
Comments
Reserved by the IANA and used for
commonly used protocols or services,
such as HTTP (web applications) and
SMTP (mail applications). By defining
well-known
ports
for
server
applications, client applications can be
programmed to request a connection
to that specific port so that it can use
the service that comes with that port.
Assigned
to
user
processes
or
applications that you have chosen to
install
rather
than
common
applications that would receive a wellknown port. An example would be the
alternate HTTP port 8080. Many
registered ports are assigned by IANA.
Assigned
dynamically
to
client
applications
when
requesting
a
connection. It is not common for a
client to connect to a service using
dynamic or private ports.
As a computer technician, you do not need to know all 65 535 ports, but you
do need to know the port numbers for many common networking protocols and
services. You also need a basic understanding of the protocols used on
networks and the Internet. The next sections provide an overview of the
commonly used protocols and their ports.
11.9.1.3 Firewalls and ports
A firewall controls the traffic coming in and going out of the network. A
common way it does this is by allowing or blocking traffic based on ports. For
example, if users on an internal network need to visit websites on the Internet
using the HTTP protocol, which uses port 80 by default, the firewall must allow
HTTP traffic to go out the network through that port. If you decide to stop
users from visiting any HTTP websites, you can block all outgoing traffic using
port 80.
Note
Most firewalls block all traffic unless you create an exception rule to
allow traffic. For example, if you want to allow HTTP traffic, the
firewall must have an exception rule to allow traffic on port 80. An
exception rule is also known as opening the port.
Page 472 of 1229
11.9.2 IP protocol
Internet Protocol (IP) gives packets the address that identifies hosts and
the network they are on to allow the packets to reach their destination. IP is
media independent, which means IP packets can be sent over wireless,
Ethernet cable, fibre-optic cable and other OSI Layer 1 media.
Computers, servers, laptops, router interfaces, printers and other IP hosts are
identified in a TCP/IP network with an IP address. As a computer technician,
you will come across two versions of IP addresses (IPv4 and IPv6), and will
most likely need to troubleshoot IP addressing problems, so lets explore both
IP versions.
11.9.3 IPv4 addressing

Internet Protocol version 4 (IPv4) addresses have been around for a very
long time. You will see IPv4 replacement (IPv6 addresses) used more and
more over time, but you can count on seeing IPv4 addresses for some time to
come. With that in mind, you will need to know some basics about IPv4
addresses.
11.9.3.1 Dotted decimal format
IPv4 addresses are 32-bit binary numbers. Each IPv4 packet uses a 32-bit
source address and a 32-bit destination address. Since it is not easy to read,
use and remember a string of 32 1s and 0s, IPv4 addresses are shown in
dotted decimal format. Each IPv4 address has four decimal numbers
separated by three dots (periods), like this:
192.168.1.5
Each number represents 8 bits (also called a byte or octet), giving a total of
four octets separated by dots like this:
First Octet
192
Second Octet
168
Third Octet
1
Fourth Octet
5
Four octets (4 x 8 bits) add up to 32 bits. For example, the IP address of

192.168.1.5 looks like this:
First Octet
11000000
Second Octet
.10101000
Third Octet
.00000001
Fourth Octet
.00000101
Most people would rather work with decimal numbers, but it is worth knowing
that the IP address is made up of 32 bits with four octets of eight bits.
Page 473 of 1229
If all bits are a 1 in any octet (11111111), the value is 255. This is important
to remember because an IPv4 address cannot have any decimals greater than
255. For example, the following IP address is not valid:
192.168.256.2
This is because the third decimal is 256. The decimal number of 256 can be
displayed in binary as 100000000, but an octet in an IPv4 address has only
eight bits.
11.9.3.2 Two part of an IP address
Although you cannot see it at first, each IPv4 address has two parts: the
Network ID and the Host ID.
Network ID: Determines the network the host is on and all hosts on the
same network or subnet must have the same Network ID to communicate
with each other.
Host ID: Identifies the host and it must be unique for each host on the
network or subnet, that is, no two hosts on the same network must have
the same Host ID.
The Network ID begins at the far left side of the IP address and continues until
it meets the Host ID. The Host ID then continues to the far right side of the IP
address.
11.9.3.3 The subnet mask and Network ID
IP addresses are matched with a subnet mask to identify the Network ID and
the Host ID of the address, so that you can determine which network the host
is on. Subnet masks are shown in decimal like IP addresses. Take a look at the
following IP address and subnet mask example:
IP address
158.80.164.3
Subnet Mask
255.255.0.0
The above IP address has a subnet mask of 255.255.0.0. When the subnet
mask is 255, that part of the IP address is the Network ID. When the subnet
mask is 0, that part of the IP address is the Host ID.
The three most common subnet masks are:
255.0.0.0
255.255.0.0
255.255.255.0
Note
As you continue in your career, you will learn that the subnet mask
can have numbers other than 255 or 0. However, for this module, you
will see subnet masks with the numbers 255 or 0. This makes it much
easier to identify which part of the IPv4 address is the Network ID
and which part is the Host ID.
Page 474 of 1229
Take a look at another example in the table below, which shows an IP address
of 192.168.2.11, a subnet mask of 255.255.255.0 and the Network ID.
Network Info
192.168.2.11
255.255.255.0
Network ID
First
octet
192
255
192
Second
octet
168
255
168
Third
octet
2
255
1
Fourth
octet
11
0
0
In the first octet, the subnet mask is 255, so 192 is part of the Network ID.
The subnet mask is 255 in the second and third octets also, so 168 and 2 are
also part of the Network ID. However, the subnet mask is 0 in the last octet,
so that part of the network ID is 0. Put together, you can see that the network
ID is 192.168.2.0.
Host ID
Once you have found the Network ID, then whatever is left over, is the Host
ID. For the IPv4 address 192.168.2.11 and subnet mask 255.255.255.0, the
Network ID is 192.168.2.0, and the Host ID is 11. The most important part to
remember is that even though the Network ID is the same, each computer has
its own unique Host ID, meaning that no two computers and hosts can have
the same IP address on the same network.
When two hosts have the same IP address on the same network, an IP
address conflict occurs. Usually, one host will know that a conflict has
occurred and assign itself an IP address of 0.0.0.0 and will not be able to
communicate on the network. In some cases, both hosts will not be able to
communicate on the network. Figure 11.51 shows the IP conflict error message
on a Windows computer.
Figure 11.51 IP address conflict

Take a look at the network example in Figure 11.52. It shows a router
separating two networks. The one network is named Network 1 and the other
Network 2. All computers on Network 1 must have the same Network ID.
However, one of them has the wrong Network ID. Can you find which one?
Page 475 of 1229
Figure 11.52 Two networks with wrong Network IDs on two

computers in each network
All computers on Network 2 must have the same Network ID as well. However,
one of the computers has been configured with the wrong Network ID on this
network too. Can you find the incorrect one?
All the computers on Network 1, except for one, have a Network ID of

192.168.1.0. However, the one with the IP address of 192.168.11.8 on the
bottom left has the Network ID of 192.168.11.0. This computer will not be able
to communicate with any other computer on the network.
The Network ID for three of the computers on Network 2 is 192.168.7.0.
However, the computer on the bottom right has a Network ID 192.168.9.0.
This computer will not be able to talk to any other computer on the network.
Note
The ability to find the incorrect IP address on a network is a very

valuable troubleshooting skill to have.
11.9.3.4 Classful IPv4 addresses

When IPv4 address space was first designed, the IP addresses were organised
into what are called classes. The address space is just the range of addresses,
and the class determines the point at which the Network ID of the IP address
ends and the Host ID begins. This class system is called classful addressing
and was created to support networks of different sizes.
The three classful IPv4 addresses that are important to understand are listed in
Table 11.8. The first number of a Class A address starts in the range of 1 to
126. An IP address of 10.2.3.5 has 10 as the first number. The number 10 is
within the range of 1 to 126, so this is a Class A IPv4 address and it has a
default subnet mask of 255.0.0.0. Furthermore, the network ID is 10.0.0.0.
Page 476 of 1229
Table 11.8 IPv4 address classes
Class
A
B
C
First octet range

1 to 126
128 to 191
192 to 223
Example
10.2.3.5
172.16.2.18
192.168.4.16
Default subnet mask

255.0.0.0
255.255.0.0
255.255.255.0
When looking at an IPv4 address, you should be able to identify what class it is
in. For example, what class is 172.16.32.45 in? What is its default subnet
mask? 172.16.32.45 is a Class B address because the first number is 172 (in
the range of 128 to 191), and the subnet mask is 255.255.0.0. What class is
192.168.9.3 in and what is its default subnet mask? 192.168.9.3 is a Class C
address because the first number is 192 (in the range of 192 to 223) and the
subnet mask is 255.255.255.0.
Note
There are also D and E classes. Class D addresses are used for
multicast traffic and Class E addresses are used for research and
testing purposes.
11.9.3.5 CIDR notation

Classless Inter-Domain Routing (CIDR) notation is simply a way of
showing the subnet mask using the /n formula after the IP address. /n is the
number of bits turned on (or 1 bits) in the subnet mask. For example, consider
a subnet mask of 255.255.255.0. The first octet is 255, which is eight ones
(11111111). Similarly, the second octet is another eight ones and the third
octet is another eight ones. Therefore, the first 24 bits of the subnet mask are
all ones. In this case, you can use /24 as the subnet mask instead of the
255.255.255.0.
Table 11.9 shows a few examples of CIDR notation.
Table 11.9 CIDR notation examples
IP address
10.1.2.3
172.16.1.2
192.168.1.5
Subnet mask
255.0.0.0
255.255.0.0
255.255.255.0
CIDR notation
10.1.2.3 / 8
172.16.1.2 /16
192.168.1.5 /24
There is no difference in the actual IP address or subnet mask when CIDR is

used; it is just shown differently. For example, the following two combinations
mean the same IP address and subnet mask:
192.168.1.5, 255.255.255.0
192.168.1.5 /24
Page 477 of 1229
Note
CIDR can also be thought of as representing the number of bits in the

IP address that provides the network portion. It is written in slash
format. That is, a forward slash (/) followed by the number of
network bits.
11.9.3.6 Subnets
A subnet is seen as a network within a Class A, B or C network where hosts
share the same Network ID, and each subnet is separated by one or more
routers.
11.9.3.7 Subnet and broadcast addresses
On each IPv4 network, two host addresses are reserved for special use. These
two addresses are not actually assigned to a host.
The subnet (or network) address identifies the network itself. The
subnet address for each subnet will be the first number of the subnet. For
example, 192.168.1.0/24 is a subnet address.
The broadcast address identifies all hosts on a particular network. Every
host on the network will receive and process a packet sent to the networks
broadcast address. For example, 192.168.1.255 /24 is a broadcast address.
Broadcasts are not the only type of IPv4 packet. IPv4 can use three primary
types of packets when sending traffic:
Unicasts one-to-one traffic. Packets are sent from one host to one other
host. This is the normal way hosts on a client/server and peer-to-peer
network communicate.
Multicasts one-to-a-group traffic. Packets are sent from one host to a
group of hosts with the same multicast address. Multicasting saves
bandwidth. Multicast packets are used for video and audio broadcasts, for
distributing software and for news feeds.
Broadcasts one-to-all traffic. Packets are sent from one host to all other
hosts on the local network, and the purpose is usually to share information
about itself and to ask for information about other hosts on the local
network. The broadcast address allows all the receiving hosts to accept the
packet and process it as it would a packet to its unicast address. Broadcast
packets are used for mapping IP addresses to MAC addresses and for
requesting MAC addresses of hosts, among other uses.
11.9.3.8 Default gateway

A gateway is a path out of the network and the default gateway shows us the
default path out of the network. For example, if your computer is trying to
connect to the Internet, it goes through the default gateway. The default
gateway is the IP address of the LAN side of your router, in other words, the
port connected to your LAN. Your computer uses this address to send packets
to anything outside your Network ID.
Page 478 of 1229
Figure 11.53 shows two default gateways for two different networks. Hosts in
Network 1 go through the default gateway using 192.168.1.1. Hosts in
Network 2 go through the default gateway using 192.168.7.1. When one
computer sends packets to another, the router first checks the Network ID of
both computers. If the Network IDs are the same, it knows the computers are
on the same network. If they are different, it knows the packets need to go
through the default gateway. While some people call the default gateway the
router, this is not entirely accurate. You use the default gateway to get out of
the network through the routers port, but the default gateway is not the
router.
Figure 11.53 Default gateways for different networks

The default gateway addresses for the two networks in Figure 11.53 are
different. That is, there is only one default path out of each network and only
one default gateway. It is very common to assign the first IP address on a
network as the default gateway address.
You do not have to, but it is common. For example, Network 1 has a range of
IP addresses from 192.168.1.1 up to 192.168.1.254, so you will often see the
default gateway assigned the address of 192.168.1.1 and the addresses for
computers, servers, wireless access points and other routers from 192.168.1.2
onwards.
Note
The default gateway must have the same Network ID as the hosts in
the subnet or network. If it has a different Network ID, hosts will not
be able to communicate with it, and it will not be able to reach any
hosts outside of the network.
11.9.3.9 Public vs. private IPv4 addresses

Hosts on internal networks use private IP addresses and hosts on the Internet
use public IP addresses. A public address can be routed on the Internet.
Therefore, hosts that must be directly connected to the Internet must be
configured with (or reachable by) public addresses. A user or company that
wants to connect to the Internet typically receives a registered public IP
address from an ISP which must be globally unique on the Internet.
Page 479 of 1229
A private address is intended for internal use within a home, office or any
other internal network and can be freely used by anyone on their private
network. In fact, these are the only addresses you will see used on any private
network. Routers will drop traffic with private addresses and never route them
on the Internet.
Private IP addresses fall into one of the following ranges:
10.0.0.0 to 10.255.255.255 (Class A)

172.16.0.0 to 172.31.255.255 (Class B)
192.168.0.0 to 192.168.255.255 (Class C)
Figure 11.54 shows how a Class A, B and C address can be configured in the
TCP/IP Properties dialog boxes for network adapters.
Figure 11.54 IPv4 properties for a Class A, B and C IP address

Because anyone in the world can use private IP addresses, this does not mean
that two hosts on your private network can share the same private IP address.
You must ensure that your hosts use private IP addresses that are unique
within your private network.
Tip
You should be able to identify a public or private address. If you see a

host in an internal network with a public IP address assigned when it
should rather be configured with a private one, you will know that it is
not configured correctly.
Because packets with private destination addresses are not routable across the
Internet, services to translate packets from hosts using private addresses are
needed. This is where NAT comes in.
11.9.3.10 NAT
Network Address Translation (NAT) is a generic term for several related
but different services. It is most commonly used to translate private (or
unregistered) IP addresses to public IP addresses and public IP addresses back
to private addresses.
Page 480 of 1229
Figure 11.55 shows an internal network that accesses the Internet through a
NAT router. The internal network has private IP addresses, and NAT translates
them to a public IP address when a user connects to the Google.com web
server and translates them back when it returns the requested web page from
the web server.
Figure 11.55 NAT translates private and public IP addresses

Note
The NAT device is usually a router, firewall or server that you place
between the Internet and your private network. In smaller networks,
the NAT router would have one public IP address, assigned by the
ISP. In many bigger networks, NAT devices use multiple public IP
addresses.
Since private IP addresses are translated and never seen on the Internet, you
can use any private address scheme internally as you wish. Therefore, NAT
helps hide your internal computers and your addressing scheme from attackers
on the Internet.
11.9.4 ARP and RARP

MAC addresses are only good for delivering frames within a subnet or local
network. They tell computers where the local host is, something IP cannot
know. IP addresses tell computers what the final destination of a packet is. The
Address Resolution Protocol (ARP) is the part of the TCP/IP suite that is
used to identify the MAC address from a known IP address. That is, IP uses
ARP to find the MAC address to which each of its packets will be sent. ARP
essentially does what is shown in the example network in Figure 11.56.
Page 481 of 1229
Figure 11.56 ARP Broadcast

Note
ARP maps an IP address into a MAC address. There is some difference

of opinion about what OSI layer ARP belongs to. Some say ARP is a
Layer 2 protocol because it provides a service to IP, whereas others
say it is a network layer protocol because its messages are carried
within Layer 2 frames.
The Reverse Address Resolution Protocol (RARP) does the opposite of

ARP by broadcasting a computers MAC address and receiving an IP address in
return from the other host.
Note
Broadcasts are useful, but they eat up bandwidth. The bigger the
network is, the more bandwidth broadcasts eat up.
11.9.5 IPv6 addresses

The Internet has officially run out of public IPv4 addresses. IANA handed out
the last batch of IPv4 address blocks to ISPs some time back. Without IP
version 6 (IPv6), the Internet would need to stop growing. Therefore, IPv6 is
slowly replacing IPv4 for both of these reasons. It uses 128 bits, so it can
support an enormous number of IP addresses. Although IPv6 performs the
same function as IPv4, that is, enabling computers on IP networks to send
packets to each other, IPv6 is completely different to IPv4 when it comes to
how the address looks and how it is used. IPv6 addresses use a notation called
colon-hexadecimal format, which has eight 16-bit hexadecimal numbers in
each group, separated by colons (:), like this:
XX:XX:XX:XX:XX:XX:XX:XX
Each X is 8 bits long, giving us 16 bits in each group separated by colons. 16
bits x 8 = 128 bits in total. 128-bit IPv6 addresses are written like this:
2001:0000:0000:3210:0800:200C:00CF:1234
Page 482 of 1229
Each group separated by a colon is a hexadecimal character. A hexadecimal

character uses the characters 09 and AF (or between 0000 and FFFF). One
hexadecimal character can be represented with four binary bits. For example,
8 is 1000 and F is 1111. The hexadecimal characters are not case-sensitive, so
you can use uppercase and lowercase letters in the address as you wish.
Note
The IPv6 developers did not provide a name for the group of four
hexadecimal characters, so many technicians and writers are
unofficially calling them fields or hextets, in contrast to octets
used in IPv4. We will stick with the term group to keep this section
consistent.
IPv6 offers a number of ways to shorten the address with rules.

Rule 1: Leaving out leading zeros
You can drop any leading zeros in each group of an IPv6 address. So 00CF
becomes CF and 0000 becomes 0. For example, consider the following
address:
1423:0021:0C13:CC1E:3142:0001:2222:3333
You can shorten that address to:
1423:21:C13:CC1E:3142:1:2222:3333
All zeros cannot be removed, though, because each group must have at least
one character. Here is another example:
Full IPv6: FC00:0000:0000:0076:0000:042A:B95F:77F5

Shortened IPv6: FC00:0:0:76:0:42A:B95F:77F5
Notice that the groups of 0s have been changed from 0000 to just 0. In
hexadecimal (just like in any other numbering system), 0 is 0. So, the leading
0s can be removed, and this can be done within an individual group of four 0s
as many times as necessary in one IPv6 address.
It is also important to point out that you cannot leave out zeros at the end
of the group. Only leading zeros can be shortened to a 0. In the first
group, FC00 cannot be shortened to just FC; it stays as FC00.
Rule 2: Zero compression
IPv6 addresses often have long strings of zeros. You can leave them in if you
want to, but you can also use one double colon (::) in the address to show one
continuous string of zeros. Anyone that reads the address with the double
colon knows to replace it with a string of zeros. For example, the following two
addresses are the same and are valid addresses:
Full IPv6:
Short IPv6:
FC00:0000:0000:0076:0000:042A:B95F:77F5
FC00::76:0:42A:B95F:77F5
Page 483 of 1229
The second IPv6 address shows only six groups of hexadecimal numbers.
Because you know that a full IPv6 has eight groups of numbers, you know that
the double colon is for two groups of zeros in this address.
An important rule is that you can use the double colon only once in the
address; only for one consecutive string of zeros separated by colons. For
example, the following is wrong:
Original IPv6: FC00:0000:0000:0076:0000:042A:B95F:77F5

Wrong IPv6: FC00::76::42A:B95F:77F5
You can see two strings of zeros in the original IPv6 address. Without seeing
the original IPv6 address, you will not know how many zeros to assign to each
double colon. In other words, if more than one :: is used, you cannot tell how
many groups of zeros are in each group. It could be either one of the following
addresses:
FC00:0000:0000:0076:0000:042A:B95F:77F5
FC00:0000:0076:0000:0000:042A:B95F:77F5
However, there are limits to how we can reduce the IPv6 zeros. Zeros within
the IPv6 address cannot be taken out when they are not first in the number
sequence. For example:
2001:4000:0000:0000:0000:0000:0000:0003 cannot be shortened to:

2001:4::3
This should be: 2001:4000::3
11.9.5.1 IPv6 prefixes
An IPv6 address is broken up into two parts:
Network or Prefix ID (first 64 bits)

Interface or Host ID (second 64 bits)
Prefix ID
Interface ID
64 bits
64 bits
The Network ID and Host ID are a fixed size, so there are no subnet masks in
IPv6. However, IPv6 still uses subnets. Network IDs use the same slash
notation as IPv4s CIDR to identify the Network ID. For example, you might
see an address like the following:
2001:0DB8:1234::5678:9ABC:DEF0/48
Page 484 of 1229
The /48 indicates that the first 48 bits are for the network address. Similarly,
the /64 in the following IPv6 address indicates that the first 64 bits are the
network address (or prefix ID):
2001:0DB8:1234::5678:9ABC:DEF0/64
Here is a second example:
21cd:53::/64
This is the shortened version of the following network address:
21cd:0053:0000:0000/64
11.9.5.2 IPv6 address types
Another difference between IPv4 and IPv6 is in the types of addresses they can
have. There are no classes in IPv6 and no broadcasts either, but what you will
find are the following three types of addresses in IPv6:
Unicast one-to-one address. Packets are sent to one interface, including

any network setup that shares a single address.
Multicast one-to-group address. Packets are sent from one interface to
all interfaces that are part of the multicast group and share the same
multicast address.
Anycast one-to-nearest-of-many address. An anycast address is
assigned to more than one interface. Typically, the address belongs to
different devices. A packet that is sent to an anycast address is routed to
the nearest interface (in terms of routing distance) that has the anycast
address.
Note
When you see an x in the next few sections, it means it can be any
hexadecimal number, but usually 0.
Unicast addresses
IPv6 supports several types of unicast addresses, including global, linklocal and unique local, which are terms that identify the area the address
covers. IPv6 unicast addresses generally assign the first 64 bits of the address
to the network and the last 64 bits to the host (or interface ID). OS
manufacturers have a choice as to how to make the Interface ID. The most
common way is with a random number, which Windows uses by default. When
your network card is activated, Windows simply creates a random number for
the last 64 bits of the IPv6 address. Once created, this unique 64-bit number
will never change.
The three types of unicast addresses are as follows:
Link-local IPv6 address is used on a single link. Both the network and host
part of the address are automatically created by the OS on every interface
when a host running IPv6 boots up and the address is unique only on the local
link on which it is created.
Page 485 of 1229
This address is never routed beyond the local link. The address always starts
with Fe80 or FE8x: in the first group and it has the prefix of /10. For
example:
FE80::1311:22FF:FE22:3333/10
On a one link IPv6 network with no router, hosts can use this address to talk to
each other. If your OS has IPv6 enabled, you can see its link-local address.
Figure 11.57 shows the link-local address starting with Fe80 for a typical
computer after running the ipconfig command at the Windows command
prompt. This command shows IP configuration information for the local
computer.
Figure 11.57 Link-local address using the ipconfig command

Note
Other terms for link are subnet and segment.
Global IPv6 address is the equivalent of an IPv4 public address, that is, it is
a publicly routable address that is unique on the Internet. An ISP assigns part
of the global address to companies and users. Global addresses start with
2xxx: or 3xxx in the first group. The interface ID of the address comes from a
random number generated by the OS or can be configured to use the hosts
MAC address.
A host must have a global address to connect to the Internet and it must be
unique on the Internet. The most common way to get this address is from the
default gateway router, which must be configured to hand out a global
address. When you connect your computer to a network, it sends a special
packet looking for a router running IPv6 in the network. The router gets this
packet and responds with a packet telling the computer its Network ID and
subnet (together called the prefix) and other information, such as the domain
name server (DNS) address (if configured).
Once the computer gets a prefix from a router, it creates the rest of the
address just like with the link-local address. The computer ends up with a 128bit public IPv6 address as well as a link-local address. Figure 11.58 shows
global IPv6 information starting with 2001 in Windows after running the
ipconfig command.
Page 486 of 1229
Figure 11.58 Global IPv6 address information

Unique local IPv6 address is equivalent to an IPv4 private address. It works
much like private IPv4 address ranges in that it allows you to create LANs and
route between them within a company. This address must be unique within the
company. The network portion of this address has been manually configured
by the administrator and the host portion comes from the hosts MAC address.
The network portion can either be set computer by computer or it can
automatically come from a DHCP server. It starts with FECx: (1111 1110 11)
in the first group of the address.
11.9.6 Static vs. dynamic IP addresses

Each host on a network must have an IP address assigned. There are two basic
ways in which a host can get an address: static (or manually) and dynamic
(automatically). Windows computers also provide an additional feature, called
automatic or self-addressing, but this generally falls under dynamic
addressing and will be covered under that heading.
11.9.6.1 Using DHCP for dynamic IP addresses
Dynamic Host Configuration Protocol (DHCP) is both an application and
protocol which together automatically assign IP addresses to hosts that ask for
addresses. Computers equipped with a DHCP client automatically contact a
DHCP system using broadcast messages when they boot up, and the system
assigns them unique addresses and other addressing parameters that the
TCP/IP client needs. DHCP clients use UDP port 67 to send data to the server
and the server responds through UDP port 68.
Note
A DHCP client is any host configured to get addresses from a DHCP

system. Computers and printers are examples of DHCP clients. The
DHCP system can be a server running the DHCP application or a
router.
Big companies use a DHCP server, but SOHO networks often have a wireless
router that comes with DHCP. DHCP commonly provides IP addresses, subnet
masks, and the default gateway addresses. In many cases, DHCP will provide
DNS server addresses as well.
Page 487 of 1229
Computers must be set to participate in the DHCP process to get an address.

This is done by choosing Obtain an IP address automatically in the TCP/IP
Properties of the network adapter on the computer, as shown on the right in
Figure 11.59. A Windows computer is set to do this by default.
Figure 11.59 A network adapter configured to get an address

automatically
DHCPv6
Just like DHCP for IPv4, DHCP for IPv6 (DHCPv6) assigns IP addresses,
prefixes and other configuration parameters to IPv6 hosts so they can
communicate on an IPv6 network. IPv6 hosts can get IP addresses
automatically using stateless address auto configuration by simply
plugging into the network or by using DHCPv6 (stateful auto
configuration). DHCP is preferred in cases where IP addresses must be
managed from a central place such as on the companys DHCPv6 server. The
basic DHCPv6 client-server process is similar to using DHCPv4 but with
multicast messages.
Tip
Stateless means hosts learn how to auto configure themselves with

addresses; you do not need to manually enter configuration
information. In a stateful configuration, hosts get addresses from a
DHCPv6 server or another host running DHCPv6 services. A computer
running Windows can perform both DHCPv6 stateful and stateless
configuration on an IPv6 network.
11.9.6.2 APIPA IPv4 addresses

An IPv4 client that cannot reach a DHCP server, maybe because there is no
DHCP server on the network or the server has failed, will often assign itself a
random Automatic Private IP Address (APIPA). An APIPA address always
starts with 169.254 and has a subnet mask of 255.255.0.0. The address can
be anything in the range 169.254.0.1 through to 169.254.255.254.
Page 488 of 1229
Since the Network ID is always 169.254.0.0, computers with APIPA addresses

can communicate with each other without a DHCP server on the same network
and without your assigning them a static IP address. However, APIPA does not
assign a default gateway so APIPA hosts cannot reach other networks or
communicate to hosts that are using a DHCP address. APIPA uses the same
Obtain an IP address automatically setting in Figure 11.59, but without a
DHCP server involved.
Tip
If you see an APIPA address, it is a clear there is a DHCP-related

problem. Steps to troubleshoot this would include finding out why the
client cannot reach DHCP and why DHCP is not responding.
11.9.6.3 Assigning static IP addresses

There will be times when you will want to assign an IP address yourself. To do
this, you must type in all of the address information needed by the host. You
can assign static IP addresses for hosts such as a servers, routers and network
printers. Although you will not need to assign static addresses to client
computers on a network that often or even at all, you can do so when needed.
The way of assigning an address depends on what host you are configuring the
IP address for. Network printers usually have a menu-driven interface on the
front panel that you can use. Operating systems allow you to configure the
properties of the network adapter. For example, in Windows, you can do this
by choosing Use the following IP address or Use the following IPv6
address in the TCP/IP Properties of the network adapter, as shown in Figure
11.60. The dialog box on the left in Figure 11.60 shows how an IPv4 Class C
address is assigned and its default subnet mask, as well as a default gateway
and DNS Server address (if both of these are needed). An IPv6 global address
and other information for a different adapter have also been configured on the
right in Figure 11.60 (although this is not necessary for link-local addresses).
Figure 11.60 IPv4 and IPV6 configuration
Page 489 of 1229
Note
It is common either to manually assign an IP address for a network

printer or use a DHCP reservation to ensure that it always gets the
same IP address. This applies to hosts, such as routers and servers,
which must always have the same IP address.
11.9.6.4 Assigning alternate IP addresses in Windows

Users that move around a lot sometimes need to have a dynamic and static IP
address, or two different static addresses. For example, a user might need one
IP address for when he or she is at work and another different one when he or
she is at another location, such as at home. This can be done by setting an
alternate IP address in the properties of the network adapter. You can set
alternative addresses for IP addresses, subnet masks, default gateways and
DNS servers.
11.9.7 Name resolution

It is easier for most people to remember names and words than numbers. But
as you know, hosts work better with numbers than they do with names.
Because of this, we often identify a computer by a name, while computers
identify each other and other hosts using binary numbers (or addresses). The
types of names used with TCP/IP are:
Host name this is used on the Internet and internal networks to identify
each host. Host names are also called computer names. Examples of host
names are: www, ftp, sibuleles computer and TestBox1.
Network Basic Input/Output System (NetBIOS) name the older
NetBIOS name is usually the same as the host name or computer name.
That is, the server with a host name of mail1 also has a NetBIOS name of
mail1. NetBIOS names are used only on internal networks and not on the
Internet.
Workgroup name identifies a workgroup. The name is only recognised
within the small workgroup network. A workgroup is a Windows network
that enables a handful of users working together to share resources, such
as drives, files and printers.
Domain name identifies a domain network, such as cti.ac.za. The letters
after the dot tells us something about the domain network. Examples are
.com (commercial) and .info (general use).
FQDN host names are often used with a domain name to give a fully
qualified domain name (FQDN). For example, a web server with the
host name of www hosting a website for CTI has a FQDN of www.cti.ac.za.
Similarly, a mail server named mail1 on an internal domain named cti.ac.za
has an FQDN of mail1.cti.ac.za.
11.9.7.1 Domain Name System (DNS)

Name mapping or name resolution is the process of mapping easy-toremember names to hard-to-remember IP addresses and IP addresses to
names.
Page 490 of 1229
When you type the Uniform Resource Locator (URL) www.technewsworld.com

in the address bar of your web browser, your web browser asks the name
resolution system: Whats the IP address for www.technewsworld.com?
However, at this stage your computer cannot reach www.technewsworld.com
until it knows its IP address. The name resolution system looks up the IP
address and gives the answer 2001:db8:42:a38:20c:29ff:fe98:2d8, and your
web browser then connects to 2001:db8:42:a38:20c:29ff:fe98:2d8 and shows
the web page for technewsworld.com. When you use a name instead of an IP
address in an application, the computer must convert that name into the
proper IP address before it can communicate to the target computer.
The domain name system (DNS), also known as domain name service, is
a computer that runs DNS server software, uses a database to store and
maintain naming information, and responds to name resolution requests from
other computers, all for the purpose of translating names to IP addresses and,
when needed, IP addresses to names. The DNS database is typically spread
out across many servers, each of which stores a part of the database. Nearly
every OS supports DNS. DNS uses UDP or TCP port 53.
DNS is arranged in a tree-like structure of domains known as the name
space. The name space is just the naming system that DNS uses. All the
names of the system fit into the name space and DNS arranges those names
into domains. Each branch of the tree identifies a domain such as
www.cti.ac.za or www.gizmodo.com. You can think of a domain as a folder
that has subfolders (subdomains) and files (hosts such as computers, routers
and printers) inside it. The name of the domain tells you where you can find
that domain in the tree.
At the top of the tree is the root, as shown in Figure 11.61. The root is shown
with a dot or full stop (.), but you will not find it used in DNS names. Root
name severs work at the root level and keep information about a series of
top level domains (TLD), which lie just beneath the root. The servers at the
top level know about the servers that are responsible for the next level down,
and those servers at a lower level know about servers at the next level down
and so on.
Figure 11.61 DNS tree structure
Page 491 of 1229
There are several types of top level domains, dedicated to specific purposes:
Generic
.com commercial organisations
.edu educational institutions
.gov government institutions
.net networking organisations
.org non-commercial organisations
Country codes
.za South Africa (.co.za)
.uk United Kingdom (.co.uk)
.us United States
.au Australia
.ng Nigeria
You will find other generic top level domains available, some sponsored and
some not, such as aero, biz, coop, info, museum, name, pro, cat, jobs, mobi,
tel and travel.
Note
ICANN (www.icann.org) manages generic top level domains while

country codes are generally managed by companies appointed by the
countrys government.
Beneath each top level domain are second level domains. People and
companies can buy these second level domains for their own use. For example,
the second level domain cti in cti.ac.za belongs to CTI who bought the domain
name from an Internet registrar (a company that sells domain names to
customers).
ISPs have DNS servers and many medium-to-big-sized companies have their
own internal DNS servers. For example, consider the network shown in Figure
11.62. If internal users need to access hosts on the internal network, they will
ask their internal DNS server. This server keeps a mapping of all names and IP
addresses of internal computers.
Figure 11.62 DNS Servers on the internal network and Internet

If you need to access a website such as www.google.com on the Internet, the
application on your computer still asks the internal DNS server, but the server
will ask the ISPs DNS server. The ISPs DNS server might know the answer
and return it to the internal DNS server, or it might need to ask other DNS
servers on the Internet until the DNS server for google.com responds. When it
gets the answer, it gives the answer back to the internal DNS server, which in
turn gives the resource to your computer.
Page 492 of 1229
Note
If you host an Internet domain on your own DNS server, that server
must be accessible from the Internet and have a registered IP
address. Many SOHO networks do not use an internal DNS server. A
common configuration is with a wireless router that uses the ISPs
DNS server. The router forwards all DNS requests to the ISPs DNS
server and returns the IP addresses to the user.
Hosts or other subdomains can be assigned within the second level domain.
Once you buy the rights to a second level domain, you can create as many
hosts as you want in that domain. For example, once you own the aplus.co.za
domain, you can create subdomains called sales.aplus.co.za and
maketing.aplus.co.za and then add hosts such as ftp.sales.aplus.co.za to that
domain. The server ftp.sales.aplus.co.za would be in the sales.aplus.co.za
subdomain.
Note
The lower domains are largely open to use in whatever way the owner
of the domain name sees fit. There is no limit on the number of levels
you can create within a second level domain; however, the top level
domains are not as flexible.
A DNS name for a host on the Internet has at least a host name, a second
level domain name and a top level domain name, written in that order and
separated by dots. The complete DNS name for a computer is called the fully
qualified domain name (FQDN). Consider the following translation:
www.wikipedia.org = 209.85.225.104
The above is a FQDN:
.org is a top level domain

.wikipedia is a second level domain
www is the host computer in the .wikipedia.org domain
Each name between the dots can be up to 63 characters long (including

letters, numbers and hyphens), with a total length of 255 characters for a
complete DNS name. Also, domain and host names are not case sensitive.
Note
A hostname is the name of a specific computer or server within a

domain or subdomain that identifies the host. A domain name
identifies a company or individual and must be unique and officially
registered with an ISP or another registrar.
11.9.7.2 Client-side DNS

The client-side of the DNS is called the resolver. It is the part of the OS and
its job is to create name resolution queries and send them to DNS servers,
read the responses from servers and give the response to the application that
originally requested a name. A resolver can resend a query if it does not get a
response after a certain time has passed, and it can also process error
messages such as when the DNS server failed to resolve a name.
Page 493 of 1229
Figure 11.63 Resolver and DNS Server

The resolver can also translate names without querying DNS. One way to do
this is by adding names and IP addresses to a file called hosts on the local
hard drive. On a Windows-based computer, this file is in the
C:\Windows\system32\drivers\etc folder by default. If this file includes
the name and IP address of a resource, the client will not query DNS but will
rather use the IP address in the file. If nothing else, the hosts file has the
following entry, which assigns the hostname localhost to the loopback address
(127.0.0.1) which points to the local host:
127.0.0.1 localhost
::1 localhost
Note
The client can resolve NetBIOS names with a similar file called
lmhosts. Additionally, when a name is resolved by any method, it is
placed in the host memory cache (sometimes called the DNS cache).
If the name is in the cache, the client uses it instead of querying DNS.
11.9.7.3 WINS
Some internal networks use Windows Internet Name System (WINS) to resolve
NetBIOS names to IP addresses. NetBIOS names and WINS servers are not
used on the Internet. You will see them only on internal networks and you will
hardly find them used anymore because of DNS.
Note
Even though the word Internet is part of the name Windows

Internet Name Service, WINS has nothing to do with the Internet or
resolving Internet names to IP addresses. It is used only to resolve
NetBIOS names.
11.9.8 Web protocols and technologies

The World Wide Web (WWW), commonly called the Web, is an informationsharing service available over the Internet. The underlying protocol used over
the Web is the Hypertext Transfer Protocol (HTTP). HTTP is a requestresponse protocol that defines how messages are formatted and exchanged,
and what actions HTTP servers and HTTP clients should take in response to
various commands. For example, when you enter a web address in your web
browser, it sends an HTTP command to the HTTP server asking it to fetch and
send the requested resource, such as a web page.
Page 494 of 1229
HTTP servers are web servers and HTTP clients are typically web browsers. A
web server is a computer or another device running web server software that
manages web-based activities by storing and delivering resources using HTTP
on the request of the HTTP client. It might also have a database where it
stores information and where the HTTP client can fetch that information.
Additionally, the function of the HTTP server can often be extended to support
extra scripting and programming features (web applications). Two common
web server platforms are:
Apache freely available web server software for many different operating
systems. It is popular for Linux operating systems.
Microsoft Internet Information Services (IIS) web server software
packaged with Windows server and client operating systems. Figure 11.64
shows the IIS Manager program for a Windows client computer.
Figure 11.64 IIS Manager

Web servers can be set up for users on an intranet network, extranet network
or Internet, or a combination of these. It is typical for medium to bigger
companies to set up their own web servers and host their own websites, while
smaller companies and individuals use an ISP or another company that
provides web hosting services.
A web browser is a program used for accessing websites to display web
pages and other content. A web page is a specially formatted file, typically
written in a Hypertext Markup Language (HTML), suitable for the Web that
you can access using your web browser over a network. A hyperlink or link is
a kind of cross-reference to another web page. Each link is text (usually shown
underlined and in a different colour) or an image that, when clicked, loads the
other related page into your web browser automatically. The other page is
often from the same website but can be any pages anywhere on the Web.
Common
GUI-based
web
browsers
include
Google
Chrome
(www.chrome.google.com), Mozilla Firefox (www.mozilla.org) and Microsoft
Internet Explorer (www.microsoft.com/ie), to name a few. Common
command line ones include Lynx (www.lynx.browser.org).
Page 495 of 1229
Figure 11.65 shows a common web browser application showing some famous
icons for websites and web browsers.
Figure 11.65 A web browser

A website or just simply site is a set of related web pages stored and hosted
on a web server whose location and name are typically represented by a FQDN
or IP address. The web page is what displays in the web browser when you
access a website. Websites can be accessed over the Internet or a local
network such as an intranet (for local access only) or extranet (for remote
access) through a web address or IP address. All publicly accessible websites
collectively make up the Web.
With HTTP, the web browser sends requests for a web page to the web server
over the default HTTP port 80. The web server, which stores the web page,
acknowledges the request and returns the requested page to the web browser
through the default port 80. HTTP uses the web address of http://.
Note
Browsers can read, understand and show many types of data.

However, the browser might need to run another service or program,
typically referred to as a browser plug-in or add-on, to read and
show some types of data.
11.9.8.1 Uniform Resource Identifier

There is a web addressing scheme that you can follow to access resources on
the Web and on internal networks using your web browser. The web address,
generally known as the URL (Uniform Resource Locator) or technically as
the URI (Uniform Resource Identifier), that you type into the address bar
tells the browser where to fetch a page or pages from. URLs are those dot
addresses
we
all
know
about,
such
as
www.gizmodo.com
or
www.wikipedia.org.
Page 496 of 1229
The URL for an HTTP resource might be made up as follows:
http://news.cnet.com/mobile-news/index.htm
A URL tells you:
The protocol or service used. For example, HTTP or FTP for files. In this case
HTTP.
The FQDN or IP address where the host is located (for example, the
news.cnet.com web server). IP addresses are mainly used for testing
purposes or when DNS is not available.
The file path to the requested resource (for example, directory is /mobilenews and file name is index.htm).
An example of a full URL with an IPv4 address is:
http://192.168.1.1/index.html
IPv6 addresses can be used in URLs. URLs, however, use the colon for a
specific TCP port. Because IPv6 groups are separated by colons, the IPv6
address must be placed in between brackets, to follow the URL standard:
http://[FEC0::CC1E:2412:1111:2222:3333]/index.html
Lets take a look at how the web browser reads and understands the following
URL:
http://news.cnet.com/mobile-news/index.htm
You are attempting to reach index.htm file in the mobile news directory located
on the server news.cnet.com. The browser looks at the protocol, which in the
address shown is http://. Since the browser knows the protocol is HTTP, it
knows how to read and understand all the words on the right of the forward
slashes //. It now looks at the FQDN news.cnet.com, which tells the browser
where to find the web server it needs to fetch the resource from. Once it
reaches this web server, it fetches the index.htm web page file from the
mobile news directory. Once the browser has fetched this page, it reads and
understands it and shows it in its main window for you to look at.
11.9.8.2 HTTP client and server interaction
HTTP uses TCP to transfer files between the client and server and relies on
DNS for name resolution. TCP connections are created using the default HTTP
port 80. HTTP is not a secure protocol. HTTP messages upload data to the
server in plain text which can be captured and read by anyone. Similarly, the
server responses, typically HTML pages, are unencrypted. Under HTTP, there is
no authentication between the client and server by default. This is where
encryption comes in.
Page 497 of 1229
11.9.8.3 HTTPS
Most web connections use HTTP because they do not need to be secured. But
when you need to send data securely to stop someone from seeing your web
data, you should consider encrypting it. For example, you would not want
other people to see your username and password as you log into a banking
website to authenticate who you are to the HTTP server. In such a situation,
you want to make sure you are using HTTPS. HTTPS, also called HTTP Secure
or HTTP over SSL, works with one of the following encryption protocols to
secure HTTP connections:
Secure Sockets Layer (SSL) used to encrypt many types of web and
other traffic. It often uses port 443 but might use other ports, depending
on the protocol being encrypted.
Transport Layer Security (TLS) is the chosen replacement for SSL. It
can be used anywhere SSL is used. Just about all current web servers and
web browsers support TLS, as do many other applications.
Both of these protocols can provide authentication, where clients and servers
exchange credentials to confirm who they are, encryption, where the data
exchanged by clients and servers is encrypted using encryption keys (special
mathematical formulae) to prevent someone capturing and reading the data,
and data integrity, to ensure that the data has not been changed while
travelling over the network.
SSL/TLS make use of certificates. A digital certificate is an encrypted
document that proves that a computer, person or company is who they claim
to be and not something they are not. You can think of it as an encrypted
credit card that helps people trust that a website or other resource is secure.
You can use it to secure emails, electronic commerce (e-commerce), banking
and other online transactions.
This certificate is signed by a trusted company or authority called a Certificate
Authority (CA) that guarantees that the key you are about to get is actually
from the web server and not from someone else pretending to be the web
server. The CA verifies the identity of computers, servers, people and
resources and hands out signed digital certificates for authenticity.
The SSL/TLS process basically involves the server getting a digital certificate
from the CA, to verify its identity to the client. When the client is confident that
the server is who it says it is because it trusts the same CA, then secure and
encrypted data transfers can go ahead between the two. The server uses the
certificate and the SSL or TLS protocol to encrypt traffic between it and the
client.
Both SSL and TLS work at the session layer of the OSI model and encrypt TCP
connections over the default port 443, not UDP.
Page 498 of 1229
Figure 11.66 shows an example of how to determine in your web browser

whether you have a secure HTTPS connection. Internet Explorer is used in this
example. The first arrow points to the address bar where https:// URL is shown
(instead of http). The second arrow points to a lock icon indicating that it is a
secure connection. Different web browsers might put the lock icon in different
places, possibly at the bottom of the web browser, but they will usually have a
lock icon somewhere.
Figure 11.66 Verifying HTTPS is used

Note
HTTP uses port 80 and HTTPS uses port 443. SSL and TLS also use
port 443 by default when used with HTTPS, and SSL and TLS can be
used to encrypt other types of traffic including email and remote
connections. For example, virtual private network (VPN) connections
sometimes use SSL over port 443 as well. To create a VPN
connection, a certificate is installed on the client so that the server
can trust it.
To view the certificate, click the lock icon. Because digital certificates verify a
companys current status, they expire after a time period. If the certificate is
not renewed in time, you may see a message box appear that says "This
websites certificate has expired" or something similar. This error has nothing
to do with you or your computer, but is displayed because the web server you
are connected to has not renewed its certificate. While this does not
necessarily mean that you should not trust the website, it does show that the
website is less than professional if it is a website that is supposed to offer
secure connections.
11.9.9 Email protocols

Email or e-mail (electronic mail) can be used to send and receive messages
electronically over a network. You create your email using an email application,
place an address on it, and then send it on its way. Your network email
system takes care of the return address and delivers your email over your local
network and the Internet.
Page 499 of 1229
11.9.9.1 Email client and mail server

The email client is the application you can use for creating, formatting,
sending, downloading and reading your emails. An email client can be a
standalone application that is mainly used for emails and other related tasks or
a web browser for web-based mail (called webmail). You can use your email
client on your computer or mobile device to grab messages using several
protocols, set up mailboxes to store messages locally or on a mail server, and
send outgoing messages. Outgoing messages are handed over to a mail server
for delivery, while incoming messages are picked up from where the mail
server left them. Many email clients also include calendar, task manager, note
taking, journal and web browsing capabilities built in, among other functions.
Figure 11.67 shows an email client application.
Figure 11.67 Email client

When it comes to reading your email, you can choose from a wide variety of
applications. In fact, the list of clients is extensive, including command line
clients, OS GUI-based clients and web-based clients.
Also called a messaging server, mail exchanger or email server, a mail server
is a computer running mail software that acts like a post office for your email.
Page 500 of 1229
It works on a store and forward model it accepts messages, forwards them

to other mail servers, and stores them until you can download them to your
device or view them on the server. Messages can be stored on the client, on
the server, or in both places in a mailbox.
Mailbox: A mailbox is a place such as a file on a computer where your email is
stored. It is your electronic postbox. Each mailbox or message store has an
email address that goes with it.
Many medium-to-big companies run their own internal mail servers while many
users and smaller-to medium-sized companies rely on their ISP to manage
their mail. After installing the mail server applications on their local mail
server, the network administrator creates a mailbox for each user and
registers the servers IP address in a DNS server. This enables other mail
servers on the Internet to send mail to the users mailboxes. Users then
configure their email clients to access the local mail server to download mail
from their mailboxes and send outgoing messages using this mail server. The
server might provide other services for users as well, such as web-based mail,
which enables users to access their mailboxes from any web browser.
11.9.9.2 MIME
Emails can include pictures, videos and many other file attachments.
Attachments that go with email messages are converted into a text stream by
means of encoding. MIME (Multipurpose Internet Mail Extensions) is a
method for encoding various types of data to include in an email message.
Encoding, which converts binary data to text streams, enables binary files to
be attached to emails to be sent over the text-based email network. When you
receive attachments, they must be decoded by your email client. If your email
client cannot do this, you have to use another application to decode the files.
11.9.9.3 How email works
The following steps are followed when using the traditional email method.
Some companies let you send and receive emails as web-based mail or web
mail for free from a website. The following example does not include webmail
and encryption. Webmail does not follow the steps below exactly because the
web page takes care of a lot of the details by itself.
In this basic example, Pieter is sending an email to Thandi:
1. Pieter creates a message to Thandi using his email client program. The
email client combines the text he wrote (in the body) with the recipient
(thandi@recipient.co.za), possibly typing in the name of a second recipient
in the Cc (Carbon Copy) field, a subject, date, and time (the header). His
email client puts the message together along with some other information,
such as his email address (pieter@sender.co.za), the recipient Thandis
email address in the To: email header field, the time he is sending the
message to her, any files he has attached to the email (attachment) and so
on. When it is ready, Pieter clicks Send and his email client sends the
message to the mail server using SMTP (Simple Mail Transfer Protocol).
Page 501 of 1229
2. The mail server that Pieter is using to send his message

(smtp.sender.co.za) grabs the message and places it in a queue and waits
for the next SMTP session to start.
3. When the SMTP process starts to process the queue, it looks at the domain
or second part of the recipients address to see where it must send the
message to. The mail server then goes looking on the Internet to find the
mail server that Thandi is using. It does this by talking to the DNS server,
which keeps records about how to find mail servers.
4. The DNS server resolves the recipients address to an IP address for the
recipient.co.za mail server and gives Pieters mail server the proper address
for the server that Thandi is using to download her message from (for
example: mx.recipient.co.za).
5. Pieters mail server then sends the message to Thandis mail server using
SMTP, which before it gets there, might go through several hops (ISP mail
servers and gateways). The hops the message goes through are recorded
in the messages header.
6. Thandis mail server puts the message into Thandis mailbox. There it will
sit and wait until Thandi logs in to collect her mail.
7. Thandi opens her email client program to connect to her mailbox on the
mail server and then downloads her email message using POP or IMAP. If
she uses POP, her email is downloaded and stored on her computer in her
Inbox mailbox, otherwise if she is using IMAP, her email stays on the
server.
Note
All email client programs are databases and all mail messages when
received, are stored in the database. After messages are received, the
email client program stores them in various mailboxes: Inbox,
Deleted Items and Junk, for example.
8. Her Inbox includes the new message from Pieter. She opens the email and
looks at the From: field, which lists Pieter as the sender.
9. She reads the email and clicks the Reply button to create a return message
to Pieter. Once the message is ready, she sends it and it goes through
pretty much the same process as above.
DNS Server
DNS Server
Mail Server
Mail Server
SMTP
SMTP
SMTP
POP3 or IMAP4
Thandi
Pieter
Figure 11.68 Sending email example
Page 502 of 1229
11.9.9.4 SMTP, POP and IMAP

There are three primary protocols used for email. They are Simple Mail
Transfer Protocol (SMTP), Post Office Protocol (POP), and Internet
Message Access Protocol (IMAP4):
SMTP
The SMTP mail delivery protocol is used to send email from email clients to
mail servers, then from mail server to mail server. SMTP uses TCP port 25 by
default, but many servers support port 587 (for authenticated SMTP) instead.
POP
The POP protocol is used to fetch email from POP mail servers. It uses port 110
by default and the current version is POP3. Many POP mail servers will delete
your email after you have downloaded it using your email client. This action
then leaves the mail only on your client computer. A problem with POP3 is that
the password used to access a mailbox is sent across the network in clear text.
This means that if people want to, they can find your POP3 password. This is
an area in which IMAP4 offers an advantage over POP3. It uses a better
authentication system, which makes it more difficult for people to figure out
your password.
IMAP
IMAP is a mail-fetching protocol like POP3 except that messages are kept on
the IMAP mail server along with your mail folders (inbox, sent items, etc.) and
given to you as needed. Any downloaded messages are also left on the server,
which enables you to easily access your mail from any device anywhere.
Changes to your mail files locally can also be replicated to the server. Because
you can download all messages, you can work entirely offline. Unlike POP3,
IMAP provides the ability to organise email in folders on the server or to search
through all the email for specific content.
HTTP webmail accounts have become increasingly popular. These accounts
leave their mail messages on the server in a manner similar to IMAP. IMAP
uses port 143 by default, and the current version is IMAP4.
Note
It is important to understand that the term server refers to an

application and not necessarily to a separate computer. In many
cases, the SMTP server and either the POP3 or IMAP server run on the
same computer.
11.9.9.5 Email address format

An email address identifies the person, group or resource that should receive
the email, allowing the mail servers to send email to the right person, group or
resource.
Page 503 of 1229
Several email address formats exist; all Internet email addresses come in the
following address format:
accountname@domainname
accountname the persons username. Companies have different

requirements for the username for allowed and disallowed characters. It is
supposed to be case-sensitive, but most mail systems do not require this.
@ always sits between accountname and domainname.
domainname may refer to a company (such as thandik@cti.ac.za) or
ISP/email service provider such as (thandik@mweb.co.za) hosting the
email services for the user. For company users, the domain name is usually
registered to the company and is often the same domain used for that
companys websites and other Internet services.
Every person with an email account has a mailbox that can receive mail sent to
that persons email address. You can also set up aliases for mailboxes, so that
janp could have the alias of support and receive mail sent to both
janp@inet.co.za and support@inet.co.za in his mailbox.
When you configure your standalone email client program, you need to enter a
username, password, default email address and the FQDN or IP address of the
SMTP and POP3 or IMAP4 server. For example, you might need to set up an
email account in your email client with smtp.gmail.com (to send email to
Gmails SMTP server) and pop3.gmail.com (to download email from Gmails
POP3 server), as shown in Figure 11.69. Your ISP will provide the names or IP
addresses if you are not hosting a mail server on your internal network.
Figure 11.69 Configuring an email account on a computer
Page 504 of 1229
Note
If one of these names is incorrect, you will either not get your email
or not be able to send email. If an email setup that has been working
well for a while suddenly gives you errors, it is likely that either the
POP3, IMAP or SMTP server is down or that the DNS server has
stopped working.
SMTP, IMAP and POP3 can be encrypted with SSL or TLS as SMTPS, POP3S and
IMAPS. The default ports for these are:
SMTPS: port 465 (or 587 with TLS)

IMAPS: port 993
POP3S: port 995
Figure 11.70 shows how to set SMTP authentication and SSL encryption in a
particular email client application. Every major email client will have a setting
called Connection security, or Security, or something similar. If your mail
server uses encryption, change this setting to TLS or SSL.
Figure 11.70 Configuring security for email protocols

Many people use web-based email or webmail, such as Yahoo Mail or Gmail
(shown in Figure 11.71), to handle their email needs. As you know, webmail
allows you to access your email from any Internet-connected computer,
smartphone or other device. The benefit of using a standalone program is that
most offer a lot more control over what you can do with your email, such as
flagging messages with different types of flags for later review. Web-based
services are catching up, though, and might overtake traditional email client
programs in features and popularity.
Page 505 of 1229
Figure 11.71 Webmail
11.9.10 File transfer protocols

While HTTP and HTTPS are used to transfer many types of files over the
Internet, there are protocols dedicated to transferring files over the Internet
and local networks between clients and servers and transferring files more
quickly. These are FTP, TFTP and SFTP.
11.9.10.1 FTP, TFTP and SFTP
File Transfer Protocol (FTP) is used to transfer files between a client
server, no matter what OS they are running. As well as uploading
downloading different types of files between the two, FTP enables you to
inside folders on the FTP server, and rename and delete files and folders if
have the necessary permissions.
Note
and
and
see
you
To upload files with HTTP, you can use web browser scripting or plugins, but FTP must be used to copy files from the client to the server.
FTP is a connection-oriented protocol that uses TCP port 21 by default to send

control signals to an FTP server and uses a second port for transferring the
actual files reliably. The control port is made up of commands and server
replies, and the number of the second port depends on the mode FTP is using.
If it is using Standard (or Passive) mode, FTP uses control port 20 with port 21
to transfer files. If it is using Active mode, it automatically assigns a second
port number, up to port 65 535, which is created every time a file is
transferred.
Although the FTP server runs FTP software, it can be used for other purposes
as well. For example, it is common to have a computer running as both a web
server and FTP server. By doing this, you can manage websites and FTP sites
together.
To access an FTP site, you can use one of many different types of FTP clients.
For example, you can use your web browser as the client to download files
from an FTP site hosted on the local network and from sites on the Internet.
Page 506 of 1229
Just type in the name of the FTP site using the ftp:// URL. Figure 11.72
shows a web browser accessing the Microsoft ftp site by its domain name. You
can also use the FTP servers IP address instead of the domain name. Notice
that both the protocol and the hostname say ftp.
Figure 11.72 FTP site

Many FTP sites need you to log on to access the site. Some FTP sites do not
mind if you log on as an anonymous user, which means that you are allowed
to connect without a username and password, but you might only be given
limited access to the site. In other cases, you might need to enter the word
anonymous or ftp when asked for a username and possibly anything for
the password, such as your email address or simply the word guest.
Many ftp sites are protected and need you to enter a username and password.
There are several ways of logging into an FTP site. One way is to enter an FTP
URL in the browsers address bar, press <Enter> and then wait for a credential
dialog box to appear asking you for your username and password. The other
way is to enter all the credential information into the address bar in one of the
following formats, depending on what the web browser supports:
ftp://username:password@ftpservername
ftp://username:password@ftp.domainname
For example:
ftp://siyabongat:secretpassword@private.ftp-servers.google.com/mydirectory/myfile.txt
In some cases, the username includes a domain name. In these situations, you
would type:
ftp://username@domainname:password@ftp.domainname
An anonymous logon works fine for most public FTP sites. However, many
technicians prefer to use programs such as FileZilla to access an FTP site
because these applications can store username and password parameters. This
enables you to connect to the FTP site more easily later on.
Page 507 of 1229
FileZilla can be downloaded for free from filezilla-project.org. Figure

11.73 shows a screen shot of the FileZilla program. It allows you to use a few
clicks to upload and download the files you want.
Figure 11.73 FileZilla

Many operating systems such as Windows and Linux include an FTP client. In
Windows, for example, you can access the FTP client from the command
prompt. Open the command prompt, type FTP and press <Enter> to start the
program. You can then use any supported commands to perform file-related
tasks while pressing <Enter> after running each command, for example:
put upload files

get download files
help list FTP commands
quit exit the FTP program
FTP commands are case-sensitive and should be in lowercase. The problem

with this method is that you need to know all the relevant FTP commands. The
command prompt is useful in many situations but for FTP, an application like
FileZilla is easier.
Note
Many firewalls block FTP traffic by default. To allow FTP traffic to pass
through, you need to make sure your firewall has port 21 open to
allow outgoing FTP traffic. Firewalls will allow incoming FTP traffic if
outgoing FTP traffic is allowed. Therefore, you usually do not need to
open the second port using FTP.
Page 508 of 1229
Trivial File Transfer Protocol (TFTP), like FTP, is also used to transfer files
to and from remote computers over the network. It is designed to be
lightweight and fast, and uses the connectionless UDP, so it has less overhead
than FTP, which uses the connection-oriented TCP. It does not, however,
include FTPs authentication and security capabilities and user interface
features, nor does it have the level of functionality that FTP has. TFTP uses
port 69 by default. Figure 11.74 shows the running of a TFTP client command
in the Windows command prompt (on the right). This feature must be turned
on in the Programs and Features applet in Control Panel on a Windows 7
computer as shown on the left in Figure 11.74.
Figure 11.74 TFTP client in Windows
11.9.11 Encryption protocols and programs

Encryption protocols scramble data in such a way as to create cyphertext
(encrypted text) that can only be decrypted to create readable text by the
intended authorised system. In addition to SSL and TLS, there is another way
of encrypting traffic: SSH.
Secure Shell (SSH) is used on a network as a program to log into another
computer, to execute commands on that remote computer, and to move files
or any type of TCP/IP traffic through an encrypted connection. It provides
strong authentication and secure communications. In networking terms, this
capability is called tunnelling and the encrypted connection is called a
tunnel, and it is the core of many secure versions of Internet technologies
including SSH and virtual private networks (VPNs).
There are various SSH administration and remote file copy programs available
for different operating systems. One that comes to mind is the secure copy
(SCP) program which uses SSH to copy files securely between hosts. Windows
includes a command line tool called WinRS (windows remote shell) that,
like SSH, allows you to run commands remotely using the Windows Remote
Management (WinRM) service. Putty (which can be downloaded from
www.putty.org/) is another SSH client program. Figure 11.75 shows a
screenshot of the Putty program.
Page 509 of 1229
Figure 11.75 Putty program

FTP traffic is normally sent over a network in insecure cleartext. This can
sometimes include usernames and passwords, along with file data. This data
can easily be seen by someone using a sniffer (capturing) program. To hide or
encrypt the username, password and file data, FTP is often secured with SSH.
Secure FTP (SFTP) is nothing more than running FTP traffic through an
encrypted SSH tunnel, including the FTP username, password and file data, so
that it can only be read by authorised users. This can be done in a number of
ways. You can, for example, start an SSH session between two computers.
Then, start an FTP server on one computer and an FTP client on the other, and
redirect the input and output of the FTP traffic to go through the tunnel. You
can also get a dedicated SFTP server and client. Figure 11.76 shows the
OpenSSH website www.openssh.org/, which is where you can download
OpenSSH software for your SSH server. OpenSSH comes with an SFTP feature
built in.
Figure 11.76 OpenSSH website

Note
When secured by SSH, SFTP uses TCP port 22 by default the

default port of SSH.
Page 510 of 1229
11.9.12 SMB
Server Message Block (SMB) is a request/response protocol that is used to
provide shared access to files and printers between hosts on Windows
networks. SMB is the reason that Windows tools like Network can show you all
the computers on your network. When you access shared files over your
network, your Windows computer uses SMB to create the connection and
return the files to your computer. Similarly, when you send a print job to a
printer, the OS uses SMB to transfer the data.
SMB typically uses Network Basic Input/Output System (NetBIOS) over
TCP with ports 137, 138 and 139 by default. If used directly over TCP, it uses
port 445. SMB is hidden from the user. Modern Windows operating systems
use SMB version 2 that is backward-compatible with SMB version 1, so they
have no problem communicating with older systems.
The Linux and UNIX operating systems also provide a way of sharing resources
with Windows networks using a version of SMB called SAMBA. Apple
Macintosh (MAC) also supports resource sharing using the SMB protocol.
11.9.13 Remote connectivity protocols

Sometimes it is convenient to perform tasks on a computer or server far away
from you, just as if you were actually sitting in front of it with your hands on
its keyboard and mouse or even on its touch screen. There are many programs
that do this that either come as an OS feature or can be downloaded as a third
party program from the Internet. These programs are generically called
remote desktops and each might have different features. You can compare
common third party remote desktop software here:
http://en.wikipedia.org/wiki/Comparison_of_remote_desktop_software
There are two primary remote connectivity and administration protocols that
every computer technician should know about. Both are used to create
connections with remote hosts. They are Remote Desktop Protocol (RDP) and
Telnet.
11.9.13.1 RDP
Remote Desktop Protocol (RDP) is a low-bandwidth protocol used in
Windows networks. Two primary applications that use RDP are Remote
Desktop Connection and Remote Assistance. Both use RDP over the
default port 3389:
Remote Desktop Connection (RDC)
RDC is a GUI-based program that you can use to connect to another computer,
log on and see that other computers desktop on your own computer. RDP
sends mouse movements, keystrokes and images of the screen on one
computer to the other computer. RDP clients are available for multiple
platforms, including Windows, Mac OS X and Linux. The name of the Remote
Desktop executable file in Windows is mstsc.exe.
Page 511 of 1229
Figure 11.77 Remote desktop connection program in Windows

Note
MSTSC is short for Microsoft Terminal Services Connection.

Remote Desktop Connection was previously called Terminal
Services.
Remote assistance
When a user calls you about a technical support issue and she says that
something does not work, you can use remote assistance to transfer yourself
from your desk to her desk to see exactly what she is seeing on her screen in
order to provide assistance. The user sends out a remote assistance request to
you and you can use it to access that users computer from a remote location.
If the user trusts and gives you permission, you can take control of the users
computer and show him or her how to do specific tasks, such as open files,
while he or she sits back and watches you do it on his or her computer screen.
Remote assistance even includes a chat window that you and the user can use
to chat.
Figure 11.78 Remote assistance connection
Page 512 of 1229
Note
Make sure that port 3389 is open on firewalls and routers between the
hosts involved in the remote assistance connection. Otherwise, RDP
traffic will be blocked.
Other thin client computing technologies include:
Virtual Network Computing (VNC) consists of a client, a server and a

communication protocol. It is a system whereby a user can log in and access
the screen of a remote computer. VNC uses a protocol known as the remote
frame buffer (RFB) protocol.
Citrix Independent Computing Architecture (ICA) enables clients to
access and run applications on a server, using the resources of the server
with only the user interface, keystrokes, and mouse movements transferred
between the client and server.
11.9.13.2 Telnet
Telnet is a terminal emulation command line tool that you can use to connect
to remote computers, switches and routers, and run commands through the
telnet prompt on that host as if you were sitting in front of it. One problem
with telnet is that you must know how to run commands on that other host.
Also, the user on the remote host must give you permission to access it and it
must run a service known as the Telnet Daemon to support telnet access.
The default port used by Telnet is port 23.
Once the Telnet Client feature is enabled in Windows, telnet can be used from
the command line by typing the following command:
telnet IP address
OR
telnet name
(Substitute the IP address or name of the remote host to which you want to
connect.)
If you connect, you will be asked for a username and password. If no
username and password have been set for the terminal connection, you will
not be allowed to connect. After you are authenticated, the telnet prompt of
the remote host will appear and from that point forward, you can run telnet
commands.
Sometimes technicians use Telnet for troubleshooting because it allows them
to easily find out whether a host is listening and responding to traffic on a
specific port.
Page 513 of 1229
For example, imagine you are having problems with your email. You might
want to check that the mail server (with the IP address of 192.168.1.1 in this
example) is working and listening for SMTP commands. You can enter the
following command at the command prompt before pressing <Enter>:
telnet 192.168.1.1 25
The command will attempt to connect to the mail server at the IP address
192.168.1.1 by using SMTPs default port 25. If successful, you might be asked
to confirm if you want to connect using telnet and if you choose yes, you will
have a screen where you can enter the username and password. Thereafter,
you will have a telnet prompt waiting for you to enter SMTP commands. Being
able to access the prompt indicates that the mail server is working and
listening on port 25. If the mail server is not running, you will get an error.
Figure 11.79 shows a telnet session with an SMTP server.
Figure 11.79 Telnet session with SMTP server

Some of the basic telnet commands are listed in Table 11.10:
Table 11.10 Basic telnet commands
Command
open host port
status
?
close
quit
Note
Comment
Starts a telnet connection with the host on that
port. Host can be a hostname, FQDN or IP
address
Shows session status
Get help
End the current session
Exit the telnet prompt
You can use Telnet to connect to remote hosts through port 23 or

through different ports and enter commands on them. To access a
Telnet host, you must supply a username and password at the Telnet
client, which it sends in cleartext. For this reason, administrators
seeking remote command line access tend to go for a Secure Shell
(SSH) program instead of Telnet because it is secure.
Page 514 of 1229
11.9.14 SNMP
Simple Network Management Protocol (SNMP) can be used to communicate
with and manage and monitor network devices on a TCP/IP network from a
central place. The management software usually creates a map of the
interconnections between network devices, as well as display detailed log
information for each device that helps us monitor and troubleshoot them.
Devices that can be monitored with SNMP include switches, routers, servers,
printers, wireless access points, UPSs, to name a few. SNMP has the following
components:
Agent software or firmware that runs on the managed device and

monitors it. The agent stores statistics about the network devices activity,
such as the number of frames per second the switch can handle, in a
database called a Management Information Base (MIB). It can monitor
the device and look for potential events (called traps) and report them to a
central management system. An example of a trap is a port failure.
Central management system Network Management Software

(NMS) that runs on the manager device, often a server, that requests
information from agents using UDP messages at regular intervals, displays
this information for you to look at, and directs agents to perform certain
tasks, such as setting options on devices that you have specified or
returning configuration data. In many cases, the management software can
be configured to alert you to traps in various ways, including by email and
text messages.
The agents use UDP port 161 and the management system uses UDP port 162.
You can get both open source (freely available) software like that shown in
Figure 11.80 and commercial SNMP software. There are three versions:
SNMPv1, SNMPv2 and SNMPv3. Unlike SNMPv1 and SNMPv2, SNMPv3 supports
high level security, including authentication and encryption.
Figure 11.80 SNMP Manager program

Page 515 of 1229
11.9.15 Databases and database management systems

A database is software that organises data in such a way that allows users
and programs to work with that data. It is created so that lots of data can be
inputted, stored, retrieved and managed. Data (text, numbers and other
characters) is stored in a table format and understood by users as information.
A Database Management System (DBMS) is software that you can use to
manage databases. See Figure 11.81.
Figure 11.81 A database management program
11.9.16 LDAP and directory services

A directory, like a database, stores information about items and resources on
a network. Network resources include drives, folders, files, computers,
printers, users, groups and hardware and software that exist on the network. A
directory service stores, organises and provides access to the information in
the directory. The directory is centrally managed and secured by the network
administrator, and is available to anyone on the network at any time.
X.500 is a series of standards that were designed to standardise how data was
stored so that any computer could access X.500 directories. Lightweight
Directory Access Protocol (LDAP) is a protocol that is used to interact with
an X.500 directory or a directory that be represented as an X.500 directory.
LDAP enables operating systems and applications to query the directory for
information and update that information over a TCP/IP network. LDAP servers
store their data hierarchically, like a tree, so that you can easily manage and
find items in the tree.
Page 516 of 1229
Microsofts directory service is called Active Directory Domain Services (AD

DS). Windows uses LDAP to do anything with AD DS. All directory databases
are made up of records and in AD DS, records are called objects. An object
represents a specific network resource within a network, such as a computer
and user. If you are sitting at your computer and join it to an AD DS domain,
Windows uses LDAP to update AD DS with your computers information and
creates a computer object (account) for it within AD DS. Similarly, when a user
account object is created within AD DS, you can log in to that network using
that domain user account from any computer on that network. LDAP is used
for any other type of interaction with AD DS. Figure 11.82 shows the Active
Directory Users and Computers console where administrators can manage
users, groups, computers and domain controllers. The domain name is called
netoverme.local.
Figure 11.82 Active Directory Users and Computers console

The AD DS database and its directory services are installed on one or more
Windows servers called domain controllers (DCs). DCs not only store the AD
DS database, but also authenticate users so that they can log onto the AD DS
network and find and use related resources on it. Users can log on once to the
AD DS without having to log on again though a process called single-sign on
(SSO). Authentication and authorisation are provided by the Kerberos
authentication protocol.
LDAP runs over TCP or UDP port 389. These ports should be blocked on the
firewalls public interface if LDAP is not going to be used as a public service.
Other directory services that are based on LDAP include Apples OpenDirectory,
Novells eDirectory and the free OpenLDAP.
Note
Active Directory is the directory service for Windows networks. It is

based on the LDAP protocol, and uses the Kerberos protocol for
authentication and authorisation services so that users and computers
can prove their identity over the network. Directory services also rely
on DNS for naming and other network information.
Page 517 of 1229
11.9.17 Other protocols

Some other protocols to know about are:
Bootstrap Protocol (BOOTP) this was originally created so that

computers without hard drives (diskless computers) could get an IP
address, subnet mask and default gateway needed to connect to the
network. When a computer that uses BOOTP is booted, it broadcasts for a
BOOTP server (BOOTPS) on the network. If you ever had to use BOOTP,
know that it is a broadcast-based system like DHCPv4 and it uses UDP
ports 67 and 68.
Network Time Protocol (NTP) this is used to exchange time signals
between network computers for the purpose of making sure their time-ofday clocks work together to show the correct time synchronised. NTP
uses UDP port 123.
Network News Transfer Protocol (NNTP) this is used to post and
distribute messages to and get them from news servers on the Internet.
NNTP uses TCP port 119.
11.9.18 Summary of well-known ports

The first ports from 0 to 1023 are well-known ports. There are several ports in
this range that you should memorise for typical on-the-job work. Table 11.11
summarises the most important ports.
Table 11.11 Well known ports
Protocol
FTP
SSH
SSH Port Forwarding
Telnet
SMTP
DNS
DHCP
TFTP
HTTP
Port
TCP 20 and 21
TCP 22
TCP 22
TCP 23
TCP 25
TCP/UDP 53
UDP 67 and 68
TCP/UDP 69
TCP 80
Protocol
NTP
POP3
IMAP4
HTTPS
SSL
SMTPS
IMAPS
POP3S
RDP
Port
UDP 123
TCP 110
TCP 143
TCP 443
TCP 443
TCP 465
TCP 993
TCP 995
TCP 3389
11.9.19 Sockets
When one TCP/IP host addresses traffic to another, it uses an IP address with
a port number. Together they are called a socket, which identifies a specific
application process running on a specific computer. You will find the terms port
number and socket used interchangeably, but in this context, the term socket
refers only to the unique combination of IP address and port number.
Page 518 of 1229
To enter a socket into a URL, you enter the IP address first and then follow it
with a colon and the port number like this:
http://IPv4address:port
http://[IPv6Address]:port
Take a look at the following example:
An HTTP web page request sent to a web server (port 80) running on a host
with
an
IPv4
address
192.168.2.10
or
IPv6
address
of
2001:db8:85a3:8d3:1319:8a2e:370 would be destined to socket:
192.168.2.10:80
or
[2001:db8:85a3:8d3:1319:8a2e:370]:80
Because the port number for http is 80, this socket addresses the web server.
In most cases, however, URLs have FQDNs, not IP addresses and the format is
the same, but with the DNS name replacing the IP address. For example:
ftp.cti.ac.za:21
11.10 Exploring wireless networks

Wireless networks are common nowadays. They are easy to set up and many
home users and SOHO networks use them. Wireless networking is not limited
to computers and laptops. Most smartphones and tablets have wireless
capabilities built-in or available as add-on options. Figure 11.83 shows a
smartphone accessing the Internet over a Wi-Fi connection (white arrow on the
left) and its Wi-Fi password (on the right).
Figure 11.83 Smartphone with Wi-Fi
Page 519 of 1229
11.10.1 Introduction to wireless

Wireless local area networks (WLANs) or simply wireless networks are
computer networks that link two or more devices over the air so that they can
communicate to each other. When compared to cabled networks, WLANs are
not always as fast or as reliable and they can be affected by interference,
which can slow down performance and the further away you are from the
wireless network, the slower the speed you have.
Note
Wireless clients use the same network protocols and network client
software that cable networks use.
11.10.2 Waves and frequencies

Most wireless technologies nowadays use radio signals. Radio is made up of
electromagnetic waves that are sent through the air. The radio waves repeat at
a particular rate or frequency. Radio frequency is measured in cycles per
second, which indicates how many complete cycles the wave makes in one
second. Cycles per second are usually referred to as Hertz (Hz), with one
Hertz equalling one cycle per second (1Hz). Modern wireless technologies use
GHz (one billion cycles per second) radio frequencies.
So who decides what type of radio gets to use specific frequencies? That is
where spectrums and government agencies come in.
11.10.3 Spectrums and bands

Spectrum refers to the entire continuous range of frequencies that radio
works over. Governments determine who can use frequencies within the radio
spectrum in their country, and the spectrum to some extent is regulated by the
International Telecommunications Union (ITU). The radio spectrum is
divided into many small frequency ranges called bands, such as very low and
very high, with each band restricted for certain uses. The range of broadcast
radio frequencies extends from 3 KHz to 300 GHz, with FM radio and TV signals
broadcasting their signals in the very high frequency (VHF) band (30-300
MHz).
11.10.4 Wireless components

So now that we know radio frequency (RF) waves are used to carry wireless
signals, we can look at some basic components of WLANs.
11.10.4.1 Wireless Access Point
To extend the capabilities of a wireless Ethernet network, such as connecting it
to a cabled Ethernet network or sharing a high-speed Internet connection, you
need a wireless access point (WAP), simply called an access point (AP).
A WAP is a device that has a transmitter and a receiver (called a transceiver)
and centrally connects wireless clients to each other using radio waves on
specific frequencies and to the cabled Ethernet network.
Page 520 of 1229
Wireless clients such as laptops and smartphones must use the same
frequency to connect to the WAP.
Figure 11.84 WAP

The AP will have one or more antennae and an RJ-45 Ethernet port. You plug
the AP into a network cable and then plug the other end of the cable into a
switch, and your WLAN should be able to connect to your cabled network. Most
APs draw their power from a wall outlet. More advanced APs use PoE. Using
PoE, you only need to plug one Ethernet cable into the AP to provide both
power and a network connection.
APs are configured through a web browser-based program. You typically run
your web browser on one of your client devices and enter the APs default IP
address and press <Enter> to bring up the configuration page. You will need
to enter an administrative password, which is included with your APs
documentation, to log in. Setup screens differ from vendor to vendor and from
model to model.
11.10.4.2 Wireless
A wireless router
discussed earlier on
router, DHCP server,
SOHO networks.
Router
is an AP with extra functions. A wireless router was
in the home router section, and functions as a switch,
firewall, etc. It is common to find wireless routers used in
Figure 11.85 shows a network setup using the wireless router. The cable plugs
into the wireless routers RJ-45 ports using twisted pair cables and the wireless
clients using wireless network interface cards (WNICs) connect to the router
using wireless radio signals. Figure 11.85 also shows how the wireless routers
WAN is connected directly to the ISPs Internet line to give all users on the
network access to the Internet.
Page 521 of 1229
Figure 11.85 Wireless router showing router and switch components
11.10.4.3 Wireless clients

Wireless clients are any devices that can connect to the network by using
wireless signals. Many devices, such as laptops, smartphones, tablets and
gaming systems, have wireless capabilities.
For example, a smartphone can connect to a cellphone network for Internet
access. However, when the smartphone is in range of a wireless network, you
can configure it to connect to the Internet through the wireless network. It is
often quicker and does not count against data limits (or caps) for the
smartphone.
11.10.5 Wireless network topologies

A group of communicating wireless devices that share the same network name
and technology is known as a service set. The process by which the devices
request and are allowed to join a service set is called association. Association
is important because an area can have multiple APs and the client must know
which AP to communicate to. There are two modes or topologies that WLANs
can be configured in, one called ad hoc and the other infrastructure.
11.10.5.1 Ad hoc mode
A wireless network without an AP or wireless router is called an ad hoc
network. Each wireless device directly connects with every other device in a
decentralised free-for-all setup. Ad hoc means as needed and is sometimes
called peer-to-peer mode. Two or more wireless clients communicating in ad
hoc mode create what is called an Independent Basic Service Set (IBSS).
Page 522 of 1229
Figure 11.86 Ad hoc mode
11.10.5.2 Infrastructure mode

When you connect wireless clients through APs or wireless routers to the
cabled network, you are using infrastructure mode. Wireless clients must
associate with an AP before data can be forwarded. One AP servicing a given
area is called a Basic Service Set (BSS). This service area can be extended
by adding more APs and linking them, creating an Extended Basic Service
Set (EBSS). Users can roam from one BSS to another and still be connected
to the EBSS, without losing network connectivity.
Figure 11.87 Infrastructure mode
11.10.6 Wi-Fi Alliance and WiGig

Although 802.11 wireless is often referred to as Wi-Fi, short for wireless
fidelity, the name Wi-Fi is a trademark that is privately owned by an
organisation of hardware and software manufacturers called the Wi-Fi
Alliance. The Wi-Fi Alliance promotes standardisation of wireless products and
certifies wireless products to ensure interoperability between different wireless
manufacturers. It has an interoperability certification program for WLAN
equipment and allows certified products to carry a special logo indicating their
participation. The Wireless Gigabit Alliance (WiGig) is an organisation that
promotes the adoption of multi-gigabit speed wireless communications
technology. It works with the Wi-Fi Alliance.
Page 523 of 1229
11.10.7 Wireless standards

Common wireless networks use the IEEE 802.11 standards. Some important
characteristics of wireless standards are:
Speeds depend on several factors, one of which is the 802.11 standard the
device supports. Top speeds for the different standards range from 2 Mbps to
over 100 Mbps. Wireless clients supporting Dynamic rate switching (DRS)
automatically negotiate the top speed and attempt to connect to each other at
that speed without any errors or without dropping too many data packets.
Distance between wireless devices affects speed. Speed decreases as distance
increases, so the maximum throughput speed (or actual data transfer) is
achieved only at very close range.
Range is how far the RF signal can travel. You will find different distances
ranges quoted in feet and metres for the different wireless standards.
Note
You can see the speed and signal strength on your wireless network
by looking at the wireless NICs properties. In Windows, open the
Network and Sharing Center, select Change Adapter Settings,
then right-click your wireless NIC and select Properties.
Speed and range is affected by interference from other wireless devices or

other devices working in the same frequency range and by objects. Wireless
networks are affected by interference from various objects. Electromagnetic
interference (EMI) can come from equipment such as magnets and fluorescent
lights. Radio frequency interference (RFI) can come from other transmitters.
11.10.7.1 802.11 standards
Collectively, all the wireless standards are identified as the IEEEs 802.11
standard. Various amendments have been made to the original 802.11
standard (which is no longer supported). These are identified by the letter that
goes with the standard, such as 802.11a or 802.11n. All standards can use
either an infrastructure mode or ad hoc mode, and each can use the same
wireless security protocols.
Table 11.12 shows a summary of the common wireless standards. The
maximum ranges listed are those shown by wireless manufacturers as the
theoretical maximum ranges. In the real world, you will experience these kinds
of ranges only under the most ideal circumstances.
Page 524 of 1229
Table 11.12 802.11 Protocol characteristics

Protocol
802.11a
802.11b
802.11g
802.11n
802.11ac
(*draft standard
for Gigabit WiFi)
Top speed
54 Mbps
11 Mbps
54 Mbps
75 Mbps (single channel)
150 Mbps (bonded
channel)
From 400 Mbps to 1+
Gbps (theoretical at close
range)
Frequency
5 GHz
2.4 GHz
2.4 GHz
2.4 & 5 GHz
Indoor ranges
30m
45m
45m
70m
5 GHz
Undetermined
*The draft standard means that it is used by many products now or will be in
the near future but the standard is under development.
802.11a works in the less interference 5 GHz frequency range, and is

therefore not compatible with 802.11b and g and not widely used.
802.11b devices work in the crowded 2.4 GHz range, meaning devices
such as baby monitors, garage door openers, microwaves and wireless
phones can interfere with 802.11.b devices.
802.11g runs in the 2.4 GHz range, so it is backward-compatible with
802.11b, meaning that the same 802.11g AP can service both 802.11b and
802.11g wireless clients.
802.11n brings several improvements to Wi-Fi networking, including faster
speeds and new antenna technologies. 802.11n is backward-compatible
with 802.11a/b/g.
The 802.11n standard requires all devices except handheld devices to use a
feature called multiple-input-multiple-output (MIMO). MIMO devices use
multiple antennae to send and receive data using separate frequencies. It does
this by allowing devices to multiplex signals over a single channel at the same
time. Although the official standard supports speeds up to 600 Mbps, it is more
likely that you will see MIMO devices that support 75 Mbps (single channel),
150 Mbps (bonded channels) and up to 300 Mbps speeds.
Note
A channel is the band of RF that wireless devices use to

communicate. The 802.11b and 802.11g wireless standards use one
channel to send and receive data. With channel bonding, it is
possible to use two channels next to each other at the same time. In
wireless networking, one channel is 20 MHz wide. When two channels
are bonded, they are a total of 40 MHz wide, doubling the bandwidth.
802.11n devices can use either the 20 MHz channels or the 40 MHz
channel.
Page 525 of 1229
802.11ac, known as Gigabit Wi-Fi, is a draft standard that works in the 5

GHz band and is therefore backward-compatible with 802.11a and 802.11n
standards, but you will only get 802.11a and 802.11n performance. It expands
on 802.11n by supporting more MIMO streams and 80 MHz or 160 MHz
channels wide, with theoretical speeds up to 6.93 Gbps over very short
distances.
One last standard that deserves a mention is 802.11ad, known as WiGig.
This is a new IEEE published standard that is already seeing a major push from
hardware manufacturers. Using 60 GHz frequency range, the new standard can
reach theoretical top speeds up to 7 Gbps. It is not necessarily designed for
traditional AP- or router-based WLANs, but rather for short-range peer-to-peer
connectivity, such as for streaming HD video from one device to another. As
such, you will most likely see 802.11ad technology used to beam signals
between home entertainment systems such as Blu-ray players and HD TVs.
11.10.8 Antennae and AP placement

When setting up your WLAN, keep space in mind. In a WLAN, coverage is the
availability and usability of the network within a range. Ensuring your SOHO
network has coverage depends on how you use your wireless channels and
where you place your AP or wireless router. It often takes a little trial and error
to see where to place the AP and how far the signal goes. You can start by
performing a site survey. A site survey can be as simple as setting up an AP
and then using a wireless-enabled laptop to check the signal strength, or as
difficult as hiring people with specialised equipment to come in and make
careful plans, defining what is the best place to put APs and which wireless
channels to use.
11.10.9 Channels
802.11 standards use frequency bands starting at 2.4 GHz or 5 GHz. The
802.11a standard specifies radio frequency ranges between 5.15 and 5.875
GHz. In contrast, 802.11b and 802.11g standards work between the 2.4 and
2.4835 GHz range. Each frequency includes multiple channels. Whereas a band
starts from a specific frequency and ends at a specific frequency, a channel is
simply a fixed band of frequencies that wireless devices use to communicate to
each other. A single channel is used for communications, as shown in Figure
11.88. You normally do not have to change the channels on your AP or router.
However, if there is a lot of interference on one channel, you can switch to a
different channel with less interference (such as 1, 6 or 11 which are more
than 22 MHz apart and will not interfere with each other). Figure 11.88 shows
the options for changing the channel on this particular wireless router. This
router automatically chose channel 6 by default, which is common, but any of
the channels can be chosen.
Page 526 of 1229
Figure 11.88 Changing wireless channels

Note
If there are any other wireless networks near your network, to

improve performance, do not use the same channel. Channels 1, 6 or
11 are recommended because they do not overlap each other. If other
networks are using channel 6, change yours to 1 or 11 and avoid
interfering with their networks. 802.11a supports eight nonoverlapping channels because it has a wider frequency band and
therefore more bandwidth. 802.11b/g standards use a smaller band
and support only three non-overlapping channels.
11.10.10 Radio power levels

Many APs have parameters for changing the radio power levels. If you turn up
the radio power on your AP, you can increase how far devices can send and
receive RF signals and communicate to each other. However, if you do not
want people outside your SOHO network to get your APs signals, you can turn
down the radio power levels. This limits how far the APs signals travel, but it is
not a reliable security measure.
Note
Lowering the power level can affect users on your WLAN. Wireless
clients connect to the AP using the fastest speed they can get without
errors and if the RF level is too low, it can result in connectivity issues
or slow speeds.
11.10.11 Wireless security

Because wireless devices use radio frequencies to send data over the air that
anyone can learn by using a scanner to intercept those signals, you must
protect your RF signals. The following sections explore several wireless security
measures to protect RF signals.
Page 527 of 1229
11.10.11.1 Wireless encryption

Encryption scrambles wireless data so that only authorised users can
unscramble it. An encryption system uses a cipher to encrypt the data and a
key (unique value) that allows authorised users to decrypt it. Wireless includes
three security protocols and they use different types of encryption. The three
available security protocols are:
Wired Equivalent Privacy (WEP) this is an older security protocol. Its

RC4 cipher, short for Rons Cipher 4, has been cracked. Both versions
(WEP1 and WEP2) are not secure and should not be used.
Wi-Fi Protected Access (WPA) this protocol was introduced as a short
term replacement for WEP. It significantly improved upon WEP by fixing
most of the security problems with WEP along with adding authentication to
the network using the 802.1x framework and used existing hardware.
Sometimes you have to upgrade the firmware on wireless devices to use
WPA. When needed, vendors usually provide free downloads that you can
use to upgrade the devices capabilities and use WPA.
Wi-Fi Protected Access version 2 (WPA 2) this protocol is compliant
with the 802.11 WLAN security standard and is a permanent replacement
for WEP and WPA. It needs more advanced hardware, but almost all
hardware today supports WPA2.
Note
WPA2 is the most secure wireless security protocol. If your wireless

devices only support for WEP, you can often upgrade the hardwares
firmware to get support for WPA or WPA2. Upgrading is like upgrading
the computer BIOS, but you are instead upgrading the firmware on a
WNIC or wireless router.
The two encryption types used with the wireless security protocols are:
Temporal Key Integrity Protocol (TKIP) WPA uses RC4 with TKIP. It
was designed so that WPA would be more secure than WEP while allowing
users to use the same hardware. Even though old hardware supports TKIP,
you might need to do a firmware upgrade for it to work.
Advanced Encryption Standard (AES) WPA2 uses AES. AES is much
stronger than either WEP or WPA with TKIP. Beyond wireless, AES is used
worldwide as an encryption standard in many different applications. You
might need to do a firmware or driver upgrade on wireless devices to
support AES.
Wardriving and warchalking: Wardriving is the practice of driving around

looking for wireless networks that are not secured or that are secured using
easily beatable security, such as WEP. Warchalking refers to marking the
location of open APs with special symbols on a wall or another surface. The
symbols indicate that a wireless network is nearby.
Page 528 of 1229
11.10.11.2 Wireless authentication

Another important step with wireless security is to configure authentication.
You can set up your WLAN as open, which is the easiest and least secure
method of authentication since a user does not have to enter a username and
password to authenticate. Open authentication is fine for wireless hotspots
such as airports, hotels and other public areas. However, to secure your WLAN,
you should consider using Personal or Enterprise authentication. WPA and
WPA2 support Personal mode and Enterprise mode.
Personal Mode
Personal mode uses a pre-shared key (PSK) or passphrase to encrypt
communications. Like a long password, the PSK is a secret set of characters.
Every wireless device on the network must have the same passphrase as the
wireless router. Figure 11.89 shows the setup page for a wireless router with
the security mode set to WPA2 Personal and the shared key to 1WillPa$$A+.
Figure 11.89 Setting WPA2 Personal mode on wireless router

The security mode is sometimes called security type or something similar, and
the shared key is sometimes called a passphrase, network security key or
something similar. The downside is that the passphrase might not be
distributed to each user securely and users might choose insecure
passphrases. The advantage is that no additional hardware or software is
needed. In Figure 11.89, every device must use WPA2 Personal with a
key of IWillPa$$A+.
Enterprise Mode
Bigger companies with server-based or domain-based networks sometimes use
Enterprise Mode. Enterprise Mode uses a Remote Authentication Dial-in
User Service (RADIUS) server and 802.1x (or Extensible Authentication
Protocol [EAP]) to authenticate clients. The AP hands over the clients
authentication information to the RADIUS server on the cable network to
validate it. If the information is valid, the RADIUS server tells the AP to allow
the client to connect to the network. This information could be just the users
username and password, or the users credentials stored on a smart card or
other physical authentication token.
Page 529 of 1229
Swiping the card or other token through a reader identifies the account holder.
The card can be used with a password or personal identification number (pin)
to provide even stronger security.
11.10.11.3 WPS
Wi-Fi Protected Setup (WPS) was developed by the Wi-Fi Alliance to make
it easier for users to set up a secure WLAN. WPS works in two common ways:
Push button you press a button on the AP for a short time and then
press a software button on the wireless client, such as a WPS-capable
laptop or printer. See Figure 11.90. The two devices communicate to each
other and automatically set up a secure connection. A strong PSK key is
still used, but you do not need to enter it. There is a set time frame, such
as a two minute gap, that you have to set the buttons on both devices.
Check the devices documentation on how to do this.
PIN assigned to the AP and/or a wireless client. You need to enter only
the PIN in the software of the other device to create a connection. A strong
PSK key is used for WPA2, but you do not need to enter it.
Figure 11.90 WPS button on wireless router

Although WPS makes setup easier, there are, however, programs that
attackers can use to easily guess the WPS PIN. With the PIN, the attacker can
find the WPA or WPA2 passphrase and get into your WLAN. The only way to
stop this attack is to disable WPS on the AP.
11.10.12 MAC filtering

Media access control (MAC) filtering is one way to restrict access to a WLAN.
Each WNIC should have a unique MAC address assigned and you can restrict
access to the WLAN based on this address. Figure 11.91 shows the Wireless
MAC Filter page for a wireless router. When configured, it allows only clients
with the MAC address listed in MAC01 through to MAC04 to connect to the
network. The router will block the connection for any client that has a different
MAC address who tries to connect.
Page 530 of 1229
Figure 11.91 MAC filtering on wireless router

Note
Attackers can learn MAC addresses that you have allowed and change
their system to use the same MAC address, therefore beating MAC
filtering. Additionally, it might be difficult to manage and keep track of
MAC addresses on a WLAN that has a lot of clients on it.
11.10.13 Naming the network using an SSID

WLANs have a name called service set identifier (SSID) that identifies the
WLAN. Devices that are configured with the same SSID belong to the same
WLAN. Many wireless routers have default SSIDs while some need to be set up
with one. All wireless routers allow you to change their SSID, and an SSID can
be up to 32 characters long. Unless you have multiple APs participating in an
ESS, the SSID must be different to any other WLAN nearby. Figure 11.92
shows the setup page for a wireless router. You can see that the Wireless
Network Name (SSID) has been set to APlusCertified. Also, the Wireless SSID
broadcast option is set to Enable.
Page 531 of 1229
Figure 11.92 SSID on wireless router

Note
SSIDs are case-sensitive. Therefore, APlusCertified is not the same as

apluscertified. You must use the same SSID on all devices in your
WLAN.
The Wireless Network Mode on this wireless router is set to Mixed. This means
that it can support both 802.11b and 802.11g devices.
11.10.13.1 SSID broadcast
When SSID broadcast is enabled on your wireless router, it periodically sends
out packets to announce itself within the maximum range to the WLAN,
essentially shouting Here I am; who wants to connect? These broadcast
packets allow other devices to easily see it and connect. Sometimes you can
see your neighbours WLAN from your wireless-enabled laptop just by scanning
the areas coverage.
11.10.13.2
Enabling or disabling SSID broadcast
If you disable SSID broadcast on your AP, clients not configured with the SSID
will not be able to find your WLAN and connect. Although disabling SSID
broadcast might provide some privacy by hiding the WLAN from users that are
not familiar with how WLANs work, it does not provide any security. Even if
you disable SSID broadcast, many standard packets sent over the WLAN
include the SSID.
Note
Although it is really up to you to decide, it is generally recommended

that you enable SSID broadcast because wireless protocols are
designed to work with APs and wireless routers advertising their
selves with SSID broadcast-enabled.
Page 532 of 1229
You might hear people saying that the SSID is the password for the WLAN, but
this is not true. WEP, WPA and WPA2 all support a passphrase, also called a
network security key. This passphrase is different from the SSID.
11.10.13.3 Renaming the SSID
Renaming the SSID to a unique name is the very least you can do to secure
your WLAN. This reduces the amount of information that people have about
your network.
Note
The best way you can secure your wireless network is by using a
strong security protocol, such as WPA2, and a strong passphrase that
nobody can easily guess.
11.10.14 Configuring a WLAN

When configuring a WLAN, your first step is to install and configure the AP or
wireless router. Most wireless devices have a web-based management program
that you can use to configure various parameters. Additionally, most APs and
wireless routers have default parameters that you can enter to easily connect
and log in, but these defaults must be changed. You should read the manual or
setup for the wireless router or AP before setting it up. It should indicate what
IP addresses and usernames and passwords to use.
Here are the general steps you should follow to set up a network with a
wireless router (the process is the pretty much the same for any AP):
1.
2.
3.
4.
Turn on the wireless router.

Connect your client device to the wireless router.
Run your web browser and log on to the administration page.
Change the administrator password and default usernames. The
administrator password is one of the first things you must change when
setting up a wireless network.
5. Configure the wireless protocol (standard), SSID and the wireless security
on the wireless router. Since WPA2 has the strongest security, you should
choose it wherever possible. You should also use a strong passphrase or
key. With WPA RADIUS, if your network has a RADIUS server on it, you
would have to enter the IP address, port number and key for the server.
Once you have configured security on your wireless router, go around your
wireless network and configure the same security on all your wireless
clients that connect to it.
6. Configure wireless clients with a compatible wireless protocol, the same
SSID, and the same wireless security.
11.10.14.1 Configuring IP addresses
Most APs and wireless routers include DHCP. If the client is configured with
DHCP, it can connect to the AP or wireless router to receive an IP address and
possibly other information such as the default gateway and DNS Server
address. For most wireless clients, this is enabled automatically so that you do
not need to configure anything. You just connect the client to the AP or router
and off you go!
Page 533 of 1229
Note
From a security point of view, if you are using a wireless router on

your internal network and you have another DHCP server handing out
addresses on that network, you might want to disable the DHCP
feature on the AP or wireless router to make your network more
secure. DHCP is vulnerable to attacks.
11.10.14.2 Updating firmware/drivers

Wireless routers, APs and SOHO routers are just like any other computer in
that they run software. Software has bugs (code errors), vulnerabilities, and
other issues that sometimes need updating. These updates are called
firmware updates and manufacturers make them available on their
websites for download. To update a modern router, download the latest
firmware to your computer. Then you enter the routers configuration page and
find the firmware update page. From there, just follow the directions and click
Upgrade (or a similar option).
11.10.14.3 Configuring wireless settings on Windows clients
Before you configure wireless settings on your client, you must make sure it is
installed and you must test connectivity. The basic steps to install a wireless
client are:
1. Verify system requirements. Make sure your hardware, such as your WNIC,
is compatible with your system. You can do this by reading the vendors
documentation or visiting the vendors website.
2. Connect the device. If the device is a WNIC, turn off the computer or
laptop, remove the cover and other parts while taking ESD precautions,
and then install the WNIC and put everything back together again. If it is a
USB device, simply plug it in and let Windows install it.
3. Install the drivers.
4. Test connectivity. You can do this with the built-in Windows wireless
configuration program or use the program that comes with the wireless
client.
Wireless clients have configuration menus that you can use to configure the
wireless connection. The three primary pieces of information you need are:
SSID
Security (such as WPA or WPA2)
Passphrase or pre-shared key
Note
If you enable SSID broadcasting, you usually do not need to enter the
SSID or the security type. These will be automatically selected when
you try to connect from the client. However, what you will need to do
is configure the exact same passphrase on the client, since this is not
broadcasted automatically.
You can use the following general steps to configure wireless settings on a
Windows computer:
Page 534 of 1229
1. Open the wireless network listing in Windows. You will see a display similar
to Figure 11.93 on the far right side of the taskbar. In Figure 11.93, the
mouse is hovering over one of the wireless networks and it shows details
about the network, including its name, signal strength, security type and
protocol.
Figure 11.93 Wireless network listing in Windows

2. Click the wireless network that you want to connect to, and click Connect.
3. If there is no security configured on the network, you will be connected
automatically. If there is security configured, you will be asked to type in
the network security key. Type it in correctly and click OK.
You can also create a wireless connection manually using the wireless utility
that comes with Windows. This is useful if you are not near the wireless
network or the wireless router is not broadcasting its SSID. You can enter the
following information using the same information as you configured on your
wireless router or AP:
Enter the SSID as the Network Name.

Choose the Security Type used by your wireless network.
Make sure the encryption type matches the wireless network.
Enter the passphrase used on the wireless network as the Security Key.
Your configuration will look similar to that shown in Figure 11.94.
Page 535 of 1229
Figure 11.94 Windows 7 wireless network parameters

Note
The network that has been joined in Figure 11.94 is the same network
configured earlier on in Figure 11.89. Figure 11.89 shows the wireless
router configured using the Security Mode of WPA2 Personal and the
WPA Shared Key of IWillPa$$A+. Figure 11.92 shows the wireless
router with an SSID of APlusCertified and Wireless SSID Broadcast is
set to Enable.
11.10.15 Other wireless standards

Wi-Fi is not the only wireless standard. You can also create what is called a
personal area network (PAN) using infrared or Bluetooth wireless
technology to connect very few devices (usually only two) to each other. A PAN
is a network arranged around one or two people.
11.10.15.1 Infrared
Infrared (IR) is a line-of-sight wireless technology that can be used to
connect and transfer data serially between two mobile devices or between a
mobile device and a computer. The IR standards are developed by the Infrared
Data Association (IrDA), and IR uses infrared lasers to send and photodiode
sensors to receive light signals. You must make sure that IR is enabled on both
devices before using it.
Figure 11.95 Infrared communication
Page 536 of 1229
In speed and range, infrared is not very impressive. Infrared devices can
transfer data up to 4 Mbps speeds at no longer than 1 metre. Infrared links are
direct line-of-sight and are vulnerable to interference, such as a person
walking in between the infrared link and even bright sunlight.
Note
There was a time when infrared was common on computers, laptops

and some printers. Because infrareds line-of-sight has caused many
problems, IR connections are not very common except on some
smartphones.
11.10.15.2 Bluetooth
Bluetooth is a short-range radio-based technology that is used to connect
computing devices using low power. Devices that support Bluetooth are called
Bluetooth-capable or Bluetooth-enabled devices. Bluetooth is not designed to
be a full-function networking solution, nor is it meant to compete with Wi-Fi,
but rather to create simple small networks or PANs. Some great examples are
linking two laptops for a quick PAN setup, connecting sound headsets to your
smartphone, and connecting input devices such as keyboards and mouses to
computers and mobile devices.
Figure 11.96 Bluetooth communication

Bluetooth devices will not work until you pair link them together. Pairing
means to configure the devices so that they communicate to each other. You
need to follow the directions for the devices you are pairing, but the basic
steps for pairing are:
1.
2.
3.
4.
Enable Bluetooth on both devices (if needed)

Enable pairing on both devices (if needed)
Enter a personal identification number (PIN) (if needed)
Test connectivity
Note
The same PIN needs to be entered on both devices, but sometimes

one of the devices will not have a way to enter the PIN. In such a
case, you only need to enter the PIN on one device. What PIN should
you use, you might be asking? Normally, you would use either 0000
or the last four digits of the devices serial number.
Page 537 of 1229
Bluetooth has been upgraded over the years to make it faster and more
secure. The first generation (versions 1.1 and 1.2) supports speeds at around
1 Mbps while the second generation (v2.0 and v2.1) is backward-compatible
with the first generation versions and adds support for more speed by
introducing Enhanced Data Rate (EDR), which reaches top speeds of around 3
Mbps.
Bluetooth v3.0 + HS (high speed) provides theoretical speeds up to 24 Mbps to
a maximum of 100 metres, though not over the Bluetooth connection itself.
Instead, devices link up using Bluetooth and then use a Wi-Fi 802.11 network
to transport user data quickly. The HS part of the specification is not
mandatory, and hence only devices with the +HS will actually support the
Bluetooth over 802.11 high-speed data transfer channel. A Bluetooth 3.0
device without the +HS suffix will not support high speed.
Bluetooth v4.0 includes Classic Bluetooth, Bluetooth high speed and Bluetooth
low energy protocols. Classic Bluetooth is made up of legacy Bluetooth
protocols and Bluetooth high speed is based on Wi-Fi. Bluetooth low energy
(BLE), previously known as WiBree, quickly builds up simple connections
between devices that use very little power running off a coin cell battery (e.g.
smartphones and wearable computing devices). It supports speeds up to 1
Mbps.
Depending on what Bluetooth version you use, you might not need to take the
pairing steps mentioned earlier. For example, Bluetooth version 2.1 uses
Secure Simple Pairing (SSP), and one type of SSP is called Just Works that just
works without your needing to enter a PIN and go through the pairing process.
However, as a security precaution, you might need to approve the pairing
process first.
Bluetooth logo
Bluetooth devices are configured for one of three classes that define how much
power is needed for the device in milliwatts (mW) and the approximate
distance. The classes also support different power levels. Table 11.13 shows
the three classes of Bluetooth and their approximate ranges:
Table 11.13 Bluetooth classes
Bluetooth Class
Class 1
Class 2
Class 3
Note
Approximate distances
100m
10m
1m
Distances vary based on various factors and might be more or less

metres.
Page 538 of 1229
Although Bluetooth does not need line-of-sight, its radio signals can be blocked
by thick walls and metal objects, and other radio-based devices working in the
same 2.4 GHz range can interfere with it. Saying this, Bluetooth hops
frequencies many times a second, making it highly resistant to interference.
Page 539 of 1229
Unit 12 Internet Connectivity
Explain how the Internet works.

Connect to the Internet using one of many technologies.
Understand how firewalls and VoIP phones work.
Understand cloud computing.

Module 4 Unit 4 (p. 304-322)

Review Questions:
o Internet Access (p. 320)
12.1 The Internet

Most users who have computers and mobile devices need to connect to the
Internet to do business online, to access email and web services, to share
information and do various other things. We are moving into a world where
everything, including cameras, printers, mobile devices, clothing and TVs, are
connected to the Internet, all of which are loosely called Internet of Things
(IoT).
Figure 12.1 Internet of Things

With IoT, everything will connect to the Internet, including computers, mobile
devices, cameras, microphones, buildings, home appliances and embedded
sensors.
Page 540 of 1229
12.1.1 Internet Service Providers (ISPs)

An ISP is an organisation that provides access to the Internet and provides
Internet services, usually for a monthly fee. ISPs come in all sizes and many
but not all ISPs are telephone companies or other telecommunication
providers.
A home user or company that wants to have its hosts connected to the
Internet must have one or more public IP addresses assigned. This is true for
IPv4, IPv6 and multicast addresses. The use of these public addresses is
regulated by various organisations. ICANN, the master holder of these
addresses, assigns blocks of the public addresses to various registries to
manage for particular purposes or for regional areas in the world. These
registration organisations are called Regional Internet Registries (RIR) and
they are responsible for managing that allocation and registration of public IP
addresses within a particular area in the world, such as Africa, North America
and Europe. These registries in turn allocate addresses to their customers,
which include ISPs and end user companies. Finally, ISPs hand out one or
more public addresses to their customers to enable them to connect to the
Internet.
A Wireless Internet Service Provider (WISP) provides Internet access
using wireless technology, usually for hotspots connected to the Internet and
possibly to a LAN for printing.
12.1.2 ISP services

ISPs have their own internal networks to manage Internet connectivity and to
provide related services. Some services that an ISP might provide to its
customers are, of course, Internet access through either dial-up, broadband
(DSL or cable) or wireless (radio or satellite), leased line access, domain name
registration, DNS, mail and web hosting, and cloud computing services.
Depending on the level of service needed and availability, customers use
different tiers of an ISP.
ISPs are organised into different tiers according to how they access the
Internet backbone. These backbones are high-speed, fibre-optic networks
connected with backbone routers. Most Tier 1 backbones go to the major cities
in many countries and interconnect at special locations called network access
points (NAPs). NAPs are created by governments, academic and commercial
organisations, and are organised on national and international levels. Below
Tier 1 are other, different-sized tiered ISPs that offer different Internet
connectivity services at different costs.
12.2 Connecting to the Internet

To connect to the Internet, you need the following to work properly:
A contract with an ISP

Hardware for connectivity
Page 541 of 1229
A working connectivity medium, such as cable or wireless

Software, such as protocols and parameters (all configured in the OS)
Applications, such as web browsers and email clients, to take advantage of
the various TCP/IP Internet services.
While big companies, governments and academic institutions manage their

own Internet connections, company LANs generally connect to the Internet
using a router, which in turn connects to the Internet over a leased line. The
router will have NAT that translates private addresses to public addresses, and
vice versa, and usually has security features that add some protection to the
LAN. Home users will also use some kind of Internet connectivity device, such
as a SOHO router, modem, AP or satellite dish.
Leased line: A leased line is a permanent, always on communication link
that is set up by the telecommunications company for a company to privately
use. It is sometimes called a data line.
Once you have an ISP contract that allows you to access the Internet, you will
need to install your Internet connectivity device and any software that is
needed. With most ISPs, a DHCP server will provide your Internet device with
the proper IP addressing information. As you know, the router to which you
connect to the ISP is often referred to as the default gateway.
So how do you join a LAN to the ISPs network (called Point of Presence)?
The following sections describe some common ways of connecting to the
Internet.
12.3 Phone connections

Telecommunications companies do not run cables to many rural areas that are
too far away from cities. Sometimes the cost of Internet connections such as
broadband is just too high for a home user or small company to afford, even
when it is available. A cheaper option that is available almost anywhere is a
dial-up connection; however, you will not find too many customers using the
traditional dial-up or ISDN connection. Why is this? Read the next section to
find the answer.
12.3.1 Dial-up
The traditional phone connection to the Internet is a dial-up connection. Dialup access is a way of connecting to a network using a modem and public
switched telephone network (PSTN). The PSTN is the entire collection of
interconnected public telephone cables and services throughout the world
which allow people to make telephone calls, and can be used for Internet
access. All of the PSTN is digital except the connection between the phone
companys switches and the end customer, which is voice-grade analogue
copper cables. The part between the customer and telecommunication provider
switches is called the local loop or plain old telephone service (POTS).
Page 542 of 1229
The central office (CO), also called the local exchange or point of
presence (POP), is the telecommunication or phone companys building with
switches inside that connect to the end customer.
You can think of a dial-up connection as making a telephone call over a
telephone cable between computers. Users subscribe through an ISP for dialup access and are charged for how long they connect. To dial the ISP and
connect, you need dial-up software and hardware, such as a modem or ISDN
terminal adapter.
12.3.1.1 Modem
Data is transferred over telephone wires using analogue signals that
continuously change voltages. Computers work with digital signals voltages
that are either on or off and use only two states of voltage: zero volts and
positive volts. A modem, short for modulator/demodulator, turns the
computers digital data into an analogue signal (modulation) to send it over the
telephone line and then turns it back into digital data (demodulation) when it
reaches the other end of the line.
Figure 12.2 Dial-up PSTN connection

Almost all internal modems come as expansion cards that connect to a PCIe
expansion slot while external modems connect to the serial port (the old COM
port) or USB port on the computer. Some laptops have built-in modems. You
will also find data-voice-fax modems.
Figure 12.3 USB modem

Note
Telephones and modems use 2-pair cables with RJ-11 connectors. The
cables and RJ-11 connections are smaller than RJ-45 connectors used
with NICs and Ethernet ports.
Telecommunications companies have been steadily upgrading the PSTN so that

more of it can support digital signals instead of just analogue. The advantage
of a dial-up connection is that it is available almost anywhere. If you have
access to a phone line and the equipment, and the ISP contract and software
are all set up, you can connect. The downside is speed, the time it takes to
connect and errors with the link. Dial-up connections are very slow.
Page 543 of 1229
The top speed, in theory, that you can get from one phone line connection is
56 Kbps; however, in reality, this speed is 33.6 Kbps or typically less.
With traditional phone lines, you can either talk on the phone or connect with
the computer, but you cannot do both at the same time. Most modems allow
you to split the phone line, however. You can connect the phone line directly
into the modem input jack for computer use. The modem then has another
port that you can connect to your phone.
12.3.1.2 PPP
Dial-up networking works by using the Point-to-Point Protocol (PPP) to
send packets over phone lines. PPP sets up a connection between two points
over phone lines. The two points could be an ISP and its customer or a dial-up
remote access computer and remote access server (RAS), for example. PPP
encapsulates the network protocol (usually TCP/IP) and provides a way to
manage the connection by allowing two hosts to negotiate the following
options:
Authentication users on each end of the PPP link must authenticate to

create a point-to-point link.
Compression PPP reduces the size of a frame sent over the link. This
reduces the time needed to send the frame across the network.
Multilink PPP provides a way of using multiple connections to send
frames.
12.3.2 ISDN
A standard telephone connection has a telephone line that runs from the users
telephone to a network connection box outside the users office or home, and
then from there to a central switch at the phone companys central office. A
city generally has a lot of central offices, each with a central switch. These
switches are connected to each other through high-speed trunk lines.
Integrated Services Digital Network (ISDN) is a special type of dial-up
connection that uses the existing copper cable telephone network for voice,
video and data. With ISDN, the entire telephone network including the local
loop the line from the users telephone to the central office switch is digital.
Note
You can think of ISDN as a digital telephone conversation that lets

you connect to the Internet over the regular phone connection.
Since ISDN signals are digital, ISDN lines use terminal adapters (TAs) that
look like analogue modems but work completely differently for the digital-only
connection. The terminal adapter can be an external device, an ISDN-enabled
router or an expansion card. You connect the TA to the ISDN network through
a network terminator (NT1). An ISDN wall jack usually looks similar to the
standard RJ-45 network jack.
Page 544 of 1229
Figure 12.4 ISDN connection

The ISDN service uses two types of Bearer B channels for data and voice and
a Delta D channel for setup and configuration information. There are two
primary types of ISDN connections:
Basic Rate Interface (BRI) uses two 64-Kbps data B channels at a

top speed of 128 Kbps. It also has one 16-Kbps link control D channel.
This is used by homes and small companies.
Primary Rate Interface (PRI) uses 23 64-Kbps data B channels and
one 64-Kbps control D channel. This is called T1 in one part of the world
and provides a total of about 1.5 Mbps and E1 in other parts of the world.
E1 uses 30 data B channels at a top speed of 2 Mbps and one 64-Kbps
control D channel. T1 and E1 lines are typically used only by companies,
not home users.
Note
You can make and receive phone calls while you are connected to the
Internet with ISDN. However, ISDN will disconnect one of the
channels, reducing the speed of the Internet connection.
ISDN users pay a fee for line rental and pay for each minute they use the ISDN
service. It was once popular and can be a good solution for customers who are
a long distance from the nearest ISP and where the other more popular and
faster DSL or Cable Internet connections are not available. However, because
ISDN needs special equipment, it cannot be used in laptops and other mobile
devices when travelling away from the ISDN service.
12.4 Broadband Internet

The term broadband covers a range of technologies that offer fast, always
on Internet access; in other words, users stay connected 24 hours every day.
Users do not have to connect and disconnect each time they want to go online
like with a dial-up modem. You will also encounter the term wireless
broadband, which means the same thing but for wireless technologies and
connections.
Page 545 of 1229
Broadband connections have much greater bandwidth than connections using

dial-up and ISDN. The more bandwidth you have, the quicker you can upload
and download data compared with connections that have less bandwidth. This
section looks at common broadband Internet connectivity methods:
12.4.1 xDSL
Digital subscriber lines (DSLs) is a broadband Internet access technology
that quickly transfers digital data over standard PSTN phone lines in full-duplex
mode. It uses different frequencies on the copper cable to make it possible to
use the same phone line to talk to a friend on the phone and upload or
download Internet data on the computer at the same time. There are several
versions or flavours of DSL, and they are sometimes known as xDSL. The x
stands for the various flavours of DSL being offered by the DSL provider while
DSL generally refers to any type of DSL service. Some common types of DSL
are:
Asymmetric DSL (ADSL) has faster download speeds than upload

speeds. The word asymmetric describes different frequency bands on the
line: one band is used for analogue voice data, a second band is used to
upload data while the third band is used to download data. ADSL is a
shared connection, meaning it can support both voice and Internet data.
Depending on the ADSL version, home users and small companies can
often get ADSL lines with upload speeds in the lower Mbps range and
higher download speeds of around 12 Mbps over 5 km or less distance from
the provider. Actual speeds depend on the quality of the cable, distance
from the provider, how many users connect to the ADSL equipment and the
speed of the ADSL providers line.
Symmetric DSL (SDSL) has the same speed for both uploads and
downloads. SDSL is a dedicated DSL link over copper from the DSL
provider to the Internet system. A dedicated DSL line is not used for
regular voice traffic. SDSL is suitable for companies, business applications
such as web hosting, intranets and VPN connections. Faster speeds are
more expensive.
There are some main pieces of DSL equipment you need to know about: the
DSL modem and line filter at the customer end and the DSLAM at the DSL
providers central office:
A DSL transceiver (known as a DSL modem) connects a computer or router
to a telephone line to send and receive voice and Internet traffic. The modem
is different from a dial-up modem; it takes digital signals from the users
computer and turns them into the voltage signal of a suitable frequency range
which it then applies to the phone line.
The modem can be standalone hardware connected through an Ethernet port,
an adapter inserted into a computer, or the more common DSL router which
combines the function of a DSL modem and a home router/switch as a
standalone Internet appliance.
Page 546 of 1229
The appliance has multiple Ethernet ports that you can connect to multiple
computers on the LAN and it might also be an AP. Also called a gateway, a
DSL router usually manages the connection and sharing of the DSL connection
in a SOHO network and has a WAN port that you connect to the Internet.
Figure 12.5 DSL router/AP

At the other end of the phone line lies a bank of modems called a DSL Access
Multiplexer (DSLAM) to receive both the users traffic and the traffic from all
other customers in the same area. A DSLAM gathers voice and data traffic
from customers and aggregates (joins) the traffic and then sends it over one
high-speed connection (multiplexed) to the DSL providers network and then
to the Internet. DSLAMs are generally flexible and able to support multiple
flavours of DSL at the ISPs central office, and use different protocols and
modulation techniques.
Figure 12.6 DSL modem to DSLAM

Depending on what equipment the DSL provider uses, the data link protocol
may be Point-to-Point Protocol over Ethernet (PPPoE), which wraps PPP
frames inside Ethernet frames to create a connection to the DSL providers
equipment with the users account and password information, or Point-toPoint Protocol over ATM-Asynchronous Transfer Mode (PPPoA), which
wraps PPP frames inside ATM frames (called cells) for the same purpose. ATM
carries voice, data and video traffic on WANs.
The advantage of using DSL is that it is always on, and you get high speeds
and connections that are usually stable. The disadvantage is that users must
be within a few kilometres of the DSL providers equipment. This means that
DSL is limited to certain areas only, although the areas of coverage are likely
to increase over time.
Page 547 of 1229
12.4.2
Cable broadband connections
All of the Internet connection methods described up to this point rely on cables
installed and kept in good condition by telephone companies. However, many
companies in certain parts of the world that offer digital cable television
(CATV) services and telephone services also offer Internet connections by
installing and using the same cable for all of these services. In many cases,
fibre-optic cable is used for long distance cable that runs over the main part of
the network but the cable connections that enter the customers home or office
are copper-based coaxial.
This combination of fibre and coaxial is called a hybrid fibre coaxial (HFC)
network. Cable Internet connections start with an RG-6 or RG-59 coaxial cable
running into the customers house or office. The coaxial cable then connects to
a cable modem which in turn connects to a small home router or the
computers USB adapter or Ethernet NIC. Cable broadband service is simply
known as Cable.
Figure 12.7 shows a basic connection path for a broadband cable connection
for a home user. The cable telecommunications company provides both the TV
signal and the connection to the Internet as an ISP. The signal is split at the
users home with one cable going to the TV and the other cable going to a
cable modem and then to the users computer.
Figure 12.7 Cable broadband connection for a home user

Cable Internet access can be very fast faster than DSL, with cable based on
the Data Over Cable Service Interface Specification (DOCSIS) supporting
download speeds at 30+ Mbps and upload speeds of 10+ Mbps and typically
available at multiple bandwidth levels, with varying prices.
However, bandwidth is shared by the customers on the same local loop (area).
The more customers that are on the Internet, the slower the connection
becomes for everyone. Also security could be a problem if you share a drive on
your computer without protecting it, that is, someone else on the network
might be able to access, change or even delete the customers files.
Broadband cable has traditionally used coaxial cables but fibre-optic cables are
being used more and more. Fibre-optic cable provides the most available
bandwidth, so users can often get faster speeds.
Page 548 of 1229
Unfortunately, cable broadband connections are not available everywhere in

the world, including Africa.
Note
Both DSL and cable, fully digital Internet connections, use the term
modem that takes the incoming signal from the Internet and
translates it into something the computer can understand. You might
also come across the terms broadband modems and broadband
routers, which are simply network devices that support both DSL and
cable.
12.4.3 Last mile FTTx

Fibre-optic cables are typically used for long distance cable runs because they
do not have problems with their signals weakening or interference. However,
the last mile the connection from the nearest providers switch to the
customers network has traditionally been a copper-based cable. Instead of
using a copper cable the way dial-up, DSL or cable Internet do, some
companies provide high-speed broadband services by running fibre-optic
cables through some or all of the last mile.
There are various names for these fibre-optic broadband services and they all
follow the format FTTx (Fibre to the x), where x is the place where the fibreoptic cable ends or terminates.
Fibre-to the-node (FTTN) and Fibre-to-the-curb (FTTC) refer to services
that run fibre cable to a box within a few kilometres or less than a kilometre of
the customers place, with the final connections from the box to the customer
being copper. Fibre-to-the-premises (FTTP) and Fibre-to-the-home
(FTTH) run the fibre-optic cable all the way to the customer premises
equipment (CPE) a point on the outside wall or somewhere around the
customers place. Any standard cabling (or wireless) inside the customers
place connects computers to the Internet. Fibre-to-the-desk (FTTD) refers
to running fibre-optic all the way to a fibre-optic terminal or media converter
inside the customers premises near the customers computing equipment.
The performance of these services depends on how close the fibre-optic cable
runs to the customers equipment. Running fibre-optic cable all the way means
that high-speed services can connect directly to the CPE running a Gigabit
Ethernet or 802.11 WLAN. If where the fibre-optic cable ends is more than 100
metres away, for example, then some other kind of medium, such as Very
High Bitrate DSL (VDSL), is needed to service customers.
12.4.4 Satellite
Another connection method available for companies and users who do not have
access to other broadband Internet connections is satellite access. Figure 12.8
shows a typical configuration for a satellite-based Internet connection. With a
satellite dish located in space, the ISP has a connection to the Internet through
its own satellite dish.
Page 549 of 1229
The home user has a satellite dish at his or her home aligned with the satellite
above the earth, with a Digital Video Broadcast Satellite (DVB-S) modem
connected to his or her computer using coaxial cable. The modem can either
be installed as an expansion card or as an external box connected to the
computers USB or Ethernet port.
Figure 12.8 Satellite broadband connection

Satellites are placed in a geostationary orbit above the earth. Satellite Internet
is an always-on connection with theoretical speeds advertised anywhere from
upwards of 512 Kbps upload speeds to 2+ Mbps download speeds. Home
satellite systems are asymmetric; that is, download speeds are faster than
upload speeds.
One downside is cost, and even with the high cost, it is not as fast as DSL or
cable. Also, your satellite must have a clear line of sight to the satellite moving
in space. Obstructions from buildings and trees will block the connection and
moisture from rain and clouds can sometimes absorb the signal, reducing or
blocking the connection.
Another downside is that signals have to travel thousands of kilometres above
the earth and each signal must go up to the satellite and come back down
again. It is not unusual for a signal travelling back and forth to take half a
second or longer for a one-way trip. This can result in a high signal delay called
latency. After you click on a link, for example, it can take a second or longer
to get a reply. This latency issue is a problem for real-time applications such as
video streaming, VoIP and multi-player gaming.
12.4.5 Wi-Fi hotspot

People do not only set up wireless within their homes or offices for private use;
many public places such as airports, restaurants and hotels have public
wireless networks called hotspots. As long as you are in the hotspot area and
can receive coverage, you should be able to use your wireless-equipped device
to access the Internet.
Page 550 of 1229
To make it easier for users to connect to the Internet, most hotspots, both free
and fee-based, disable security for the wireless networks. This means that you
should take some basic security precautions when using a public hotspot,
including making sure your firewall is running, disabling file sharing on your
wireless device and avoid websites that ask for confidential information but do
not use the secure connection.
12.4.6 WiMAX
WiMAX stands for Worldwide Interoperability for Microwave Access,
and the WiMAX forum advances and certifies compatibility and interoperability
of broadband wireless products based on the IEEE 802.16 family of wireless
broadband standards. WiMAX is a wireless broadband Internet access system
that allows data to be sent in various ways, ranging from point-to-point links
to full mobile cellular type access. It is similar to Wi-Fi, but provides Internet
access to many more users and over longer distances, making it suitable for
people in cities and rural areas to access the Internet.
Many applications can use WiMAX, including last mile broadband connections
replacing DSL and cable, hotspots and high-speed connectivity for companies.
It provides wireless MAN connectivity at speeds up to 70 Mbps with WiMAX 2
(802.16m) supporting 100 Mbps speeds. Even though speeds are split up
between several companies or a few hundred home users, it will still provide
fast speeds to each user.
Wireless broadband access (WBA) is set up like a cellular phone system
using base stations (towers providing cellphone and Internet access) and
subscriber stations (SS) such as smartphones, gaming consoles and laptops
that connect to WiMAX base stations. A subscriber is a customer who
subscribes to a network and uses its fee-based services for an agreed upon
time.
Figure 12.9 shows a basic example of a WiMAX network. An ISP is connected
to the Internet on one side and has a cable connection to a WiMAX tower on
the other side. The tower has a transmitter and receiver with a clear line of
sight to another tower with another transmitter and receiver. Data is sent
using microwave signals between the two towers.
Page 551 of 1229
Figure 12.9 WiMAX network

Note
A wireless wide area network (WWAN) works similarly to a WLAN,

except it connects multiple networks like a WAN. WiMAX is an
excellent example of a WWAN.
WiMAX can provide different kinds of wireless services:
Fixed WiMAX a small indoor or outdoor antenna attached to your AP or

wireless router that is connected to a tower over an AP-like non-line-ofsight service. WiMAX uses a lower frequency range, such as 2 GHz to 11
GHz (like Wi-Fi), but with signals that are not as easily disrupted by
physical obstructions and are better able to bend around objects.
Mobile WiMAX provides services to roaming mobile devices.
Line-of-Sight (LoS) WiMAX a fixed dish antenna, located on a rooftop
or pole, which points straight to a WiMAX tower. The LoS connection is
strong and stable, so lots of data can be sent over the connection with few
errors. LoS uses higher frequency ranges up to 66 GHz where there is less
interference and lots more bandwidth.
As you might imagine, LoS WiMAX is far faster than non-LoS WiMAX. The
problem with WiMAX is that it is not backward-compatible with 2G and 3G
cellular technologies, and it costs quite a bit and needs a lot of power. WiMAX2
(802.16m) is a 4G technology that supports 1 Gbps speeds for fixed
subscribers and 100 Mbps to mobile subscribers using MIMO antenna
technology, while it maintains backward compatibility with existing standards.
Before moving on, it is worth mentioning a proposed IEEE 802.20 standard
called global area network (GAN). Like a cellphone network, a GAN enables
users to travel across a country and access the network the whole time. It
would give users with mobile devices enough bandwidth to access the Internet
at speeds comparable to DSL or even better.
Page 552 of 1229
12.4.7 Cellular (mobile) hotspot

A cellphone or smartphone is a full-duplex device that makes and receives
calls and performs other functions. You use your smartphone to create
connections to the nearest transmitter. The cellular network is spread out over
land areas called cells. Each cell has at least one fixed transmitter (called a
cell or base station), which has a tower with antennae and other radio
equipment on it. Each base station is connected to telephone exchanges (or
switches), which in turn connect to the public telephone network. When joined
together these cells provide radio coverage over a wide area, creating what is
called a cellular network or cellular WAN.
Base stations enable a large number of smart phones, cellphones, pagers and
other transceivers to communicate with each other and with telephones
anywhere in the network, even if the transceivers are moving from one cell to
another while you are talking on the phone.
Cellular services have gone through a number of names over the years, so to
make it easier to track all of them, the cellular industry created the idea of
generations: first generation devices are called 1G, second generation are 2G,
followed by 3G and 4G, and soon to be 5G. On top of that, many technologies
use G-names such as 2.5G indicating that they are not 2G but not quite 3G
either. Marketing people tend to bend and flex the definition of these terms
when advertising them, so you should always read more about the device and
not just its generation.
1G analogue
1G cellphone data services were analogue-only and not designed to carry
packetised digital data. Companies primarily use digital signals nowadays
rather than analogue signals because digital signals can be compressed and
changed much more easily and more frequency channels can be packed within
a given bandwidth. When you use a digital phone, your voice is converted into
binary 1s and 0s and then compressed. Compression allows between 3 and 10
digital cellphone calls to occupy the space of a single analogue call.
2G digital
Global System for Mobile Communications (GSM) and code division
multiple access (CDMA) are fully digital technologies. GSM supports lower
Kbps speeds and GSM systems use encryption to make phone calls more
secure and work in the 850 MHz, 900 MHz, 1800 MHz and 1900 MHz bands.
Short Message Service (SMS) text messages were used with GSM and later.
In covered areas, users can buy a phone and roam anywhere, including
different countries, where the standard is supported. The user just has to
remove the subscriber identification module (SIM) card from the GSM
phone and insert a SIM card that is supported by the specific service provider
in the country the user is in. A SIM card is a small, removeable card that
stores the connection data and identification numbers you need to access a
particular service provider.
Page 553 of 1229
Figure 12.10 SIM cards

2.5G digital
GSM evolved into GPRS and EDGE, which are 2.5G technologies. General
Packet Radio Service (GPRS) provides IP-based packet data transmission
up to 48 Kbps, allowing you to make calls and send data at the same time.
GPRS provides always on Internet access and the Multimedia Messaging
Service (MMS) whereby you can send rich text, audio, video messages to
someone else. Enhanced Data Rates for Global Evolution (EDGE) was
originally implemented as an enhancement for GSM and provides increased
speeds up to 236.8 Kbps with full backward compatibility and no hardware
upgrade requirements.
3G & 3.5G high speed digital
Standards, with names like UTMS, HSPA+ and HSDPA, have brought GSMbased networks into the world of 3G and 3.5G. CDMA introduced EV-DO, also a
true 3G. To be a 3G technology, a standard must follow the specifications
published by the ITU. These standards define all types of mobile
communications, including Internet access and voice calls. 3G and 3.5G are
available in many countries (although certain cities only). Some common
standards are:
Universal Mobile Telecommunications System (UMTS) based on the
GSM standard, Standard UMTS supports theoretical top download speeds of
42 Mbps, but actual speeds can reach only 7.2 Mbps. This has been
upgraded several times with other technologies.
High Speed Packet Access (HSPA) supports download speeds of up to
14 Mbps and often needs a software upgrade to 3G (or 3.9G) networks.
Evolved HSPA (also known as HSPA+) can boost download peak speeds
to 84 Mbps using MIMO technology.
CDMA2000 EV-DO (Enhanced Version-Data Only) each channel
supports low Mbps download and upload speeds. Joining multiple channels
increases speeds.
4G IP-based anytime, anywhere (voice, data and multimedia)
Two of the most common marketed 4G standards are:
Worldwide Interoperability for Microwave Access (WiMAX) based

on the IEEE 802.16 (MAN) standard, WiMAX supports speeds of up to 75
Mbps or 100 Mbps shared by mobile devices within around 10 km
distances. WiMAX is now available in some places in a variety of devices,
including smartphones and tablets.
Page 554 of 1229
Long Term Evolution (LTE) LTE is a GSM technology that first

appeared in 2G and became HSPA in 3G. Although not yet compliant with
the ITU standard, LTE is generally considered a 4G technology and supports
download speeds of up to 300 Mbps, although there are plans for newer
standards such as WiMAX 2 and LTE-Advanced to offer 1 Gbps 4G services.
Note
You can share your smartphones or tablets Internet connection to a

cellular network using a process called tethering. You will need to
turn on the service on your device, then connect your phone to your
computer, either wirelessly as a mobile hotspot or directly using a
USB connection.
Cellular providers provide cellular adapters or USB modems/dongles that are

specifically designed for mobile computers. For example, Figure 12.11 shows a
modem plugged into a laptops USB port. When you are on the road, you can
plug it in, connect, and have broadband Internet access. It can typically be
fitted in the laptop, built into the motherboard or connected as an
ExpressCard, PCIe card or USB device.
Figure 12.11 Cellular USB broadband modem

Most smartphones and tablets have wireless capabilities built in.
12.5 Sharing an Internet connection

After you have chosen what method you are going to use to connect to the
Internet, you can turn your attention to setting up a connection so that more
than one user on your network can share it. The best way to do this is by using
a router (with security and its firewall configured). If you do not have a router,
you can use Internet Connection Sharing (ICS). ICS is a Windows feature
that lets you share your Internet connection with several hosts on a small
network.
Page 555 of 1229
12.6 Testing Internet connection speeds

When downloading information from the Internet, the download will finish
much faster when you have a high bandwidth connection compared to a low
bandwidth connection. To test or benchmark how fast or slow your Internet
connection speed is, you can run an Internet speed test. The test can give you
a fairly accurate indication of how much bandwidth is available to you at the
current time.
Some websites offer programs that you can run online to test your upload and
download speeds, while others offer programs and mobile applications that you
can download and install. Test your speed with one or more of these Internet
speed test websites (depending on your location):
www.speedtest.net/
speedtest.mybroadband.co.za/
www.dslreports.com/speedtest
speedof.me/
testmy.net/country/za
reviews.cnet.com/internet-speed-test/
Figure 12.12 shows a speedtest.net application for a smartphone.
Figure 12.12 Mobile app for testing upload and download speeds
Testing your Internet speed between you and your ISP by using your ISPs
speed test program is another option. Be careful when using any program and
services, as some programs do not give accurate results. Therefore, like
everything else in IT, you should always read expert reviews before using
programs from the Internet.
Page 556 of 1229
Note
A good way to test speeds is to run the test three or more times, once
every few minutes and then work out the average of all the test
results.
12.7 Using a firewall for protection

The first line of defence when it comes to protecting your computer devices
and network is the firewall. The firewalls goal is to protect your computers
and networks from unwanted traffic, while at the same time allowing the
appropriate traffic to pass through. It does this by looking into all incoming and
outgoing traffic to see what traffic to allow and what to block. The Internet is
the main area where unwanted traffic comes from, so it is very important to
use a firewall for any host connected to the Internet.
LAN
Firewall
Internet
Figure 12.13 A firewall monitoring traffic

Figure 12.14 shows a network using network-based and host-based firewalls.
The network-based firewall sits between the internal network and Internet
in an area called the perimeter and controls traffic coming from and going to
the Internet. You will typically place your network firewall in the perimeter to
protect the entire network. The computers and the server on the internal
network have host-based firewalls controlling traffic to and from each host.
The host-based firewall or personal firewall only protects the host. Windowsbased computers include a program called Windows Firewall, which is a
Control Panel applet. Many other firewall applications are available that you
can either buy or download for free from the Internet.
Figure 12.14 Network with network-based and host-based firewalls
Page 557 of 1229
Note
Most routers used in SOHO networks have a firewall. These routers

have default configurations needed to access the Internet and include
a web-based program you can use to change the firewall settings.
The network in Figure 12.14 is a common security setup that is based on a

defence-in-depth philosophy of using multiple layers of security. It is very
easy for someone to unknowingly bring in unwanted software (malware) from
a flash drive and install it on his or her work computer. After infecting the work
computer, the malware could jump to another host and infect that host and
jump again to another host and so on throughout the network. Host-based
firewalls help to protect against this type of scenario.
12.7.1 ACLs
An access control list (ACL) is simply a list of rules that a firewall goes
through to find out what it must do with incoming and outgoing traffic. Each
rule or line in the ACL tells the firewall what traffic it must look for based on
criteria, such as port numbers for application traffic and IP addresses for host
traffic, so that it can filter (allow or deny) that traffic based on the criteria. See
Figure 12.15. Firewalls will typically have many rules in place, which can be
applied to inbound packets coming into the firewall and outbound packets
leaving the firewall.
Figure 12.15 A routers ACL
12.8 NAT
Network Address Translation (NAT) translates public and private IP
addresses. A NAT device has at least two network interfaces: one connected to
the internal network and one to the Internet. To perform translation, the NAT
device replaces the private IP address inside all packets coming from clients on
the internal network to its own public IP address before sending those packets
out to the Internet, thereby hiding internal clients from the Internet. It also
changes its own IP address inside packets coming from Internet hosts back to
the IP address of each client on the internal network.
Page 558 of 1229
The NAT device essentially functions as middleman between internal clients

and Internet servers, changing IP addresses of packets to hide the client from
the Internet. So how does the NAT device know where to send response
packets coming from Internet hosts? Well, it keeps track of all outgoing
packets so that it can match all incoming packets to the correct host.
NAT can be set up in different ways, including:
Static NAT (SNAT) maps one private IP address to one public IP

address, or many private IP addresses to an equal number of public IP
addresses.
Dynamic NAT (DNAT) stores a group of private-to-public address
mappings and translates each private address to one of the available public
addresses at a time.
Port address translation (PAT) or NAT overloading (NAPT) maps
many private addresses to one public IP address by assigning a high TCP or
UDP port number to each client that wants to connect to the Internet.
See Figure 12.16 for an idea of how these different translations work.
Figure 12.16 Different types of NAT

You will find NAT in both hardware and software, for example, in firewall
appliances, routers, APs and in many operating systems. The Internet
Connection Sharing feature in Windows, for example, allows a Windows
computer to work like a router and share the Internet connection with other
computers on the LAN.
12.9 Using proxy servers

A proxy server or simply just proxy is a program that is typically part of a
firewall system or comes as a standalone application that can be installed on a
computer.
Page 559 of 1229
You can think of a proxy as a server that sits between an internal client and
the Internet to filter and cache web requests coming from the client.
Figure 12.17 shows a network with a proxy server that gives you an idea of
how a proxy server works. Clients that are configured to use the proxy server
send URL requests to the proxy server instead of to the Internet web server.
The proxy server gets the URL request and returns it to the client. The web
request can be a web page or something else. The proxy server has one or
more public IP addresses assigned to it and has direct access the Internet. The
internal network has private IP addresses, and the proxy server uses NAT to
translate the private addresses to public and public back to private, and
therefore provides security by hiding internal clients from the Internet.
Figure 12.17 Running a proxy server on a network

Note
If a proxy server is not used on a network, you would usually run NAT
on a router or firewall that is connected to the Internet. If NAT is not
used, all internal clients would need to have public IP addresses,
which is expensive.
Because each request a client sends to the Internet goes through the proxy
server, the proxy server can provide more functions over and above just
forwarding requests. For example, a proxy server can cache frequently
requested web pages to speed up future web requests, it can filter content to
block access to unauthorised websites, it can log (keeping track of) Internet
activity, and can scan incoming packets from the Internet for various types of
malicious software and outgoing packets for private company information.
Note
In TCP/IP terminology, the term gateway refers to router, a

network layer device. However, the term gateway is also used in
other contexts to describe an application layer device that provides
access to another network, such as a proxy server.
12.10 Port forwarding

Port forwarding, also known as port mapping, allows you to open a port on
the firewall and direct incoming traffic on that port to a specific IP address on
your LAN, such as to a web server or mail server. It basically maps one port to
another.
Page 560 of 1229
Without it, clients on the Internet will not be able to access the internal
servers. Most routers and firewalls support port forwarding. It can be left open
all the time or turned on only when needed.
For example, imagine you have a small office network protected by a router
firewall, as shown in Figure 12.18. The firewall is connected to the Internet
with a public IP address, and the computers on the internal network have
private IP addresses.
Figure 12.18 Port forwarding for a small network

Your colleague is at the office and she needs your help. To help her, you want
to connect to her computer (on the right in Figure 12.18) using remote
desktop from your laptop (shown on the left in Figure 12.18) while you are
away from the office. To do this, you can enable port forwarding on the
firewall. The following steps will give you an idea of how to do this using
remote desktop as an example:
1. Enable Remote Desktop Protocol (RDP) on the office computer. This
includes making sure port 3389 is open on the routers firewall. Remote
Desktop Connection uses port 3389 by default.
2. Enable port forwarding on the firewall. You could use port 3389 so that any
traffic on the Internet side of the firewall is forwarded to the office
computer.
3. Start Remote Desktop Connection from an Internet location and connect to
the public IP address of the firewall. When you connect to the firewall using
port 3389, it will forward the traffic to the office computer and you will
successfully have a remote connection.
You can also use port forwarding for other protocols so that you can access
other hosts. For example, if you are running a web server on your network as
shown in Figure 12.18, you could forward traffic to it as well. A web server
uses HTTP at TCP port 80 by default, so you could configure the firewall to
forward all HTTP traffic from the Internet to the internal web server using port
80.
When you set up port forwarding, make sure that the internal computer, such
as your web server, is always using the same IP address, otherwise if the
address is changed, such as with DHCP, port forwarding will no longer work for
that computer.
Page 561 of 1229
Tip
Port forward (http://portforward.com/) has multiple resources and

guides that provide steps for setting up port forwarding on many
different wireless and network routers.
12.11 Port triggering

When configured on the router, port triggering automatically opens an
incoming port in response to traffic going through an outgoing port. The
outgoing port is the trigger port while the incoming port is the destination port.
Imagine setting up your router with the trigger port 5678 and destination port
8765, such as the example shown in Figure 12.19. Now when an application
sends data through outgoing port 5678 to the Internet, the router will see that
the data is going out of port 5678 and will know that it must automatically
open port 8765 to receive incoming data from the Internet for that same
application.
Figure 12.19 Port triggering

Note
The incoming port is only open temporarily. It is normally closed and

will close again sometime after the session is closed. Port triggering is
used by internal clients to open an incoming port; it is not used to
open ports in response to triggers from an Internet host.
Port triggering often uses port ranges such as the trigger range of 5670 to
5680 and the incoming range of 8760 to 8770. When the router gets outgoing
traffic using any port between 5670 to 5680, it opens incoming ports 8760 to
8770 to receive incoming traffic. The advantage of port triggering is that it is
not based on IP addresses. Therefore, internal clients can still use DHCP and
the router will return traffic to the computer with the same IP address that
sent the traffic that triggered the incoming port to be opened.
The downside is that only one internal client application can use it at a time. If
Thandi uses her application to trigger the port, it would work for her. But if
Cedric then opened an application to trigger the port, either Thandis
connection will be lost or Cedrics connection will be refused. Some routers
work on a first come-first served basis connection and therefore will not close
the first connection. Other routers, however, give preference to the most
recent connection request.
Page 562 of 1229
12.12 Understanding DMZs

A demilitarised zone (DMZ) is an area that typically sits between the LAN
and Internet where you can place servers that give services to clients on both
the internal LAN and Internet through one or more firewall(s).
Also called a screened subnet, a DMZ is considered a separate network that
is more trusted than the Internet but less trusted than the internal LAN. It is
common to place web, file and mail servers in the DMZ so that users on both
the internal LAN and Internet can access them. The DMZ must always be
accessed through a firewall.
Imagine a company that wants to host its own websites on a web server. If the
company places the server directly on the Internet, the server is vulnerable to
attacks. On the other hand, if the company puts the server in its internal
network, the clients on the internal network are vulnerable to attacks because
of the traffic coming in from the Internet. Instead, the company places the
web server in the DMZ between the Internet and the internal network, as
Figure 12.20 Running a web server in a DMZ

Firewall 1 allows Internet users to access the web server and also adds some
extra protection by controlling what traffic is allowed into the DMZ. Firewall 2
adds an additional layer of protection for the internal network. Each firewall
will have separate exception rules for traffic that is allowed.
Note
It is common for a DMZ to have two firewalls, but there are other
possible configurations. For example, a three-legged DMZ is one
firewall with three connections. One connection is for the Internet,
another is for the network server, and the third is for the internal
network. This is cheaper because only one firewall is used, but it is
also more difficult to configure.
To create a DMZ that works like it should, you must be aware of the traffic that
needs to pass between the external network and the internal one. For
example, if your web server runs an application that needs to access a
database, you might want to place your database server on the more secure
internal network.
Page 563 of 1229
In this case, you must set up the firewall protecting the internal network to
pass database traffic to the database server, but leave out the web server
traffic coming from the Internet.
12.13 Voice over IP (VoIP)

There is a way to talk to your friends or colleagues in real-time over a
computer network or the Internet. It is called VoIP and works by packaging
your analogue voice data into digital packets and then sending those packets
over the IP network to the destination, where they will be turned back into
voice. Not only does VoIP allow you to make free calls over the Internet, but
VoIP applications also support instant messaging (IM) and more. Also, in a call
centre environment, VoIP calls can be recorded, tracked, routed and examined
easily.
Figure 12.21 VoIP

Note
Terms such as IP telephony, Internet telephony, voice over

broadband (VoBB), broadband telephony, IP communications and
broadband phone service are all associated with VoIP.
VoIP is a collection of protocols that make calling possible over an Internet

connection and VoIP works with every type of high-speed Internet connection.
The most common VoIP application protocol is Session Initiation Protocol
(SIP), but some popular VoIP applications like Skype use their own
proprietary protocols. There are many vendors that offer VoIP solutions and
many companies use VoIP for meetings, conferences and other applications.
You will need a good amount of bandwidth to keep your VoIP conversations
clear and free of disruptions. One of your first steps to ensure you have
enough bandwidth is to run an online speed test to find out what your
maximum upload and download speeds are. It is recommended that you do
this test to run VoIP using a fixed broadband connection to the Internet rather
than using a Wi-Fi connection to get accurate results.
There are different ways to set up a VoIP system, including VoIP softphone and
VoIP phone.
A VoIP softphone is an application that allows you to communicate across
the IP network using a microphone and listen using speakers (or headphones
or a headset).
Page 564 of 1229
To make VoIP calls from a computer to another computer in a peer-to-peer

way, all you need is software like Skype, a high-speed Internet connection,
and a headset (or microphone and speakers). Additionally, you will also need a
web cam for video calls. Figure 12.22 shows a video Skype call.
Figure 12.22 Skype

Figure 12.23 shows the audio (microphone and speaker) settings for Skype.
One challenge when setting up VoIP software is getting the audio to work.
Ensure that your audio settings in the OS are also set up properly.
Figure 12.23 Skype audio settings

If you have a firewall running on your network, you might need to configure it
to allow VoIP connections to pass through. Also, if you have a proxy server,
then configure the VoIP application to communicate through it. Figure 12.24
shows the connection settings for Skype.
Page 565 of 1229
Figure 12.24 Skype connection settings

A VoIP phone is a hardware phone that you can plug directly into your
network to make calls. Many people use a VoIP phone (also known as an IP
phone or SIP phone) with an Internet connection to make phone calls instead
of using a regular telephone line. VoIP phones look like typical telephones with
a handset and buttons, but instead of plugging them into a telephone jack,
they plug into a RJ-45 port on a computer, switch or router with an RJ-45
connector. Some VoIP Wi-Fi phones can connect to a wireless network.
Figure 12.25 VoIP phone with RJ-45 connector

Once you have plugged the phone into your computer, you can set it up using
its management page from a web browser according to its manual. The setup
process normally involves entering an SIP proxy server address, IP addresses
or DHCP, port number and a username and password.
12.14 Unified communications (UC) and PBXs

VoIP solutions have evolved into unified communications services that
deliver all communications, including phone calls, faxes, voicemail, email, web
conferences and more, using any means and to any handset, including VoIP
phones and smartphones.
Page 566 of 1229
A private branch exchange (PBX) is essentially a telephone exchange or

computer-based switching device that acts as a switch for all the telephones
within a company and directs and routes both phone calls and data to the
proper phones (called extensions) and outside to phone lines. It can provide
features such as conference calling involving more than two people, call
forwarding, paging, call logging and voicemail.
Tip
A virtual PBX refers to either a cloud-based VoIP service delivered

over the Internet or a software-based telephony system run on a
customers computer.
12.15 Mobile collaboration

The evolving field of unified communications includes mobility and
collaboration. Mobile collaboration is an effective way of managing mobile or
remote workers, by ensuring they can work seamlessly and productively as
they move around. These capabilities may require workers to bring their own
devices (BYOD) into the workplace while providing security and manageability
across all supported platforms.
BYOD: BYOD is a term that describes the ability of workers to bring their own
devices to the workplace.
12.16 Basic QoS

VoIP is a real-time protocol and if any information is lost or delayed along the
way, there will be a noticeable drop in call quality or a complete loss of it.
Quality of Service (QoS) refers to techniques used to control, prioritise or
separate traffic on a network. For example, you might use your computer to
watch videos from the Internet. Video is sent between computers in a steady
stream and can take up a lot of bandwidth. If too many other users on the
same network are streaming videos at the same time that you are, it is
possible that it will slow the network down by quite a lot. QoS techniques can
be used to give video traffic a lower priority so that the connections for only
the people that are streaming videos become slower, while other data
connections are not affected. As a result, it will keep the overall performance
of the network high.
Another way of using QoS is by giving some traffic a higher priority. For
example, when VoIP is used for phone calls, the voice data can be choppy
(breaking up) if you do not have enough bandwidth. You might hear every
other word the other person says. Giving VoIP a higher priority helps minimise
this problem.
Page 567 of 1229
12.17 Cloud computing

Although it has many definitions, the basic idea behind cloud computing is to
outsource your computer and network resources to a cloud service provider to
host and manage, and then deliver these to you over a computer network or
the Internet when you need it (on demand).
You can access your servers, storage, applications, services, networking
equipment and other resources from within the cloud without having to host
your own expensive local computer and networking equipment, services and
support.
Some examples of how the cloud differs from the traditional platform are:
Email instead of running your own internal mail server that users can use
to send and receive email, the company can sign a contract with an
Internet-based email provider such as Google Mail (Gmail).
Online or cloud storage instead of setting up your own local file server
with a large amount of shared storage space, you can sign up for an
Internet file storage service and then store your data on the Internet and
access it at any time. Also, data can be backed up by the cloud service
provider. Examples include Google Drive, Microsoft SkyDrive, Dropbox and
Amazon Cloud Drive.
Online applications rather than running office suites such as word

processing, spreadsheet, presentation and database applications on local
computers, which use local CPU, RAM and disk space resources, users can
access online office suites from any Internet-enabled device. Examples
include Google Docs, Microsoft Office 365, Zoho, and ThinkFree, all of
which enable users to create, edit and share documents, spreadsheets,
databases, etc. online.
When you use a cloud-based application, you do not have to worry about
any of the details that are commonly associated with running an application
on your local computer or network, such as requirements, deploying the
application and applying product upgrades and software patches. This
allows users to collaborate or work together on a project, share files and
updates, comment on each others contributions and do more at anytime
from anywhere, thereby leading to international web-based collaboration
and virtual teamwork.
Page 568 of 1229
Figure 12.26 Cloud computing
12.18 Big Data

We have entered into a data-driven era. Big data is a term that generally
describes the enormous growth, availability and use of both structured and
unstructured data that makes it difficult to capture, analyse, process, manage
and store using traditional database and software tools. The unstructured part
of this definition refers to emails, videos, tweets and Facebook likes, that is,
data that does not exist in a database but is nonetheless very useful to us. The
structured part generally refers to databases where specific information such
as names and addresses are stored.
Figure 12.27 Big Data

The ability to store large amounts of data in the cloud all over the world as
opposed to storing it in local physical servers that need space and maintenance
is a key part of Big Data.
Page 569 of 1229

Student:
Start date :
Student, please note that unless all of the following exercises have been
signed off by a lecturer, you will not be allowed to book for the A+ practical
examination.
DATE
SIGN
Unit 2
Unit 3
Unit 4
Unit 5
Unit 8
Page 570 of 1229
Introduction to A+ 802
Welcome to the A+ 802 section of the A+ Preparation module. In the previous
section, you studied the material required for a strong grasp of computer
hardware, communication skills, printers and networking. In this section you
will learn about software, operating systems, system and management
programs, virtualisation, troubleshooting, security, mobile devices and the
software part of networking.
Note
Make sure that you understand everything that is covered in the A+

801 section before continuing with this section.
This unit and all subsequent units in the A+ 802 section cover the objectives
for the CTI A+ 802 examination.
A+ 802 study schedule

The suggested study schedule in Table 0.1 shows the recommended time (in
days) that you should spend on the units in section 802.
Table 0.1 A+ 802 suggested study schedule
Unit
Unit 1
Unit 2
Unit 3, 4 and 5
Unit 6 and 7
Unit 8 and 9
Unit 10
Unit 11
Unit 12
Unit 13
Unit 14
Unit 15
Revision
A+ 802 Theory Examination
A+ Practical Examination
Total
Days
1 day
1 day
1 day
1 day
1 day
2 days
2 days
1 day
1 day
1 day
1 day
2 days
1 day
1 day
17 days
You have a total of 17 days (full-time learners) in which to complete your

studies and complete the A+ 802 examination, including the practical
examination. Do not exceed the time limit, as it may cause you to fall behind
in your qualification schedule.
Note
Part-time students have double the number of days specified in the

table above in which to complete the 802 section of the A+
Preparation module; i.e. 34 days.
Page 571 of 1229
Required material
The CTI practical examination will cover the lab exercises in this study guide
and those in the GTS lab books. This study guide will list the exercises that
must be completed in the GTS book.
You are required to study the entire A+ 802 section in
this study guide only. You are strongly encouraged to work
in the Windows 7 and Windows 8.1 operating system as you
read through the rest of this book. Where this icon appears in
this study guide, please complete that exercises in the lab
book:
(G185eng) book.
Additional reading material

The CTI 802 theory examination will not examine you on the following book,
but should you want to write the CompTIA A+ 802 examination, it is
recommended that you study the following A+ 802 GTS book:
A+ 802
A+ Certificate 802 Support Skills Study Notes (G185eng)
The following textbook is a supplementary reference

textbook that may be borrowed from the campus library to
further your understanding of topics in this module:
Prowse, L. D. 2013. Authorized Exam Cram CompTIA A+

220-801 220-802. Sixth Edition. Pearson Education, Inc.
Page 572 of 1229
A+ 802
Unit 1 Operating System Installation and
Upgrade
Explain what an operating system is.

Plan for installation.
Explain the different boot methods and installation types.
Describe and compare the main features and system
requirements of the different Windows editions: Windows
XP, Windows Vista, Windows 7 and Windows 8/8.1.
Identify ways in which the operating system can be
deployed to many systems.
Know what older Windows versions can be upgraded to
newer ones.
Prepare hard disk partitions and file systems.
Install the operating system using the most appropriate
method.
GTS A+ Certificate 802 Support Skills Study Notes

(G185eng) Module 1 Unit 1 (p.1-19) and Module 2 Unit 5
(p.151-167)
GTS A+ Certificate 802 Support

(G185eng) Review Questions:
o Windows Operating System (p.20)
o Installing Windows (p.168)
Skills
Study
Notes
1.1 What is an OS?

An operating system (OS) is software that a computer or mobile device runs
to coordinate the interaction between hardware, applications and the user. It
provides a platform on which to run application programs, handle tasks such as
I/O, device access, disk and file management and memory allocation, and
provides you with a user interface with which to perform tasks.
An OS is generally made up of the following components:
Kernel the central part or core files responsible for communicating
directly with hardware to perform tasks such as allocating memory space to
programs, managing system resources such as CPU interrupts and CPU
time, providing services so that programs can request to use a driver, disk
or other hardware, and managing the file system.
Page 573 of 1229
Device drivers specific programs written for the purpose of instructing

the OS on how to access hardware so that the OS understands how that
hardware works and what it can do.
Programs to provide extended functionality.
Shell another name for user interface, it allows you to communicate
with the OS. You can interact with the shell using a command line
interface (CLI) or graphical user interface (GUI).
Figure 1.1 OS Components
Tip
Modern Windows operating systems have both a GUI and CLI.
The OS market is divided into three main functions:

A business client OS is designed to run on client computers in business
networks.
A network OS (NOS) is designed to run on network servers in business
networks. Also known as a server operating system.
A home client OS is designed to run on standalone or workgroup
computers in a home or small office environment.
There are operating systems other than Windows that can be run on both
desktop and server systems. These include Apple OS X and Linux for client
and server systems. Both Linux and OS X are based on the Unix OS. Apple
Macs are mainly designed for home, education and graphic design industries
such as desktop publishing. Apple OS X runs on Mac client computers while OS
X Server runs network servers. The Linux OS is developed under the free and
open source development and distribution model.
Companies such as Red Hat, SuSE and Ubuntu sell Linux and provide technical
support and updates for their Linux operating systems. You can download a
free copy of Linux called a distro (short for distribution) such as Debian, Red
Hat Enterprise Linux, CentOS and OpenSuse by performing a search online and
then use and customize the OS to your own needs. There are hundreds of
Linux distros for computers, laptops and servers and Linux is also widely used
for network routers, gaming consoles and mobile devices such as Android.
Page 574 of 1229
There are several tasks you need to do before you actually install an OS or
upgrade one to a newer one. If you do your homework first and prepare
properly, the installation process is easy and will go fast, but skipping any of
the preparation tasks might cause problems such the computer locking up and
refusing to boot during installation. With that in mind, look at the following
steps you need to go through before and after installing the OS:
1.
2.
3.
4.
5.
6.
Identify system requirements for the OS you have chosen to install.

Verify hardware and software compatibility.
Decide what installation method to use.
Determine how to back up and restore existing data (if needed).
Select an installation method.
Determine how to partition the hard drive and what file system to format
the hard drive in.
7. Determine the computers network role.
8. Install and configure installation options.
9. Plan for post-installation tasks.
1.2 Choosing an OS
A 32-bit CPU with a 32-bit Windows OS cannot address more than 4 GB RAM.
It is important to choose an OS and hardware to match the requirements of
that OS. Even though a 32-bit OS can address 4 GB RAM, it will not use it all.
It reserves some of the addressable memory space for devices such as
graphics cards and peripherals. 64-bit operating systems do not have this
limitation and can theoretically address as much as 16 exabytes of RAM.
As such, you need to consider many factors before deciding which OS to use
for a given situation. Some of these considerations include:
Choose an OS that fully supports the requirements of the customer.

Will the customer be using their existing computers or will they be buying
new ones? Do your research to make sure that sufficient hardware is
available to support the OS, such as RAM, CPU, display and disk space.
Consider the costs of obtaining and installing the OS, but also the costs
associated with supporting it.
Consider future upgrade options.
Consider what technical support is available for the OS.
1.3 32-bit vs. 64-bit and RAM considerations

Current Windows operating systems are available in both 32-bit and 64-bit
versions. If you have 64-bit hardware, you can install either the 32-bit or 64bit OS on it. However, if the system has 32-bit hardware, you can install only
32-bit operating systems (not 64-bit).
Page 575 of 1229
The CPU is the primary hardware component that determines whether a

system is a 32-bit or 64-bit system. If you install a 32-bit OS on 64-bit
hardware, it will work in 32-bit mode. However, it will not take advantage of
the benefits of 64-bit hardware such as speed and supporting much more RAM.
Tip
A 64-bit OS is the best choice if your hardware supports it. It runs

faster and enables you to use much more RAM, and as a result to run
more applications.
The hardware on 32-bit systems is identified as x86 and you can only install
32-bit operating systems on it. The hardware on 64-bit systems is identified as
x64 (sometimes AMD 64 or Intel 64 indicating it is an AMD or Intel CPU), and
you can install both 64-bit and 32-bit operating systems on it.
1.4 Windows operating systems

The primary Windows OS versions are:
Windows XP Oldest OS listed here
Windows Vista Released between Windows XP and Windows 7
Windows 7 Released between Windows Vista and Windows 8
Windows 8 Newest OS listed here (Windows 8.1 is an updated version of
Windows 8)
Each OS version has multiple editions, and some editions support both 32-bit
and 64-bit systems.
System requirements help you decide whether your system can run a
particular OS. You will find the published minimum system requirements on
the packaging and at Microsofts website (www.microsoft.com). Do note that
these are usually the minimum requirements, and higher specifications might
be needed for the system and the applications it will be running.
The next few sections explore the various Windows editions and their systems
requirements and limitations.
1.4.1 Windows XP editions, requirements and limits

Windows XP has been available for over a decade now and it is well
established. Therefore you need to be able to support it.
Note
Microsoft has announced that it will discontinue support for Windows

XP in 2014. This will mean that XP users will no longer receive
updates and technical assistance. However, Microsoft will continue to
provide limited support for certain security applications only.
Figure 1.2 shows the Windows XP x64 desktop and Start menu.
Page 576 of 1229
Figure 1.2 Windows XP

The relevant editions of Windows XP are as follows:
Windows XP Home: this stripped-down OS edition targeted home and

small office users and provided basic capabilities such as support for a
maximum of five client workgroup connections.
Windows XP Professional: this edition targeted business clients and
supported capabilities that were supported by Windows XP Home, such as
the ability to join an Active Directory domain network and group policies,
file or a folder encryption with encrypting file system (EFS), two separate
CPU support and remote desktop capabilities.
Windows XP Media Center: available in several versions to OEMs only
and based on Windows XP Professional, Windows XP Media Center provided
additional multimedia capabilities such as the ability to listen to the radio,
watch and record TV shows and DVD movies using a TV-style remote
control (with a TV Tuner card installed), and supported store multimedia
files. The last version did not support joining an Active Directory domain.
Windows XP Tablet computer: this edition is identical to XP Professional
except that it was optimised for tablet computers and supported
handwriting recognition and touchscreen interface through its ink features.
Windows XP 64-bit (two editions: XP 64-bit and XP Professional
x64): Windows XP 64-bit systems ran on the Intel Itanium CPUs. Windows
XP Professional x64 edition ran on x86-64 compatible Intel or AMD CPUs.
Windows XP with Advanced Security Technologies (SP2): this was a
service pack (a collection of updates and features) that introduced a new
Security Center Control Panel applet that improved Windows Firewall and
Internet Explorer.
Page 577 of 1229
Note
Microsoft continues to provide support for their operating systems

long after they stop selling them. Microsoft refers to two types of
support: Mainstream support, which is the normal support that
includes the regular release of security and non-security updates to
customers along with technical support, and Extended support,
which ends sometime after the mainstream support phase and
includes security updates, but any other updates and support will only
be available to customers who have an update agreement with
Microsoft. Microsoft has indicated that they will provide extended
support for Windows Vista for a few more years to come.
Table 1.1 lists the minimum system requirements for Windows XP.
Table 1.1 Windows XP minimum requirements
Component
CPU
Memory
Display
Hard disk
Installation media
Minimum Specification
32-bit x86 (233 MHz or higher with 300 MHz or higher
recommended)
64 MB RAM (128 MB recommended)
SVGA (800 x 600) or higher
1.5 GB free disk space + paging space (2 GB
recommended)
CD-ROM or cross-network
Table 1.2 shows a comparison of the limitations with the different Windows XP
editions.
Table 1.2 Windows XP system limits
Maximum Multicore SMP
RAM
(Max CPUs)
32-bit Home
32-bit
Professional
32-bit Media
Center
32-bit Tablet
XP 64-bit
Professional
x64
HyperThreading
4 GB
4 GB
Yes
Yes
No
2-way
Yes
Yes
Virtualisation
and Data
Execution
Environment
Yes (SP2)
Yes (SP2)
4 GB
Yes
No
Yes
Yes (SP2)
4 GB
128 GB
128 GB
Yes
Yes
Yes
2-way
2-way
2-way
Yes
Yes
Yes
Yes (SP2)
Yes (SP2)
Yes (SP2)
You might need third-party software to support DVD/Blu-ray playback and

recording for editions other than XP SP2 and SP3.
Page 578 of 1229
1.4.2 Windows Vista editions, requirements and limits

The goal of Windows Vista was to replace Windows XP, but it was not popular.
However, there are still many Windows Vista systems in use, so you need to
know how to support the OS. Windows Vista comes in 32-bit and 64-bit
versions.
Depending on the version, Windows Vista supports features such as User
Account Control (UAC) that helps prevent malicious software from taking
action on your system without you knowing about it; the Windows Aero
graphics system that provides translucent effects, transparent see through
icons, animations and themes that enhance the user interface; live thumbnails
(hold your mouse over an application icon and all open documents are shown
in a separate thumbnail); an on-screen virtual keyboard; disk partitions that
can be resized without loss of data; and full support for IP version 6 (IPv6).
Figure 1.3 shows the Windows Vista desktop behind the Start menu, icons and
sidebar. It is very similar to the Windows 7 desktop that you will explore later
on. In fact, if you are comfortable working with Windows 7, then working with
Windows Vista will not be a problem for you.
Icons and shortcuts to

files and programs
Sidebar with gadgets.
Right-click Sidebar to
configure it.
Start menu where
programs, files, folders and
devices can be accessed
Quick launch toolbar with
access to commonly-used
programs
Figure 1.3 Windows Vista desktop
The Windows Vista Sidebar hosts mini-programs called gadgets that you can
add to a Windows Vista system. Gadgets add specific functionality to the
system, for example, a weather gadget will show the weather for a specific
location. The Quick Launch toolbar can be configured with shortcuts to
commonly used programs installed in other locations on the system.
Page 579 of 1229
The relevant Windows Vista editions are as follows:
Windows Vista Home (Basic and Premium): both home editions

support workgroups but do not allow joining an Active Directory network.
The Home Basic edition is designed for home users, but does not support
the Aero interface. The Home Premium edition provides many more
capabilities for home users such as supporting 10 network client
connections compared to 5, touchscreen and tablet (ink) input, meeting
space conferencing applications over local networks, and HD video editing
and DVD authoring.
Windows Vista Professional (Business and Enterprise): both editions
target business and bigger enterprise companies and both support the
ability to join an Active Directory domain network and process group
policies, file encryption, remote desktop server, offline files and fax/scan
tools. However, they do not include the multimedia tools such as Media
Center and games supplied with the Vista Home editions. Enterprise is
available only to Microsoft Software Assurance customers, meaning you
have to buy it directly through Microsoft and it includes additional features,
such as BitLocker Drive Encryption and support for UNIX applications.
Windows Vista Ultimate: this edition includes all the features available in
any edition of Windows Vista. The Ultimate edition has some additional
features that you will not find in any other edition, such as game
performance tweaker, DVD ripping capability and active backgrounds using
Windows DreamScene.
Table 1.3 lists the minimum system requirements for Windows Vista. For good
performance, consider a system with a dual-core CPU with 1 GB RAM.
Table 1.3 Windows Vista minimum requirements
Component
CPU
Memory
Display
Hard disk
Installation media
Audio
800 MHz (32-bit or 64-bit recommended)
512 MB (1 GB recommended for all editions except for
Home Basic)
SVGA (800 x 600) or higher
DirectX9 graphics with WDDM
32 MB video memory recommended for Home Basic
Aero requires 128 MB video memory, pixel shader v2.0
and 32-bits/pixel (for all editions except Home Basic)
20 GB with 15 GB free space (40 GB recommended for all
editions except for Home Basic)
DVD-ROM or cross-network
Sound card and speakers are recommended
Additional requirements for specific features include:
X64 CPU supporting AMD64 or EMT64T.

Tablet/touch screen runs on dedicated hardware.
A TV turner card and IR Receiver for remote control are recommended for
Media Center systems.
Page 580 of 1229
Just like other operating systems, Windows Vista editions have limitations on
the hardware they support. Table 1.4 lists the hardware limitations for
Windows Vista editions.
Table 1.4 Windows Vista system limits
Home Basic
Home Premium
Business
Enterprise
Ultimate
Maximum
RAM 32-bit
4 GB
4 GB
4 GB
4 GB
4 GB
Maximum
RAM 64-bit
8 GB
16 GB
128 GB
128 GB
128 GB
Multicore SMP (Max

CPUs)
Yes
No (only 1)
Yes
No (only 1)
Yes
2-way
Yes
2-way
Yes
2-way
All editions support Hyper-Threading, hardware assisted virtualisation, data

execution prevention and DVD playback and recording; but Blu-ray requires
third-party software.
1.4.3 Windows 7 editions, requirements and limits

Microsoft has released several Windows 7 editions for client systems, following
a progression of good features (Starter), better features (Professional) and the
most comprehensive features (Ultimate). The different Windows 7 editions are
as follows:
Starter: a stripped-down OS edition with few features (no advanced

network and graphics capabilities) and is available only to OEM system
builders and installed on some netbooks (lightweight laptops) and subnotebooks.
Home (Basic and Premium): this edition targets home and small office
users and is available in 32-bit and 64-bit editions. Both editions do not
support joining an Active Directory network. Home Basic is available in
certain emerging countries only. Home Premium adds several extra
features, such as Aero, Homegroups (Windows 7 system-to-system
networks), Windows Media Center and HD video editing.
Business (Professional and Enterprise): both editions are available in
32bit and 64-bit editions and both target business networks based around a
Windows Server running Active Directory so that business clients can join
an Active Directory domain and process group policies. Both editions
support file encryption, offline folders, remote desktop and XP mode. XP
mode allows you to run a copy of Windows XP in a virtual machine on
Windows 7, so that you can run older XP applications. The Enterprise
edition adds BitLocker Drive Encryption, UNIX application support, a
language pack supporting different languages for the Windows interface
and support for volume licensing only (Enterprise is not available in retail or
OEM builds). Figure 1.4 shows the Windows 7 Professional desktop.
Page 581 of 1229
Figure 1.4 Windows 7 Professional desktop
Ultimate: this edition is available in 32-bit and 64-bit and includes all the
features available in any other Windows 7 edition.
After deciding what version of Windows 7 to use, and before buying and
installing that OS, you should identify the minimum system requirements for
the OS. If the hardware does not meet the minimum system requirements,
you will not be able to run the OS. Most editions are available in both 32-bit
and 64-bit versions (except for the Starter edition). Table 1.5 lists the
minimum system requirements for Windows 7. A dual-core CPU with 2 GB RAM
should provide acceptable performance for a system running office-type
applications.
Table 1.5 Windows 7 minimum requirements
Component
CPU
Memory
Display
Hard disk
Installation media
Audio
1 GHz
1 GB RAM
DirectX9 graphics or later
Windows Display Driver Model (WDDM) 1.0 for Aero
Support
16 GB free space
Even though Table 1.5 lists the minimum requirements, which might be
suitable for a user who uses basic office and web applications for light tasks
such as web browsing, they will not give satisfying results for a user who uses
resource-intensive applications. Buying a faster CPU and adding more RAM
than the minimum or even the recommended requirements provides much
better performance.
Page 582 of 1229
Additional requirements for specific features include:
64-bit CPU supporting AMD64 or EMT64T, 2GB RAM and 20 GB free hard
disk space.
Tablet/touch screen runs on dedicated hardware.
TV Turner card and IR Receiver for remote control are recommended for
Media Center systems.
Not only must you learn the minimum system requirements, but also the limits
related to hardware support. Table 1.6 compares the hardware limitations in
terms of memory and CPUs for the different Windows 7 editions.
Table 1.6 Windows 7 system limits
Starter
Home
Premium
Professional
Enterprise
Ultimate
Maximum
RAM 32-bit
2 GB
4 GB
4 GB
4 GB
4 GB
Maximum
RAM 64-bit
N/A
16 GB
192 GB
192 GB
192 GB
Multicore SMP (Max

CPUs)
Yes
No (only 1)
Yes
No (only 1)
Yes
Yes
Yes
2-way
2-way
2-way
Installing Windows 7 Home Premium on a system with two CPUs will still work,
but the OS will only use one CPU. Windows 7 32-bit systems support up to 32
cores and 64-bit systems support up to 256 cores in any single CPU. Although
12-core CPUs are available, you probably will not see 32-core or 256-core
CPUs in the near future. All editions support Hyper-Threading, hardware
assisted virtualisation, data execution prevention and DVD playback and
recording; but Blu-ray requires third-party software.
You can use several websites and tools to check whether your systems
hardware is compatible with Windows 7. You can use the following tools for a
system that already has an OS pre-installed:
Windows Compatibility Center: Go to the following website and access

the hardware section: www.microsoft.com/windows/compatibility/
System Information: the System Information tool in Windows can be
opened in the Run prompt by typing msinfo32.exe before pressing
<Enter>.
Note
Ensure that your system and all attached devices are in the Windows
Certified Products list at:
https://sysdev.microsoft.com/en-us/hardware/lpl/
Page 583 of 1229
1.4.4 Windows 8 editions, requirements and limits

Windows 8 was released after Windows 7 and is in many ways a departure
from earlier versions of Windows because it is intended to enable Microsoft to
bring Windows to a wider variety of devices, from traditional computers and
laptops to touch-based portable devices such as tablets. It brings a new user
interface (UI), a new app platform, new security features and new
management tools for Windows users.
Figure 1.5 Windows 8 Start Screen

The different Windows 8 editions are as follows:
Windows 8: loosely called core or standard, this edition is a basic stockkeeping unit (SKU) aimed at home users and includes features such as the
new Start screen shown in Figure 1.5 that replaces the traditional Start
menu, Windows Store (an online app store), Microsoft account integration,
the Windows desktop, remote desktop, VPN client along with other very
basic features. This edition does not support features such as the ability to
join Active Directory domain networks and process group policies, drive
encryption and virtualisation.
Windows 8 Pro: this edition is comparable to Windows 7 Professional and
Ultimate, and is designed for PC enthusiasts and company users and
includes all the features of the Windows 8 edition with additional features,
such as Remote Desktop, Active Directory domain connectivity and group
policy processing, file access on the go, encrypting file system (EFS),
BitLocker drive encryption and BitLocker To Go, virtualisation and virtual
hard disk (VHD) booting. Windows Media Center functionality will be
available only for Windows 8 Pro as a separate software package (or addon).
Page 584 of 1229
Windows 8 Enterprise: this edition provides all the Windows 8 Pro

features (except the Media Center add-on) with additional features
designed to meet the mobility, security and virtualisation needs of large
companies. Windows 8 features include Windows To Go (which enables you
to boot and run a Windows image from a certified flash/external drive),
DirectAccess (which provides VPN-like remote Intranet connectivity over
the Internet), BranchCache (which allows the caching of content from WAN
web and file servers locally at branch offices), AppLocker (which is an
application access control feature that allows you to specify what
applications can and cannot run on your system), and the Virtual Desktop
Infrastructure (VDI) solution. Windows 8 Enterprise is available only to
Windows Software Assurance customers.
Windows RT Devices: this edition is only available pre-installed on thin

and lightweight devices that run low-powered ARM CPUs such as Tablet
computers and ARM-powered computers. The OS includes touch-based
desktop Office suite applications such as Microsoft Word and Excel and
supports device-level encryption and the new UI. However, Windows RT
only runs software purchased from Windows Store and other third-party
applications that can be loaded on it. x86/64 and desktop software that
runs on previous versions of Windows cannot run on Windows RT and
several business-focused features such as Active Directory domain
connectivity, group policy processing, BitLocker, EFS and remote desktop
are not supported.
The hardware must meet Windows 8 minimum requirements and should be

listed on Microsofts website as compatible with Windows 8. All editions (except
for Windows RT) are available in both 32-bit and 64-bit versions. Table 1.7
lists the minimum requirements for Windows 8.
Table 1.7 Windows 8 computer minimum requirements
Component Minimum Specification
CPU
1 GHz or faster (32-bit or 64-bit) with support for:
PAE Physical address extension allows a 32-bit CPU to
address more than 4 GB RAM and is a prerequisite for NX.
NX Never Execute helps the CPU protect against malicious
software. Also known as Execute Disable or XD bit (Intel),
Enhanced Virus Protection (AMD) and eXecute Never (XN) for
ARM CPUs. You can check if your computer supports this in the
BIOS and turn it on there. Otherwise check the computer
vendors website.
SSE 2 an instruction set used by third-party apps and drivers.
Optional: client Hyper-V (virtualisation software) requires a 64bit CPU with second level address translation (SLAT) capabilities
(Windows 8 Pro only) and hardware assisted virtualisation
Memory
1 GB for 32-bit or 2 GB for 64-bit (more recommended for
virtualisation)
Page 585 of 1229
Component Minimum Specification

Display
DirectX9 graphics or later
Windows Display Driver Model (WDDM) 1.0 or higher driver
1024 x 768 screen resolution to run apps
1366 x 768 screen resolution to snap apps (that is, work with
two apps side by side at the same time).
Hard disk
16 GB (32-bit) or 20 GB (64-bit)
Installation
media
Audio
Additional requirements to use certain features:
Touch A multi-touch tablet or monitor.
Internet access to be able to use certain features and access the Windows
Store to download and run apps.
Secure boot requires UEFI v2.3.1 Errata B firmware.
Some applications and games might need a graphics card compatible with
DirectX 10 or higher.
Microsoft account to use some features.
Separate playback applications are needed to watch DVDs.
Windows Media Center license sold separately.
A USB flash drive is needed for BitLocker To Go (on Windows 8 Pro only).
BitLocker requires either Trusted Platform Module (TPM) 1.2 or a USB flash
drive (Windows 8 Pro only).
Table 1.8 compares the hardware limitations in terms of memory and CPUs for
the different Windows 8 editions.
Table 1.8 Windows 8 computer limits
Windows 8
Windows 8
Pro
Windows 8
Enterprise
Windows RT
Devices
Maximum RAM
32-bit
4 GB
4 GB
Maximum
RAM 64-bit
128 GB
512 GB
Multicore SMP (Max

CPUs)
Yes
No (only 1)
Yes
2-way
4 GB
512 GB
Yes
2-way
4 GB
N/A
Yes
2-way
1.4.4.1 Windows 8.1 editions, requirements and limits

Windows 8.1 is a major update to Windows 8 and is formally known as
Windows Blue. It includes the historical changes that were introduced in
Windows 8 and adds some improvements, changes and new features that were
made based on feedback from the industry since the release of Windows 8.
Page 586 of 1229
In response to that feedback, Microsoft made the following important changes

to Windows 8.1:
The Start screen shown in Figure 1.5 is significantly improved.

Windows 8.1 adds options to easily move between the new Start screen and
the desktop, which looks and works similar to the Windows 7 desktop. The
added options include a setting in the OS that allows the system to boot
straight to the desktop without stopping at the Start screen (Windows 8 can
only boot into the Start screen), and the inclusion of a Start button at the
left of the taskbar.
Windows 8.1 has the same device requirements as Windows 8 and will run on
most computer hardware that was originally designed for Windows 7. However
x64 Windows 8.1 editions require CPUs that support extra, specific x86
instructions. Additionally, some Windows 8.1 features require other hardware
components:
A tablet or a monitor that supports multi-touch is needed if you want to use

touch.
An Internet connection and screen resolution of at least 1024 x 768 is
required if you want to access the Windows Store to download and run
apps.
To snap apps, you need a screen resolution of at least 1024 x 768. Note
that this resolution is lower than the requirement for Windows 8. The
revised specifications also allow new aspect ratios (4:3 and 16:10) that are
more conducive to small devices used in portrait mode than the 16:9 ratio
(typical in modern laptop and desktop displays) required for Windows 8.
The following two Windows editions are designed for business environments:
Windows 8.1 Pro: this edition is available preinstalled on new computers

and laptops, as a retail package, and as an upgrade direct from Microsoft. It
is also available through volume licensing.
Windows 8.1 Enterprise: this edition is available only to enterprise
customers who purchase Software Assurance for Windows as part of a
volume-license agreement.
Windows 8/8.1 can run apps built on two separate platforms. Virtually any
desktop program that runs in Windows 7 will also run on Windows 8/8.1. The
new WinRT apps run only in Windows 8/8.1.
In general, you can expect most applications that run properly in Windows 7 to
work in Windows 8/8.1. Windows 8/8.1 supports a new programming model
designed for immersive, touch-enabled apps that are available online through
the Windows Store. However, some application compatibility issues are
possible because of changes made to Windows 8.1. In addition, devices
powered by Windows RT 8.1 can run most Windows Store apps but are unable
to run desktop programs, including installers and web browser add-ons.
Page 587 of 1229
1.5 Verify hardware and software compatibility

If your system meets or exceeds the OS requirements, your next step is to find
out whether Windows is compatible with your systems existing hardware and
software. You can get this information in the following ways:
Setup Wizard this program runs during the Windows 7 installation and
quickly checks your hardware.
Upgrade Advisor or Upgrade Assistant Microsoft provides a free
program which you can run on your system to see if your hardware and
software will work with a newer version of Windows and that there are no
compatibility issues with Windows 7 or 8/8.1. This program is available on
the installation media or can be downloaded from Microsofts website. You
can access this website to download it by clicking the Check Compatibility
Online link from the initial Windows 7 installation screen. You can also
download it from here:
windows.microsoft.com/en-us/windows/downloads/upgrade-advisor.
Windows 8s program is called Upgrade Assistant and it checks to see if
your system meets the minimum system requirements and scans your
hardware, apps and connected devices to see if they will work with
Windows 8. It then provides you with a compatibility report.
windows.microsoft.com/en-za/windows-8/upgrade-to-windows-8
See Figure 1.6. Make sure all peripherals are connected to your computer
and turned on.
Figure 1.6 Windows 8 Upgrade Assistant
Page 588 of 1229
Note
You can also search for the upgrade advisor or assistant from
Microsofts download website at www.microsoft.com/download/. You
can use this same method to find many other free downloadable tools
provided by Microsoft.
Microsoft websites the following two websites are useful for checking
for compatibility with a Windows-based system:
o Windows Compatibility Center lists hardware and software that is
compatible with Windows. You can search for the Windows Compatibility
Center here:
www.microsoft.com/windows/compatibility/
o Windows Logod Products List (LPL) lists hardware devices and
expansion cards that have been tested and verified to work with different
versions of Windows. It was previously known as the hardware
compatibility list (HCL). If a device is not listed on the Windows LPL,
its driver has most likely not been signed or guaranteed by Microsoft.
You can access the list here:
msdn.microsoft.com/en-us/library/windows/desktop/hh801892.aspx
https://sysdev.microsoft.com/
Vendor information if a device or software is not on the official

Microsoft list, check with the device or software vendor, who will usually
provide information about Windows compatibility either on the product box
or on their website. Check the optical disc that came with your hardware
for proper drivers or better yet, check the vendors website for the most
up-to-date drivers that are compatible with your version of Windows. After
upgrading and applying the drivers, keep them on a USB drive or at a
network location so that you can use them again when needed.
Note
Unsupported hardware can cause issues during the setup process and
you should physically uninstall the hardware from the system before
starting the process.
1.6 Back up data and settings

It is essential that you back up existing user data before updating or upgrading
an existing OS installation because the update or upgrade can go wrong and
the data on the hard drive might get lost. You can back up user data using the
Windows backup program or a third-party backup program or backup and
transfer user files and settings using the Files and Settings Transfer wizard
in Windows XP, Windows Easy Transfer (WET) in Windows XP/Vista/7, or
User State Migration Tool (USMT) in Windows XP/Vista/7. These programs
are either included in Windows or can be downloaded from Microsofts
download website.
Page 589 of 1229
Figure 1.7 Windows Easy Transfer
1.7 Choosing an installation method

When a new OS is released, it comes out with new features and capabilities.
Therefore, it is common to upgrade existing systems to take advantage of
these new features and capabilities.
1.7.1 Clean install

A clean install is a fresh installation that ignores a previous installation of
Windows, wiping out the old version as the new version installs. It involves
installing the OS onto an empty hard drive or completely replacing an existing
OS installation (normally deleting the existing OS first). It does not include any
applications, data files and settings from the previous installation. You would
have to back up data and settings from the old system and transfer them to
the new system and re-install any applications and configure certain settings.
Windows 7 calls this a Custom installation. A clean install is typically used by
network administrators to deploy operating systems to many systems using OS
images.
There are two types of clean installations:
Bare metal installation involves installing on a system with no software

or OS on it. For example, if your hard drive fails and has to be replaced,
you could do a bare metal installation after replacing the hard drive.
Install on existing system if your hard drive already has an OS
installed, you can perform a clean install over it. None of the applications
that worked in the previous OS will work in this new installation. In some
instances, it is possible to keep the previous OS and create a multi-boot
system.
Page 590 of 1229
1.7.2 Multi-boot system

A dual-boot or multi-boot system is one that can boot to multiple operating
systems. You can choose which OS to use when booting the system. For
example, you can have a computer running Windows 7 and then do a custom
install of Windows 8 on the same computer. When you are done, the system
can boot to either Windows 7 or Windows 8. Just ensure you meet the
hardware requirements for both operating systems.
Once you have created a dual-boot system, you will see a screen similar to
Figure 1.8 when booting. If you choose Earlier Version Of Windows, it will
boot to that version of Windows. If you choose Windows 7, it will boot to
Windows 7.
Figure 1.8 Dual-boot menu

The menu in Figure 1.8 typically gives you around 30 seconds to choose;
otherwise, it will automatically boot to the default OS. In Figure 1.8, the
default OS is Windows 7, and the system will boot to Windows 7 in 27 seconds.
You can use the <Tab> key or <Up> and <Down> arrow keys to select
different choices, and then press <Enter> to start it.
Any multi-boot system setup has rules that you should follow:
1st RULE: always install operating systems on different partitions.

If you install two operating systems on the same partition, they will corrupt
each other. If you install Windows 7 on the same partition as a previous
OS, it would detect the previous installation and move data and settings to
a folder named Windows.old and you will not be able to boot to the
previous OS anymore.
Page 591 of 1229
If you are running Windows XP on the C: partition for example, you can
install Windows 7 on the E: partition as long as it exists.
2nd RULE: the system partition (which contains the boot files) must
be accessible to each OS.
3rd RULE: always install the older OS first and the newer one last.
The older OS is less likely to recognise the multi-boot environment. A
newer OS is aware of the older OS and keeps critical files. However, an
older OS is not aware of newer OS and often corrupts critical files.
Note
When configuring multi-booting, you must format the partition in a

file system that is common to all installed operating systems. If one
or more of these rules are not followed, one or both of the operating
systems will stop working. Since most people use virtualisation, which
has the same goal of running different operating systems together,
you will not find multi-booting used much anymore.
1.7.3 Upgrade
An in-place upgrade simply involves installing an OS on top of an earlier
installed OS. Supported applications, data files and settings in the previous OS
are normally included in the new installation. For example, if you upgrade a
Windows Vista Ultimate that has Microsoft Office to Windows 7 Ultimate,
Windows 7 would also include Microsoft Office. You would not have to reinstall
Microsoft Office.
To upgrade Windows usually means inserting the Windows installation disc
while your old OS is running, which will auto start the installation program. The
installation program will then ask you whether you want to perform an upgrade
or a new installation; if you select new installation, the program will remove
the existing OS before installing the new one, so choose upgrade.
An upgrade is often simpler for home users and users on small networks.
However, there are limitations on what systems can be upgraded. When
upgrading an earlier OS to Windows 7 on the same partition, Windows 7 keeps
data from the previous installation in a folder named Windows.old. You can
copy data from the Windows.old folder to anywhere else on your system.
Tip
The Windows.old folder stores data from a previous installation of

Windows. It includes the Windows folder, the Program Files folder and
user profiles. If the previous installation was Vista or Windows 7, the
profiles are in the Windows.old\Users folder.
If you no longer need the data in the Windows.old folder, you can delete the
folder by using the Disk Cleanup program. Click Start, type Disk Cleanup in
the Search box, and press <Enter>. Select Previous Windows
Installation(s) and click OK to delete the folder.
Tip
Perform a full system backup before performing an in-place upgrade.
Page 592 of 1229
1.7.4 Methods of installation

You can use several methods to install a copy of Windows. The three primary
methods are:
With installation media such as a CD or DVD

Over the network (cross-network)
Using images
You can use any of these three methods to install Windows on a computer with
an existing OS or on a new computer. However, even if you are installing it on
a computer with an existing OS, it does not mean that it is an upgrade. Any
applications you need might still need to be installed.
1.7.4.1 Installation Media CD or DVD
When you buy a retail copy of Windows, it comes on a bootable CD or DVD
with all the files you need to perform a clean install or upgrade of the OS.
Instead of having different discs for each edition of Windows Vista/7, every
installation disc contains all of the available editions (except for Enterprise).
You can place the disc into your optical drive, turn your computer on, set the
boot order in CMOS (if not set by default) to boot to the optical drive first and
then start the installation. During the installation, you can configure your hard
drives by partitioning or formatting them as desired.
1.7.4.2 Remote network installation
If you work for a medium to large-sized company, it might be more convenient
for you to install Windows from across the network. Although the term
network installation can involve many different tools and methods depending
on the Windows version used, client computers that receive the installation
must be connected to a server and that server might be another Windows
client computer or a server running a network OS. The serving computer must
host an image, which can be either the default Windows installation or a
custom image that the network administrator has created.
One way to allow a remote network installation is to copy all the installation
files to a folder on a network server and then share that folder. Users can then
connect to the share and start the installation by clicking the setup file. For
example, you can copy everything on the Windows 7 installation DVD to a
network share and install systems from there.
Tip
The Universal Naming Convention (UNC) or path to a Windows

network share is:
\\server_name\share_name or \\IP_address\share_name
You still need a valid license key to activate the installation for each system
that connects. However, the contents of the DVD are not tied to the license
key, so one DVD can be used with multiple license keys. A drawback is
network bandwidth; that is, if the network is already busy, this added network
traffic can slow down network performance for all users.
Page 593 of 1229
This method can be automated with scripts or answer files that automatically
select the options and components needed for the installation. The scripts can
even install extra applications at the end of the OS installation, all without your
having to do anything once the installation is started.
This type of installation is called an unattended installation and does not
need you to be there for the installation, as opposed to attended
installation, which needs you to be there to start and complete the
installation and input information at various points.
1.7.4.3 Image deployment
Imaging is a very common way of installing Windows because it reduces the
time needed to configure and deploy systems, reducing overall costs. An
image is a snapshot of a hard disk volume on which an OS and usually
application software are pre-installed. The image contains the OS,
configuration settings, service packs, updates, application software and
everything else you need, and after the snapshot is captured and saved to a
file, it can be deployed to multiple systems. For example, an administrator
might need to install Windows 8 on 50 new computers. He or she could install
the OS on 50 target computers individually or use imaging software to speed
up the process. Figure 1.9 gives you an idea of how this process would work.
Figure 1.9 Imaging process

What you would do first is install Windows 7 on a reference computer and then
install any applications that users need. You would then configure desktop and
security settings and then test the system to verify that it works. After
preparing the system, you would capture the image and store it either on a
network server or on an external drive. After capturing the image, you can
finally deploy it to multiple computers.
Note
You can buy many disk cloning/imaging tools to create and clone
images, such as Acronis True Image (www.acronis.com) and
Symantecs Norton Ghost (www.symantec.com/), or you can use free
tools such as Clonezilla (clonezilla.org/) or those provided by
Microsoft, such as the Windows Automated Installation Kit (Windows
AIK) or Windows Deployment Services (WDS).
Page 594 of 1229
You can store the image on an imaging server in a network environment or on

an external USB drive (or if the image is small enough, on a DVD). After
deploying the images, you still need to perform setup tasks. For example, you
cannot have all 50 computers named computer-1, so each computer needs to
have a unique computer name. However, it is possible to automate this
process.
Note
Windows 7 and 8 installations use images. If you have a Windows 7/8

installation disc, look in the Sources folder for an Install.wim image
file (Windows Imaging Format [WIM]), which has everything needed
for different Windows 7 or 8 editions. For example, the Install.wim file
normally includes images for Windows 7 Home Premium, Professional
and Ultimate. 32-bit and 64-bit versions of Windows 7 have separate
Install.wim files and since an installation disc will be either 32-bit or
64-bit (not both), you will not have both versions on the same disc.
The image files in the Install.wim file are the same types of images
you can create using Microsoft tools such as Windows AIK or WDS.
1.7.4.4 PXE clients

Many desktop systems come with a preboot execution environment (PXE)aware BIOS and network adapter that are used during the imaging process.
The NIC and BIOS can be configured to boot the system, typically without any
OS on its hard drive, and connect it to an imaging server over the network to
download an image.
The overall steps of a PXE boot are:
1. The client computer turns on. Enable PXE in CMOS Setup, save and exit
CMOS. You might need to press F12 to start the PXE network boot process.
2. The client queries a DHCP server for an IP address and other network
addressing information.
3. With an address, the client then contacts the WDS imaging server.
4. Depending on how many images the network administrator has prepared
on the server, you might be taken directly to the Windows installation
screen, or you will have to log on and will be asked to pick from multiple
images. Once you have selected the option you need, everything else
should proceed as if you were installing Windows from a local optical disc.
Tip
You need a PXE client with a PXE-aware BIOS and NIC to configure the
client to boot to the network.
1.7.4.5 Installing from a USB

You can create a bootable USB flash drive and then copy the image onto the
drive. An 8 GB or larger USB flash drive will easily hold the data needed to
boot from the USB. You can buy and download images of Windows 7/8 from
the Microsoft website in .ISO format.
Page 595 of 1229
After that, to make the image bootable, you can download, install and run the
Windows 7 USB/DVD Download Tool from here, which will convert the image
and transfer it to the drive, making the drive bootable:
www.microsoftstore.com/store/msusa/html/pbPage.Help_Win7_usbdvd_dw
nTool
You must be the administrator to run this tool and install it from USB and your
Windows 7 computer must have .NET Framework 2.0 or higher installed.
Despite the name of the tool, you can use it for a Windows 8 image. Figure
1.10 shows some screenshots of this tool and the OS contents of the bootable
drive.
Figure 1.10 Windows 7 USB/DVD Download

When the operation has finished, you can view the contents of the bootable
drive.
Computers must support booting from USB and you must enable the option in
CMOS Setup to be able to install the OS. This is much easier for users with
systems that do not have optical drives.
Tip
It can take a long time to install Windows and then apply drivers and
configure settings afterwards. A way around this is to create
slipstream media (CD, DVD, USB or network share) with the latest
drivers and updates pre-applied to the media to speed up the
installation process and to allow a direct installation of updated
software. Search the Web on how to build slipstream media and
complete the installation.
Page 596 of 1229
1.8 Automating the installation

Instead of sitting at your computer during the installation process, answering
questions and typing in product keys and so on, which can be time consuming,
Windows provides you with some good options (discussed next) for automating
the unattended installation process. All you have to do once you performed the
initial setup tasks is boot up the system and have the installation process finish
automatically.
1.8.1 Setup Manager

Microsoft provides the Setup Manager program for automating a Windows XP
installation. Setup Manager helps you create a text file called an answer file
that contains all of the answers to the questions asked during the installation.
When using an answer file, the installation program looks for the information it
needs from the file instead of asking you for the answers. If it cannot find the
answer in the file, the installation program will ask you to provide the answer.
You can use answer files when installing the OS with installation media or over
the network. You can create an answer file to be used with images so that
after the image is deployed, the settings are automatically answered. You can
find Setup Manager on the Windows XP installation disc in the
\Support\Tools folder. Double-click the DEPLOY cabinet (.CAB) file, and
then right-click setupmgr.cab and choose Extract and choose the location
where the file should be extracted to.
You can create answer files using Setup Manager for Unattended, Sysprep and
Remote Installation Services (RIS) setups. The latest version of the tool can
create answer files for various Windows XP editions. Figure 1.11 shows two
screenshots of the Setup Manager program.
Figure 1.11 Setup Manager

You can use Setup Manager to create an answer file to completely automate
the installation process or you can use it to set default installation options.
Page 597 of 1229
If you are going to use the same answer file for multiple systems on the same
network, you need to ensure that each computer is assigned its own unique
computer name, since all computers on a network must have a unique name.
You can either provide a list of names to use or have the Setup program
randomly create names. When you are finished, Setup Manager will ask you to
save your answers as a text file.
Note
If you provide the username and password of the domain

administrator to the answer file for the purpose of automatically
adding new computers to the domain network, that information along
with all the other information will be in clear text. In that case, you
will want to protect your setup files.
Once you have created an answer file, you can start your installation with this
command and go do something else while the installation runs.
D:\i386\winnt32 /s:%SetupFiles% /unattend:%AnswerFile%
Substitute %SetupFiles% with the local path (D:\i386 if installing from a disc)
or network path of your setup files. If you decide to go with the network path
option, then you must create a network boot disk so that the installation
program can access the files from that location. For %AnswerFile%, substitute
the name of the text file you created with Setup Manager (usually
unattend.txt).
Note
You can use any text editor to create an answer file instead of using
Setup Manager, but the text file can be very long with a lot of
different commands and syntax. Most technicians prefer the easy
method of using Setup Manager.
1.8.2 Automating the installation for Windows Vista/7

For Windows Vista/7, Microsoft has replaced Setup Manager with the
Windows Automated Installation Kit (Windows AIK), which is a set of OS
deployment tools designed to deploy Windows Vista/7 images to target
computers or virtual hard disks (VHDs). Windows AIK includes the System
Image Manager (SIM), which is used to create answer files and even
enables you to add drivers and applications to the answer file and configure
many more details. For example, if you do not want games to be included in
the installation, you can specify this in the answer file.
The basic idea behind Windows AIK is that you use SIM to create an answer
file and then use that answer file to build a Master Installation file that can be
burned to DVD. The answer files for Windows Vista/7 are no longer simple text
files but XML (.XML) files and the process of creating an XML file is more
difficult than a text file. You have to choose components (which represent the
tasks you want your automated installation to do, such as create a partition,
enter a certain product key, and much more) out of a very long list and then
edit their settings.
Page 598 of 1229
Figure 1.12 Windows SIM

After choosing and editing all the components you need, you have to save your
answer file, copy it to a USB drive and plug it into a new system on which you
will be installing the Windows OS. When you boot a computer off the
installation disc, it automatically searches removable media (USB drive) for an
answer file and when it finds one, it uses it to automatically install itself. If you
are only installing Windows Vista/7 to this one computer, you are finished, but
if you want to install it to multiple systems, you will probably want to create a
disc image based on the Master Installation file.
To create such an image, you must use the Windows PE and ImageX tools
included in Windows AIK to capture the installation and create a disc image
from it. This part of the process is much more difficult. Fortunately, Windows
AIK comes with documentation that gives you instructions on how to do this.
1.8.3 Disk cloning and Sysprep

Disk cloning makes a full copy of the drive on an existing system that can be
transferred to as many systems as you like; essentially allowing you to create
clones of the original system. You can use a cloning program, such as
Symantec Norton Ghost shown in Figure 1.13, to make an image file that
contains a copy of an entire hard drive. When cloning a disk image, all systems
that will be cloned need to be identical or as close to identical as possible.
Page 599 of 1229
Figure 1.13 Norton Ghost

Cloning a Windows system is ideal for some situations, but what happens when
you need to send the same image to many systems that have slightly different
hardware and need to be configured differently and have different computer
names, etc.? Computer settings such as the computer name and security
identifier (SID)-which the OS uses to identify the computer- must be unique. If
these settings are not unique, you will have problems. Although it is much
easier to change the name of a computer than it is to change a computers
SID, they must be unique.
To avoid these problems, you need to combine a scripted setup with cloning by
preparing the system for imaging using the System Preparation Tool
(Sysprep), which can undo parts of the Windows installation process by
removing user-specific and computer-specific settings. After you have installed
Windows 7 and the appropriate application and configured it, you can run
Sysprep (which is installed with the OS) to remove the SID with other settings
that must be unique. You can find the Sysprep program in the
C:\Windows\System32\Sysprep folder by default. Figure 1.14 shows the
Sysprep tool with the recommended settings to prepare a system for imaging.
Figure 1.14 Sysprep
Page 600 of 1229
Note
You must run Sysprep on a Windows system before capturing the

image. You can run it from the GUI or from the command line. The
typical command from the command line is:
Sysprep/oobe/generalize/shutdown
Choosing the System Out-Of-Box Experience (OOBE) option in Figure 1.14

and selecting the Generalize check box will reset the required settings to
prepare the system for imaging. After running this, the system will shut down
and the image will be ready for capturing.
When you deploy the image to a system and boot that system, many of the
settings will automatically be re-created for that new system. The installation
program asks the user to answer questions for other settings, such as the
primary username and the computer name.
1.8.4 Automating and deploying Windows 8 and 8.1

There are various tools that can help you deploy Windows 8/8.1 and its
applications. Although the deployment tools are based on the same tools used
to deploy Windows 7, they do have added functionality that account for new
and improved Windows 8 features, such as Windows 8 apps, Windows To Go
and so on.
For Windows 8/8.1, Windows AIK is now part of a collection of tools and
documentation called Windows Assessment and Deployment Kit
(Windows ADK). Windows ADK brings the various deployment tools that were
once separate (such as User State Migration Tool to migrate user settings)
together into one kit. You can use the same tools to customise and automate
the Windows 8/8.1 installation to many systems that you used to deploy
Windows 7, but you can get them from one place and you can mix and match
tools to accomplish specific goals ranging from identifying potential hardware
and software issues to customizing and automating a large-scale Windows
deployment.
Note
Windows ADK for Windows 8/8.1 can be used on previous versions of

Windows, including Windows Vista/7.
The following sections describe some of the tools in the Windows ADK kit. You
can search for and download Windows ADK from:
www.microsoft.com/en-za/download/
1.8.4.1 Deployment and imaging
Windows ADK contains tools and components that can be used to customise,
deploy and manage Windows images, including:
Deployment Image Servicing and Management (DISM) a

command-line tool for mounting and getting information about Windows
image (.wim) files or virtual hard disks (VHD) and for capturing, splitting
and managing .wim files before deployment.
Page 601 of 1229
Sysprep can be used to prepare a computer with a new security

identifier when it restarts and additionally removing user- and computerspecific settings that must not be copied over to destination computers.
Windows SIM creates unattended answer files using information from a
.wim image file and a catalog (.clg) file.
Windows Recovery Environment (Windows RE) a recovery
environment where repairs can be made to unbootable operating systems.
1.8.4.2 Some other Windows ADK tools

Windows Preinstallation Environment (Windows PE) a minimal OS
that prepares a computer without an OS for the Windows installation by
booting it. It also provides the tools and Windows Recovery Environment
(WinRE) used to repair problems.
User State Migration Tool (USMT) a collection of tools that can be
used to migrate user data and files from an existing Windows OS to
another OS. It captures the user state from the existing OS and restores
that state to the newer OS.
Volume Activation Management Tool (VAMT) a tool to automate and
manage the volume and retail activation processes of Microsoft products,
including Windows and Microsoft Office.
Application Compatibility Toolkit (ACT) a toolkit that provides
compatibility information for applications.
There are various Windows ADK deployment methods for different situations
and depending on the situation, the entire process can be a lengthy one. To
give you an idea of how the Windows ADK deployment process works, look at
Figure 1.15.
Figure 1.15 Windows 8 Windows ADK image deployment example

There are different methods for deploying Windows 8.1. For client computers
that are already running Windows 8, an in-place upgrade is the fastest,
easiest, and most reliable method, that can be performed by either installing
the Windows 8.1 update package or by refreshing the OS. This upgrade path
does require some app compatibility tests to be done.
For large companies that want to deploy Windows 8.1 on new or existing
systems that are not already running Windows 8, they can either manually
deploy or install Windows 8.1 on each client computer using the installation
media, or an OS image or perform unattended automated installations using
tools such as System Center Configuration Manager.
Page 602 of 1229
1.8.4.3
Windows To Go
Windows To Go is a Windows 8/8.1 Enterprise feature that allows you to create
a portable Windows 8 workspace, hosted on a USB drive. By placing a
configured bootable Windows To Go USB flash drive or external hard drive into
a computer and booting to it, you can access your own personal Windows 8
desktop, applications and files, regardless of the OS running on the host
computer.
When booted into the Windows To Go workspace, the newly booted computer
uses the Windows To Go drive as its local hard drive and prevents changes to
the hosts hard drive by disabling it by default. A Windows to Go drive does not
have a visible partition and is not assigned a drive letter to prevent data
leaking between the Windows To Go drive and host computer.
You can restore a failed USB drive to working condition by reformatting and reprovisioning it with Windows To Go, but all data will be lost. If the Windows To
Go drive is disconnected while the computer is on, the computer will freeze
and you will have 60 seconds to reinsert the drive, either into the same port,
where functionality will be resumed to the exact point where the drive was
removed or if the drive is not re-inserted or reinserted into a different port, the
host computer will turn off after 60 seconds.
You will not need to install software on the host computer to run Windows To
Go, but the host does have to meet several basic system requirements, listed
in Table 1.9.
Table 1.9 Windows To Go requirements
Component
USB drive
USB port
Firmware
Processor architecture
CPU
RAM
Display
Requirement
Windows To Go certified drive
USB 2.0 or higher with USB 3.0 improving
performance
The computer must be able to boot from a USB
drive and USB booting must be enabled in the
BIOS.
Must support the image on the Windows To Go
drive
1 GHz or faster
2 GB or higher
Direct X9 with WDDM 1.2 or higher
Also, the Windows 8 image on your Windows To Go drive must be compatible

with the processor architecture and the firmware of the host computer. See
Table 1.10.
Page 603 of 1229
Table 1.10 Firmware, CPU and Windows To Go compatibility

Host
computer
firmware
Legacy BIOS
Legacy BIOS
UEFI BIOS
UEFI BIOS
Note
Host computer CPU

architecture
Windows To Go Image
architecture
32-bit
64-bit
32-bit
64-bit
32-bit
32-bit
32-bit
64-bit
only
and 64-bit
only
only
Windows To Go is not supported when booting from an Apple Mac

computer or Windows RT device.
1.9 Recovering and repairing installations

Many OEM vendors provide ways for you to return your system to the way it
was when it left the factory. This is useful if the OS becomes corrupted and
you can no longer boot into it.
1.9.1 Recovery discs and partitions

A vendor might provide a recovery disc or install a recovery partition (also
called a rescue disk) or both, that you can use to recover your system if you
cannot boot into Windows or your partition is damaged. The differences are as
follows:
A recovery disc is a bootable disc that contains a factory image of
Windows that can be applied to the system to return it to its original
configuration.
A recovery partition is a hidden partition on the hard drive that contains
a factory image of Windows that can be used to recover the system if it
fails. You can activate it at boot by holding down a key or key combination
specific to the manufacturer of the system, keys such as <F10> or <F11>
or <Ctrl> + <F11>, and then following the set of wizard-driven prompts.
Check with the vendor for instructions on how to access the partition and
recover the system.
Note
Although using any of these recover methods is better and faster than
reinstalling the OS, the OEM recovery media will not usually recover
user data, settings or applications and will not include any updates or
service packs applied between the ship date and recovery date and
only works if the original hard drive is still installed. Also, using these
recovery methods will usually remove everything on your system.
In Windows 8/8.1, you can create a USB recovery drive by copying the
recovery image stored on the OEM recovery partition from that partition to the
drive and then delete it and use a recovery drive instead (or keep both of
them). However, the drive cannot be used for anything other than for recovery
purposes.
Page 604 of 1229
Also, you will not be able to use a recovery drive created in a 64-bit Windows 8
version to boot and repair a Windows 8 32-bit version, it is bit-specific.
Tip
You can also create your own recovery media using backup or drive
imaging software.
1.9.2 Repair install

A repair install, sometimes called an in-place repair upgrade, is one way to
restore a Windows installation that no longer boots. A repair install runs on top
of an existing installation and repairs any corrupted system files. During the
process, it is possible to upgrade the OS from an earlier edition to a new
edition by inserting the installation disc and selecting the Upgrade option (as
shown in Figure 1.16). A repair install is not supposed to damage files and
applications that are currently installed, but it can copy original system files
and reset certain settings.
Figure 1.16 Repair install (upgrade option)

Note
You will need the installation disc as well as the license key to
complete the installation.
When performing a repair install on Windows 7, the upgrade process will

attempt to save existing data in the Windows.old folder. You can often retrieve
data from this folder after the repair, but do not count on it. You should first
attempt to back up any data before attempting the repair.
Note
A lot can go wrong with a repair install so you should only use it as a
last resort; that is, after you have tried all other repair methods and
before reinstalling Windows.
Page 605 of 1229
1.10 Upgrade paths

As a computer technician, you will be upgrading an earlier Windows OS to a
later one and it is important to understand which OS can be upgraded and
which cannot.
1.10.1 Upgrading to Windows 7

The key points to remember are as follows:
You can perform an in-place upgrade from Windows Vista to Windows 7.
You cannot upgrade Windows XP directly to Windows 7, but you can
upgrade Windows XP to Windows Vista and then upgrade Windows Vista to
Windows 7. However, it is recommended that you perform a clean install.
Note
You will have to reinstall applications after the install, but you can
migrate user data and settings from Windows XP to Windows 7.
Table 1.11 lists the upgrade paths from earlier editions of Windows. If an
upgrade path is not available, you must perform a clean installation of
Windows 7.
Table 1.11 Windows 7 upgrade paths
From
Windows XP
Windows Vista
Home Premium
Windows Vista
Business
Windows Vista
Ultimate
Note
Upgrade to
Windows 7
Home Premium
No
Yes
Upgrade to
Windows 7
Professional
No
Yes
Upgrade to
Windows 7
Ultimate
No
Yes
No
Yes
Yes
No
No
Yes
You can only upgrade to Windows 7 from Windows Vista if you have
the same bit edition, that is, you can upgrade a 32-bit Vista to 32-bit
Windows 7, but not 32-bit to 64-bit. You can however upgrade a 64bit Vista to a 32-bit Windows 7. Also, you can perform an in-place
only to a comparable or higher edition, from Home to Professional for
example. Likewise, you cannot upgrade a consumer version of
Windows 7 to a business version.
1.10.1.1 Windows Anytime Upgrade

If a home user who is running the Windows 7 Home Premium edition wants to
upgrade to Windows 7 Ultimate edition, he or she can use Windows Anytime
Upgrade to do so.
Page 606 of 1229
Anytime Upgrade allows you to upgrade a Windows 7 edition to a more

advanced Windows 7 edition.
Users buy a license key online or a retail key at a retail store and enter it in
the Anytime Upgrade program and they can then complete the upgrade
process by downloading the license software. The upgrade process does not
require any additional installation media.
Note
Anytime Upgrade is available for Windows 7 only and can be found in

the Start menu. It is available in certain countries only.
1.10.2 Upgrading to Windows 8 and 8.1

Although you will need to replace older hardware that is not compatible with
Windows 8, there are many occasions when the existing hardware will be more
than sufficient to run Windows 8. Nearly every Windows 7-capable system will
run Windows 8, making the upgrade process very easy. The upgrade process
can be done using an installation disc, USB or a download from the Internet.
You can make a bootable USB drive or DVD from the Internet download
method.
The key points to remember about upgrading to Windows 8 are as follows:
There is no upgrade path to Windows RT, as it supports the ARM CPU

architecture.
32-bit Windows XP/Vista/7 can only be upgraded to 32-bit Windows 8 and
likewise for 64 bit Windows. However, you can take your 32-bit Windows
XP/Vista/7 computer and perform a clean install of 64-bit Windows 8 if your
CPU is 64-bit.
Depending on the Windows version you are upgrading from and whether a
service pack is installed, you might be able to keep your personal files,
settings and compatible applications or only one or two of these items
during the upgrade process. You can find more information here:
technet.microsoft.com/en-us/library/jj203353.aspx#editions
Table 1.12 lists the in-place upgrade paths from Windows 7. If an upgrade
path is not available, you must perform a clean installation of Windows 8.
Page 607 of 1229
Table 1.12 Windows 8 upgrade paths

From
Upgrade to
Windows 8
Upgrade to
Windows 8 Pro
Windows 7 Starter
Windows 7 Home
Basic
Windows 7 Home
Premium
Windows 7
Professional
Windows 7 Ultimate
Windows 7
Enterprise
Yes
Yes
Yes
Yes
Upgrade to
Windows 8
Enterprise
No
No
Yes
Yes
No
No
Yes
Yes (volume license)
No
No
Yes
No
No
Yes (volume license)
It is possible to perform a clean install of Windows 8 using the Windows 8

Upgrade or Windows 8 Pro Upgrade from a download available from Microsoft.
Tip
Upgrades can sometimes cause issues, but the advantages make

them worthwhile if the upgrade path allows it. It is recommended that
you back up data before performing any upgrade.
1.10.1.1 Add features to Windows 8

Add features to Windows 8 replaces Windows Anytime Upgrade allowing
you to pay a fee and upgrade your Windows 8 edition to a Windows 8 Pro
edition or simply just to add on a Windows Media Center pack (with codecs for
DVD playback and TV recording). This upgrade process will not affect your
apps, files and settings.
1.10.1.2 Windows 8.1 installation/upgrade options
You have multiple options for installing Windows 8.1, depending on your
current environment and your deployment needs:
Update from the Windows Store: the update appears as an option in

Windows Store, which downloads in the background and installs relatively
quickly on Windows 8.
Enterprise deployment tools: on large networks, software distribution
tools such as System Center Configuration Manager can easily be used to
push Windows 8.1 out to users who need the update.
Integrated installation media: for devices without an OS or where the
goal is to completely replace the existing OS, it is possible to install
Windows 8.1 directly using installation media that includes the update
without needing a separate upgrade.
Page 608 of 1229
1.11 Preparing a hard drive for installation

You must install an OS into a suitably-sized partition and then format that
partition with the appropriate file system. Partitioning electronically divides
the disk into smaller units called partitions and formatting creates a file
system on the partition to organise it in such a way so that the OS can store
files and folders on the disk. A hard drive must have at least one partition, but
you can create more. During installation, Windows assigns each partition a
drive letter such as C: or D: to identify it. You will hear the terms boot
partition and system partition as you work with operating systems. The
system partition contains the boot files necessary to boot the computer
(usually the root of the C: drive) and the boot partition contains the OS files
(usually C:\Windows).
You will learn more about partitions, formatting and file systems later on in the
guide, but for now, here are the file systems you should understand when
installing an OS:
File Allocation Table (FAT32) this file system does not include security
features such as the ability to assign permissions to files and folders.
Sometimes FAT32 is referred to as FAT but FAT technically refers to an
older 16-bit version of FAT and FAT32 refers to the 32-bit version. Most
USB flash drives and USB external drives use FAT32.
New Technology File System (NTFS) this is the preferred file system
for Windows up to Windows 7. It provides increased security and reliability
compared to FAT32, allowing you to assign permissions to files and folders
and it has additional features that improve its performance.
All versions of Windows support both FAT32 and NTFS for reading and writing
files. However, some versions of Windows cannot be installed on FAT32 hard
drives. See Table 1.13.
Table 1.13 Installing Windows on Fat32 and NTFS
Windows
Windows
Windows
Windows
XP
Vista
7
8/8.1
Install on FAT32
Yes
No
No
No
Install on NTFS
Yes
Yes
Yes
Yes
You should consider the following points before installing the OS:
If dual-booting, create a partition for each OS.
Page 609 of 1229
Decide whether partitioning a disk will give you better disk performance.
You can create multiple partitions for various types of data (one for the OS,
another for user files, one for a page file, one for log/cache files whose size
changes dynamically, etc.), separating the OS and program files from the
rest of the files. This allows you to create image clones of only the OS and
installed software. The downside is that the system will constantly be
moving from one partition to another as you access files, affecting access
time and disk performance.
Make sure you have enough disk space for the OS and boot files and user
data and consider future growth.
You must install Windows Vista, 7 and 8/8.1 on a NTFS boot partition.
If using hardware RAID, access the RAID program or firmware at boot-up
using the appropriate key combination and configure the RAID level and
create volumes before installing the OS on them.
1.12 Windows 7 installation process

You might be asked Have you ever installed Windows 7 or Windows 8.1? in a
job interview. You will want to answer Yes to this question. Although
installing an OS is not difficult, you should at least be aware of what you will
see during the installation process. So we will begin with Windows 7.
1.12.1 Choosing installation settings

Figure 1.17 shows the first screen you will see when installing Windows 7. You
will be asked to choose a language to install, time and currency format, and
keyboard and input method based on where you are installing Windows 7.
Figure 1.17 Choose installation settings
Page 610 of 1229
The default language for the installation is English and you can change this in
the Language To Install field. The time and currency format you choose
affects how the time, date and currency will be displayed on your system. For
example, July 4, 2014 using the English (Australia) option will display as
4/07/2014 while choosing the same date using the English (South Africa)
option will display as 7/4/2014. Keyboards have different keys to support
different languages and there are several different keyboard layouts available.
You can change these settings using the Region And Language applet in the
Control Panel after installing and logging into Windows.
You will be asked to verify the correct time and date and to set the time zone
during the installation. If you want to change this later on, you can do so in
the Date And Time applet in the Control Panel.
1.12.2 Choosing an installation type

As shown in Figure 1.18, Windows provides you with two installation methods:
Upgrade or Custom (Advanced). Choose Upgrade if upgrading from an
existing OS that is included in the upgrade path or Custom (advanced) for a
new installation.
Figure 1.18 Choose installation type
1.12.3 Drive Options

You can also choose where to install the OS. For most cases, you will install on
a single partition, but for a dual-boot system, you will need to create at least
two partitions, one for each OS. Additionally, you might want to install an OS
on one partition and store your personal files on another one. The installation
program provides you with several options for configuring your hard drive.
Page 611 of 1229
If you have a single drive with a single partition, simply select it and continue
with the rest of the installation. However, if you have multiple drives or
multiple partitions on a single drive, Windows will provide you with multiple
choices. You can also change existing drives and partitions during the
installation. Figure 1.19 shows the options that will appear if you click Drive
Options (Advanced) on the Where do you want to install Windows?
screen.
Figure 1.19 New 39.9 GB partition with 100 MB System Reserved

partition and 87 GB Unallocated Space
Figure 1.19 indicates that the disk (disk 0) has two partitions (partition 1and
2) and 87 GB of unallocated space. Initially this disk started as a single 127
GB disk listed as Disk 0 Unallocated Space but by clicking New and entering
40960 a partition of about 40 GB in size has been created. The 100 MB Disk 0
Partition 1: System Reserved partition was created automatically by the
installation program for the system partition (boot files).
You can configure different hard drive options, including:
Load Driver choose this option for when Windows does not have a driver
for a drive and will not recognise it until you load the driver. You can load
drivers from an optical disc or USB flash drive. You often have to do this for
systems using hardware-based RAID and when RAID is not detected during
the installation.
Delete be careful when choosing this option, as it will delete an existing
partition and everything stored on that partition. The space from the
deleted partition will be listed as unallocated space.
Extend choose this option to extend an existing partition onto
unallocated space. Using the disk in Figure 1.19 as an example, you can
extend partition 2 (39.9 GB partition) to include any amount of the 87 GB
of unallocated space.
Page 612 of 1229
Format choose this option to format the partition with NTFS. Formatting
will delete everything on the partition.
New creates a new partition. If your drive has unallocated space, click on
it and select New to create a new partition. You will be able to enter a size
for the new partition. For example, you could enter 40960 (in megabytes)
for a partition size of about 40 GB.
Refresh after making changes to a drive, click Refresh to display the
changes you made.
1.12.3.1 System reserved partition

If you have unallocated space on your drive, Windows 7 will often create an
additional 100 MB system partition during the installation. Refer to Figure 1.19,
which shows the 100 MB Disk 0 Partition 1: Reserved Partition. This partition is
reserved for:
System boot files the partition includes the boot manager code and
boot configuration database and other boot files needed to load the OS. If
the installation program does not create the system partition, Windows 7
stores these files in the system partition (root of C: drive).
BitLocker drive encryption this reserved space installs the start-up
files that allow you to enable BitLocker later on.
Windows Recovery Environment (WinRE) this holds tools that can be
used to recover Windows from many system errors after a failure.
Windows will only create the system partition if you create a new partition on
a disk that has no partitions created or if you delete all the current partitions
on the disk and then create a new one. However, if you are installing Windows
7 on a system that you are dual-booting with another OS, the installation
program will not create the system partition. Similarly, if there is no
unallocated space on the drive, the installation program will not create the
system partition. Also, Windows does not assign it with a drive letter but it is
listed in the Disk Management program in Windows.
Note
If the installation program creates a system partition, do not delete it.

If it is deleted, you can recover the system by using Windows 7
recovery procedures and the installation disc.
Page 613 of 1229
1.13 Performing an attended Windows 7 installation

In this exercise, you will perform a clean installation of Windows
7. You will need an assembled computer and the Windows 7
Professional installation disc. Your computer must be set to boot
from the optical drive. The steps and screen shots shown here
refer specifically to x64 Windows 7 Professional edition but will
also serve perfectly well as a guide to installing any 32-bit or 64bit Windows 7 edition. You should optionally have a product key
(an alphanumeric set of characters unique to your copy of
Windows 7) ready, but this is not needed since Microsoft gives
you a 30 day evaluation period.
1. Start the computer and place the installation DVD into the DVD drive or
plug in the USB drive. If the system is not configured to boot to the DVD or
USB, change the parameters in the CMOS Setup program and ensure that
the boot order is set to boot from the optical drive or USB drive first.
Tip
If you are running another Windows-based system, you can also start
the installation from within the OS. Place the DVD into the DVD drive,
browse to the DVD and double-click the setup program to start the
installation.
The DVD or USB should boot automatically and start the installation, but if a
prompt appears asking you to Press any key to boot from CD or DVD or
Press any key to boot from external device ... or something similar, then
press any key to do so. You only have a few seconds to press a key. This
prompt is a protective measure that indicates there is some kind of data on the
drive.
Tip
If the pre-installed Windows OS begins to boot or if you see a No

Operating System Found or NTLDR is Missing error, it most likely
means your computer is not set up to boot first from the correct
drive. To resolve this, change the boot order in CMOS Setup to
CD/DVD/BD drive, or External Device, first.
2. The beginning of the installation will involve Windows temporarily loading

files into RAM in preparation of the setup process. After this, you will see
the Windows 7 splash screen, indicating that the setup process is about to
begin. This part of the installation might take a minute or two.
3. A GUI installation screen will appear, as shown back in Figure 1.17. Select
English, choose English (South Africa) for the time and currency format
and choose the default US option for keyboard or input method.
4. Click Next.
Note
At this screen, there is an option to learn more about the installation

by clicking the What to Know Before Installing Windows link. Do
not click on the Repair your computer link. This link is used to start
Windows 7 Startup Repair or perform another recovery or repair task.
Page 614 of 1229
5. Click Install Now. This will officially begin the Windows 7 clean installation
process. This part of the installation will take some time; do not press any
keys here.
6. The Microsoft Software License Terms screen appears.
Note
Always read the small print when installing software, including

operating systems. Most software has legally binding limits on how
many computers it can be installed on, among other limitations.
7. Read through the agreement and if you agree to the terms, select the I
accept the license terms checkbox and then click Next.
8. When asked to select Upgrade or Custom (advanced), click Custom
(advanced). You will be asked to choose where to install Windows.
Assuming you had an earlier OS like Vista or XP on the drive, you could delete
the partitions for those operating systems to replace them with Windows 7 or
even a previous installation of Windows 7. Only complete this part of the
exercise if you need to, otherwise skip it! If you wanted to delete or
format a partition, you could:
Select the partition, choose Drive options (advanced) and click Delete
or Format.
Review the warning and click OK. For a deletion, all data on the partition
(including the OS, user files and everything else) will be deleted, and the
space from that partition will be added to unallocated space. For a format,
any data stored on the partition will be lost and the partition will be
formatted with NTFS.
Note
If you have multiple partitions on one or more drives, take care

not to delete or format the wrong partitions. You will not be able
recover data after deleting or formatting a partition.
If you wanted to extend a partition to include unallocated space, you could:
Select a partition and click Extend.

Enter the size that you want the partition to be after it is extended in the
Size text box. The text box defaults to the maximum size. If you want to
include all the unallocated space, leave this text box unchanged.
Click Apply. A dialog box appears indicating that this is not a reversible
action. Review the information and click OK. The partition will be resized to
the size you specified, and the unallocated space will decrease by that
amount.
9. If you need to, delete all existing partitions on the drive. Since we are
performing a clean install of the OS, you can delete the 100 MB System
Reserved Partition that was created when the previous OS was installed (if
any OS previously existed). The installation program will create a new
system partition.
10. Click New.
Page 615 of 1229
11.
12.
In the Size text box, enter the desired size of the partition. For this
exercise, enter 81920 for a size of about 80 GB. This should be sufficient
for the OS and any added programs such as virtualisation software and
user data for this guide.
Click Apply. Review the warning about Windows creating additional
partitions for system files and click OK. See Figure 1.20.
Figure 1.20 Creating a partition during installation

13. Select the drive and partition where you want to install Windows 7. Select
Disk 0 Partition 2 and click Next.
14. Windows 7 will begin the installation. The system will automatically copy
files, expand those files, install features and updates, update the registry
settings, start some services, load drivers, check video performance and
complete the installation. The system might restart several times during
this part of the process. This process can take some time, but it does not
require any interaction until the Set Up Windows screen appears.
15. When the Set Up Windows screen appears, enter a user name. This can
be your first name and last name or any identifiable text. The name of the
computer will be created automatically by appending the user name with
PC as shown on the left in Figure 1.21. However, you can enter a different
computer name if you want. In a network environment, enter the name
you would like your computer to have when viewed by other computers on
your network or enter one according to your companys policies.
16. Click Next.
17. On the Password screen as shown on the right in Figure 1.21, enter a
password that you can remember in the Type a password
(recommended) text box and in the Retype your password text box.
Page 616 of 1229
Figure 1.21 Entering username, computer name and password

during installation
Note
You do not have to enter a password, but as a security precaution, it

is recommended to use a strong password to protect your user
account from other people.
18. Type a word or phrase in the Type a password hint (required) text
box. This hint will display if you enter the wrong password when logging
on to Windows 7 and can be used with a password reset disk. Click Next.
19. If the Windows Product Key screen appears, you can enter your product
key.
If you leave the product key blank and click the Next button, you will only be
installing the Windows 7 edition named on the box or disc label, even though
every version is on the disc. The product key will both verify the legitimacy of
your purchase and inform the installer which edition you have purchased.
Leaving the product key blank simply installs a 30-day trial of the OS.
20. Leave the product key blank and click Next.
21. On the Updates screen, you can select Use Recommended Settings, Install
Important Updates Only, or Ask Me Later. This screen determines how you
want to set up Windows Automatic Updates.
22.
Use recommended settings this option automatically installs

updates and is the easiest setting for many users.
Install important updates only this option installs only the most
critical security fixes and updates and leaves the rest of the updates
up to you. This is useful as IT departments like to test out any updates
before rolling them out to staff.
Ask me later select this option if you can dedicate yourself to
checking updates on a weekly basis, as a system configured with this
option will not install any automatically.
Choose Use recommended settings.
Page 617 of 1229
23. On the time and date screen, make sure your OS knows what time it is.
Select your time zone such as (UTC +02:00) Harare, Pretoria and the
correct date and time and then click Next.
24. If your computer is connected to a network, you will be asked to choose
your computers location, as shown in Figure 1.22. If you are on a trusted
network, such as your home or office network, select the appropriate
option and your computer will be discoverable on the network. If you are
on an untrusted network like in a coffee shop, airport or you have mobile
broadband, choose Public network. For now choose Work network.
Figure 1.22 Choosing a computer location during installation

Note
If your computer is set up as a home network and Windows 7 detects

another computer on the same network running Windows 7 that has a
Homegroup set up, you will be asked to choose what kinds of files you
would like to share on that Homegroup and for the Homegroup
password. Enter the Homegroup password and click Next. If you do
not want to join the Homegroup, you can click Skip. A Homegroup is
a small network set up at home to make it easy to share resources
between Windows 7 computers.
25. Windows 7 will complete the setup by adding icons to the desktop,
preparing the desktop and so on and your desktop will appear. If you
chose the recommended settings for updates and were connected to the
Internet, updates will automatically be downloaded. If asked to restart the
computer, click Restart Now.
1.14 Post installation tasks

After installing Windows, you might need to:
Install the latest service pack or updates.

Install updated drivers.
Page 618 of 1229
Reconfigure any settings, such as network settings, that were found not to
work.
Install and configure any applications (office, email, web browser, etc.)
required by the user of the computer.
Activate Windows.
Restore user data.
1.14.1 Activation
The Windows OS uses an activation program that verifies whether the copy of
Windows is genuine or not. This program also checks to see if Windows has not
been used on more computers than the Microsoft Software License Terms
allow. You must activate Windows within a certain number days after
installation and you can do it over the Internet or by phone. Most systems are
configured to automatically activate Windows when connected to the Internet
and these systems begin trying to activate Windows three days after you log
on for the first time. The activation program pairs a product key with details on
the computer hardware.
Note
If you have to make a significant hardware change because of a

failure, you might need to reactivate Windows. You can usually do this
over the Internet, but in some cases, you need to call Microsoft to
reactivate the system.
To activate Windows 7 using a direct Internet connection:

Open Windows Activation by clicking Start, right-clicking Computer and
selecting Properties. The System window appears. From here you can click
Change product key and enter your product key in the wizard that appears.
Follow the instructions to enter the product key and continue with the steps to
activate Windows. For an Internet connection, you can click Activate
Windows now in the System window, as shown in Figure 1.23.
Figure 1.23 Activating Windows 7

Page 619 of 1229
If Windows detects an Internet connection, click Activate Windows online

now and then follow the instructions. To activate using a modem or phone,
follow the same steps but instead click Show me other ways to activate and
then follow the instructions.
1.14.2 Migrating user data

When installing a new OS for a user, that user often wants to keep their
personal data and settings from the previous OS installation. Both Windows
Easy Transfer and the User State Migration Tool can be used to capture this
information from the older version of Windows and re-apply it to the new
version of Windows:
You can use both of these tools to capture a wide variety of data and settings,
including:
Files and folders

User accounts and user profiles (a user profile contains settings for a
specific user account and is used whenever that account is logged into
Windows.)
Multimedia and email files
Settings for Windows, applications such as Internet Explorer, and other
programs.
All of the information you can capture is collectively called the user state.
Note
You typically will not have to migrate user data and settings for an
upgrade. This information will be migrated to the newer version as
part of the upgrade process. However, it is always a best practice to
back up user data before making any major system changes.
These programs move files and folders to locations that Windows understands.
For example, in Windows XP, the user profiles are stored in C:\Documents and
Settings by default. In Windows 7, the migration tool moves them from
Windows XP to the C:\Users folder.
1.14.2.1 Windows Easy Transfer (WET)
If you need to transfer files and settings from one computer to another in a
home or small office environment, you can use Windows Easy Transfer to do
so. For example, you can transfer files and settings from a Windows XP
computer to Windows 7 computer or between two Windows 7 computers. You
can use this tool to transfer information in the following ways:
Easy Transfer cable plug the cable into the USB port of the old
computer and the new one and transfer the files. This is not a regular USB
cable.
Network you can transfer files between computers that are connected
over a network.
Page 620 of 1229
USB flash/external drive you can transfer files to an external hard

drive or a flash drive connected to the old computer and then later on,
connect that drive to new computer and transfer the files.
Windows Easy Transfer is included in Windows 7/8 and can be downloaded for
Windows XP and Windows Vista systems. Free versions can be downloaded
from Microsofts download website (www.microsoft.com/download). Just
search for Windows Easy Transfer for Windows XP or Windows Easy Transfer
for Windows Vista respectively.
Tip
Windows Easy Transfer can transfer data from Windows XP/Vista/7.
In Windows 7, Click Start > All Programs > Accessories > System Tools
and choose Windows Easy Transfer. You must have administrative access to
run it, which you will be because the user account you created during the
installation is automatically made an administrator. Windows Easy Transfer
automatically selects files in the Documents, Music and Pictures folder, and
also allows you to choose additional files. Figure 1.24 shows some screenshots
of the program. If you click Advanced at the screen shown on the right, you
can select individual files and folders to migrate.
Figure 1.24 Windows Easy Transfer

After running this program, you can view any reports it has created by running
the Windows Easy Transfer Reports to see which files or settings were not
transferred. Although the Windows Easy Transfer tool does not transfer
applications such as Word, it can transfer settings for the application that is
installed on both the old OS and the new one.
Page 621 of 1229
1.14.2.2 User State Migration Tool (USMT)

You can use the more advanced USMT command line tool to migrate user data
and settings in larger business environments. It includes two primary
command-line tools:
Scanstate captures a wide variety of data and settings on the older

computer and stores it in a migration file. The migration file is used with
XML configuration files and can be stored on an external USB drive or
network share, as long as the computer can access the share.
Loadstate reads the data from the migration file and loads it into the OS
on the new computer. You run loadstate after replacing the computer or
completing a new installation.
There are many options when using the scanstate and loadstate commands,
including the ability to choose which users to migrate and whether to store
data in uncompressed, compressed, or compressed and encrypted format.
Tip
In practice, if you are transferring a single user, use Windows Easy

Transfer. If you need to transfer multiple users, use USMT. USMT is
included in the Windows AIK toolkit, available as a free download from
the Windows download site.
1.15 Upgrading Windows Vista to Windows 7

If you are upgrading Windows Vista to Windows 7, boot into Windows Vista
and log in. Run the Upgrade Advisor program and see if the upgrade is
possible. Then, place the disc into the drive and click the setup program to
start the installation. The installation process is very much like the clean
installation of Windows 7 but with a number of differences. First, instead of
choosing Custom (Advanced) on the installation screen, choose Upgrade.
Second, the upgrade will try to keep all your applications, settings and data.
Third, if you do not enter a product key during the installation, the next screen
will ask you to choose the Windows Vista edition you would like to install. You
should ensure that the current service pack is applied to Windows Vista before
upgrading.
1.16 Upgrading to Windows 8/8.1

If you are upgrading Windows XP with SP3 and Windows Vista/7 to Windows 8,
boot into Windows 7 and log in. The easiest way to upgrade is to download and
run the Upgrade Assistant to determine if your installed hardware, software
and connected devices can run Windows 8 and whether there are any
compatibility issues. If the program determines that your computer is capable
of running Windows 8, it will provide you with a way to buy, download and
upgrade to Windows 8.
Page 622 of 1229
The program will provide you with all the instructions on how to upgrade,
including whether to install the OS now or create media (DVD or USB) or install
later (the program will place an installation link on your desktop).
Alternatively, you can upgrade with a disc or USB. Place the disc into the
optical drive or plug the USB into the computer and click the setup program to
start the installation. Follow the instructions for there.
Here are the requirements for upgrading to Windows 8.1:
Windows 8 can be updated to Windows 8.1 from the Windows Store or from
media. Upgrading to a different edition of Windows 8.1 is supported from
media only. You can upgrade Windows 8 to Windows 8.1 and keep Windows
settings, personal files, and applications.
Volume licence versions of Windows 8, Windows 8 Enterprise, and Windows
8 Enterprise Evaluation versions cannot be upgraded from the Windows
Store. You must use media to upgrade these editions.
You must upgrade to Windows RT 8.1 from Windows RT by using the
Windows Store. Media is not available for Windows RT 8.1 upgrades.
To upgrade Windows 7 to Windows 8, you can buy and download Windows
8.1 using Windows 8.1 Upgrade Assistant and install Windows 8.1 now,
later or using media with an ISO file or a USB flash drive.
To upgrade to Windows 8.1 from Windows XP/Vista, you will need to install
it from a Windows 8.1 installation disc and perform a clean installation. This
means you will not be able to keep any files, settings, or programs when
you upgrade.
You can find more details about upgrade paths and if files and settings can be
kept by visiting the following website:
technet.microsoft.com/en-us/library/jj203353.aspx
Tip
Sometimes backing up your files and then performing a clean install is

the best option as it gives you the opportunity to start afresh and
clear several years of clutter on your hard drive.
Page 623 of 1229
Unit 2 Operating System Administration

Navigate the Windows 7 desktop.

Understand the function of User Account Control (UAC) and
change UAC options.
Use administration tools (Control Panel, Administration Tools,
Windows Registry and the Command Prompt).
Use the Shutdown command.

Module 1 Unit 2 (p.21-39) and Module 2 Unit 3 (p.43-45)

Review Questions:
o Administration Tools (p.39)
2.1 Navigating the Windows 7 Desktop

The main screen area of the user interface is called the Desktop. You will see
the desktop after turning on the computer and logging into Windows. Like the
top of a desk, the desktop serves as a surface for your work, that is, you can
work with open applications and place items such as files and folders on the
desktop and arrange them as you want. Figure 2.1 shows the Windows 7
desktop with some items that are shown automatically by the OS and some
that have been added to this desktop. The items in Figure 2.1 are briefly
explained in the sections that follow Figure 2.1.
Page 624 of 1229
Recycle Bin
Start
button
Desktop shortcuts Taskbar
Gadgets
Running open programs
Notification area
Frequently-used
pinned programs
Figure 2.1 Windows 7 Desktop

Note
You can customise the desktop by changing its background colour

(themes) or by adding a picture or icons to it and do more by simply
right-clicking an empty area of the desktop and choosing
Personalize.
Icons
An icon is a small image representing a program, file, folder or other item.
Double-clicking on an icon opens its associated program. Figure 2.2 shows
some examples of icons that can be placed on the desktop.
Figure 2.2 Icons
Page 625 of 1229
Recycle Bin
This icon represents a temporary storage area for items such as files and
folders that have been deleted. When you delete a file or folder, it goes to the
recycle bin for a period of time so that you can recover it within the time it is
kept. Figure 2.3 shows two Recycle Bin icons. The icon on the left indicates the
recycle bin is empty and the icon on the right shows that it has deleted files in
it.
Figure 2.3 Recycle Bin icon when empty (left) and full (right)
Desktop shortcuts
A shortcut is an icon placed on the desktop that links to a file or program
stored in another location, rather than the item itself. Double-clicking the icon
opens the item. Deleting the shortcut only deletes the shortcut icon, not the
original item. You can identify a shortcut by the arrow placed on its icon, as
Figure 2.4 Shortcut icon
Taskbar and Start menu

The taskbar is the horizontal bar at the bottom of the desktop. The
components of the taskbar include:
The Start
button opens the Start menu. See Figure 2.5. It is
called a menu because it provides a list of choices. Clicking the Start button
once opens the Start menu (otherwise you can press the Windows or start
key to open the menu).
Page 626 of 1229
Figure 2.5 Start menu

Use the Start menu to do these common activities:
1. Start programs installed within the Programs Groups. Above the divider line
at the top is items you have pinned to the Start menu while below the line
is the most frequently used programs that Windows automatically
computes. Pointing to a submenu arrow () next to a programs name
shows a jump list that gives you quick access to files you have opened
recently. All Programs near the bottom displays a list of every program
that Windows installs and system tools and programs that you have
installed on your computer, all in alphabetical order, followed by folders
with more programs inside them. The Startup folder contains programs
that open automatically every time Windows starts.
2. A personal folder with the account name. Click it to open personal libraries,
files and folders.
3. Instantly search for files, folders and programs by name using the Search
programs and files box (simply called the Search box).
4. Adjust computer settings in Control Panel and access drives in the Computer
folder.
5. Access devices and printers connected to the computer.
6. Get help with the Windows help system.
7. Shut down the computer and click on () to put it to sleep, log off from
Windows, switch to a different user account and restart or lock the
computer.
The frequently-used programs area of the taskbar shows icons that can be
clicked to open pinned programs that you use often, such as email and web
browser programs. Another taskbar feature is the Jump List. A jump list is a
list associated with each program and consists of items that you have most
recently used in the program as well as other common program tasks. To open
a Jump List, click and drag the icon in the taskbar upwards or right-click on the
icon, as shown in Figure 2.6.
Page 627 of 1229
Figure 2.6 Jump list for IE program
The Running programs area in the middle of the taskbar shows one or
more programs that are currently running. In Figure 2.7, two programs are
open (Calculator and Minesweeper) and each has its own button on the
taskbar. Because the Minesweeper program is in front of any other open
window, it is the active window and is ready for you to interact with it. You
can switch between them by clicking the programs button on the taskbar.
Figure 2.7 Two running programs on the Taskbar
The Notification Area on the far right side of the taskbar contains
commonly-used system icons for the date and time, volume control,
battery state (on laptops), network connections, removable device states
and other items. See Figure 2.8. These icons show programs running in the
background. The notification area is also called the system tray or
systray. Pointing to the Show Desktop toggle icon makes all windows
transparent Aero Peek while clicking it minimises or restores all open
windows.
Page 628 of 1229
Notification Area
Show Desktop toggle icon
Figure 2.8 Notification Area
Sometimes an icon will display a small pop-up window (called a
notification) to notify you, for instance, that Windows has completed the
installation of a driver for a USB device as shown in Figure 2.9, or when is it
safe for you to remove a USB device.
Figure 2.9 Notification shown in the Notification Area

Windows hides some icons in the notification area when they have not been
used. This keeps the notification area tidy. If icons become hidden, click the
Show hidden icons button to temporarily display the hidden icons.
Figure 2.10 Show hidden icons

Tip
You can right-click on one of these icons to enable, disable and

configure the related settings for that icon.
2.1.1 Customising the Start menu and Taskbar

You can customise the Start menu and Taskbar to your preferences by rightclicking on them and choosing Properties. Figure 2.11 shows the various Start
Menu and Taskbar properties that you can configure.
Page 629 of 1229
Figure 2.11 Taskbar Properties (left) and Start Menu Properties

(middle and right)
2.1.2 Windows Sidebar and gadgets

The Windows Sidebar is a feature of Windows Vista that hosts gadgets.
Gadgets are mini-programs that have specific functions, such as showing the
weather for a specific location (weather gadget) and displaying CPU and RAM
usage (CPU meter gadget). The sidebar is normally on the right side of the
desktop with gadgets docked in it. You can change the sidebars settings and
add and change gadgets by right-clicking them and then performing the
appropriate action.
Windows Sidebar is not available in Windows 7, but you can still add gadgets
to a Windows 7 desktop. If you right-click on an empty area of the desktop and
choose Gadgets, you will see what gadgets are available. You can then
double-click on them to add them to the desktop and then drag them around.
Figure 2.12 shows the gadgets available with Windows 7, with two gadgets
(CPU and RAM meter and weather) added to the desktop.
Figure 2.12 Windows Gadgets
Page 630 of 1229
Several gadgets are available by default, but many more are available online.
By clicking the link Get more gadgets online (shown at the bottom of the
Gadgets window in Figure 2.12), you will be able to browse through the
available gadgets on Microsofts website.
Note
Malicious users can write gadget programs, so only download gadgets

from trusted sources.
You can configure gadgets by right-clicking them or by using the Desktop

Gadgets applet in Control Panel.
2.1.3 Aero
What you have been seeing with Windows 7 is called the Aero desktop. Aero
adds a number of features to the desktop, such as adding transparency (seethrough glass effect) to window title bars and borders, lighting up window
buttons when you point to them and providing scalable icons and previews of
window and file contents. Windows Aero in Windows 7 also supports features
such as Peek, Shake and Snap.
Peek view the desktop and make open windows transparent by hovering
your mouse over the Show desktop button on far right hand side of the
notification area.
Shake click and hold the title bar of a window and shake the mouse. All
other windows will be minimised. If you shake the open window again, all
the other windows will be restored
Snap click and hold the title bar, and drag the window to the right, left or
top of your screen to resize it.
Another Aero feature called Flip 3D arranges open windows so that you can
quickly flip through 3D previews of them, as shown in Figure 2.13. To use Flip
3D, press the <Windows key> followed by the <Tab> key to start it. While
holding the <Windows> key, keep pressing <Tab> to cycle through the
windows and then when you have found the window you want, release both
keys to make that window the active window. Try <Windows> + <Shift> +
<Tab> keys to scroll through your windows in the opposite direction.
Page 631 of 1229
Figure 2.13 Aero Flip 3D

To use the Aero desktop, you must have a video adapter that supports it.
However, when you install the Windows OS, the installation will check your
video adapter to determine if it can support Aero. If your video adapter is
capable, Aero turns on automatically. To check, press the <Windows> +
<Tab> key combination. If Flip 3D appears, you have Aero, if it does not, Aero
is not active. Right-click on your desktop and choose Personalize. If you see
any Aero themes, you can choose one to activate the Aero desktop.
Note
The Windows desktop is controlled by the Desktop Window

Manager (DWM.EXE) process.
2.2 Application windows and dialog boxes

Applications are displayed in a window and you can change these windows
using various window components. Figure 2.14 shows the Windows Calculator
program open on top of the Windows Explorer program, with several common
components labelled.
Page 632 of 1229
Minimize
Navigation buttons
Menu bar
Maximize
Close
Resize
Scroll bar
Scroll
bar
button
Command bar
Calculator is active window
Figure 2.14 Windows Explorer and Windows Calculator
Minimize: click this button to minimise the window to the taskbar. Click the
icon on the taskbar to return the window to its previous size.
Maximize: click this button to resize the window to full screen.
Close: click the X button to close the application. If you did not save your
work, many applications will ask you to save it to a location before closing.
Menu bar: most windows have drop-down menus that are presented when
you click on a drop-down arrow or a menu button. A drop down menu
provides a list of choices that you can access by simply selecting the menu
item.
Command bar: some applications have a dynamic command bar. Selecting
an item displays common commands associated with that item.
Navigation buttons: allow you to go backward or forward through
windows or folders.
Scroll bar: appears when there are additional items for a screen. Drag the
scroll bar or click within the empty space of the scroll bar to move it.
Scroll bar button: click the small arrow to move the scroll bar in small
increments.
Resize window: hover your mouse over the border or corner of a window
until you see an arrow, then click and hold the mouse button and move the
mouse to resize the window. Release the button when you are happy with
the window size.
Active window: you can open and work with multiple windows at the same
time. The top Calculator window is the active window and responds to your
commands while the bottom Windows Explorer window is open and running.
Choose the bottom window to activate it.
Technicians often work with dialog boxes. A dialog box is a window that
provides information or requests input. You usually open a dialog box from
within another window, such as an application window.
Page 633 of 1229
For example, Figure 2.15 shows the Computer Name/Domain Changes dialog
box, which has been opened from the System Properties window, and the DNS
Suffix and NetBIOS Computer Name dialog box, which was opened by clicking
the More button in the Computer Name/Domain Changes dialog box. System
Properties (shown in the background in Figure 2.15) runs as a process and
both of these dialog boxes is a part of that overall process.
Tab
Checkbox
Textbox
Radio button
OK and
Cancel
Figure 2.15 Dialog Boxes
Tab: Each tab holds a group of related options. Click once on the tab to
make that particular major section active.
Checkbox: clicking inside a checkbox option places a check mark or tick
inside the checkbox and turns on that setting.
Textbox: this is an area where you can enter information.
Radio button: clicking on this enables the setting and places a solid dot in
the circle.
OK and Cancel: clicking the OK button applies the changes made within
the dialog box. Clicking the Cancel button cancels any changes made to
the dialog box. Clicking the Apply button applies changes immediately and
keeps the dialog box open for further changes.
Tip
When a dialog box is closed with the Close (X) button, changes in
the dialog box are not saved or applied. Click OK or Apply to save
changes.
Page 634 of 1229
2.3 User Account Control (UAC)

UAC is a security feature of Windows Vista and later Windows versions that
help prevent unauthorised changes from being made to the system. These
changes can be made by valid users and applications and unwanted malware.
UAC makes sure these changes are made only with the approval of the
administrator.
2.3.1 Account separation with UAC

UAC works for both standard user accounts and administrator accounts found
in Windows Vista/7:
Standard user this account enables users to do regular work and install
software and configure settings that do not affect other users or the
security of the computer.
Administrator this account has complete control over the computer and
can perform administrative tasks such as configure certain system settings
or install drivers.
Since Windows XP does not have UAC, malware can sometimes make changes
without the user knowing about it. UAC in Windows Vista/7 blocks this
malware. Anytime a user is logged on with an administrator account, the user
is assigned two security access tokens (a standard user and administrator
token). These are directly related to the standard user and administrator
account types. Most of the time, only the standard user access token is used,
and the user can do anything that a standard user can do. If the user tries to
do something that requires administrative privileges, UAC switches into Admin
Approval Mode, dims the screen by default and asks the user to approve the
action by displaying a UAC permission dialog box similar to that shown in
Figure 2.16.
Figure 2.16 UAC dialog box

Note
Any setting or feature requiring administrator rights has a small shield

icon
to indicate that a UAC dialog box will appear and
administrative privileges are needed to continue.
Page 635 of 1229
Simply click on Show Details to get the location of the program that caused
the UAC dialog box to appear, or click Hide Details to hide this information.
Figure 2.17 shows another kind of UAC dialog box. An important piece of
information in this kind of UAC dialog box is the Publisher, which identifies who
created the application that is being started. If Windows can verify the
publisher, the publisher appears as Verified Publisher. However, if Windows
cannot verify the publisher, the publisher appears as Unknown, as shown in
Figure 2.17.
Figure 2.17 UAC dialog box with unknown publisher

Note
Windows will usually verify legitimate companies. However, malicious

software being started will always appear as Unknown. If you see a
UAC dialog box with Unknown icon
, you should be suspicious,
especially if you did not take action to modify your system.
By default, UAC dims the desktop to prevent third-party software from tricking
you by displaying a fake authorisation dialog box, and disables all other
interaction with the system. The darkened desktop is called the secure
desktop and it prevents any other program from running. If you do not have
administrator permissions with the current account, you will be asked to enter
the username and password or only a password for an administrator account.
If you are an administrator, you must either click Yes or Continue to approve
the action or click No to block it.
Note
There are other UAC dialog boxes that notify you when a program
that is not part of Windows needs your permission to start, shown
with the
icon, and a dialog box with the blocked icon
to notify
you when a program has been blocked by a security policy.
2.3.2 Configuring UAC

There are a number of ways to disable or enable UAC. The GUI methods are
either to use msconfig (disable or enable for all users in Windows Vista) or
User Accounts applet in the Control Panel (disable for a specific user in
Windows Vista/7).
Page 636 of 1229
You can find the Disable and Enable UAC on the Tools tab of msconfig and you
will need to restart the computer to apply the changes.
You can change the settings for UAC in the Control Panel on Windows 7 with
the following steps:
1. Click Start > Control Panel. If necessary, change View by from Category
to Large Icons.
2. Select Action Center.
3. Select Change User Account Control Settings.
Note
There are multiple ways of finding settings in the Control Panel. You
can even use the Search box in the Start menu to access many
settings. For example, type user account control in the Search box
and select Change User Account Control Settings option from the
list that appears.
The User Account Control Settings dialog box will appear, as shown in Figure
2.18.
Figure 2.18 UAC Notifications

4. You can slide the bar to select one of the following actions:
Always Notify: the most secure setting that will notify you before
changes that require administrator permissions are going to be made. It
uses secure desktop.
Notify Me Only When Programs Try to Make Changes To My
Computer: you will be notified before programs make changes, but not
if you try to make changes to Windows settings that require
administrator permissions. It uses secure desktop.
Page 637 of 1229
Notify Me Only When Programs Try To Make Changes To My

Computer. (Do Not Dim My Desktop.): same as Notify me only when
programs try to make changes to my computer, but without using secure
desktop.
Never Notify: the least secure method with no secure desktop. If you
choose this option as an administrator, programs can make changes to
your computer without notifying you. If you are a standard user, any
changes that require administrator permissions that you try to make will
automatically be denied.
Note
Windows Vista does not have all these UAC notification options.
Instead, you can only turn UAC on or off and this can be done in the
User Accounts applet in Control Panel.
5. You can accept the setting by clicking OK, or you can cancel by clicking
Cancel.
Note
Disabling UAC is not recommended.
2.4 Common GUI administration tools

There are many tools in Windows that can be used to configure OS and
hardware settings. Some tools need administrator privileges to run while
others can be run as an ordinary user.
2.4.1 Right-click
Every item on the Windows desktop is called an object. To open an object,
double-click on it, and to change something about the object, right-click on it.
Right-clicking on an object displays a shortcut or context menu and it works on
almost everything in Windows. Figure 2.19 shows the result of right-clicking on
Computer in the Start menu.
Figure 2.19 Right-clicking on Computer
Page 638 of 1229
2.4.2 Control Panel

The Control Panel has many common mini-programs called applets that can
be used to configure a wide variety of system settings, monitor the status of
devices, add and remove hardware and programs, configure network
connections, control user accounts and change accessibility options. The
names and selection of applets vary between the different versions of Windows
and whether any installed third-party programs have added applets. Applets
are represented by icons.
Every applet in the Control Panel is a file with the .CPL extension. If you get
an error when opening the Control Panel, it is most likely a corrupted CPL file.
To fix this type of error, you have to rename all of the CPL files with another
extension (such as .CPB) and then rename them back to .CPL one at a time,
each time reopening the Control Panel, until you find the CPL file that is
causing the problem.
Control Panel can be opened by going to Start > Control Panel.
2.4.2.1 Views
By default, Control Panel applets are displayed in a Category view, which
groups applets together into categories like System and Security instead of
listing them individually. You can change the view so that applets are listed
individually. On Windows XP/Vista, choose Classic View to list applets
individually. On Windows 7, choose Large icons or Small icons to list them
individually. See Figure 2.20. The figure shows the Control Panel in Windows 7
on the left and Windows XP on the right. On Windows 7, (1) shows categories;
(2) shows configuration applets; (3) shows the Category view with Large and
Small icon options; (4) shows the Search box that can be used to search for
applets by name; (5) shows the breadcrumb navigation where you can enter
paths to files and folders. On Windows XP, the view is set to Classic View. You
can click Switch To Category View (6) to switch to Category view.
Figure 2.20 Windows 7 Control Panel (left) and Windows XP Control

Panel (Right)
Note
Some applets are controlled by UAC and require authorisation before

you can use them.
Page 639 of 1229
2.4.3 Computer and System Properties

My Computer in Windows XP or Computer in Windows 7/Vista can be
accessed by clicking Start > Computer or by typing Computer in the Start
menus Search box and selecting Computer from the list that appears.
Computer is tightly integrated with the file browsing Windows Explorer
program and Microsoft refers to Computer as a folder. From this folder you can
browse the contents of the hard drive, optical disc, USB flash/external drives,
memory cards, printers and any network drives that have been mapped. To
view the contents of a drive or folder, simply double-click it.
Figure 2.21 shows the Windows 7 Computer window. Two drives are listed in
the figure: C: Local Disk is the hard drive and CD Drive (D:) is the optical
drive. The command bar or toolbar at the top has several menu items including
Organize, System Properties, Uninstall or change a program and Map network
drive items.
Figure 2.21 Windows 7 Computer

By clicking on the System properties button within Computer, you can
access general System properties. You can also access System properties by
right-clicking Computer in the Start menu and choosing Properties or by
opening the System applet in Control Panel.
Figure 2.22 shows the System applet opened in Windows 7. Notice that there
are several active links to Device Manager, Remote settings, System
protection, and Advanced system settings in the left pane, and the middle
pane provides some information about the system, such as the OS edition and
service pack installed, system manufacturer and model, Windows Experience
Index (horsepower score), CPU and amount of RAM installed, computer name
and workgroup/domain name and activation status.
Page 640 of 1229
Figure 2.22 Windows 7 System applet

Windows XP has a System Properties dialog box that displays some of the
same information as that in Windows 7. Instead of links, Windows XP includes
multiple tabs. For example, on Windows XP, you have to select the Hardware
tab and click the Device Manager button to open Device Manager; on
Windows 7, click on the Device Manager link to open it.
2.4.4 MMC
The Microsoft Management Console (MMC) is a blank console that holds
individual configuration tools called snap-ins. Some tools come pre-configured
in an MMC and you can add snap-ins to an MMC to group all your favourite
tools into one console. You can add as many snap-ins to the console as you
want and there are many to choose from. Many companies sell third-party
tools as MMC snap-ins.
You can use the following steps on a Windows 7 computer to create an MMC
for your own use:
1. Click Start and type mmc in the Search box.
2. Select MMC from the list that appears. If prompted by User Account
Control, click Yes to continue. A blank MMC console will appear, as shown
on the left in Figure 2.23.
Note
The same steps listed here apply to Windows Vista. Many of the steps
done on Windows 7 throughout this module apply to Windows Vista as
well. To start an MMC in Windows XP, select Start > Run to open the
run dialog box and type mmc and press <Enter> to open a blank
MMC.
Page 641 of 1229
3. Click the File menu and select Add/Remove Snap-In.

4. In the Add or Remove Snap-ins dialog box, you will see a list of available
snap-ins, as shown on the right in Figure 2.23.
Figure 2.23 Blank MMC console (left) and Add or Remove Snap-ins
dialog box (right)
5. Select Device Manager in the list and click the Add button to open a
Device Manager dialog box that asks you to choose the local or a remote
computer for the snap-in to work with.
Note
You can add tools from other computers in your network by selecting
Another Computer and entering that computers name or IP
address. However, you will not be able to use snap-ins from another
computer it if you do not have administrative privileges on that
remote computer. You will be able determine the difference between
the local and remote computer by the designations local and remote
(or the remote computers name or IP address) shown next to the
name of the snap-in.
6. Choose Local computer for this exercise and click the Finish button. Click
OK to close the Add or Remove Snap-ins dialog box.
7. You should see Device Manager on local computer listed in the left page
of the console as shown in Figure 2.24. Click it. A list of devices by type
should be listed in the middle pane. You can expand each device type as
you wish.
Page 642 of 1229
Figure 2.24 Device Manager as a snap-in

An MMC console in Windows Vista/7 is a three-pane window. The left pane has
all the modules that you will work with, such as the Device Manager and Disk
Management; the middle pane shows the details or lists the sub-modules of
whatever you click in the left pane and the right pane gives additional actions,
which are also available on the menu bar. Once you have added the snap-ins
you want, just save the console with a name, anywhere you want.
8. Click File > Save As. Select Desktop.
9. Type in MyConsole as the name and click Save. You can now start the
console from the desktop without reconfiguring it.
You can start many snap-ins directly by running a command without having to
add snap-ins in an MMC. On Windows XP, you can click Start > Run and type
in the command. On Windows Vista/7, you can click Start and type the
command into the Search box. Table 2.1 shows the commands for common
snap-ins. With a few exceptions, you need to include the .msc extension when
using these commands.
Table 2.1 Commands to start common snap-ins
Command
devmgmt.msc
eventvwr.msc
Snap-in name
Device Manager
Event Viewer
gpedit.msc
Group Policy Editor
perfmon.msc
Performance
Description
Use to manage devices and drivers.
Use to view logs. System, security
and application events are recorded
in logs.
View and manipulate local Group
Policy settings.
Use to monitor system performance.
Page 643 of 1229
Command
services.msc
secpol.msc
taskchd.msc
wf.msc
Snap-in name
Services
Description
View, start, stop and manipulate
services.
Local Security Policy
View
and
manipulate
security
settings for the local system.
Task Scheduler
Use to schedule tasks.
Advanced
Windows Use to manipulate advanced settings
Firewall
for the firewall.
2.4.5 Administrative Tools

Administrative Tools is an applet in Control Panel that contains a number of
shortcuts to pre-defined MMC consoles. Each console has one or more snap-ins
that is used to configure advanced settings for the computer. The available
consoles are slightly different between the different OS versions, but each
version includes an Administrative Tools group via the Control Panel.
To open Administrative Tools, click Start > Control Panel, change the view to
list applets individually and select Administrative Tools (or you can find it
under the System and Maintenance). See Figure 2.25.
Figure 2.25 Administrative Tools

Table 2.2 gives a brief description of the consoles in Administrative Tools. The
main consoles will be explored in more detail later on.
Page 644 of 1229
Table 2.2 Administrative Tools

Console
Component
Services
Computer
Management
Data Sources
Event viewer
iSCSI Initiator
Local Security
Policy
Performance
monitor
Print
Management
Services
System
Configuration
Task Scheduler
Windows Firewall
with Advanced
Security
Windows Memory
Diagnostic
Windows
PowerShell
Modules
Description
Use to administer distributed server applications or
reconfigure security permissions for existing services.
Use various tools to configure users and groups, disks,
services, devices, monitor events, manage system
performance and so on.
Control data connections to local or remote databases (or
data sources).
View information about system, security and application
events recorded in logs.
Set up connections to network-attached storage devices.
View and edit many security settings on the local computer
only, to lock down the computer. Computers joined to a
domain get their security settings from the domain security
policies.
View and track system performance.
Monitor and manage shared and non-shared printers and
print drivers.
Manage software and hardware services running in the
background.
Access boot configuration, service startup, startup
applications and system tools. Useful for identifying
problems that can prevent Windows from starting correctly.
Schedule programs or tasks to run automatically or when
system events occur.
Configure more advanced Windows firewall settings.
Use to run tests on the computers RAM when you suspect
memory problems.
Use Windows PowerShell, a task automation framework
consisting of a command line shell and scripting language.
This console can be used to package PowerShell scripts and
functions for distribution and reuse.
2.4.6 Run and Instant Search

You can use the Run command to directly open a program, execute a
command or open a file whose path you know about. In Windows XP, click
Start > Run to open the Run dialog box. In Windows Vista/7, click Start > All
Programs > Accessories and click on Run, or type run into the Start menus
Search box and then press <Enter>. You can also open the run dialog box by
using the <Windows> + <R> key combination in all versions. Figure 2.26
shows the Run dialog box.
Page 645 of 1229
Figure 2.26 Run dialog box

You type in a command, program file name, or a path to a local or remote file
in the Open textbox, click OK and that program or command is executed or
file path opened. Commands that are interactive will open the command
prompt window for input and commands that are non-interactive will open
the command prompt briefly and close it again as the command executes.
You can use the drop-down list to see a list of items you have previously
entered (as shown in Figure 2.26) and use the Browse button to browse to
executable files.
In Windows Vista/7, the Instant Search box that appears on the Start menu
provides much of the same functionality as the Run command. That is, you can
execute programs and configuration options using simple names and access
file paths before pressing <Enter>. You can also access the Search box by
pressing the <Windows> key. See Figure 2.27.
Figure 2.27 Entering information at the Instant Search box and

receiving results
Page 646 of 1229
2.5 Understanding files, folders and drives

A file is a collection of any kind of data that is stored after a job is executed. It
can contain program instructions or data, which might be text, numbers,
characters, images, videos, sounds and so on. The structure of a file in the
Windows OS is as follows:
An icon represents the application used to open the file.

A filename is the name that you or the OS assigns to the file.
A file extension is a set of three or four characters shown after the period
or dot(.) that appears at the end of the filename. The file extension tells
the OS how the file is organised or formatted, the type of content inside the
file and what application it should use to open the file. The extension is
usually hidden from the user by default. Some examples of file extensions
are .exe for executable files, .txt for text files and .htm or .html for web
pages. An example of a word processing file called Mydoc with the file
extension .docx is shown below:
All files are grouped into folders (also called directories). A folder inside
another folder is called a subfolder and a directory inside another directory is
called a subdirectory. (The terms directory and folder describe the same
thing. Folder is a more modern term, introduced when the GUI desktop
metaphor became widespread.) Any folder can have multiple subfolders.
Examples of the types of folder icons likely to be seen are shown below:
Here are a few items to remember about folder names and filenames:
Folders and files can have spaces in their names, but are limited to a
maximum of 255 characters (including spaces).
The only characters you cannot use for file and folder names are \ / ? : * "
><|
Files do not have to have extensions, but Windows will not know the file
type without an extension.
Folder names can have extensions but they are not commonly used.
Note
Two or more files with the same name can exist in different folders,
but two files in the same folder cannot have the same name. In the
same way, no two subfolders under the same folder can have the
same name, but two subfolders under different folders can have the
same name.
Page 647 of 1229
2.5.1 Drive letter assignments

To identify each hard drive or partition or volume, optical drive and other
drive, the Windows OS assigns them a drive letter or optional name when
the computer boots. Drives letters are followed by a colon (:). Letters A: and
B: are used for the first and second floppy drives by default. Hard drives
usually start with the letter C: and optical drives by default are given the next
available drive letter after the last hard drive. So if you have one hard drive
with the letter C:, the optical drive will be given the drive letter D:. The drives
detected by the OS can use drive letters A: through Z:. You can change the
default drive letters for drives, so you are likely to see all kinds of lettering
schemes. Figure 2.28 shows the Computer window in Windows 7 that shows
the hard drive assigned the letter C:, another internal hard drive the letter E:,
a flash drive the letter H: and the DVD drive the letter D:.
Figure 2.28 Viewing drive letters in Computer
2.6 Directory structure and common file locations

Windows uses a hierarchical directory tree structure to organise the contents
of drives. A directory structure is the way the operating systems file system
and files are organised and displayed to the user. Each drive contains a root
directory, which sits at the top of the hierarchy. All the other directories and
subdirectories sit below the root. The root directory is represented by a
backslash (\). Figure 2.29 shows the sample directory structure of Windows
7. The root directory is like the root of a tree and its subdirectories are like the
trees branches.
Page 648 of 1229
Figure 2.29 Typical Windows Directory Structure

When describing a drive, you use its letter and a colon such as C:. To describe
the root directory, use the \ after the C: (as in C:\). To describe a particular
directory, add the name of the directory. For example, if a computer has a
directory in the root directory called Diploma, it is C:\Diploma. Subdirectories
in a directory are displayed by adding backslashes and names. If the Diploma
directory has a subdirectory called Aplus, it is shown like this:
C:\Diploma\Aplus. If the C:\Diploma\Aplus directory includes a file called
exam.txt, it is C:\Diploma\Aplus\exam.txt.
Note
The exact location of a file is called its path. The path for the
exam.txt file is C:\Diploma\Aplus\.
Keep note of the following points about the path:
Use a \ to separate the items in a path. The \ divides the file name from the
path to it and one directory name from another directory name in a path.
Use a \ as required as part of the volume name, for example C:\ in
C:\path\file.
Do not assume case sensitivity. For example, consider the names DIPLOMA,
Diploma, and diploma to be the same, even though POSIX-compliant file
systems may consider them as different. NTFS supports POSIX for case
sensitivity but this is not the default behaviour.
Drive letters are not case-sensitive. For example, D:\ and d:\ refer to the
same volume.
2.6.1 Common file locations

There are many files and folders that are common to all Windows versions.
Some of these files are found in the same locations in each version of Windows
and some are located in different locations. Table 2.3 shows the location of
common files and folders in each Windows edition.
Page 649 of 1229
Table 2.3 Common Windows file locations

Root drive
Windows
files
System files
Program
files
Temporary
files
Fonts
Offline Files
Default location
C:\
Description
Also called the system or active
partition, it contains the files needed to
boot the computer.
C:\Windows
Also called system root or boot
partition, this is the default location
where the Windows OS files are stored.
C:\Windows\System32 Contains critical system files. All
programs and drivers that make
Windows run are stored here. 64-bit
Windows versions also store critical
files in C:\Windows\SysWOW64.
C:\Program Files
Contains the files for all installed
applications.
C:\Windows\Temp
Stores any temporary files created by
Windows or any application running on
Windows. Files are written to this
location on a non-stop basis and
Windows deletes the files automatically
as needed.
C:\Windows\Fonts
Contains all installed fonts.
C:\Windows\CSC
Also called Client Side Cache, it
temporarily stores offline network files
and web pages that are viewed offline.
Windows automatically deletes this
folder when it needs the space.
2.6.2 User profile locations

Multiple users can log on to the same Windows computer at different times.
Users can personalise the computer by changing settings based on their own
preferences. For example, users can change the desktop background, themes,
screen savers, sound settings and save different favourites in Internet
Explorer.
Windows keeps each users desktop environment, personal settings and files in
a folder called a user profile. The user profile is named after the users
account and is user-specific. When a user logs on, the users profile is loaded,
giving that user the same settings from the last time he/she logged on. Table
2.4 lists the locations of the profiles for different operating systems.
Table 2.4 Location of user profiles
Operating system
Windows XP
Windows Vista
Windows 7
Default location
C:\Documents and Settings\username
C:\Users\username
C:\Users\username
Page 650 of 1229
Figure 2.30 shows Windows Explorer opened to the profile of a user named
Sibulele on a Windows 7 system. The path is C:\Users\sibulele. You can view
these folders within Windows Explorer, but most settings are changed through
the OS. For example, when a user creates a Favorite in Internet Explorer, the
information is stored in a folder in the profile but the user makes the change
only in Internet Explorer.
Figure 2.30 User profile

Note
Profiles enable multiple users to use the same computer with their
own settings and preferences, but the real benefit of user profiles is
on a network, where the profile for each user can be stored on a
network server and accessed whenever the user logs on to any
Windows computer on the network. User-specific settings can follow
the user from system to system.
2.7 Command prompt

Another way you can perform tasks is by running commands at the command
prompt, also known as the command line interface (CLI) or simply just
command line. Although most configuration tasks are done in the GUI and
users can manage without having to use the command prompt, technicians use
the command prompt to perform various administration and troubleshooting
tasks such as:
Reinstall corrupted or lost system files.

Recover data from unbootable systems.
Format and partition disks.
Print file listings which cannot be done in the Windows Explorer GUI
program.
Copy, move and delete data.
Display and configure some OS settings.
There are many tools available at the command prompt that can be used to
configure, test and troubleshoot a system (or networked systems).
Page 651 of 1229
2.7.1 Starting the command prompt

The command prompt dates back to the old Microsoft Disk Operating System
(MS-DOS). Before Windows, users were required to type commands at the
command line. Windows has come a long way since MS-DOS, but much of the
same functionality of MS-DOS is built into the command prompt. Command
Prompt is available in all current Windows operating systems. Before you can
start entering commands, you must first open the command prompt as
follows:
On Windows XP/Vista/7, click Start > All Programs > Accessories and
select Command Prompt.
On Windows XP, click Start > Run, type in cmd and press <Enter>.
On Windows Vista/Windows 7, type command in the Search box of the Start
menu and select Command Prompt.
Figure 2.31 shows the basic Command Prompt window in Windows 7.
Figure 2.31 Command Prompt window on Windows 7

After the command prompt window appears, you can start entering
commands. You simply type in a command and then press the <Enter> key to
execute it. For example, you can type the following command at the command
prompt and then press <Enter>:
ipconfig
The output or result of this command will display Internet Protocol (IP) address
configuration information for your system. The text before the greater-than
sign (>) is called the command prompt, or simply just the prompt. You will see
a blinking cursor after the >, prompting you to enter a command.
2.7.2 Starting the command prompt with admin privileges

There will be occasions when you will need to start the command prompt with
administrative privileges. For example, you might execute a command and see
one of the following errors:
The requested operation requires elevation

Access is denied
Page 652 of 1229
These errors indicate that the command requires administrative privileges to

execute.
If you start the command prompt with administrative privileges, the command
will execute without an administrator-related error.
Tip Starting the command prompt with administrative privileges enables you
to run all commands entered within the prompt with administrative
privileges. However, permissions in other applications are not affected.
To start the command prompt with Administrative privileges:
On Windows Vista/7, right-click Command Prompt and select Run As

Administrator as shown in Figure 2.32. If prompted by UAC, click Yes to
continue.
On Windows XP, right-click Command Prompt, select Run As and enter
the username and password for an administrator account.
Figure 2.32 Running the command prompt with admin privileges

Figure 2.33 shows the differences you will see in the administrative Command
Prompt window. You can see that the title bar is labelled Administrator:
Command Prompt instead of just Command Prompt.
Figure 2.33 Command Prompt with administrative privileges
Page 653 of 1229
2.7.3 Command Prompt vs. Cmd

cmd.exe is the application that runs the command prompt. In addition to
starting the command prompt, you can also start it in Windows Vista/7 by
clicking Start, typing cmd in the Search box, and choosing cmd. In contrast,
the previous instructions specified typing in command and choosing Command
Prompt. There are some small differences between the two:
Using cmd will start the cmd.exe application directly and will display
C:\Windows\system32\cmd.exe in the windows title bar.
Using command creates a shortcut in the logged on user user profile that
points to the C:\Windows\system32\cmd.exe application. The same
cmd.exe application runs, but the shortcut creates a slightly different
environment, with Command Prompt shown in the windows title bar.
If you click Start, type in command, right-click Command Prompt and
choose Properties, you will see all the properties of the shortcut.
In contrast, if you click Start, type in cmd, right-click cmd and choose
Properties, you will see the properties of the cmd.exe application. There
are fewer property options for the application than there are for the
shortcut.
2.7.4 Understanding paths

The command prompt is always focused on a specific directory. Any commands
executed are performed on the files in the directory on which the prompt is
focused. You might have noticed that the prompt includes information before
the >. This identifies the path, which is the current drive and the current
working directory. For example, if you see a prompt that looks like the
following line, you will know that the focus is on the root directory of the C:
drive:
C:\>
If you see a prompt that looks like the following line, you will know that the
focus is on the C:\Diploma\Aplus\ directory of the C: drive.
C:\Diploma\Aplus>
The trick to using a command prompt is to first focus the prompt on the drive
and directory where you want to work. As another example, if you refer back
to Figure 2.31, you will see the path displayed as C:\Users\sibulele. The
system will use this as the default path for any commands that are executed.
For example, if you execute the dir command to list the contents of the
directory, it lists the contents of the current directory/path. Figure 2.34 shows
this same path but within Windows Explorer.
Page 654 of 1229
Figure 2.34 Windows Explorer folders
2.7.5 Default paths

If you run a command that is not included in the current directory or path, the
system will search through the other paths it knows about for that command.
For example, if you execute the ipconfig command, the system will first look in
the current path (such as C:\Users\Sibulele) for ipconfig and if it cannot find
the command there, it will search through the other known paths.
To view the known paths for your system, you can type path at the prompt
and press <Enter> to execute it. The output of the command should be
similar to the following:
PATH=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Wi
ndows\System32\WindowsPowerShell\v1.0\
Each path element is separated by a semicolon (;), so there are actually four
paths:
C:\Windows\system32
C:\Windows
C:\Windows\System32\Wbem
C:\Windows\System32\WindowsPowerShell\v1.0\
In this example, the ipconfig.exe program is located in the

C:\Windows\system32 directory and will therefore be run from that location. If
the system cannot find the command in the current path or in any path it
knows about, it will display an error. For example, if you incorrectly enter
ipnfig instead of the correct ipconfig command, the system will display the
following error:
'ipnfig' is not recognized as an internal or external command,
operable program or batch file
Page 655 of 1229
2.7.6 Commands, programs and batch files

If you enter a valid command at the prompt, it will run. A valid command can
be any of the following:
Internal command: this is one of the many commands built into the
cmd.exe program. They do not require an external application to run. For
example, the copy command is a built-in command.
External command: this is not built into the cmd.exe program, but instead
is executed from an external file. For example, the ipconfig command runs
the ipconfig.exe program located in the C:\Windows\system32 folder. These
files are normally found in this directory.
Executable program: this is a file with one of these extensions: .com,
.exe, .cmd, .msc, .js, .jse, .vbs, .vbe, .wsf and .wsh. For example,
dxdiag.exe is the program name for the DirectX Diagnostic Tool. If you
enter dxdiag at the prompt, it will start the DirectX tool.
Batch file: this file contains a group of one or more commands and is
saved with the .bat or .cmd file extension. When the batch file is executed,
all the commands are executed.
Note
An external command can be considered an executable program

because it usually has a .exe extension.
2.7.7 Understanding extensions

In the past, all Windows files were named with an eight-dot-three (8.3)
format. For example, ipconfig.exe has a file name with eight letters (ipconfig),
a dot (.) and a file extension with three letters (exe). The extension is
important because the OS uses it to determine what type of file it is and then
associates the extension with a specific application. For example, if someone
gives you a file with a .doc extension, you can double-click it and it will open
the file with Microsoft Word.
Windows is no longer restricted to this format. File names and extensions can
now be longer.
Windows usually limits the full path, file name and extension to 260
characters, but the file name must actually be shorter than that, since the
complete path (such as C:\Data\APlus Results 2015) is included in this
character count. For example, consider an Excel file stored in the C:\Data
folder. The full name is C:\Data\APlus Results 2015.xlsx. This path has a total
of 31 characters (C:\Data is 8 characters and APlus Results 2015.xlsx is 23
characters).
Note
Exceptionally long paths that cause the file to exceed the 260character limit sometimes cause problems, particularly with the error
that appears when copying a file with a very long file name to a
location that has a longer path than its current location.
Page 656 of 1229
The .exe (short for executable) and .com (short for command) file extensions
are used for program files. Anything that is not a program is usually some kind
of data that supports a program and the extension for the data file will indicate
which program uses that file. For example, Microsoft Word uses .docx and
Powerpoint uses .pptx. In contrast, graphics file extensions often reflect the
graphics standard used to render the image, such as .jpg for the JPEG (Joint
Photographic Experts Group) format.
The assoc command enables you to view known extension associations at the
command prompt. Figure 2.35 shows the output from executing the assoc
command.
Figure 2.35 Viewing known file extensions

You can view the applications that will start for specific extensions by entering
the ftype command. Alternately, on Windows Vista/7, start the Control
Panel, type assoc in the Search box and select Change The File Type
Associated With A File Extension from the results list to see the known
extensions and associated applications. See Figure 2.36. You can change the
default programs by selecting Change program.
Figure 2.36 Viewing program file extensions
Page 657 of 1229
Note
Changing the extension of a data file will not affect the files contents,
but without the correct extension, Windows will not know which
program uses it and will ask you to browse for a program to open the
unknown file with.
2.7.8 Command prompt basics

There are some basic rules and guidelines for using the command prompt and
running commands. When you understand the basics, you will find it much
easier to understand the more advanced topics. The following sections cover
the basics.
2.7.8.1 Case sensitivity
For most commands, it does not matter what case you use when you enter
them. You can use uppercase, lowercase, or a mixture of both. For example,
all three of the following commands work in exactly the same way:
ping
PING
PinG
Ping is used to test network connectivity. However, there are commands that
must be entered using a specific uppercase or lowercase letter, but they are
rare.
Note
Where the case matters for any commands in this study guide, it will
be stated. Similarly, documentation will usually inform you if the case
matters.
2.7.8.2 Command syntax

All commands in Windows use a similar structure and execute in the same
way. The proper way to write a command is called its syntax. You type the
name of the command at the prompt (>), then an argument of that command
(if any) and any switches of that command that you want to apply. All
commands have a basic syntax as follows:
command argument (if any) switch (if any)
OR
command switch argument (if any) switch (if any)
Argument: also known as a parameter, an argument identifies sources or

destinations of data (such as file paths) that are passed to a command. For
example, the command copy C:\this.txt C:\that.txt has two arguments:
C:\this.txt and C:\that.txt.
Switch: also known as an option, a switch modifies the operation of a
command. It is usually placed at the end of the command with a forward
slash (/). Switches might or might not be case-sensitive.
Page 658 of 1229
Table 2.5 shows the command line syntax in its most basic form.
Table 2.5 Command line syntax
Command Argument
Do this
To this (if any)
/Switch
Like this
For example, Table 2.6 breaks down the command format H: /fs:ntfs and
then explains what it means.
Table 2.6 Syntax example: format H: /fs:ntfs
Command Argument
Format
H:
Format
this hard
drive
/Switch
/fs:ntfs
with the NTFS file system
As another example, Table 2.7 breaks down the dir /p command and then
explains what it means.
Table 2.7 Syntax example: dir /p
Command Argument
dir
Show
the contents of this directory
(Nothing here means perform this
action in the current directory.)
/Switch
/p
pausing one screen at a
time
The argument field in Table 2.7 is empty because the command does not have
an argument, only a switch. This illustrates that many commands are run
without arguments. Yet another example is shown in Table 2.8, which breaks
down copy E: C:\Aplus.
Table 2.8 Syntax example: copy E: C:\Aplus
Command Argument
copy
E: C:\Aplus
Copy
everything on the E: drive to the Aplus
folder on the hard drive. (A space is
placed in between the two arguments.
The backslash means down a level.)
/Switch
(Nothing here means
that nothing is
modified.)
A single space is normally entered between commands, arguments and

switches. Almost all switches can be used together to modify a command. For
example, dir /w /p. Some commands will work without a space before a
switch. For example, ipconfig/all works the same as ipconfig /all. However,
some commands require spaces between the command and switches. In
general, get into the habit of inserting spaces between the command and
switches to avoid running into problems.
Different commands support different switches, that is, the /all switch works
with ipconfig but not with the xcopy command (as in xcopy /all).
Page 659 of 1229
Tip
Many commands also support the use of the dash (-) as a switch,
instead of the slash (/). That is, you can use ipconfig -all and it will
work the same as ipconfig /all.
If you want to find out the syntax and switches used by a particular command,
the best thing to do is ask the system for help.
2.7.8.3 Getting help
The command prompt has a built-in help system. You can get help for almost
all commands by entering the command name with the help switch (/?)
before pressing <Enter>. This will list the syntax and switches for the
command. You can also get help for some commands by using the help
command. You can type in help followed by the command name and press
<Enter>. The following two commands show how to get help on the format
command:
format /?
help format
You can use these two commands for most commands by just substituting
format with the name of the command. However, the /? switch is supported by
more commands. Figure 2.37 shows an example of how to get help for the
format command.
Figure 2.37 Getting help at the command prompt

Tip
When you cannot remember the syntax of a command, use the /?

switch to get help. This will show the syntax and all of the switches
that you can use with the command.
2.7.8.4 Avoid errors

Avoid making spelling mistakes when typing in commands. For example, if you
mean to type format but instead type formt (missing the a), the system will
give an error indicating that it does not recognise the command. If you see an
error like this, for example:
The syntax of the command is incorrect
Page 660 of 1229
It means that your computer understands the command name, but does not
recognise the other parts of the command. It might be that you are not using
the correct switch, or you are missing a space or you are not using quotes
correctly.
Tip
When you see an error, double check the spelling. Often you can find
the problem by looking at the command one character at a time.
2.7.8.5 Using quotes

The command prompt interprets spaces as the next part of the command.
Quotes should be used when files have spaces in their names or in similar
cases. For example, consider the command called copy. Its syntax is as
follows:
copy source_file destination_file
Using this syntax, you could enter the following command to create a copy of a
file called notes.txt and name the file copy mybackup.txt:
copy notes.txt mybackup.txt
The copy command recognises the notes.txt file after the space as the source
file. It also recognises mybackup.txt as the destination file because a space
has been inserted between notes.txt and mybackup.txt. This command will
execute without any errors.
However, file names can have spaces. If you changed the name for the
notes.txt file to My Study Notes.txt and tried to run the following command, it
would not work:
copy My Study Notes.txt Study mybackup.txt
The command prompt would interpret the letters My as the name of the
source file. Since you do not have a file named My, it would return an error
indicating that it cannot find the specified file. If you run the following
command, it still would not work:
copy "A Plus Study Notes.txt" Study backup.txt
The command prompt interprets everything within the quotes as the source file
(A Plus Study Notes.txt), which is correct. However, it interprets Study and
mybackup.txt as two separate elements. Since it is expecting only one
destination file, it will return an error indicating the incorrect syntax is used. If
you run the following command, it would work:
copy "A Plus Study Notes.txt" "Study backup.txt"
This command is correct because the file name for both the source and the
destination file has spaces and both are enclosed with quotes.
Page 661 of 1229
Tip
It is good to get into the habit of using quotes, even though they are
not always needed.
2.7.8.6 Using wildcards

A wildcard is one of the following characters that can be used in place of all or
part of a file name:
The asterisk (*) can be used in place of zero or more characters.
The question mark (?) can be used in place of a single character only.
For example, you can use the dir command to list files in a directory. Table 2.9
shows how the * wildcard can be used to achieve different results.
Table 2.9 Using the * wildcard
Command
dir
dir b*
dir *t
dir *.txt
dir win*.*xe
dir *.
Usage
List all files in the current directory.
List all files that start with the letter b.
List all files that end with letter t.
List all files that have a .txt extension
List all files that that start with win and end with xe, with
any number of characters in between (even zero).
Lists all files without an extension.
The ? wildcard can be used for a single character only. For example, imagine
that you have several study guides with different versions, such as
StudyV1.doc, StudyV2.doc and so on, all in a specific directory. You could run
the following command to list all of them:
dir studyv?.doc
As another example:
dir ??52???.txt
The ? symbol in the command will return all the files that have any two
characters before the 5 and any three characters after the 2 in the results.
2.7.8.7 Recalling commands and moving around
The command prompt history feature keeps track of all the commands you
have entered in the current session. This is useful when you need to re-enter a
command. Table 2.10 shows the keys you can use to recall commands from
history and their usage.
Page 662 of 1229
Table 2.10 Recalling commands in history

Key
Up Arrow
Down Arrow
Page Up
Page Down
Esc
Usage
Recalls the previous command in the history list.
Recalls the next command in the history list.
Recalls the first command used in the history list.
Recalls the last command in the history list.
Clears the current command.
There are a few other keys that you can use to move the cursor around the
command prompt after you have retrieved a command. Table 2.11 shows
some of these keys and their usage.
Table 2.11 Keys to move the cursor at the command line
Key
Left arrow
Right arrow
Home
End
Tip
Usage
Moves the
Moves the
Moves the
Moves the
cursor
cursor
cursor
cursor
to
to
to
to
the
the
the
the
left by one character.

right by one character.
begging of the command.
end of the command.
Using the recall and movement keys is useful for saving time,
especially with long commands. You can also use the <Tab> key to
autocomplete file names and paths. For example, you could start
entering the first few letters of the file path C:\Win and press the
<Tab> key and the system will complete the path automatically to
C:\Windows.
2.7.8.8 Copying and pasting data

The easiest and quickest way of copying and pasting data to and from the
command prompt is by enabling QuickEdit mode. The following steps show you
how to enable QuickEdit mode and copy and paste data to and from the
Command Prompt window:
1. Start the command prompt.
2. Right-click on the title bar and choose Properties.
3. On the Options tab, select the check box for QuickEdit Mode. See Figure
2.38.
Page 663 of 1229
Figure 2.38 Command Prompt Properties

Note
You can personalise the Command Prompt by selecting the Font,

Layout and Colors tab. Many users like to use the settings on the
Colors tab to change the text and background colour.
4. Click OK.
5. At the prompt, type notepad and press <Enter>. This will open the
Notepad text editor.
Notepad is a plain-text editor that you can use to create batch files and scripts,
view text-based reports and edit HTML files. You can also access it by clicking
Start > All Programs > Accessories and selecting Notepad or by typing
notepad in the Search box on the Start menu and selecting it from the results
list.
6. Within Notepad, type ipconfig but do not press the <Enter> key.
7. Press <Ctrl> + <A> to select the ipconfig text and press <Ctrl> + <C>
to copy it to the clipboard.
8. Select the Command Prompt window.
9. Right-click inside the Command Prompt window. The text you copied from
Notepad is automatically pasted into the window.
10. Press <Enter> to run the command.
11. Use the mouse to select all the text displayed in the Command Prompt
window. To do this, click in the upper left corner of the window and drag
the mouse to the bottom right. Release the mouse when you have
selected all the text.
12. Press <Enter>. You can also right-click the mouse. Both actions copy the
text to the Clipboard.
13. Select the Notepad window. Press <Ctrl> + <V> to paste the text into
Notepad. At this point, you can save Notepad. This illustrates that you
could use this method to save the IP configuration of a system in a file if
you wanted to.
Page 664 of 1229
14. Go back into Properties and deselect QuickEdit mode. Save your
changes.
Note
Copying and pasting does not work with <Ctrl> + <C> or <Ctrl> +
<V>, but as you can see, it is possible to copy and paste and do this
quickly using QuickEdit mode.
2.7.8.9 Redirecting output to a file

In the previous section, you copied the output from the command prompt to a
file, but sometimes you want to send the output directly to a text file. You can
do this by using the greater than (>) symbol.
For example, instead of copying the output of ipconfig /all and pasting it into a
text file, you can run the following command to redirect the output to a file
called MyIPconfig:
ipconfig /all > MyIPconfig.txt
If the file does not exist, the command will create it. After executing the
command, you can open it in Notepad by running the following command:
notepad myipconfig.txt
You can also view the contents of the file by running the following command:
type myipconfig.txt
Alternatively, you can copy the output of a command to the Windows Clipboard
using | clip, as follows:
ipconfig /all | clip
You can then paste the contents from the clipboard into a file by using <Ctrl>
+ <V>.
Note
Not only can you redirect output to a file, but you can also redirect
input from a file to the command prompt, though this is less common.
This is useful when you want to use a file as input to a command that
is expecting text or record data and can be done by using the less
than (<) symbol and the name of the file.
2.7.9 System variables

Windows uses environment variables to identify some aspect of the system.
For example, Windows uses the %computername% variable to identify the
name of the local computer. All variables start and end with a percent symbol
(%). For example, you can use the echo command to view the name of the
local computer as follows:
echo %computername%
Page 665 of 1229
If the environment variable represents a path, such as the user profile path,
you might need to enclose it with quotes at the command prompt like this:
dir "%homepath%"
Variables are useful when running commands and when creating batch files. If
a variable is entered incorrectly, the system will output what has been entered
with the percent symbols. In such a case, double check your spelling. Table
2.12 shows some common variable names along with what they represent.
Table 2.12 Command variable names
Variable
%systemdrive%
%systemroot%
%windir%
%homepath%
%path%
%username%
%userdomain%
%userprofile%
Representation
System drive (such as C:\)
Location of Windows (such as C:\Windows)
Path to the users profile (such as C:\Users\username in
Windows Vista/7).
List of paths known to the system
Username for logged on user (such as sibulele)
Name of domain if the computer is joined to a domain, or
name of computer if it is not joined to a domain.
Location of the profile of the logged on user
You can look at variables in Windows Vista/7 by clicking Start, typing

environment, selecting Edit The System Environment Variables and
clicking Environment Variables. Alternatively, you can click Start, right-click
Computer, select Properties > Advanced System Settings and choose
Environment Variables from the Advanced tab. See Figure 2.39. Notice in
the figure that there are actually two sets of environment variables: User and
System. User variables are values specific to each user and do not affect other
users who log on to the same computer, while system variables are set for all
users on the computer.
Figure 2.39 Environment variables
Page 666 of 1229
Note
You can view, create and modify variables by using the set command
at the command prompt.
2.7.10 Text editors, batch files and scripts

Many OS system and application files are in binary format, which can contain
any type of data, and can only be interpreted by applications. In contrast, a
plain text file contains human-readable text and can be modified in any text
editor. If you save a plain text file in an application other than a basic text
editor, it could be converted into a binary format and become unreadable.
Therefore, if you need to edit system files such as BOOT.INI, you can use a
plain text editor. The editor will not put any special characters or format the
file like a word processor program would. The plain text editors available in
Windows include:
In Windows XP, you can use EDIT.COM at the command prompt or the GUI
Notepad editor. With EDIT.com, you can create and modify files. To create
a new file, use the edit or edit filename command. To edit an existing
file, use edit filename, for example edit c:\boot.ini. To modify a file,
you can use mouse clicks to choose menu options, the <Alt> key to
activate the menus and basic keyboard shortcuts such as <Ctrl> + <V> to
paste.
In Windows Vista/7, you can use the GUI Notepad editor to modify a file.
For example, if you enable boot logging and run notepad
c:\Windows\ntbtlog.txt at the command prompt, this will open the
ntbtlog.txt file. If you are not the administrator of the computer, then run
Notepad as the administrator.
Tip
Although you will be asked to save your changes before exiting,

remember to save any changes you make before closing the editor or
any program for that matter.
2.7.10.1 Batch files and scripts

A skill set related to using the command line is the ability to script and create
batch files. Simple scripts are just a list of command prompt commands
inserted into a batch file. If you enter commands at the prompt, you can copy
them and save all of them as a batch file, and you have created a script.
For example, you can automate tasks by creating a file in Notepad and saving
it. You can then enter a list of the commands on separate lines within the file
that you otherwise would have to enter manually at the command prompt.
When the batch file runs, it executes the commands in the order in which they
are listed in the file.
For example, the batch file below displays Hello World!, prompts and waits for
the user to press a key, and then terminates.
@ECHO off
ECHO Hello World!
PAUSE
Page 667 of 1229
The interpreter executes each line in turn, starting with the first line. The @
symbol at the start of the line prevents the prompt from displaying that
command and ECHO off turns off the prompt permanently, or until it is turned
on again. A batch file can also take arguments such as file names as a variable
in the form of %1.
The example batch file must be saved with the .bat (or .cmd) extension in
plain text format, typically created by using a text editor such as Notepad so
that it can be executed. It can be executed from within Windows Explorer by
double-clicking on the file or within the Command Prompt (by entering the full
name of the file and pressing <Enter>). The output of the command is:
Hello World!
Press any key to continue
Note
A scripting language can be used to write scripts. Scripts can be

used to create mini-programs and automate the functions of
Windows. Most Windows Scripts use VBScript (Visual Basic Script),
which is given the .VBS extension. Javascript is also used, which is
given the .JS extension.
You can use the following steps to open Notepad and create a batch file.
1. Start the command prompt.
2. At the prompt, type notepad and press <Enter>.
3. Within Notepad, type ipconfig /all > c:\Scripts\MyIPConfig.txt.
Note
If you entered this command at the command prompt, it would send

the output of the ipconfig /all command and save it into a file named
MyIPConfig.txt in a directory named Scripts.
4. Press <Alt> + <F>. This opens the File menu.

5. Use the down arrow to select Save As. Browse to the root of C: and click
New Folder.
6. Name the new folder Scripts. Double-click the Scripts folder to open it.
7. Type ipc.bat in the File name box. Press <Enter> to select Save. At this
point, you have created a batch file named ipc.bat in the C:\Scripts folder,
with the ipconfig /all command within it.
8. In Notepad, press <Alt> + <F> to open the File menu.
9. Use the down arrow to select Exit and press <Enter>. You will be returned
to the command prompt.
10. At the prompt, type c:\Scripts\ipc.bat and press <Enter> to run the
batch file just created. This will run the Ipconfig /all command and
redirect the output to the text file named MyIPConfig.txt.
11. At the prompt, type in c:\Scripts\MyIPConfig.txt and press <Enter>.
This will open the text file you just created in Notepad, with the IP
configuration information listed as shown in Figure 2.40. The figure also
shows all the commands entered at the prompt.
Page 668 of 1229
Figure 2.40 Creating and executing scripts

Note
It is common to use scripts and batch files to set up the user

environment and copy files for backup. They can be run manually,
automatically at logon or at any time using task scheduler.
2.7.11 Common OS commands

Table 2.13 lists some common tools that you can launch by entering the
appropriate command at the command prompt with a short description of
each.
Table 2.13 Common OS commands
Command
dxdiag
explorer
mmc
msconfig
msinfo32
mstsc
Description
Opens DirectX Diagnostic Tool. This tool can be used to
troubleshoot issues with games, movies and other multimedia
applications that use DirectX.
Opens Windows Explorer. This tool can be used to view and
manage files.
Opens an empty Microsoft Management Console. You can add
tools as snap-ins into an MMC.
Opens System Configuration. Use this tool to configure the
system, services and startup applications.
Starts System Information. Use this tool to view hardware and
software components, including the BIOS version, amount of
RAM installed and processor type and speed.
Opens Remote Desktop connection. Use this tool to connect to
another system.
Page 669 of 1229
Command
regedit
regedt32
Description
Opens the Registry Editor. Use this tool to edit the registry
database, which contains hardware, software, user and
system configuration information.
Opens the Services console. Use this tool to stop, start,
enable and disable services.
Opens the File Signature Verification tool. Use this tool to
identify a digitally signed file and verify its integrity.
services.msc
sigverif
Table 2.14 lists some other useful commands that you can launch from the
command prompt.
Table 2.14 Other Windows OS commands
Command
date
time
hostname
set
ver
winver
Description
Use to view and set the date.
Use to view and set the date.
Use to view the name of the computer.
Use to set options for a device or program.
Shows OS version information.
Opens the about Windows page, showing version
information.
Many of the commands can also be launched from the Search box and Run
dialog box. Some commands such as telnet or nslookup (the dns query and
troubleshooting tool) work in interactive mode. This means that using the
command starts the program (such as the telnet program) with its own prompt
and from that point you can use only commands that are supported by that
program until you exit the program.
2.7.12 Clearing screens and exiting command programs

As you enter commands, the command prompt screen fills up with text. You
can use the cls command at the prompt to clear the screen of any previously
typed commands. To exit a program, type exit or quit (or press <Ctrl> +
<C>). <Ctrl> + <C> also cancels operations and returns to a new prompt.
2.8 Shutdown options

After you press the Power button to turn on the system and start the Windows
OS, the Windows Start Menu contains all the various commands you need to
switch between users, restart the computer or put it in a low power state, and
at the end of the day, turn it off. You should never simply disconnect the
power (a hard reset) when you are finished with Windows because there is
the risk of losing data or corrupting system files. What you should do is click
on one of the commands on the Start menu according to your needs. In
Windows 7, click Start and then click the arrow () button next to Shut down
(as shown in Figure 2.41). You will see various commands for closing or
suspending a session.
Page 670 of 1229
Figure 2.41 Options on the Windows 7 power button
Switch user: switch to another user account. Another user who has a user
account on the system can log in with their username and password and
access their own desktop. After the other user is logged off, you can log in
again to find all your programs and files open and exactly as you left them.
Log off: closes all open programs and files (giving you the opportunity to
save any unsaved files first) and services started under the current user
account without turning off the system. It then displays a screen so that
the next user can log in.
Lock: locks the system with a password when you are away from it. This
will display the Logon screen that will ask the user to enter their account
password to log in.
Restart: closes all open programs and services before rebooting the
system without turning it off (a soft reset). You might use this when
installing new software or after updating Windows or to solve problems
when your system is running slowly or has locked up.
Standby/sleep: saves all your running programs and open windows in
memory and puts the system into a low power state, which can then be
started up quickly again to resume working. You can send a laptop to Sleep
just by closing the lid.
Hibernate: saves all your running programs and open windows to the hard
drive before turning off the laptop. Hibernate uses the least amount of
power but the laptop takes longer to start up.
Shutdown: closes all open programs, offers you the opportunity to save
any unsaved files, stops services, exits Windows and switches off the
system.
Cold and warm boot: a hard or cold boot involves using the power button to turn
the system on while a soft or warm boot involves using the operating system to
reboot the system.
Note
You can change the function of the Windows Power button from its
default of Shut Down to another function in the Taskbar and Menu
Properties dialog box. After choosing a new function for the Windows
power button, Windows displays the new functions name on the
Power button and adds the Shut down command to the list that
appears when you click the () button on the Start menu.
You can also select these commands and do more by pressing <Ctrl> +
<Alt> + <Del>, as shown in Figure 2.42.
Page 671 of 1229
Figure 2.42 Ctrl + Alt + Del screen

The computer can also be restarted, put into a low power state or shutdown at
the command prompt by using the shutdown command. Table 2.15 lists
common switches that can be used with the shutdown command and their
description.
Table 2.15 Shutdown command switches
Command
shutdown /s
shutdown /a
shutdown /t nn
shutdown /h
shutdown /l
shutdown /r
Description
Shuts down the system.
Use quickly to abort a shutdown in progress.
Use to specify a delay in seconds (nn) before the
shutdown starts. Default is 30 seconds.
Saves running programs and open windows to the hard
drive before turning off the system.
Logs off the current user.
Restarts the system.
2.9 Windows Registry

The Windows Registry is a system of databases that store information about
the systems hardware, installed programs, system settings, file types,
network information, user profiles and other configuration information. When
you make changes to the system using Control Panel applets, Administrative
Tools or through programs, Windows often adds the changes to the registry or
changes data in the registry. It also accesses data from the registry when
needed. For example, when you boot the system, the registry is filled with data
about hardware detected by the system. Windows will also extract data from
the registry such as which device drivers to load and in what order during
boot.
2.9.1 Start the Registry Editor

You can access the registry by using the Registry Editor. Run the regedit or
regedt32 command to start the Registry Editor.
Page 672 of 1229
In earlier operating systems, these two commands started different programs,

but they both start the same registry editor in Windows XP/Vista/7. In
Windows XP, run the command from the command prompt or Run dialog box.
In Windows Vista/7, run the command from the command prompt or from the
Start menus Search box. Then authenticate yourself if necessary.
2.9.2 Registry Structure

The registry is organised into a tree structure containing several groups called
hives that begin with the letters HKEY. These hives look and act like folders.
When you open the Registry editor, you will see five visible hives or root keys
(as listed in Table 2.16) that contain computer or user databases.
Table 2.16 Visible registry hives
Hives
HKEY_CLASSES_ROOT
(HKCR )
HKEY_CURRENT_USER
(HKCU)
HKEY_LOCAL_MACHINE
(HKLM)
HKEY_USERS (HKU)
HKEY_CURRENT_CONFIG
(HKCC )
Description
Stores information used by different software
applications: filename extensions, file types,
shortcut menus and so on.
Stores settings that apply only to the user who
is currently logged on, which contains the boot
NTUSER.DAT file stored in the user profile.
Examples include environment variables,
desktop settings, network connections, printers
and application preferences. NTUSER.DAT is
locked open for writing whenever the user is
logged on.
Stores settings that apply to the local computer.
For example, hardware and OS data such as
bus type, memory, device drivers, security
settings and start up control data.
Stores all personalised information for all users
(actively loaded account holders or user
profiles) on the computer.
When the computer starts, it identifies and
stores the current configuration here. You will
rarely be asked to edit this hive.
If you expand one of the hives by clicking its arrow, you will see a long list of
inner folders called keys, which might contain files called subkeys and data
items called value entries that contain the actual settings that the registry
tracks and that you can edit (or you can create new entries). A value entry has
three parts: a name, a data type and the value itself. The data type usually
contains a number, binary value or text. The main data types include:
String (REG_SZ): a string or sequence of characters representing humanreadable text.

Binary (REG_BINARY): stores long strings of ones and zeroes. Used for
most hardware component information.
Page 673 of 1229
DWORD (REG_DWORD): stores binary, hexadecimal or decimal numbers

limited to 32 bits. Used for many device driver and service parameters.
QWORD (REG_QWORD): stores binary, hexadecimal or decimal numbers
limited to 64 bits.
Multistring (REG_MULTI_SZ): stores values that contain lists or multiple
text values. Entries are separated by NULL characters.
Note
There are other data types, but the ones listed above are used for the
majority of all value entries. A number of entries appear in more than
one place, as live mirrors of each other, so if you edit one entry, you
make a change in both mirrored entries.
You can expand the hive to view its subkeys and value entries. For example,
Figure 2.43 shows the registry editor opened to a specific subkey called
System. The five hives are in the left pane with the HKEY_LOCAL_MACHINE
hive expanded. You can double-click any value entry in the right pane to open
it, as shown with the SystemBIOSDate value and its data in the figure.
Figure 2.43 Windows 7 Registry

Figure 2.43 illustrates the differences between hives, keys and values, but
there are easier ways to find the date of the BIOS than searching through the
registry. For example, running the msinfo32 command starts the System
Information tool, which shows this information in a more readable format.
Every version of Windows stores hives in the \%SystemRoot%\
System32\config folder (typically C:\Windows\System32\Config) and the
hives for user profiles in each user account folder. A hive is made up of a
single file (with no extension), a .LOG file (containing a transaction log) and a
.SAV file (a copy of the key as it was at the end of setup).
Page 674 of 1229
If you want to search for a specific key, value or data in the registry, you can
use the Find feature available from the Edit drop-down menu as shown in
Figure 2.44. First, select Computer at the top of the left pane as shown in
Figure 2.43 to search the entire registry, or select a specific hive or key. Next,
select Edit > Find (or press <Ctrl> + <F>), and enter the term you are
searching for.
Figure 2.44 Finding items in the registry

Notice that there is a New option available in the Edit drop-down menu in
Figure 2.44. Select this option to create a new key or value entry (of the
correct data type) from the selected location. You can also right-click on an
empty area in the right pane and create a key or value entry, as shown in
Figure 2.45.
Figure 2.45 Creating a new value entry in the registry
Page 675 of 1229
2.9.3 Back up the Registry

You normally will not need to edit the registry directly, since you can use
applications such as Control Panel and Administrative Tools to edit it indirectly,
but you might encounter situations when it is necessary. It is important to
realise that making an incorrect change in the registry can cause applications
to not start, tools to not work, the GUI to not load, or worst of all, a system
that will not boot. If you need to edit the registry, keep the following two
simple rules in mind before doing so:
1st RULE: Back up the registry before making changes and take your time
when making a change. You can back up any individual key or the entire
registry and restore it when needed.
2nd RULE: Do not make changes until you have a thorough understanding
of the entry you are trying to change or add.
You can use the following steps in Windows XP/Vista/7 to back up the registry:
1. Log on to the system by using an account with administrative privileges.
2. Start the registry editor by running the regedit or regedt32 command
from a command prompt or the Start >Search box.
3. Right-click Computer in the left pane and choose Export. (You can also
click the Export option from the File menu).
Figure 2.46 Backing up the registry

The file will be exported in a registry compatible format and can be
transported and merged into another computers registry by clicking
Import from the File menu, double-clicking on the file, right-clicking on it
and choosing Merge or calling it from a script. A registration file is a plain
text file. Merging a .REG file back to the registry will not overwrite any
changes you made to the registry after performing the export.
Page 676 of 1229
The Registry Hive Files format can be used to create a binary copy of a
portion of the registry. Restoring from a binary file however will remove
any additions or reverse any changes you made.
4. Browse to the location where you want to store the backup, and type in a
name for the backup. For example, you might choose to create a folder
named RegBackup on the C: drive and name the backup RegComputer.
Click Save.
5. You can also back up any portion of the registry. For example, right-click
HKEY_LOCAL_MACHINE and select Export.
6. Browse to the location where you want to store the backup, and type in a
name for the backup. For example, you might choose to name the backup
HKLM_Backup. Click Save.
Lastly, you can connect to remote computers to gain partial access to their
registries. To do this, select File > Connect Network Registry, then browse
for computers that are members of the same network your computer is a
member of, connect to them and edit their registries. Their computer should
appear in the left pane of your registry editor. Remember that you need to
have administrative privileges on the remote computer to do this.
Page 677 of 1229
Unit 3 Account Management
Identify the default user and group accounts created by

Windows.
Create and manage user and group accounts.

(G185eng) Module 1 Unit 3 (p.4050)

o Managing Users (p. 50)
Authentication is the process a system goes through to determine whether a

user is who he or she claims to be by challenging the user with a passwordprotected user account, but users can prove who they are (their identity) using
some other method of authentication. Once the user is authenticated and can
log in, the system controls what the authenticated user can and cannot do on
the system through authorisation.
Rights refer to the ability to take an action or perform a task on the computer,
such as the right to change the computers name. Permissions refer to the
level of access to a resource, such as the permission to read a file or print to a
printer. Permissions can be assigned to users and groups for any file or folder.
Privileges include both rights and permissions. For example, an account with
administrative privileges means that the account usually has full rights and
permissions on a system or network.
3.1 User Accounts

User accounts are used to identify a user and are the primary means of
controlling access to computer or network resources.
They give users the means to log on to a computer or network with a
username (also known as a logon name, User ID, or logon ID) and a password
to use the computer/network and access resources.
Note
The user account and user profile are not the same thing. The user
must authenticate before gaining access to their user account and the
OS then uses the user profile to deliver the settings (theme, screen
saver, etc.) that are configured for the user.
Page 678 of 1229
3.1.1 Local vs domain accounts

Windows supports two main resource sharing models:
Workgroup (peer to peer) a small home or business network where

users manage their own resources from their own computers. Each
computer stores its own security settings, such as user accounts, passwords
and permissions. Only local accounts and groups are used on workgroup
networks.
Server designed for medium-to-bigger networks where resources and
network access are managed from one or more central servers by network
administrators. Generally, network accounts and groups are used on serverbased networks, although local accounts can be used for local access only.
Windows networking provides two kinds of accounts:
Local accounts are local to the computer and cannot be accessed from
other computers. Local accounts are stored in the Local Security Accounts
database called Security Accounts Manager (SAM). This database stores
an encrypted list of usernames and their associated passwords for users
who are allowed to access the system. SAM is stored in the registry as a
subkey of HKEY_LOCAL_MACHINE. If a user needs to access other
computers in a workgroup network, then that user will need to have a user
account on each computer.
Domain accounts are stored in Active Directory on a Windows Server
Domain Controller and managed by network administrators. The domain
controller maintains a security database, including domain user accounts
and domain groups, for the domain network. A domain account allows the
user to log onto the Active Directory network from any computer in the
domain.
Note
In general, if your computer is part of a domain, you will not need to

worry about local accounts; however, you might want to add domain
user accounts or groups to local groups to perform tasks that require
administrative privileges.
3.1.2 Default local user accounts

A new Windows installation creates a user account for the primary user.
Additional user accounts are created by default, and you can also add
additional accounts with different tools. The following two built-in user
accounts are always created during the installation of any Windows version and
cannot be deleted:
The Administrator account has full (or near full) rights and permissions to
do everything on the local system and is a member of the local
Administrators group by default. The account named Administrator is
either hidden (in Windows XP) or disabled (in Windows Vista/7) by default
for security reasons.
Page 679 of 1229
The account created during the OS installation is the default local

administrator account and is given administrative privileges. The
administrator account is not subject to UAC and should be left disabled or
should be disabled when not in use and another account should be created
and used instead. Use the administrator account for specific tasks only and
assign it a strong password.
The Guest account is disabled by default and can be enabled for

temporary use only. You can enable the guest account for someone who
wants to use the computer to browse the Internet for example. The user
can log on with the guest account and run basic applications such as a web
browser, and then when the user is finished working, the account can be
disabled.
Tip
Keep the Guest account disabled unless it is needed, and then disable
it again after it is used.
You will see that accounts in Windows Vista/7 are identified as standard user
accounts and administrator accounts. Administrators have full privileges
and can change any settings. Standard user accounts (simply referred to as
users) are normal user accounts for users on a network. They can access their
own data and modify some system settings that do not apply to other users,
but they cannot perform tasks that require administrative privileges unless
they have an administrator username and password.
Note
The accounts in Windows XP are identified as limited or computer

administrator. The limited account is similar to a standard user
account, and the computer administrator account is the same as an
administrator account in Windows Vista/7.
3.2 Group accounts

A group is a collection of user accounts grouped together that all have the
same security privileges. Groups are an efficient way of managing multiple
users. Instead of assigning permissions to access files and folders to each
individual user, you can assign permissions to a group and add user accounts
to that group.
For example, Figure 3.1 shows how group memberships and permissions work.
There is a user account for Danie and another one for Susan. Danies account
has been added to the Administrators group, and Susans account has been
added to the Users group. The Administrators group has full access to the
folder, so Danie can access the folder. Susan will not be able to access the
folder because neither her account nor the Users group has been given
permission to access the folder.
Page 680 of 1229
Figure 3.1 Granting privileges with group memberships

Note
A single account must be a member of at least one group and can be

a member of multiple groups.
3.2.1 Built-in local groups

Windows systems include several built-in groups that are created by default
when Windows is first installed. Some of these built-in local groups include:
Administrators group has full privileges on the local computer. The

administrator account in Windows Vista/7 and computer administrator
account in Windows XP are members of this group, which is how the
administrator account gets its privileges. Similarly, the primary user created
during installation and a newly created administrator account is placed into
this group.
Power Users group in Windows XP has some administrative privileges but
not as many as an administrator. For example, users in this group can run
legacy applications, install a printer, share resources and add and remove
users, but they cannot backup or restore directories or add and remove
devices. In general, the Power Users group should not be used.
Note
Due to how UAC is used in Windows Vista/7, the Power Users group is
not needed in these operating systems, but it is kept for backward
compatibility.
Users group contains regular users as members. They can run typical
applications but do not have privileges to make system changes and access
critical system files.
Guests group enables someone who does not have an account on the
system to log on by using a guest account.
Backup Operators group contains users that can back up and restore files.
Remote Desktop Users group contains users that are authorised to
connect to the system by using Remote Desktop.
Figure 3.2 shows the default local groups in Windows 7.
Page 681 of 1229
Figure 3.2 Viewing local group accounts

There are additional groups in different Windows operating systems. Windows
also includes built-in system groups that cannot be changed manually as
they contain members that are created automatically depending on what users
are doing at the time.
Everyone group applies to any user who can log on to the system. You
cannot edit this group, but permissions can be assigned to this group.
Authenticated Users group contains all users that have a user account
and can log onto the computer.
Creator Owner group contains the user account that took ownership or
created the resource. Each resource has an owner but administrators and
users that have been allowed to do so are able to take ownership.
Interactive group contains all users who use the computers resources
locally.
Network group contains users who access the computers resources over a
network connection.
If there is a default local group that provides the appropriate permissions a

user needs, then you should place the user into that group.
3.3 Creating and managing users and groups

Usernames and passwords are stored in an encrypted format on a Windows
computer. In all Windows editions, you can create user accounts using the
User Accounts applet and in all business/professional Windows editions, you
can create and manage user and group accounts with the Local Users and
Groups snap-in (Lusrmgr.msc) that is a part of the Computer Management
console.
Note
Members of the Administrators group can create, delete, rename and

disable accounts, change the type of account (between the
administrator and user) and reset passwords. Administrators can
create and delete groups and add members to groups.
Page 682 of 1229
3.3.1 User Accounts applet

You can open the User Accounts applet in Windows XP/Vista/Windows 7 by
clicking Start > Control Panel. Change the view to Classic View on Windows
XP/Vista, or Large Icons on Windows 7. Double-click User Accounts.
Otherwise, type user accounts at the Start Search box.
Figure 3.3 shows User Accounts in Windows 7. User Accounts focuses on the
currently logged in users account settings and you can click Manage Another
Account to show all accounts on the computer.
Figure 3.3 User Accounts applet in Windows 7

Notice that the User Accounts applet indicates the type of account the user has
on the right (Administrator in this case). When Administrator is not listed, it
indicates that it is a limited or standard user account. If Password Protected is
not included in the description, it indicates that a password is not configured.
You can use the User Accounts applet to create new accounts and to change
the account type, manage network and local passwords and change pictures.
When creating a password, you will also have the opportunity to create a hint,
which can be used to help you remember the password that you have
forgotten when attempting to log into Windows. When you log in and cannot
remember your password, leave the Password box empty and press <Enter>.
You will be redirected back to the login screen to try again, but this time, your
hint will appear just below the Password box to refresh your memory.
In a situation where you have forgotten both your password and hint, you can
create a password reset disk. The reset disk can be a disc or USB flash drive
that you can use like a physical key to unlock your account when you have
forgotten your password at the logon screen. Insert the disc or drive, click on
Create a password reset disk (as shown in Figure 3.3) and follow the
prompts.
Page 683 of 1229
3.3.2 Using Local Users and Groups

The Local Users And Groups tool is available in Windows XP/Vista/7 as a
snap-in in the Computer Management tool. You can start Computer
Management by clicking Start > Control Panel, changing to Classic View or
Large Icons, opening the Administrative Tools group, and double-clicking
Computer Management. You can also start it from the Start Search box and
by right-clicking Computer and selecting Manage.
Figure 3.4 shows Computer Management console on a Windows 7 computer,
with Users selected under Local Users And Groups on the left. The Sibulele
Kameni account was created when Windows 7 was first installed, and the other
two accounts (Administrator and Guest) are default accounts.
Figure 3.4 Local Users and Groups Users folders

Notice the icon of a down arrow in a circle next to the Administrator and Guest
account. This indicates that the two accounts are disabled, which is the default
in Windows 7. On the right, you can see the Actions pane, which provides links
to additional wizards. You can use these links to create new user accounts or
change passwords of existing accounts.
Figure 3.5 shows the three property tabs of an accounts properties page. On
the General tab, you can change password rules and disable or enable an
account. On the Member Of tab, you can view, add and remove group
memberships. On the Profile tab, you can change the profile location. User
profiles are maintained either in a default directory or in the location set by the
Profile Path in this dialog box.
Page 684 of 1229
Figure 3.5 Viewing User Properties in Local Users and Groups

Note
A users group membership is checked only when the user first logs
on. If you make a change to the users group membership, the user
needs to log off and then back on before the change applies to the
account.
Figure 3.6 shows the groups within Windows 7 with the Administrators group
property page opened. You can double-click any group to view its properties.
Using this property page, you can view, add or remove individual users from a
group.
Figure 3.6 Groups and group properties in Local Users and Groups
3.3.3 Creating a new user

You can create a new user by right-clicking on the Users folder and select
New User. You can then set up the account according to your needs. See
Figure 3.7 for an example.
Page 685 of 1229
Figure 3.7 Creating a new user account
User name: must be unique and can be up to 20 characters long. It

cannot contain the characters: / \ [ ] : ; | = , + * ? < > Usernames are
not case sensitive.
Full name (optional): use this to enter the users first and last name and
any initials.
Description (optional): this textbox can be used to describe the users
job role.
Password (optional but recommended): passwords can be up to 127
characters long with at least 8 recommended. Passwords are case
sensitive. Use strong passwords containing upper and lower case letters,
symbols and numbers. Avoid using passwords that use simple or common
words.
User must change password at next logon: use this setting so that the
password you set up is reset by the user when he or she first logs on.
Deselect this option to allow the other two password settings (below) to be
changed.
User cannot change password: generally users control their own
passwords, but for some accounts, the administrator can control passwords
and prevent users from changing them.
Password never expires: overrides the local security policy to expire
passwords after a fixed number of days. Select this option for system
accounts such as those used for replication and application services, but
not for administrator and user accounts, which should be changed
regularly.
Account is disabled: use this setting to disable an account and prevent
the user from logging on until the account is re-activated. Disable those
accounts that you do not want to delete, such as for users that go away on
holiday for example.
Clicking Create will create the new user and clicking Close will close the dialog
box.
Page 686 of 1229
3.3.4 Renaming and deleting user accounts

By right-clicking on an account, you can rename and delete it, set or reset a
password and access its properties page, as shown in Figure 3.8. A renamed
account keeps all the properties and access to resources the original account
had.
Figure 3.8 User account context menu

Windows uses a Security ID (SID) to uniquely identify each user and group.
When you delete an account by selecting it and pressing the <Delete> key or
by selecting Delete from the accounts shortcut menu, a warning message
appears reminding you that the accounts SID is unique. Even if you create
another account with the same username, the identifier is different and the
new account will not have access to the same resources assigned to the
original account.
3.3.5 Creating local groups

To create a new group, right-click the Groups folder and choose New Group.
See Figure 3.9 for an example. Into the appropriate boxes, type a unique
name for the group that can be up to 256 characters long ( / \ [ ] : ; | = , +
* ? < > @ are not allowed) and an optional description. Then click Add to add
members to the group. A Select Users dialog box will appear where you can
specify who should be members of the new group. Type each user account
name into the text box, separated by semicolons and then click Check Names
to ensure you spelled them correctly. You can also search for the name.
Page 687 of 1229
Figure 3.9 Creating a new group

Clicking Create will create the group and clicking Close will close the dialog
box. You can always add more members to the group, or remove them later as
needed from the groups Properties page, and modify a users group
membership in the users properties page.
3.3.6 Combining user and group permissions

A user can receive permissions from many sources, including from multiple
groups and directly from his or her user account. All of the permissions a user
receives have the same weight and are combined to give the user a
combination of all the user and group permissions assigned. The only
exception to this rule is the deny permission, which overrides all other
permissions and takes precedence.
Page 688 of 1229
Unit 4 Storage and File System

Management
Prepare a hard disk for use.

Identify the features and capabilities of NTFS and FAT file
systems.
Use the Disk Management console to manage storage.
Use other disk management tools (diskpart, chkdsk,
defrag and format).

(G185eng) Module 1 Unit 4 (p.51-66)

o Managing Storage (p.66)
4.1 Partitioning and formatting disks

A hard disk must go through three stages before it can be used:
Physical or low-level formatting (done by the manufacturer at the factory)

Partitioning (done by the end user)
Logical or high-level formatting (done by the end user)
4.1.1 Low-level formatting

Manufacturers perform a low-level format (LLF) on a new hard drive at the
factory. This involves marking the surface of the disk with the positions of
tracks and sectors and other information that determines where data is stored
on the disk. In addition to writing tracks and sector marks, a defect table is
created so that files are not stored on bad areas of the disk to avoid the risk of
losing data.
4.1.2 Partitions and volumes

Partitioning divides the physical disk into storage areas called partitions
(often called drives). Whereas a hard drive is physical, operating systems
work with partitions or volumes, which are logical rather than physical. A hard
drive must have at least one partition, and you can create multiple partitions
on a single hard drive.
Page 689 of 1229
Access to a partition is controlled by the BIOS before the system boots the OS
and then by the OS after it is started. Each partition or volume is assigned a
drive letter such as C:, D: and so on. The OS uses these letters as identifiers
when accessing data on the different volumes.
Note
In the past, the terms partition and volume were used for different
types of disks. According to Microsoft, these terms are used
interchangeably today. Technically, a partition is used to describe a
piece of space sectioned off on the drive. That partition is then
formatted with a file system and assigned a drive letter, at which
point the OS recognises it as a volume. Do not be surprised if you see
these terms mixed in different documentation, but it is important to
know that they refer to the same thing: a defined storage area of a
physical disk.
Figure 4.1 shows two examples of how you can partition a single hard disk
drive, but do take note that there are more ways of partitioning the disk than
this. On the left, a single disk is used to create a single volume. On the right,
the disk is divided into three volumes.
Figure 4.1 Partitioning a hard drive

Although it is not necessary to create multiple partitions, some users like to
have different partitions to organise their data. For example, the OS is installed
on the C: drive and users can create a second partition to store their personal
data. Then again, they could leave it as a single partition as the C: drive and
create a folder named Data for their own files on that drive or use one of the
folders automatically created by the OS for their data. It is just a matter of
preference.
Note
The most common situations that require partitioning are when you
are installing an OS on a new drive and when you are adding an
additional drive to an existing system.
Windows supports the following partitioning styles or schemes:
Master boot record (MBR)

GUID partition table (GPT)
Page 690 of 1229
4.1.2.1 MBR partitions

The Master Boot Record (MBR) is the most common type of disk partitioning
style used. An MBR disk can be divided into two types of partitions:
Primary partition: a primary partition is used for a single volume and is

usually assigned a drive letter and appears in (My) Computer (once you
format it). The first primary partition in Windows is always C:. After that,
partitions can be labelled D: through to Z:. You can have as many as four
primary partitions on an MBR disk and you can easily install four different
operating systems, each on its own primary partition, and boot to each one
every time you start the computer. Any one of the primary partitions is
marked as active, indicating that it is bootable. During the boot process,
the computer finds the active partition and attempts to boot from it. Only
one partition can be active at a time because you can run only one OS at a
time.
Extended partition: an extended partition allows you to add multiple

logical drives to an MBR disk. A logical drive works like a primary partition
and is usually assigned a drive letter. For example, you can have one
extended partition with three logical drives identified as G:, H: and I:. You
can create only one extended partition on an MBR disk, but you cannot boot
an OS from it. You can, however, format the extended partition just as you
would with a primary partition.
MBR disks have two major limitations:

The maximum partition size is about 2 TB. While this has not been a
problem in the past, you can get hard drives larger than 2 TB today.
An MBR disk can have a total of four primary partitions on it, or three
primary partitions and one extended partition (containing many logical
drives).
4.1.2.2 GPT partitions
The Globally Unique Identifier (GUID) Partition Table (GPT) is a more
up-to-date partitioning style that overcomes the limitations of MBR disks. GPT
is specifically recommended for disks larger than 2 TB. Some benefits of GPT
are:
Larger volumes: Windows systems support GPT disks as large as 256 TB.
However, GPT disks have a theoretical limit of 9.4 zettabytes (ZB) size.
More partitions: Windows systems support up to 128 primary GPT
partitions on a single disk. GPT disks do not need or use extended
partitions.
Redundancy and error detection: GPT disks use primary and backup
partition tables for redundancy and error detection fields for improved
partition data structure integrity.
Performance and reliability: Disk structure is optimised for performance
and reliability.
Page 691 of 1229
Backwards compatible: GPT disks are compatible with applications that

are expecting an MBR disk. A GPT disk has a table called protective MBR
that performs the same function of MBR. Without this, older applications
and disk utilities would not be able to read the disk and might ask the user
to reformat it.
Only fixed disks can be configured as GPT disks. Removable disks, such as
flash drives, use the MBR partitioning scheme. Linux systems can use and boot
from a GPT disk. Windows systems from Windows XP to Windows 8 can use a
GPT disk. However, only 64-bit versions of Windows Vista/7 can boot to a GPT
disk and only if the computer has a UEFI-based motherboard.
You can use the Disk Management tool in Windows to determine whether your
computer is using an MBR or GPT disk. To do so, complete the following steps:
1. Click Start, right-click (My) Computer and select Manage.
2. Select Disk Management.
3. Right-click on Disk 0 in the lower half of the console and select Properties.
Select the Volumes tab and look at the Partition style as shown in Figure
4.2. The disk in Figure 4.2 is an MBR disk. Figure 4.2 also introduces you to
the Disk Management tool and its various disk-related views and options.
Figure 4.2 Viewing partition style in Disk Management tool

You can use the Disk Management tool to convert a hard disk from MBR to GPT
or from GPT to MBR. However, the disk must be unpartitioned to do so. For an
MBR disk, you can right-click on the disk and select Convert To GPT and for a
GPT disk, you can right-click on it and select Convert To MBR. If these
options are greyed out, it means that the conversion is not possible because
the disk has one or more partitions on it.
Page 692 of 1229
4.1.2.3 Boot and system partition

You most likely encounter the terms boot partition and system partition
when working with operating systems. Although their functions are
straightforward, their names can be confusing. The difference between the two
is as follows:
The system partition is the location where the files needed to boot the
computer are stored. It is usually the root of the C: drive. The system
partition is also known as the active partition.
The boot partition is the location where the OS files are stored. In
Windows, the boot partition is usually C:\Windows.
4.1.2.4 Other types of partitions

You might encounter partitions other than the ones Windows supports. Two
such partitions are a hidden partition and a swap partition. A hidden partition
is a primary partition that is hidden from the OS that some manufacturers use
as a factory recovery partition to hide a backup copy of an installed OS which
can be used for recovery purposes. Only special BIOS tools can access a
hidden partition. A swap partition is found only on Linux and BSD systems
and it functions like RAM when the system needs more RAM than what is
currently installed. Windows has a similar function with a page file that uses a
file instead of a partition.
4.1.2.5 Basic and dynamic disks
Windows systems support two types of disks: basic disks and dynamic disks.
Both types can use either the MBR or the GPT partitioning style.
Basic disks are the most common type of storage used with Windows and
are the simplest to use. A basic disk contains partitions, such as primary
partitions and logical drives, and these are usually formatted with a file
system to become a volume for file storage.
Dynamic disks provide features that basic disks do not, such as the ability
to create more than 1000 volumes on a single disk, instead of the fourpartition limit of a basic MBR disk, and the ability to create volumes that
span multiple disks (spanned and striped volumes) and create fault-tolerant
volumes (mirrored and RAID-5 volumes), and even extend certain volumes.
Dynamic storage is a feature of NTFS-formatted disks.
Note
Unless you need to create a volume that spans multiple physical

drives for the reasons mentioned above or for some other reason, you
should leave disks at their default basic instead of dynamic. Also, if
you convert a basic disk to dynamic, you will not be able to use the
system as a multi-boot system.
4.1.2.6 Dynamic disks

Dynamic disks allow you to use RAID. However, only fixed disks that are
installed within the computer and connected by PATA, SATA or SCSI can be
used and you cannot convert USB, FireWire or eSATA disks to dynamic.
Page 693 of 1229
Also, Windows does not support all the different RAID configurations. Only
high-end editions of each version of Windows support dynamic disks. This
includes Windows XP Professional; Windows Vista Business, Ultimate and
Enterprise and Windows 7 Professional, Ultimate and Enterprise.
Common RAID configurations are described in Unit 4 of the A+ 801 section and
as a reminder; some of them are listed in Table 4.1.
Table 4.1 RAID level configuration and support
RAID
level
RAID 0
Striped
RAID 1
Mirrored
RAID-5
striping
with
parity
RAID-10
Note
Number
of Fault
disks
tolerance
At least two
No
Windows
support
dynamic disks
Yes
Only two
Yes
Yes, Windows 7 only
At least three
Yes
Only servers
At least four
Yes
No
for
The limitations in Table 4.1 apply only to dynamic disks. Any system
can support an external disk array. For example, you can install
external disk enclosures configured as RAID-0, RAID-1, RAID-5 or
RAID-10 and connect them with USB, FireWire, or eSATA. Windows
views the external array as a single physical disk that can be
partitioned as you wish.
Dynamic volumes can be set up in the following configurations:
Simple volumes work like primary partitions on a basic disk and occupy
space on a single physical disk. For example, if you have a physical disk
and you want to make half of it G: and the other half H:, you create two
volumes on the dynamic physical disk. You can increase the size of a
simple volume by extending it to the same disk or a different disk (creating
a spanned volume) and you can also decrease their size by shrinking the
simple volumes.
Spanned volumes use unallocated space on two or more physical disks to
create what appears to the OS as a single volume. For example, if you have
a G: volume used for data but it is running out of space, you can add
another physical disk and span the G: volume to the new disk. However, if
any disk in the spanned volume fails, the entire volume is lost. You can
extend or shrink a spanned volume. A spanned arrangement is called JBOD
(Just a Bunch Of Disks).
Striped volumes are RAID 0 volumes. You can use unallocated space on
two or more physical disks of the same size and stripe them. Once striped,
they appear to the OS as a single volume. However, because data is split
and placed on different physical disks, if any disk fails, all data in the entire
volume is lost.
Page 694 of 1229
Mirrored volumes are RAID 1 volumes. A mirrored volume includes two

disks and data written to one disk is also written to the other disk. If one
disk fails, the other keeps on running. This provides redundancy and fault
tolerance. Both disks must include volumes of exactly the same size. After
setting up a mirrored volume, you can set it back to a simple volume in one
of two ways:
o Break the mirror: this will keep data on both disks and can be used to
replace a failed disk with a new one. After installing the new disk, run
the Add Mirror command or right-click the volume to be re-mirrored
and select Add Mirror to copy the data to the new disk.
o Remove a mirror: this option leaves disk A as a simple volume and
will enable it to keep its data, but the data and volume on disk B will be
removed.
RAID 5 volumes are RAID 5 arrays. A RAID 5 volume requires three or
more dynamic disks with unallocated space on volumes of equal size. RAID
5 is used on servers.
4.1.2.7 High-level formatting

After partitioning a disk, you must format it so that the OS can use the disk.
Standard formatting or high-level formatting creates a file system and
makes the root directory in that file system. You must format every partition
and volume you create so that it can store files and folders.
4.2 File systems

A file system is the overall structure the OS uses to store, name and organise
drives and files. Files are typically organised into folders (or directories) and
the file system allows users to browse through folders to locate files. The file
system you choose for a hard drive affects the rules for the maximum size of a
volume and files, how efficiently the system stores data, how secure the
system is against tampering and whether the drive can be accessed by
multiple operating systems.
When you partition a hard drive or create a new volume, you are often asked
to choose a file system and then format it. The format process organises the
partition based on the file system you choose. It also deletes any existing data
on that partition or volume, so you would not want to format or reformat a
partition unless you have a backup of your data and do not mind losing data
on the disk.
The following sections describe the common file systems with a short
discussion of disk cluster fragmentation, bad sectors and file corruption.
4.2.1 Clusters
You learnt in the A+ 801 section that a hard drive has multiple platters and
each platter is divided into tracks, sectors and clusters as shown in Figure 4.3.
Page 695 of 1229
As a reminder:
A track is a single circle around the platter. A drive will have many more
tracks than the platter shown in Figure 4.3.
A sector is the smallest unit of storage and is typically between 512 and 2
KB in size. Just as a pie is cut into slices, a platter is logically divided into
separate slices and a single piece of a track within a slice is a sector.
A cluster is the smallest unit of disk space for storing a file and is made up
of one or more sectors. Clusters are also known as allocation units or file
allocation units and each cluster is identified with a unique number.
Figure 4.3 A platter with sectors, track and clusters

File systems group 2, 4 or 8 sectors into clusters and track how these clusters
are used for each file stored on the disk. If a file is larger than a single cluster,
then it is stored in multiple clusters. Ideally, the file will be stored in clusters
that are next to each other (contiguous), but if another file is already written
to an adjoining cluster, the file is broken up or fragmented and written to
another available cluster. To identify the location of files based on clusters, the
file system uses a table. Although the sizes of clusters vary between file
systems, the size of a cluster is commonly 4 KB. There are not many files that
are only 4 KB in size, so files are stored in multiple clusters.
4.2.2 Fragmentation
It is best for a file to be stored in contiguous clusters so that the hard drive can
start reading in one cluster and continue reading until the entire file has been
retrieved from each adjacent cluster. However, as a hard drive fills up, there is
not always enough space to store a file in contiguous clusters and instead the
file system has to break up or fragment the file into pieces and store those
pieces in different areas on the platter. This means that if you have a 20 MB
file, the system might have to store 10 MB in one area, 6 MB in another area
and 4 MB in another area. When the file is read, the OS has to retrieve each
piece and put the file back together again.
Page 696 of 1229
It is common for some fragmentation to occur, but when a disk is used more
over time, a lot of fragmentation can occur. Instead of a file broken up into
three pieces, for example, it could be broken up into twelve pieces, and the
system would then have to work much harder to find and retrieve the pieces
and put them back together again.
The symptoms of a fragmented hard drive include:
Disk thrashing: the hard drives LED constantly blinks, indicating lots of
activity. Also, you will hear the drive working as the read/write heads
constantly move around the disk to retrieve the different file pieces.
Slow performance: fragmentation slows down the system because it has
to spend extra time finding and opening each piece of a file. If you suspect
a volume is highly fragmented, check and defragment it. Defragmenting
improves performance by bringing all those pieces together, making finding
and opening each file faster. You can defragment a volume using the
Windows Disk Defragmenter GUI tool or the defrag command line tool.
4.2.3 Bad sectors and file corruption

Disk drives often have small areas that become faulty. As long as these areas
are marked, they will not be used and will not cause any problems. However, if
an existing disk is having problems, you can use the chkdsk command or
Check Disk GUI tool to locate bad sectors and fix errors on a disk. If there are
many errors and you have a backup of the data, you can do a full format
instead of using chkdsk to check all the sectors on the disk and mark faulty
areas as bad so they will not be used.
4.2.4 Types of file systems

Several different file systems can be used to format a partition or volume, each
with different characteristics. NTFS so far has been the recommended file
system for most situations. However, there are other choices.
4.2.4.1 File Allocation Table (FAT)
FAT is a file system supported by Windows and operating systems such as
Linux and is therefore suitable for multi-boot systems and removable media
that can be shared between operating systems. Common versions include
FAT16 (called just FAT) and FAT32. Each version uses a table to identify the
location of files based on clusters.
o FAT16 uses a 16 bit table to address clusters, supports a maximum
partition (or drive) size of 4 GB and file size of 2 GB.
o FAT32 uses a 32 bit table to address clusters, supports a maximum
partition size of 32 GB in Windows and file size of 4 GB. Because FAT32
supports more bits (32), it can address more clusters and support larger
disks than FAT16.
Page 697 of 1229
Note
You can format disks as FAT, FAT32 or NTFS from Windows systems.
However, you can format disks as FAT only if they are smaller than 4
GB. If the disk size is larger than 4 GB but less than 32 GB, you can
select only FAT32 or NTFS. If the disk size is larger than 32 GB, you
can select only NTFS. Although Windows systems cannot create
FAT32 partition size large than 32 GB, if the partition already exists,
they can use it.
Windows Vista with SP1 and Windows 7 systems also support exFAT (or
FAT64), but this format is designed to enable mobile storage media to be used
on mobile systems and is not widely supported on non-Windows desktop
systems. exFAT supports volume sizes up to 128 petabytes (PB) and file sizes
up to 16 exabytes (EB). If you are formatting removable hard drive or flash
media larger than 32 GB, you will see exFAT as a format option (as shown in
Figure 4.4). exFAT is typically only used for drives smaller than 1 TB to achieve
better performance.
Figure 4.4 shows the Computer window on the left displaying various drives.
You can use this window to format drives. Right-click on the drive you want to
format, select Format, and the Format dialog box will appear (as shown on the
far right).
Figure 4.4 Format dialog box
4.2.4.2 New Technology File System (NTFS)

NTFS is a secure 64-bit file system and is the best choice for Windows systems
compared to the FAT versions. Microsoft recommends using NTFS for Windows
operating systems and the Windows 7 installation program only supports
NTFS. NTFS provides better security, improved performance and more features
than the FAT versions.
Page 698 of 1229
The key features include:
Larger volumes: NTFS volume sizes can be up to 2 TB on MBR disks or

256 TB on GPT disks.
Cluster size: you can change the size of clusters on an NTFS volume, but
this is rarely done.
Recovery: NTFS can provide reliable data transfer using sector sparing and
transaction tracking. It re-reads and verifies data written to a volume and
moves data on a sector marked as bad to another location. NTFS also
records all disk and file system transactions.
Dynamic disks: you can use disk management tools within Windows to
combine space on multiple physical NTFS-formatted disks into volumes.
Indexing: NTFS creates a catalogue of file and folder locations and
properties using an Indexing Service. This enables users to find files and
folders quickly when using a search tool.
Efficient: NTFS uses clusters within a hard drive more efficiently than FAT.
Permissions and ownership: NTFS supports file and folder permissions
through Access Control Lists (ACLs) and ownership.
Encryption: files and folders can be encrypted with the Encrypting File
System (EFS). Windows Explorer displays filenames for encrypted files in
green.
Compression: Files and folders can be compressed so that they take up
less space. Windows Explorer displays filenames for compressed files in
blue.
POSIX compliance: NTFS supports case sensitive file and folder naming,
hard links (a hard link is a directory entry that associates a name with a
file) and other key features required by UNIX applications. Although the file
system preserves case, the Windows OS does not insist on case sensitive
naming.
Quota management: NTFS allows administrators to set disk quotas to
limit how much disk space users can use. Quotas can be set by rightclicking the hard drive name (i.e. Local Disk C:) in (My) Computer or Disk
Management, and selecting Properties. Then select the Quota tab in the
Disk Properties dialog box, select Show Quota Settings and make
changes. See Figure 4.5.
Page 699 of 1229
Figure 4.5 Hard drive quotas in Windows 7
4.2.4.3 CDFS and UDF

Compact disc file system (CDFS) is the file system standard used to access
files on optical discs. It is formally defined in ISO 9660 and widely supported
by different operating systems, including Windows, Linux and Unix systems,
and the Mac OS.
Universal Disk Format (UDF) is an updated file system standard for optical
discs that supports multi-session writing, such as DVD recordable and
rewritable discs. It is defined in ISO 13346 and is referred to as a Live File
System. There are different UDF versions supported by the different Windows
versions and different disc types, and third party software drivers might be
needed to support a latest UDF version.
4.2.4.4 Resilient File System (ReFS)
ReFS is a newer file system designed for next generation Windows operating
systems that builds upon NTFS with the following improvements:
Larger volumes and files: supports much larger file and volume sizes
than NTFS.
Resiliency: verifies and auto-corrects corrupted data, making it resilient to
disk corruption.
Integrity: stores data so that it is protected from many common errors
that cause data loss. It provides protection for file system metadata and
user data on a per-volume, per-directory or per-file basis. If corruption
occurs, ReFS can detect and when configured with storage spaces,
automatically correct the corruption.
Storage spaces: ensures the protection of data in the storage space.
Similar to RAID, storage spaces enable you to connect multiple physical
drives and use them all as one large virtual storage space (a storage pool).
Quick recovery: in the event of a system error, ReFS is designed to
recover from that error quickly, with no loss of user data.
Page 700 of 1229
Availability: prioritises the availability of data. If corruption occurs and it

cannot be repaired automatically, an online salvage process isolates the
area of corruption, keeping the uncorrupted area of the volume online.
Backwards compatibility: supports many NTFS features such as drive
encryption and file and folder permissions, making it backwards compatible
with NTFS.
4.3 Disk management tools

There are several different tools in Windows that you can use to manage fixed
and removable drives. Tools such as Disk Management and Disk Defragmenter
are GUI tools while chkdsk, fdisk and diskpart are command-line tools.
4.3.1 Disk Management

Disk Management is available in all current Windows operating systems. You
can open it as follows:
Click Start, right-click (My) Computer and choose Manage. The

Computer Management console appears. Select the Disk Management
snap-in.
On Windows Vista and Windows 7, click Start, type diskmgmt.msc in the
Search box and press <Enter>.
On Windows XP, click Start and select Run to open the Run dialog box.
Type diskmgmt.msc in the text box and press <Enter>.
Figure 4.6 shows the Disk Management console within Windows 7. The three
numbered areas in the figure are described below:
1. This area lists all volumes and provides information about each volume,
such as the type of disk, the file system used, the health status, how big
each one is and how much free space each one has.
2. Disk 0 is a basic disk and this shows that it has a system reserved partition,
a C: volume, and unallocated space. You can create new partitions on
unallocated space.
3. Disk 1 is a dynamic disk and it has one volume labelled as E: and
unallocated space. You can create new volumes on unallocated space.
Page 701 of 1229
Figure 4.6 Disk Management console

Note
The 100 MB System Reserved system partition created on Disk 0 in

Figure 4.6 holds some key boot files, so it should not be deleted. Also,
if you intend to keep the OS on your system, do not delete the C:
volume.
There is a variety of different commands from the shortcut menus in these

three areas. You can right-click a volume in the top pane or a volume within
one of the disks to accomplish different tasks or view the volumes properties.
You can also right-click on the disk (i.e. Disk 0 or Disk 1) to complete various
tasks. The choices vary between different operating systems.
4.3.1.1 Identifying disk status
The Disk Management console shows the health status of each disk and
volume. Volumes (or partitions) can have the following status indicators:
Healthy means the volume is available for read/write access.

o Heathy (System) refers to the volume containing the boot loader.
o Healthy (Active) refers to the system volume used to boot the
computer.
o Healthy (Boot) refers to the volume containing the OS.
o Healthy (Page File) refers to a volume that stores a page file.
o Healthy (At Risk) indicates input/output errors. It might mean the
disk or controller is failing.
Failed indicates a damaged disk, a dynamic volume on a supporting disk
is not available, or a corrupted file system. You might be able to reformat it
to still use the disk if it is not damaged, or you can use the check disk tool
to repair the disk.
Formatting a temporary status indicating the volume is being formatted.
Wait for the format to complete before accessing the volume.
Note
A boot loader is the program that calls the OS into RAM and loads
the OS.
Page 702 of 1229
Disks can have the following status indicators:

Online this indicates that there are no problems.
Online (Errors) this indicates I/O errors on a dynamic volume or that
the disk is failing. Right-click on the disk and choose Reactivate to return
it to an Online status. Otherwise, run some disk checks or ensure you have
a good backup available.
Offline/missing a dynamic volume is not accessible or there is a
hardware problem. Right-click the offline dynamic disk and select
Reactivate Disk to bring it back online to use it. If it is a hardware
problem, check the disk, cable, etc. If the disk cannot be restored, use the
Remove Disk option from the disks context menu to remove it.
Unreadable this often indicates a hardware failure. You might be able to
select Rescan Disks from the Action menu in Disk Management to fix it.
If the disk is still unreadable, you might be able to recover data using thirdparty tools.
Foreign when you move a dynamic disk from one system to another, the
target system identifies it as a foreign disk. You can right-click on the disk
and select Import Foreign Disk so that the target system recognises it.
4.3.1.2 Disk Management on Windows XP/Vista/7
The following list identifies what disk management tasks you can perform on
Windows XP/Vista/7:
Create partition/volume: if any drive has unallocated space, you can

right-click on the unallocated space and select New Partition (Windows
XP) or New Simple Volume (Windows Vista/7).
Format: you can right-click any volume and select Format. A wizard will
appear asking you to choose a file system, such as NTFS or one of the FAT
versions.
Delete: you can right-click any partition or volume and choose the Delete
option to change the space to unallocated. If you delete an existing
partition/volume, all data is lost.
Mount a volume: you can mount a volume to an empty folder on a drive.
Instead of the drive appearing as a separate letter, the space will be
available in the mounted folder.
Note
You cannot format or delete boot and system partitions.
4.3.1.3 Disk Management on Windows Vista/7

You can perform the following additional tasks in the Disk Management console
on Windows Vista/7 computers:
Create a volume: you can create a new volume from unallocated space
and format it.
Shrink a volume: you can shrink a volume to a smaller size by rightclicking it and choosing Shrink Volume, leaving unallocated space
available. This effectively repartitions a hard disk without reformatting the
entire disk, keeping all the data on the disk.
Page 703 of 1229
Change drive letters: if you want a drive to use a specific drive letter that
is not in use, you can right-click on the drive and choose Change drive
letters and paths. This causes the system to recognise the drive with the
new letter (typically D: through to Z:).
Extend a volume: you can right-click on the volume and choose Extend
Volume to add space to the volume from unallocated space. For example, if
you have a 100 GB volume and 20 GB of unallocated space, you can extend
the volume to include the additional 20 GB without affecting any data on
the volume, making the volume size 120 GB in total.
4.3.1.4 Initialising a disk

When you add a new hard drive to the system, it will not be recognised and
will not appear in (My) Computer or Windows Explorer until you initialise it.
This only applies to hard drives, not to flash drives. All new hard drives must
be initialised before you can use them. If you start Disk Management, you will
be asked to initialise new disks automatically. Initialisation will not affect the
data or change any partitions or file systems on the drive. All it does is write
an identifier signature onto the disk so that Windows recognises it.
Note
If you do not initialise the disk, the status of the disk will be listed as
Not Initialised.
4.3.1.5 Formatting a volume/array

A volume or disk array must be formatted before the OS can read and write
data to it. Windows systems will typically ask you to format the volume as
NTFS, but you can also choose one of the FAT versions. If you format an
existing volume, you will not be able to access the data on it. If the volume
has data on it, back it up before formatting because you will lose access to any
data on it. You are often given two choices when formatting a volume:
Full format: this option prepares the disk and scans it for bad sectors and
marks them as bad. A system will not write data to bad sectors.
Quick format: this option only formats the disk; it does not scan it for bad
sectors. A quick format is quicker but not recommended for a system that is
used regularly because the system might attempt to write data to bad
sectors, resulting in corrupted files.
You can format any Windows partition/volume in (My) Computer by rightclicking the drive and choosing Format. You will see a dialog box that allows
you to choose a file system, the cluster size, a volume label (name), perform a
quick format and enable compression, which will enable users to compress
folders or files. However, the recommended method of formatting a volume is
by using the Disk Management console or from the command prompt.
The following steps show how to create and format a volume in Disk
Management on a Windows 7 system:
1. Right-click the unallocated space on the volume at the bottom of the
console and select New Simple Volume. Click Next.
Page 704 of 1229
2. By default, the maximum size of the volume is automatically entered as the

size of the new simple volume. You can change the size or accept the
default. Click Next.
3. On the Assign Drive Letter or Path page, you can assign the volume a drive
letter or accept the default letter. Click Next.
4. On the Format Partition page, you can either accept NTFS as the default file
system or change it to one of the FAT versions based on the size of the
volume. If you want to check the disk for bad sectors, deselect Perform a
quick format. Click Next.
5. Click Finish. The OS will format the volume. Figure 4.7 shows the various
pages of the New Simple Volume wizard.
Figure 4.7 New Simple Volume Wizard

You can also use the format command on new disks and RAID arrays to
prepare them with either the FAT32 or NTFS file system. The syntax for the
format command is as follows:
format volume /fs:filesystem
For example, to format the H: drive with NTFS, use the following command:
format h: /fs:ntfs
As you can tell, the /fs: switch allows you to specify the file system (NTFS or
FAT32). Other common switches include /v: (specify volume label), /q
(perform quick format), /a: (specify allocation unit size), /x (force volume to
dismount) and /c (enable file compression if using NTFS).
4.3.1.6 Shrink and extend a volume
You can follow these steps to shrink a volume in Windows Vista/7 using Disk
Management:
1. Right-click on the C: drive on Disk 0 (or another drive) at the bottom area
of the console and choose Shrink Volume.
Page 705 of 1229
2. The system will identify the maximum amount of space in MB that you can
shrink the volume to. You can accept the default or shrink it to a different
size.
3. Click Shrink. The amount of space freed up by the shrink operation will be
assigned to Unallocated space.
If you want to assign more space to a volume, you can do so by extending it,
but the disk must have unallocated space on it. The following steps show how
to extend a volume on Windows 7 using Disk Management:
1. Right-click on a volume and choose Extend Volume. Click Next.
2. This will automatically select all of the unallocated space on the disk. You
can change this to a smaller size and leave some unallocated space. Click
Next.
3. Click Finish to extend the volume to take the additional space you specified
away from the Unallocated Space.
4.3.1.7 Mount a volume
While volumes can be assigned a drive letter, they can also be mounted as a
folder on the same or another drive, known as a mount point or mounted
drive. You may, for example, use the Documents folder on your Windows 7
computer to store your music and video files. As your collection grows, you
realise your current hard drive is running out of space. You are going to buy
another hard drive, but do not want to copy everything over to the new drive.
After you install the new hard drive, you can mount the primary partition (or
logical drive) as a folder within the existing Documents folder on your C: drive
(for example, C:\Users\Sibulele\My Files). The drive will not have a letter (but
you could add one later if you want to). To use the new drive, just drop files
into the My Files folder. They will be stored on the new hard drive and not on
the original drive.
Note
You can create mount points on basic disks formatted with NTFS, but
the mounted drive can be formatted with any file system. Also, the
mount-point folder must be empty.
You can use the following steps on a Windows 7 computer to create a mount
point using Disk Management:
1. Right-click the unallocated space of a disk and select New Simple Volume.
Click Next. This will automatically select all the unallocated space on the
disk, but you can change it to a smaller size and leave some unallocated
space if you want to. Click Next.
2. Select Mount in the Following Empty NTFS Folder. See Figure 4.8.
Page 706 of 1229
Figure 4.8 Mount a volume to an empty NTFS folder

3. Click Browse. Browse to the location of an empty folder. You can also
select an existing drive such as C: and click New Folder and name your new
folder. Click OK, and then click Next.
4. Select a format option and click Next. Click Finish.
The new volume will not be identified as a mount point in Disk Management.
You will have to open Windows Explorer to see it. Click Start, select
Computer, and select the C: drive. You should see something similar to Figure
4.9. In the figure, the mounted folder is named MyMount. Notice that it has a
shortcut icon with an arrow.
Figure 4.9 A mount point on a disk

Mount points can also be identified from the command prompt. To do so, run
the dir command and press <Enter>. The mounted folder will appear as
<JUNCTION> instead of as <DIR>.
4.3.1.8 Converting a basic disk to a dynamic disk
Before converting a basic disk to a dynamic disk, remember the following
points:
You cannot use a system as a multi-boot system if any of its disks are
dynamic.
Page 707 of 1229
This is a one-way action. You should not lose data converting a basic disk to
dynamic, but you will lose all your data when converting a dynamic disk
back to basic. Also, you must delete all the volumes on the dynamic disk
before converting it back to basic. As with basic partitions, you must format
the volumes with NTFS or FAT/FAT32 before the OS can use them. Back up
your data before converting.
You can use Disk Management to convert a basic disk to a dynamic disk on a
Windows 7-Based system as follows:
1. Right-click on the disk (i.e. Disk 0 or Disk 1) in Disk Management, and
select Convert to Dynamic Disk. A dialog box will appear with the disk
selected. Make sure this is the disk you want to convert and click OK.
2. Click Convert. Review the warning from Disk Management that indicates
that you will not be able to use the system as a multi-boot system. Click
Yes. After a moment, the disk will be listed as a dynamic disk.
4.3.1.9 Performing tasks on a dynamic disk
If you created a dynamic disk, you can create a spanned volume, a mirrored
volume, or a striped volume. You can create a mirrored volume using Disk
Management on Windows 7 as follows:
1. Right-click the unallocated space on a disk and select New Mirrored
Volume. See Figure 4.10. Click Next.
2. The disk you clicked will be selected. Select a second disk from the list of
available disks and click Add.
3. The size will default to the maximum amount of space from either disk. You
can change the size if desired. Click Next.
4. Click Next to accept the default drive letter.
5. Choose a format option and click Next. Click Finish.
6. If the disks are basic disks, you will be asked to convert them to dynamic.
Click Yes. The system will create the mirrored volume.
Figure 4.10 Creating a mirrored volume called My Mirror

Note
You can create mirrored (RAID 1) volumes on Windows 7 only.

Windows XP/Vista support dynamic disks using RAID 0 and spanned
volumes, but not RAID 1.
Page 708 of 1229
You can create a striped volume using Disk Management on Windows 7 as

follows:
1. Right-click the unallocated space on a disk and select New Striped
Volume. Click Next.
2. The disk you clicked will be selected. Select a second disk from the list of
available disks and click Add.
3. The size will default to the maximum amount of space from either disk. You
can change the size if you want to. Click Next.
4. Click Next to accept the default drive letter.
5. Choose a format option and click Next. Click Finish.
Figure 4.11 shows the bottom area of Disk Management. This computer has
three physical disks. You can see that 10 GB of disks 1 and 2 have been
created as a mirrored volume called My Mirror and 10 GB of disks 1 and 2 have
been created into a striped volume called My Striped Volume. The mirrored
volume provides fault tolerance, however, only half of the drive space is
available for data storage. In contrast, the striped volume combines the two 10
GB space to provide about 19.54 GB of disk space available.
Figure 4.11 Mirrored and striped dynamic volumes
4.3.2 Diskpart
Diskpart is an advanced disk management tool that can be used at the
command prompt and at the Recovery Console (Windows XP) or Windows
Recovery/Pre-installation environment (Windows Vista/7). You can do anything
in diskpart that you can do in Disk Management and it can be used when Disk
Management is not available.
1. You can start diskpart from the command prompt by typing:
diskpart
2. Press <Enter>.
Page 709 of 1229
3. Then you can type help and press <Enter> to see a list of commands that
can be entered. Some of the common actions you can perform with diskpart
are format, convert (between basic and dynamic, or between MBR and
GPT disks), assign (change the drive letter), shrink extend and delete
(destroy a volume).
4. When using diskpart, you must first select the item you want to work on.
You can use the list command to list available items, by typing any one of
the following commands before pressing <Enter>:
list disk
list partition
list volume
5. You can then select the item by typing any one of the following commands
before pressing <Enter>:
select disk x
select partition x
select volume x
(substitute x with the number shown from the output of the list command.
After the item is selected, you can run the desired command).
6. You can select a volume from a partition as follows:
select partition | volume x
(substitute x with the volume number, such as 0)
7. After selecting a disk, you can display configuration information for the disk,
such as its file system, type (partition), size, health status, info (system,
boot) by typing the following before pressing <Enter>:
detail disk
Note
If the output of this command indicates that the disk has no partitions
on it, suspect that a virus has corrupted the partition table. You might
be able to fix this by partitioning and formatting the disk. If you want
to wipe all partition and volume information off the currently selected
disk, run the clean command at the diskpart prompt. This tool
handles corruptions that simply will not let Windows boot and can be
used as a last resort.
As a short exercise, you can go through the following steps to start diskpart
and list the disks and partitions on your computer:
1. Start the command prompt by typing cmd in the Search box in the Start
menu and press <Enter>.
2. Type in diskpart and press <Enter>. If prompted by UAC to continue,
click Yes. A new window will appear with DISKPART> as the prompt.
Page 710 of 1229
3. Type in list disk and press <Enter>. This command lists all the disks in
your computer.
Figure 4.12 shows an example of the output from running the list diskpart
command on my computer at the DISKPART> prompt. The asterisk (*) in the
Dyn column for Disk 1 and Disk indicates that they are dynamic disks. All of
these disks are of the MBR type. If they were GPT disks, they would have an
asterisk in the Gpt column.
Figure 4.12 Listing disk information using diskpart

4. Type in select disk 0 and press <Enter>.
5. Type in list partition and press <Enter>. This lists the partitions on
disk 0.
6. Type in exit and press <Enter> to exit diskpart.
4.3.3 Chkdsk and check disk

The chkdsk command scans, detects and repairs hard drive and volumerelated issues and errors. If you run it without using any switches, it will run a
check on the current disk and report the results back. However, it does not
attempt any repairs unless you run it with one of its switches. Two of the
common switches used with the chkdsk command are listed in Table 4.2, along
with an example command. Substitute volume with the drive letter of the disk
and a colon (for example e:).
Table 4.2 Common chkdisk commands
Switch Function
/f
Attempts to fix file system errors caused by crashes, power and the
like. For example:
chkdsk volume /f
/r
Attempts to locate and repair bad sectors. This implies /f, so it also
fixes errors on the disk. Many bad sectors means the drive is reaching
the end of its lifetime. You will be asked to save the file as
recoverable data, which is copied to the root directory as filennnn.chk
files. For example:
chkdsk volume /r
Page 711 of 1229
Note
Running chkdsk can take a long time and you will not be able to
cancel the process once it is started.
If Windows Vista/7 detects a problem with a volume, it will often schedule

chkdsk to run the next time the computer reboots. Also, chkdsk cannot fix
open files, so you will be asked to schedule the disk check the next time the
computer is booted. If you select Schedule disk, the system will run the
check when it reboots. A version of check disk (autochk) will also run
automatically if the system detects file system errors.
You can also check a disk in using the Check Disk GUI tool in Computer as
follows:
1. With (My) Computer opened, browse to the hard drive you want to check.
2. Right-click on the drive and choose Properties.
3. Click the Tools tab and click Check Now.
Your display will be similar to that shown in Figure 4.13.
Figure 4.13 Running check disk

The two options in the Check Disk dialog box work the same as the /f and /r
switches do with chkdsk. The first option works like the /f switch to fix errors,
and the second option recovers from bad sectors like the /r switch. Selecting
none of the options runs the tool in read-only mode.
4.3.4 Convert
Although it is best to use NTFS instead of FAT, you will come across FAT
volumes. If you want to convert a volume from FAT to NTFS, you can do so
with the convert command.
Page 712 of 1229
Converting a FAT volume to NTFS does not reformat it, so you will not lose any
data. The basic syntax of the command is as follows:
convert volume /fs:ntfs
You specify the volume letter followed by a colon. For example, if you want to
convert the
E: drive from FAT32 to NTFS, you could use the following command:
convert e: /fs:ntfs
Note
The convert command allows you to convert FAT to NTFS without

losing any data. However, if you want to convert NTFS to FAT, you
must reformat the volume and, therefore, you will lose all the data on
the drive.
4.3.5 Disk Defragmenter and Defrag

The Disk Defragmenter tool allows you to easily determine whether a disk is
fragmented. Use the tool to rearrange files into neat contiguous clusters so
that the hard drive or flash drive performs better and runs faster. It is
available within Computer Management in Windows XP and as a separate
GUI in Windows Vista/7. You can access it in Windows Vista/7 by clicking Start
> All Programs > Accessories > System Tools and selecting Disk
Defragmenter. You can also right-click on any drive in (My) Computer,
select Properties and click the Tools tab, and choose Defragment Now.
Figure 4.14 shows the disk defragmenter tool within Windows 7. In the figure,
the drive has been analysed but there is very little fragmentation on this drive.
Figure 4.14 Disk Defragmenter in Windows 7
Page 713 of 1229
Note
By default, Windows Vista/7 is automatically scheduled to check a

drive for fragmentation once a week. Also, defragmentation can slow
your system down while running in the background while you are
working and will not defragment any open files. Therefore, it is best to
schedule it when you are not using the system. It also requires 15%
of free disk space to work.
You can also run the defrag command at the command prompt to defragment
a hard drive. The basic syntax is as follows:
defrag volume
For example, if you want to defrag the E: drive, use the following command:
defrag e:
Table 4.3 lists some common switches you could use with the defrag
command, along with sample usage. The volume used in the table is E:, but
change it according to your volume.
Table 4.3 Common defrag command switches
Switch Function
/a
Perform analysis of the drive and display a report. For example:
defrag e: /a
/f
Force the volume to be defragmented. For example:
defrag e: /f
/v
Display complete analysis and defragmentation reports.
example:
defrag e: /v
/c
Defragment all volumes. For example:
defrag e: /c
For
4.3.6 Disk cleanup

When your system is running low on disk space, you can use Disk Cleanup
(cleanmgr) to remove files that are not needed. Disk cleanup can be used to
remove temporary files such as those cached from browsing the Internet and
those created by applications that are supposed to be deleted when the
application is closed but are not, those files you have deleted but remain in the
Recycle Bin, downloaded program files and some system files that are no
longer needed. You can access Disk Cleanup from within Windows Explorer by
right-clicking any drive and selecting Properties. Ensure the General tab is
selected, and click on the Disk Cleanup. You can also access it by clicking
Start > All Programs > Accessories > System Tools and selecting Disk
Cleanup. Figure 4.15 shows the General tab of the local disk properties (on
the left) indicating the disks used space and free space and the Disk Cleanup
tool (on the right) within Windows 7.
Page 714 of 1229
Figure 4.15 Local Disk Properties and Disk Cleanup

If you click OK, the system will delete the selected files. If you want to remove
system files that are not needed, you can click Clean up system files and the
system will calculate how much space can be saved, including the removal of
unneeded system files.
4.3.7 Fdisk
Fdisk is a very old command that is used to create partitions. This is useful for
when you need to install an older OS that does not include built-in tools for
creating partitions. An undocumented feature with fdisk is the fdisk /mbr
command, which can be used to repair the master boot record on older
operating systems. Newer operating systems include the fixmbr command
from the recovery console.
Note
Most OS install programs now include built-in tools to partition a disk,

so Fdisk is rarely needed. Fdisk is replaced by diskpart in newer
Windows versions.
4.3.8 Third-party partition tools

Disk Management and the other Windows command line tools are good tools,
but they are still limited for some situations. Some third-party tools can give
you great flexibility and power to structure and restructure your hard drive
storage to meet your changing needs:
Symantecs Norton Partition Magic use it on older Windows versions

to create and manage partitions without destroying data.
Page 715 of 1229
Avanquest Partition Commander Professional use it on Windows to

manage partitions and convert dynamic disks to basic disks without
destroying data (which you cannot do with the Microsoft-supplied Windows
tools), defrag NTFS partitions and move unused space from one partition to
another on the same physical drive.
GParted although Linux operating systems come with partitioning tools

built in, you can use the freely available GParted tool that does just about
everything the other partitioning tools do.
If you look closely at Figure 4.16, you will notice that that the tool uses
unfamiliar names for the partitions, such as HDA1 or SDA2. These are Linux
naming conventions for disks and partitions and are well documented in the
help screens of GParted.
Figure 4.16 GParted

Unfortunately GParted is a Linux program and therefore it only runs on Linux.
So how do you run Linux on a Windows system without actually installing Linux
on the hard drive? The answer is a Live CD or USB. There are tools that you
can download that will allow you to burn live media that boots into Linux so
that you can run GParted. The live media contains a complete copy of the OS,
that is, the OS is already installed on the disc or drive. You boot from it and
the OS loads into RAM. As it boots, it recognises the systems hardware and
loads the proper drivers into RAM so everything works as normal. The only
difference is that you cannot save data to the hard drive but you can run
programs such as GParted that work on the hard drive, which makes live
media popular with technicians.
4.3.9 Disk images

A virtual hard disk (VHD) is a disk image file format that contains a virtual
representation of a physical disk, including the disks partitions, file system,
folders and files.
Page 716 of 1229
It is most often created as a VHD containing a functional copy of an OS for a

virtual machine, particularly one created for Microsofts Virtual PC and Hyper-V
virtualisation software, although other programs such as VirtualBox also
support VHDs. Each virtual hard disk is stored as a VHD file on the host
systems physical disk and given the .vhd file extension.
You can use Disk Management to create, attach and detach VHDs. VHDs
appear just like physical disks in Disk Management and you can easily copy
files to and from the VHD. Windows 7 enables you to boot to a VHD.
To create a VHD in Windows 7:
1. Right-click Disk Management and click Create VHD. Alternatively, on the
Action menu, select Create VHD. A VHD can only be a basic disk.
2. In the Create and Attach Virtual Hard Disk dialog box, specify the
location on the physical computer where you want the VHD file to be stored
and the size of the VHD.
3. In Virtual hard disk format, select Dynamically expanding or Fixed
size, and then click OK. The dynamically expanding option will
automatically increase the size of the disk as needed while fixed size keeps
the same disk size.
Note
After you create the VHD, you must attach it and then format it
before it can be used, just like a physical volume. When a VHD has
been attached and available for use, it appears blue.
To make a VHD available for use (either one you have just created or another
existing VHD):
4. Right-click Disk Management and choose Attach VHD. Alternatively, on
the Action menu, select Attach VHD.
5. Specify the location of the VHD using the full path.
Figure 4.17 shows the Create and Attach Virtual Hard Disk dialog box that
appears when the Create VHD option is chosen (in the centre), and the Attach
Virtual Hard Disk dialog box (on the right) that appears when the Attach VHD
option is chosen.
Figure 4.17 Creating and attaching virtual hard disks

Page 717 of 1229
To detach the VHD, making it unavailable:

6. On the Action menu, select Detach VHD. Alternatively, right-click the VHD
in the volume list, and then choose Detach VHD. Detaching a VHD does
not delete the VHD or any data stored in it. If the disk is detached and is
unavailable, its icon is grey.
An ISO image is a disk image file that contains the contents of an optical disc.
ISO image files usually have an .iso file extension. Software distributed on
bootable discs such as operating systems are often available for download as
an ISO image and like any other ISO image, can be written or burned to an
optical disc using Windows Explorer in Windows 7 or third-party software in
Windows XP/Vista. ISO images can be created using third party disc imaging
software or from a collection of files by optical disc authoring software or from
a different disk image file by means of conversion.
Page 718 of 1229
Unit 5 File and Folder Management
Use Windows Explorer to manage files and folders.

Configure Folder Options.
Manage files and directories from the command prompt.
GTS A+ Certificate
802 Support Skills Study Notes

o Managing Files (p.79)
5.1 Windows Explorer

Windows Explorer or simply just Explorer is the primary tool for browsing
and working with drives, files and folders on a Windows system. You can use it
to search for, open, copy, move, rename, view and delete files and folders on
all drives in or connected to the system. Windows Explorer is controlled by the
explorer.exe process (which can be viewed in Task Manager). The following
steps outline some common ways to open Windows Explorer in different
operating systems:
In Windows XP, click Start, right-click My Computer and select Explore.

In Windows Vista, click Start > All Programs > Accessories, and select
Windows Explorer.
In Windows 7, right-click Start and select Open Windows Explorer.
Figure 5.1 shows Windows Explorer opened to the C: drive, with the Windows
folder opened (as in C:\Windows). The left navigation pane shows the drives
and folders that make up the hierarchical structure of the system and network
and the right pane shows the contents of the currently selected drive/folder.
Click the plus + sign to expand or minus sign to collapse parts of the
hierarchy.
Note
If your keyboard includes the Windows key, you can open Windows
Explorer on any Windows-based system by pressing <Windows> +
<E>.
Page 719 of 1229
Figure 5.1 Windows Explorer

Note
If you cannot see the Windows Explorer menu bar at the top, press
<Alt> + <T> to bring it up temporarily. Alternatively, click the
Organize button on the menu bar; then choose Layout and select
Menu Bar to display it permanently. Layout also allows you to enable
or disable any of the window panes in Windows Explorer.
5.1.1 Perform common file and folder tasks

You can create a file and folder using a specific application or you can use the
Desktop, Windows Explorer and Computer to create a file or folder. To
create a file or folder, go to the location you want it to be stored such as in
another folder, on a drive or on the desktop and create it there. Likewise, to
rename, move, copy or delete a file or folder, you have to go to where it is
stored and perform the task from there.
To open a file or folder, double-click it. You can also right-click on it and
select Open or Open with. Alternatively, you can use the File menu in
most applications to open files specific to that application.
To create a new file or folder, go to the location where you want to

create it and right-click on a blank area, point to New, and then select the
application to create the new file that can be opened with that application,
or select Folder to create a new folder (see Figure 5.2).
Page 720 of 1229
Figure 5.2 Shortcut menu for creating a new file or folder
To rename a file or folder, right-click it and select Rename. You can also
change the file extension but this is not recommended as the file will no
longer be associated with the program used to open it.
To copy and paste a file or folder, open the location that contains the file
or folder, right-click on the file or folder and then click Copy (or press
<Ctrl> + <C> to copy). Open the location you want to copy the file or
folder to, right-click in a blank area, and then click Paste (or press <Ctrl>
+ <V>).
To move a file or folder, select it and drag it to its new location.

Otherwise you can use <Ctrl> + <X> to cut and <Ctrl> + <V> to paste.
To select files and folders one after the other, click on the first item
and press and hold down the <Shift> key, and then click on the last item
of the group. Release the key when you are done with your selection.
To select files and folders at random, press and hold down the <Ctrl>
key, and then click each file and folder that you want to select. Release the
<Ctrl> key when you are done with your selection.
To select all the files and/or folders, click inside the window and press
<Ctrl> + <A> key combination.
To delete a file or folder and move it to the Recycle Bin until this is
emptied, right-click on it and then click Delete. Alternatively, you can select
the file or folder and press the <Delete> key. A confirmation dialog box will
ask you if you are sure you want to delete the file or folder.
To zip (compress) files and folders to make them smaller to save space,
or to keep files together into an archive, or to transfer them much more
quickly, locate the file or folder, right-click it, point to Send to and then
click Compressed (zipped) folder. The newly-created compressed folder
will be assigned a .zip extension. You can copy, drag, cut and paste zipped
items in the same way as unzipped items.
Page 721 of 1229
To unzip (uncompress or extract) a single file or folder, double-click it

to open it and drag it from the compressed folder to a new location. To
extract the entire contents of the compressed folder, right-click the
folder, click Extract All, and then follow the instructions.
Tip
You can also zip and unzip files using third party programs like 7-Zip
and WinRAR. Many of these programs support many archive file
formats, such as .iso, .tar, .7z, .cab, .rar, .wim and .zip.
5.1.2 (My) Documents

Windows Explorer appears in a variety of ways to help you focus quickly on
what you want to do. For example, Windows Explorer appears when you open
(My) Computer for browsing drives or when you open (My) Documents for
browsing personal data. When you access My Documents (in Windows XP) or
Documents (in Windows Vista/7) by selecting it from the Start menu,
Windows opens Windows Explorer with your user documents and possibly your
personal data. Because the (My) Documents folder is stored by default on the
C: hard drive, Windows Explorer shows the contents of that drive. By default,
when you open Windows Explorer in Windows 7, the Libraries view is
displayed. In Windows Vista, the \%username%\Documents folder is
shown by default.
5.1.3 Libraries
The version of Windows Explorer in Windows 7 includes libraries for each user
profile. Libraries provide a way of organizing files and folders stored in
different locations. The default libraries are shown on the left in Figure 5.3.
Libraries do not hold any data but instead act as virtual folders that link to the
locations where the folders are actually stored. A library can include pointers to
multiple folders on a local hard drive, an external hard drive and folders on a
network drive. When you click on a library folder, it shows all the folders within
it, regardless of where they are located.
You can create new libraries within the main Libraries window by right-clicking
Libraries in the left pane (or right-clicking an empty work area) and select
New > Library, and give the library a name. After a library has been created,
you can add folders from your system or from shares on other systems.
To add a folder to a library, right-click any folder in Windows Explorer, select
Include in Library and then click the library you want to use in the menu that
appears. You can also right-click a library, select Properties and use the
Include a folder button as shown on the right in Figure 5.3 to add folders.
Page 722 of 1229
Figure 5.3 Libraries window (left) and Documents Properties (right)

Remember two important points about libraries:
Only folders can be added to a library (not individual files, printers, etc.).
Deleting files and folders from within a library will also delete the actual files
and folders from their original locations. If you want to remove an item
from a library but not delete it from the location it is stored in, you should
remove the actual folder containing the item.
5.1.4 (My) Documents location

The Documents folder is part of a users profile. There might be times when
the administrator wants to move the Documents folder to another location but
still keep it part of the users profile, such as when the user has stored lots of
data in the Documents folder and there is not much free disk space available
on the C: drive. The administrator can move the data to another drive to free
up disk space. The following steps show you how to do this on different
operating systems:
In Windows XP, open Windows Explorer, right-click My Documents and

select Properties. Click Move and browse to the new location. Click Select
Folder and click OK. Click Yes to confirm the move.
In Windows Vista, open Windows Explorer and in the Folders area,
expand your user profile (your username), right-click Documents and
select Properties. On the Location tab, click Move and browse to the new
location. Click Select Folder and click OK. Click Yes to confirm the move.
Click OK.
In Windows 7, open Windows Explorer and expand the Documents
folder within Libraries. Right-click My Documents and select Properties.
On the Location tab (as shown in Figure 5.4), click Move and browse to
the new location. Click Select Folder and click OK.
Page 723 of 1229
Figure 5.4 My Documents (Location tab)
5.1.5 Personal Folder

All versions of Windows provide a special folder structure for each user account
so that users have their own place to store personal data. Although the My
Documents folder is available in Windows Vista/7, it is designed literally for
documents such as text files. Windows Vista/7 takes My Documents to a new
level with Personal Folder. Click on the Start menu and you will see a folder
option with the name of the account that is currently logged into the system.
With that option, not only can you access all your files, folders, pictures,
music, downloads and desktop items, but also add a number of other folders
as well as important data such as copies of recent searches.
Figure 5.5 Personal Folder
Page 724 of 1229
5.2 Folder Options

It is important to know how to control how files are seen and to change
properties associated with files and folders. The Folder Options applet in
Control Panel enables you to control how users view the files in the folder and
what they can do with the files.
Here are a few ways to open Folder Options:
Choose Organize > Folder and Search options from any Windows
Explorer window.
Press the <Alt> key to make the old menu bar appear. Choose Tools >
Folder options.
Open the Start menu and start typing folder in the search box until you
see Folder Options in the results list and click it.
In the Control Panel, type folder into the Search box. Click Folder
Options.
5.2.1 Extensions
Windows files have a name, a dot and a three or four character extension.
When you double-click a file to open it, Windows opens the correct application
based on the extension. Windows maintains a table that lists every extension
and the program that opens it. Here are some common examples:
When you double-click this file
Star wars.docx
Quarterly results.xlsx
Home page.htm
A home movie.mp4
A song.mp3
then this program opens it.

Microsoft Word
Microsoft Excel
Internet Explorer
Windows Media Player
Windows Media Player
5.2.1.1 Unknown file extension types

Every now and then you might try to open an unknown file whose extension is
missing or is not recognised by Windows. When you double-click the file,
Windows will display the dialog box (shown on the left in Figure 5.6) indicating
that Windows cannot open the file and giving you the following two choices in
the form of radio buttons:
Use the Web service to find the appropriate program: If this option is
chosen, Windows will take your computer onto the Internet and search
Microsofts website for the file extension.
Select the program from a list of installed programs: If this option is
chosen, an Open with dialog box similar to the one shown on the left of
Figure 5.6 will appear. From here you can select the program you want to
open the file with or browse for the program in the C:\Program Files folder.
You can also choose Always use the selected program to open this kind of
file, if you wish.
Page 725 of 1229
Figure 5.6 Opening a file with an unknown extension

Note
Be cautious when opening unknown files, since they might be

malicious software that can cause damage to your system.
5.2.2 Showing Hidden Files and Folders, and Extensions

Many files and folders are marked as Hidden through their attributes and are
therefore hidden by default in different operating systems. This is because
most users do not need to access the hidden files (such as critical system files)
and hiding them prevents users from accidentally manipulating the files.
Similarly, file extensions often confuse users and overtyping an extension can
make it difficult to open the file, so extensions are hidden by default. As a
technician, you will often need to see all the files and extensions. To show
hidden files and extensions in Windows Vista/7:
1. Choose Start> Control Panel. If necessary, change the view to Large
Icons or Classic View.
2. Double-click Folder Options. See Figure 5.7.
Page 726 of 1229
Figure 5.7 Folder Options (General tab)

3. On the General tab, you can set options for the layout of Explorer windows
and restore default settings.
4. Click on the View tab. Here you can configure how files and folders are
displayed. Select Show Hidden files, folders, and drives. This will show
all hidden files, folders and drives, except for system files.
5. Deselect Hide extensions for known file types.
6. To show hidden system files, deselect Hide Protected Operating System
Files (Recommended). Review the warning, and click Yes to display the
files. Your dialog box will look similar to Figure 5.8.
Figure 5.8 Folder Options (View tab)
Page 727 of 1229
7. Select either OK or Apply to make the change. OK will make the change
and close the dialog box and Apply keeps it open so that you can change
other settings. The Search tab in Figure 5.8 allows you to specify various
search options.
Figure 5.9 shows two views of Windows Explorer opened to Sibuleles user
profile on Windows 7. The one on the left is a normal view and the view on the
right shows some of the hidden folders shown after making the change.
Figure 5.9 Comparing views before and after making Folder Option
changes
You can also show hidden files and extensions in Windows XP by selecting
Start > Control Panel. If necessary, modify the view to Classic View. Select
Folder Options and click on the View tab.
Then select Show Hidden Files And Folders, deselect Hide Extensions For
Known File Types and deselect Hide Protected Operating System Files
(Recommended). Review the warning, and click Yes to approve the change
and click OK to close the dialog box.
Figure 5.10 shows Windows Explorer opened to C:\Windows\System32 with
some files and their extensions.
Page 728 of 1229
Figure 5.10 Viewing file extensions
5.3 Recycle Bin

When you delete a local file in Windows, that file moved to a folder called the
Recycle Bin, which provides some level of protection. The file will stay there
until you empty the Recycle Bin or restore the file from within the Recycle Bin,
or until the Recycle Bin reaches its pre-set size and starts deleting its oldest
contents. To access its properties, right-click on the Recycle Bin icon on the
desktop and select Properties. Figure 5.11 shows a typical recycle bin window
on the left and its properties page on the right.
Figure 5.11 Recycle Bin and its Properties page

By default, the OS will set aside a certain percentage that changes according
the size of the drive, but you can enter the amount of drive space to use for
the Recycle Bin. If your hard drive starts running low on space, this is one of
the first places to check.
Page 729 of 1229
5.4 File and directory commands

There are several commands you can run at the command prompt to view and
edit files and folders. This section identifies the commands you need to know
about and shows some examples of how to use them. It is strongly
recommended that you open the command prompt and try these commands
out.
Note
Remember to press <Enter> to execute the command and use the

commands help system to find out what syntax it uses and what
switches it has. It is also best to create your own files and directories
for testing purposes.
5.4.1 Attribute (attrib) command

The attrib command can be used to view, set and clear attributes assigned to
files and folders. Attributes determine how programs such as Windows Explorer
or backup programs treat the file in special situations. Table 5.1 lists the
attributes that can be set or cleared.
Table 5.1 Common file attributes
Attribute
A
H
I
R
S
Command usage
Archive. When cleared, it indicates the file has been archived (or
backed up); when set, it indicates the file has not been archived
or has been modified since the last archive.
Hidden. Users cannot view hidden files unless settings are
changed to view them.
Not index. Indicates whether the file is included in the index. The
system can find indexed files more easily.
Read-only. Users cannot modify a read-only file without
changing this attribute.
System. The OS protects system files to prevent users and
malicious software from causing damage.
Running attrib at the command prompt will list all the files in the current
directory along with any attributes that are assigned to them. For example, the
following shows the output from the attrib command:
C:\Aplus\Study>attrib
C:\Aplus\Study\Archived file.docx
A
H
C:\Aplus\Study\Hidden File.txt
A
I
C:\Aplus\Study\Not Indexed File.rtf
A
R
C:\Aplus\Study\Readonly File.txt
A
SH
C:\Aplus\Study\System and Hidden File.sys
As you can see, the first file listed above does not have any attributes. The
other files show A for not archived, H for hidden, I for not indexed, and S for
System.
Page 730 of 1229
To see the attributes of a specific file, such as aplus.txt, for example, type:
attrib aplus.txt
You can set any attributes with the + sign and clear any attributes with the
sign. For example, you can type the following command to make a file named
aplus.txt read only:
attrib +r aplus.txt
If you want to clear the read-only attribute, use the following command:
attrib -r aplus.txt
You can add or remove multiple attributes in one command. For example, to
remove three attributes (read-only, system, and hidden) from the
NTDETECT.COM system file, run the following:
attrib -r -h -s ntdetect.com
Note
It is not possible to delete or copy over a hidden, system or read-only

file when these attributes are set on it. However, you can use the
attrib command to change the attributes, and then copy over the file.
You can also see most of these attributes from the properties page of a file
within Windows Explorer. Right-click any file in Windows Explorer and select
Properties. You can see the Read-only and Hidden attributes on the General
tab, as shown on the left in Figure 5.12. Click the Advanced button and the
dialog box will look similar to that shown on the right.
Figure 5.12 File attributes within Windows Explorer

Note
It is not common to change the system attribute of a file, so you

cannot do so from Windows Explorer.
Page 731 of 1229
Notice the compress and encryption attributes shown on the right in Figure
5.12, which can be selected to compress or encrypt the file respectively. The
compress attribute can be manipulated with the compact command and the
encryption attribute with the cipher command.
Although you do not need to know these two commands, it is good to know
that the compact command with no switches displays the compression status
of specified files within a directory and compact /c compresses a specified file
or directory. Also, the cipher command with no switches displays the
encryption status of files. The cipher /e command encrypts a specified file or
directory and cipher /a /e command encrypts the directory and its files. Use
cipher /d to decrypt a file or directory.
Figure 5.13 shows two separate windows with the prompt focused on the APlus
directory on the C: drive. The window on the left shows the result of entering
the compact command with no switches (the output is self-explanatory), and
the window on the right shows the result of entering the cipher command with
no switches. The U to the left of the directories means that they are
unencrypted. If the directories were encrypted, an E would be shown next to
their name.
Figure 5.13 File attributes within Windows Explorer
5.4.2 Changing drives

There will be times when you want to view or edit files on different drives. For
example, you might be in the C: drive but want to access files on your flash
drive (E:). To change drives, simply enter the drive letter followed by a colon
like this:
C:\Aplus\Study>e:
E:\>c:
C:\Aplus\Study>
The first command (e:) changes the default drive to the E: drive and the
second command (c:) changes back to the C: drive. When you change drives,
the system uses the path it remembers for each drive in the session, but when
there is not a path set, it uses the root of the drive. In the example above, the
system uses the root of E: because there is no known path for E:. However,
the system knows that the path for C: is \Aplus\Study, so it uses this path
when it returns to the C: drive.
Page 732 of 1229
Note
If you try to change to an optical drive that does not have a disc, the
system will display an error.
5.4.3 Change directory (CD) command

The cd (or chdir) command is used to change from one directory to another.
You can use cd to point the prompt to any directory. As a reminder, all
commands execute from the current directory or path. Table 5.2 shows how to
use the cd command with some examples.
Table 5.2 CD command usage examples
Cd command
Usage and examples
cd Directory_Name Change to another subdirectory in the same directory or
move down the directory structure, one or multiple levels
at a time. For example, if the current directory is C:\ and
you want to change to the C:\APlus directory, you can
use cd Aplus or to change from the current directory of
C:\ to C:\APlus\Study, you can use cd APlus\study.
cd\
Change to the root directory. If the current directory is
C:\Aplus and you want to change to the root directory C:,
you can use cd\
cd\Directory_Name You cannot move across from one directory to another
directory at the same level. You must first move up one
level (to the parent directory) or to the root directory and
then down to the specified subdirectory. For example, if
you want to change from C:\Aplus to C:\Windows, use
cd\ (to move up to the root directory), then cd windows
(to move down to Windows subdirectory) OR to use two
steps in one, use cd\Windows (to move up to the root and
down to the Windows subdirectory at the same time).
cd..
To move up a single level to the parent directory, you can
use cd..
If the directory exists on the system, the prompt will change to that directory
and will appear as C:\Directory_Name>; where C:\ is the root of the C: drive
and Directory_Name is the name of the directory. If the directory does not
exist or if you accidentally typed it incorrectly, the system will display an error
like this:
The system cannot find the path specified.
Take note of the following points about the cd command and navigating the
directory structure:
It is not necessary to use quotes around directory names that include
spaces, such as My Documents.
Unlike Linux, names are not case sensitive.
Page 733 of 1229
You cannot move from one directory to another at the same level. You
should move up a level or to the root directory and then move down the
directory structure.
Commands such as cd\ or cd.. do not require spaces, but do work with one
space.
5.4.4 Directory (dir) command

The dir command is used to list files and subdirectories from the current or
specified drive and directory. The code listing in Figure 5.14 shows an example
output that you can expect to find after running the dir command.
Figure 5.14 dir command output example

Notice that the output not only lists all of the files and subdirectories in the
current directory, but also other information such as <DIR> to indicate that
the item is a subdirectory, and the following two entries at the beginning of the
listing:
Single dot (.) refers to the root directory of the drive, which is C:\ in this
case.
Double dot (..) refers to the parent directory, which is C:\Aplus in this
case.
As stated previously, you can use the double dot to change to the parent
directory like this:
cd..
However, you cannot use a single dot to change to the root. As stated
previously, to change to the root, use a backslash like this:
cd\
You can include the full path for commands or files in the cd command, but
very often it is easier to change the directory. For example, imagine that you
are currently in the C:\Aplus\Study path, but you want to list the contents of
the C:\Aplus folder. You could use the dir command with the path as follows:
dir C:\Aplus
Page 734 of 1229
Notice that the backslash (\) is used in this command to refer to the root of the
drive, so the command changes to the C:\Aplus directory. Because you are
only moving up one directory, you could also use .. to change to the parent
directory. If your current path is C:\Aplus\Study, the parent folder is C:\Aplus.
The following commands run separately can also work:
cd ..
dir
To list files and directories in the root directory of the E: drive when your
current drive is C:, use the following command:
dir e:\
To list files and subdirectories in the current directory of the E: drive, use the
following command without the backslash:
dir e:
Some common switches that can be used with the dir command are listed in
Table 5.3.
Table 5.3 Common dir switches
Dir
switch
dir /w
dir /a:
dir
dir
dir
dir
/q
/s
/o:
/o:d
Usage
Lists files in a wide list format with no file details. Subdirectories
will be listed in square brackets like this [Windows] when using
this command.
Lists files that have specific attributes such as hidden (/a:h),
system (/a:s), or read only (/a:r)
Includes the name of the owner for each file
Lists all files and subdirectories in the current directory
List files by name (/o:n), by size (/o:s), by extension (/o:e),
List files by date. Use dir /t:c for created on, dir /t:a for last
access, or dir /t:w for last modified.
Using the /s switch with the dir command can be very useful when you are
looking for a specific file. For example, imagine you are looking for a file
located in one of the subdirectories of the current directory. You only know
that the file has the word aplus somewhere in its name and you are not sure
about the rest of the its name and extension. You can use the following
command with the * wildcard:
dir *aplus*.* /s
To search the entire drive from the root directory, either change to the root
directory or include the path in the command. For example, to start searching
from the root of the drive, you can use the \ to identify the root like this:
dir \*aplus*.* /s
Page 735 of 1229
5.4.5 Copying and moving files

The copy command can be used to copy files from one location to another and
the move command can be used to move files from one location to another.
The basic syntax for the two commands are as follows:
copy source destination
move source destination
(Where source is the drive name, path and name of the files to be
copied/moved and the destination is the drive name and path of the new
location). You can include the full path of the source file, the destination file, or
both and you must either be in the directory that contains the source file or
else you must specify the full path of the source file to be copied.
The copy command is rather difficult to learn because of its nature and its
many switches, especially if you are used to dragging items in the GUI. The
following process makes it easier, but the best thing you can do is open up the
command prompt and copy and move files around until you are comfortable
doing it.
Step 1: change the prompt to the directory containing the file(s) you want
to copy or move.
Step 2: type copy or move and enter a single space.
Step 3: type the name(s) and paths of the file(s) to be copied/moved (with
or without wildcards) and enter a single space.
Step 4: type the path of the new location for the file(s).
Step 5: press <Enter>.
As an example, the directory C:\Aplus contains the file study.txt. To copy this
file to a USB drive (E:).
1.
2.
3.
4.
5.
Type cd\Aplus to point the prompt to the APlus directory.

Type copy and enter a space.
Type study.txt and enter a space.
Type e:\
Press <Enter>.
The entire command and response would look like this:

C:\Aplus>copy study.txt e:\
1 file(s) copied
If you change the prompt to the E: drive and type dir, the study.txt file will be
listed.
Note
The only difference between copying and moving is whether the

original file is left behind (copy) or not (move). Once you have
learned the copy command, you have also learned the move
command.
Page 736 of 1229
Take note of the following points about the copy/move command:
If the destination name is not given, the same file name is used.
If a new name is specified as the destination file, the copied/moved file will
be given that new name.
The copy/move command not only lets you put a file in a new location but
also change the name and extension of the file, making the command very
dangerous. For example, the command copy c:\autoexec.bat e:\my.sav
will not only copy the autoexec.bat file to the E: flash drive, but also give
it the new name and extension of my.sav.
The copy command can be used to copy the contents of multiple text files
together. For example, you can use copy log1.txt + log2.txt + log3.txt
logall.txt command to combine the log1.txt, log2.txt and log3.txt log files
into a single file named logall.txt.
As with any command, avoid making mistakes.
You can also use wildcards with the copy command. For example, the
command C:\Study\A+> copy *.txt "C:\Study\Sec+ copies only files
with the .txt extension in the A+ subdirectory to the Sec+ subdirectory.
Note
It is not always necessary to use quotes for the source and

destination file. Quotes are used in this example because the +
symbol confuses the command prompt, so use quotes for any paths
that include the + symbol.
Table 5.4 shows important switches used with the copy command that you
should know about.
Table 5.4 Common copy command switches
Copy
switch
copy /a
copy /v
copy /y
copy /d
copy /z
Note
Usage
Indicates an ASCII-based text file. The copy command uses the
end-of-file character <Ctrl> + <Z> with ASCII files to indicate
the end of the file. If it is not used, the system considers the file
as a binary file (/b) and does not look for the end-of-file
character.
Verifies that files are written correctly.
If the same destination file already exists, the /y switch causes
the prompt to not ask the user to confirm the operation before
overwriting the file. This switch is useful in batch files. The /-y
switch prompts the user to overwrite an existing file.
Decrypts an encrypted source file at the destination.
If the connection is lost during a network copy process, the copy
command will restart the copy process from the point of failure
when the connection is up again.
The copy command will not copy files that have the system or hidden
file attributes. You can copy these files using xcopy and robocopy.
Page 737 of 1229
5.4.6 xcopy
The standard copy command can only work in one directory at a time. The
xcopy command is an extension of the copy command and works similarly to
copy, but it has extra switches that enable you to copy multiple directories at a
time. The most important points that you should remember about the xcopy
command are:
It can do everything that the copy command can do.

It can copy directories and subdirectories from one location to another and
keep the directory structure.
It works faster to copy a group of files.
It creates destination directories as needed.
It works as a backup utility.
It copies files changed or created on or after a specified date.
The syntax is as follows:

xcopy source destination [switches]
(Where source is the location and names of files/directories to copy and can
include a drive letter and colon, a directory name, a file name, or a
combination of these; destination is the new location of the files/directories
and can include a drive letter and colon, a directory name, a file name, or a
combination of these; switches can include a large number of options that
modify the operation of the command).
To copy an existing directory called C:\Aplus to a new directory called
C:\Success, you can use the following command:
xcopy c:\Aplus c:\Success
This command only copies all files in the Aplus directory. It does not copy any
subdirectories.
As another example, if you wanted to copy the entire contents of the C:\Aplus
directory, including all its subdirectories, to the C:\Success directory, you could
use the following commands:
xcopy c:\Aplus c:\Success\ /s
xcopy c:\aplus c:\Data\ /s /e
The first command with the /s switch copies files and subdirectories, but does
not copy empty subdirectories. The second command with the /s and /e
switches copies all subdirectories, including empty ones. These two switches
are the most commonly used ones, but there are many others.
Page 738 of 1229
To give you an idea of the power of xcopy, you can clone an entire drives
contents to another drive by using the following xcopy command:
xcopy D: \ H:\ /h /s /e /k /c /r
This command copies all files from the root directory and subdirectories of the
D: drive to the root directory of the H: drive, including system and hidden files
(/h), empty directories and subdirectories (/s and /e), and file attributes (/k).
The command will also continue copying even if errors occur (/c) and will
overwrite read-only files (/r).
Because xcopy works on directories, you do not have to use filenames as you
would in copy, although filenames and wildcards can be used with xcopy.
Note
There is no xmove, only xcopy.
5.4.7 Robocopy (robust copy)

Robocopy is a robust file copying tool in Windows Vista/7 that includes all of
the features of copy and xcopy and more. You can use Robocopy to copy files
and directories from one computer to another across the network, fully
mirroring the source and destination directory structure by copying files and
deleting any file on the destination computer that is not part of the copy. It
also includes the capability of tolerating network connection interruptions and
resumes copying, performing multithreaded copies for faster copying on multicore computers and logging copy processes.
When you copy a file, the data within the copied file is the same, but the
metadata is different, so the copied file is not a true copy. Metadata is data
about data, such as a files creation date, last saved date and permissions.
Robocopy allows you to copy a file and all its metadata and keep the following
information in the copy:
The data or core information in the file, which copy and xcopy will also
copy.
Both basic and advanced attributes.
Original timestamps, such as when the file was created.
Security information, including all permissions, such as the ability to read
or modify a file.
Ownership information, including the original owner of the file instead of
changing the owner to the user that performed the copy.
Audit settings that allow the system to log when a user accessed a file.
Table 5.5 shows some important switches that you can use with robocopy.
Page 739 of 1229
Table 5.5 Common robocopy command switches

Robocopy
switch
robocopy
/copyall
robocopy /s
robocopy /e
robocopy
/purge
robocopy /mov
robocopy
/move
Usage
Copies the data and all metadata for files. For example:
robocopy c:\aplus e:\success /copyall
Copies directories and subdirectories, but not empty
subdirectories. For example:
robocopy c:\aplus e:\success /s
Includes all empty subdirectories in the copy. For example:
robocopy c:\aplus e:\success /e
Deletes destination files and directories that do not exist in
the source location. For example:
robocopy c:\aplus e:\success /purge
Moves files and deletes them from the source after they are
copied. For example:
robocopy c:\aplus e:\success /mov
Moves files and directories and deletes them from the
source after they are copied. For example
robocopy c:\aplus e:\success /move
The syntax for robocopy is different to xcopy and has changed over the various
versions. You might prefer to run it in the GUI by using the click-to-select
Robocopy GUI (as shown on the left in Figure 5.15) or the improved Richcopy
(shown on the right in the figure).
Figure 5.15 Robocopy GUI (left) and Richcopy (right)

To learn more about Robocopy GUI, visit the following website:
technet.microsoft.com/en-us/magazine/2006.11.utilityspotlight.aspx
To learn more about RichCopy, visit the following website:
technet.microsoft.com/en-us/magazine/2009.04.utilityspotlight.aspx
Page 740 of 1229
5.4.8 Ren (rename) command

The ren command can be used to rename a file or directory. Here are some
examples:
To rename a text file called readnow to readme.txt in the same directory, use
the following command:
ren readnow.txt readme.txt
To rename all files with the .txt extension in the current directory to the .xlsx
extension, use the following command:
ren *.txt *.xlsx
Using Figure 5.16 as another example, the first command attempted to
rename a directory called Notes to My Aplus Study Notes, but the system gave
an error.
Figure 5.16 Rename command failure and correction

Even typing that command followed by /?, would not have provided help. To
execute commands that have more complicated syntax such as ren My Aplus
Study Notes correctly, you need to place quotes around the name, as shown
by the second command in Figure 5.16.
5.4.9 Del (delete) command

The del or erase command can be used to delete individual files. The basic
syntax for the del command is:
del target_file
Or with switches:
del [switches] target_file
You can use wildcards with the del command. For example, if you want to
delete all the files in the current directory, you can use the following
command:
del *.*
Page 741 of 1229
Table 5.6 lists some switches used with the del command along with examples.
Table 5.6 Common del command switches
Switch Usage
del /p
Prompts to confirm before file deletion, for example, del aplus.doc
/p
del /f
Forces deletion of read-only files, for example, del aplus.doc /f
del /q
Quiet. Does not prompt for confirmation when using wildcards, for
example, del *.* /q
del /s
Deletes files in all subdirectories, for example, del aplus.doc /s
del /a: Select files to delete based on their attribute, where the attributes are
r, h, s and a. A minus sign (-) before the attribute means do not
select it and without the minus means select it. For example, del
aplus.doc /a:r or del aplus.doc /a:-r
5.4.10 Make Directory (MD) command

The md or mkdir command can be used to create directories. For example, to
create a directory called Aplus, you could use the following command:
md Aplus
You can use uppercase or lowercase letters for the new directory and the
system will create the directory with the case you use. You can then access
that directory by using either uppercase or lowercase. You can also include the
drive and the path to create the directory in (depending on whether you are
working on the same drive or not). You can also create multiple directories
with one command. For example, if your flash drive (E:) does not currently
have a directory called Aplus and you want to create it along with a child
directory called Notes, you can use the following command:
md E:\Aplus\Notes
This command will create the Aplus parent directory and the Notes child
directory beneath it on E:\Aplus on the E: drive.
5.4.11 Remove Directory (RD) command

The rd or rmdir command is used to delete directories. Table 5.7 lists some
switches used with the rd command.
Page 742 of 1229
Table 5.7 RD command & switches

RD
switch
rd
rd /s
rd /q
Usage
The command on its own deletes an empty directory.
If the directory is not empty, use this switch to delete a directory
and all its subdirectories and files. You will be prompted with an Are
You Sure (Y/N) question. You can press <Y> to confirm the action
or <N> to cancel it.
Using this will prevent the system from asking the Are You Sure
question (quiet mode). This switch along with the suppression
switches for all other commands are useful to include in batch files.
As an example, you can use the following command to delete all files and
subdirectories within a directory called Aplus:
rd c:\aplus /s
Note
If you try to delete a directory that contains files or subdirectories,

you will see an error message unless you use the /s switch or empty
the directory by deleting individual subdirectories and files. Also, you
cannot delete the directory you are currently in.
5.4.12 SFC command

The sfc command starts the System File Checker tool, which you can use to
scan, detect and repair problems with protected system files (such as those
with a .dll, .sys, .ocx, and .exe extensions as well as some font files). You can
run it from the command prompt within Windows or from the Windows
installation disc and it can be useful for fixing problems with built-in Windows
programs caused by the installation of system files no longer in use, user
errors, virus infections (where the virus has tried to modify a system file) and
similar problems. Without getting into the science of how SFC works, just know
that you can use it to replace incorrect versions, missing or corrupt system
files with the correct files from the cache.
To scan all protected system files immediately and attempt to repair files with
problems (if possible), you can use the following command:
sfc /scannow
The command will create a report from the scan on the success or failure of
SFC, which you can view by looking at %windir%\logs\cbs\cbs.log file.
To scan all protected files at the next boot, you can use the following
command:
sfc /scanonce
Page 743 of 1229
If sfc finds that files are missing and there are no replacement files on the
system, you will be asked to insert the Windows installation disc so that the
files can be copied over to the system. To familiarise yourself with sfc switches,
enter sfc /?, as shown in Figure 5.17.
Figure 5.17 Viewing the sfc command syntax, switches and examples
You can also run sfc /scanboot to scan all protected files every time the
system boots, sfc /purgecache to delete the file cache and sfc
/cachesize=x to modify its size.
SFC is integrated with Windows Resource Protection (WRP) in Windows
Vista/7. WRP prevents damage to or malicious use of critical system files and
folders, registry keys and files that are installed as part of the OS by restricting
permissions to them from any source (including administrators). WRP replaces
Windows File Protection (WFP) in earlier Windows operating systems.
Page 744 of 1229
Unit 6 Applications and Services
Add and remove software and Windows features.

Configure software compatibility options.
Use the Services console to manage background processes.
Use msconfig to control startup items and boot settings.
Use Task Manager to monitor and troubleshoot processes.
GTS A+ Certificate 802 Support Skills

Study
Notes

o Managing Applications (p.103)
Study
Notes
Skills
When you install an application on a Windows system, its files are written to
the Program Files directory on the boot partition (usually C:\Program Files).
The installer or setup program will also add configuration data to the registry
and add the new applications name to the Start > All Programs menu and
will tell Windows about the kinds of files (file extensions) the application can
open. The installer might also add folders and files to the users home folder or
the All Users folder if the application is shared amongst users.
6.1 Installing and uninstalling software

To install means to set up software to work with hardware. Before you install
an application, you should ask yourself the following questions:
Is the application from a trusted source?

Are you an administrator? You cannot install most applications unless
you have an administrator account.
Does it run in your Windows OS?
Are all open programs and files closed? You should close all open
programs and files and turn off your anti-virus program, which might think
the arrival of your new program is a virus.
Can you backtrack? If you are concerned about the health and safety of
the program you are about to install, you should back up your data before
installing it. If something goes wrong with the system, you can always turn
it back to its previous good working condition using a restore point (created
with System Restore).
Page 745 of 1229
6.1.1 Installing software

Most commercial software comes on an optical disc, although more and more
software can be downloaded today. Use the setup program that comes with
the media to ensure that the application is installed properly. The application
developer decides what to name the setup or installer file, which in many cases
is setup.exe or install.exe. Double-click the installer file and the installation
wizard will take you through the installation process. Alternatively, you can go
to the Control Panel and use the Add or Remove Programs applet (in
Windows XP) or Programs and Features applet (in Windows Vista/7) to
install software and uninstall and repair software-related issues.
6.1.1.1 Add/Remove Programs (Windows XP)
You can use the Add or Remove Programs applet in Windows XP to add a new
program, change or remove a program, add or remove Windows components
(such as networking and other services), view and uninstall updates and set
program access and defaults for tasks such as email and web browsing. The
applet can be accessed by clicking Start > Control Panel > Add or Remove
Programs.
Note
Many programs are installed with Microsoft Installer (.msi) files.

MSI files are associated with msiexec.exe or the Windows Installer
service. Msiexec.exe is a generic application installer and the Windows
Installer service can be used to push applications out to computers on
a network through Active Directory. To install an MSI file, simply
double-click it and follow any installation instructions.
6.1.1.2 Programs and Features (Windows Vista/7)

You can use the Programs and Features applet in Windows Vista/7 to uninstall
or change a program, turn Windows features on and off and view installed
updates. To open this applet, you can click Start > Control Panel >
Programs (Category view) > Programs and features. Figure 6.1 shows
the Programs and Features applet on the left (with its various options to
uninstall, change, and repair an application and the links to view installed
updates and turn Windows features on or off), which when selected, takes you
to the Windows Features dialog box, as shown on the right in the figure. Unlike
Windows XP, you no longer need to have the installation disc to turn on
features.
Page 746 of 1229
Figure 6.1 Programs and Features (left) and Windows Features

(right)
With Windows Vista/7, UAC will most likely appear when the application is
about to be installed, giving you a chance to review what is going to happen to
your system in case you do not approve of the installation. If you are using an
administrator account, you can simply click Yes or Continue and finish the
installation; otherwise if you have less privileges, you will need to enter a
username and password of an account with administrative privileges.
Note
Some installers have trouble letting UAC know they need more
privileges and simply fail no matter what account you are logged in
with. In such cases, right-click the installer icon or file and select Run
as administrator to give the installer the access it needs.
6.1.1.3 Installing downloaded software

When downloading a new program from the Internet, you have some choices
to make:
Are you sure? Internet downloads are the most common sources of virus
infections. If you are downloading from a software companys site, like
Microsoft.com, that you can trust, you are generally safe. But if the site is
unfamiliar, be very careful.
Run or Save? As shown in Figure 6.2, when you download a program from
the Internet, Windows will ask if you want to Run its installer or Save it.
With Run, the computer will download the installer program to your hard
drive, open the installer and install the software and then disappear. With
Save, the web browser will download the installer program to your hard
drive and leave the installer file there for you to install the program at a
later time.
Page 747 of 1229
Figure 6.2 File download dialog box
6.1.2 Running applications

Once the application is installed in Windows XP/Vista/ 7, you can launch it by
clicking Start > All Programs and clicking the applications name. Otherwise
you can click the applications button on the taskbar or the icon on the desktop
if the application has placed these items there.
6.1.3 Setting default programs

Windows Vista/7 allows you to choose which program you want to use as your
default web browser, music player or other program and also lets you
associate a file type or protocol with a program. You can do this by clicking
Start > Default Programs or by typing default programs in the Search
box. This will open the Default Programs control panel applet as shown on
the left in Figure 6.3. Clicking Set your default programs opens the Set
Default Programs applet as shown on the right. From here you configure the
appropriate option to set default programs.
Figure 6.3 Setting default programs
6.1.4 Removing Software

Every installed application program takes up space on the hard drive and
programs that you no longer need waste that space. Uninstalling or removing
these programs can be very important for optimising performance.
Page 748 of 1229
You remove an application in Windows by using the applications own uninstall

program, when possible. You normally find the uninstall program listed in the
applications folder in Start > All Programs, as shown in Figure 6.4. You
might need to run the uninstaller as administrator by right-clicking the
program and selecting Run as administrator. Refer to the applications Help
file or look in the applications folder for an uninstall icon.
Figure 6.4 Programs uninstall icon

If an uninstall program is not available, use the Control Panel applet to remove
the program. In Windows XP, use the Add or Remove Programs applet and
instead of clicking Add New Programs (which installs software), click
Change or Remove Programs. A list of installed applications will appear and
you can choose the application to uninstall by clicking its name and then
selecting Remove and when asked to confirm, click the OK button.
Figure 6.5 shows the applet in Windows 7. You select the program to remove
and click the Uninstall/Change button or Change/Remove button or rightclick on the program and select Uninstall. Windows will display a message
warning you that it will permanently remove the program from your computer,
and if you want to continue with the removal, click Yes.
Figure 6.5 Uninstalling a program in Programs and Features applet

Page 749 of 1229
The function of the Uninstall/Change and Change/Remove buttons

changes depending on the program. Not all programs can be changed.
Tip
When removing a program, the end result should be the removal of

all of its components, including files and registry entries.
6.1.5 Burning applications for optical discs

Normally, installing an optical drive involves no applications. You install the
drive, Windows sees it and you are done. However, some recordable and
rewritable drives need applications to enable their burning features. Burning to
Blu-ray discs might or might not need third-party software.
If your computer has an optical disc burner, you can copy files to a writable
disc. Windows burns discs in one of the following two disc formats depending
on which disc format you choose:
Live File System: select this drag-and-drop file copy format when you
want to burn a data disc that will play in a computer. You can copy files with
both recordable and rewritable media.
Mastered format: select this format when you need a disc that can play
digital music files, pictures, or video files on any computer or in different
electronic devices, such as CD, DVD, and Blu-ray disc players.
For both formats, insert the writable disc and when the AutoPlay dialog box
appears, click Burn files to disc using Windows Explorer. If AutoPlay does
not appear, click Start > Computer, and then double-click the disc burner
drive. In the Burn a Disc dialog box, type a name for this disc in the Disc
title box, click With a CD/DVD player for the Mastered format or Like a
USB flash drive for the Live File System disc format and then click Next.
Open the folder that contains the files you want to burn and then drag the files
into the empty disc folder.
Note
Other optical disc burning or mastering programs you can use

include: Roxio Media Center, Nero, Multimedia Suite, and ImgBurn
(free).
6.1.6 Working with ISO files

An ISO file, also called a disc image, is a complete copy of an optical disc
merged into a single file. Large application files such as Microsoft Office,
Microsoft Exchange (mail server program) and operating systems are available
for download from the Internet as ISO image files.
6.1.6.1 Use .ISO image file software to download and save the .ISO
image file to an optical disc
Use this option to install an OS on a computer or install software across
multiple systems. If you are using a computer with Windows 7, you do not
need any additional software to burn an optical disc.
Page 750 of 1229
You can burn a disc image file, which often has either an .iso or .img file
extension, to a recordable CD/DVD by using Windows Disc Image Burner.
1.
2.
3.
4.
Insert a recordable disc into the disc burner (drive).

Click Start > Computer.
In Computer, find the disc image file and then double-click it.
If you have more than one disc burner, find the Disc burner list in
Windows Disc Image Burner, and click the burner that you want to use.
5. (Optional) If you want to verify that the disc image was burned correctly to
the disc, select the Verify disc after burning check box. If the integrity of
the disc image file is critical (for example, the disc image file contains a
firmware update), you should select this check box.
6. Click Burn to burn the disc. See Figure 6.6.
Figure 6.6 Burning a disc image to disc

7. After burning the ISO file to disc, you just insert the disc to start the setup
or run setup.exe.
6.1.6.2 Virtually mount and access ISO files as a virtual device
If you do not have an optical disc burner installed on your system or you do
not have blank discs available, you can mount the ISO file as a virtual drive,
which looks like a CD, DVD, or BD drive in Windows Explorer or the Computer
folder. There are several software tools you can use for the virtual drive
method, including:
Daemon Tools (www.daemon-tools.cc)

Pismo File Mount (www.pismotechnic.com)
This is how Pismo File Mount third-party software extracts the contents from
an Office ISO downloaded from the Microsoft website.
1. Download and run the installer for Pismo File Mount Audit Package.
2. After the installation, right-click on the ISO file and choose Mount (as shown
in Figure 6.7).
Page 751 of 1229
Figure 6.7 Mounting an ISO

3. After mounting the image you will notice that the icon for the ISO has
changed and now looks like that shown in Figure 6.8.
Figure 6.8 A mounted ISO

4. Double-click on the file and it will open showing its contents. See Figure 6.9.
Figure 6.9 Contents of an ISO file

5. Now select all the files and copy the contents to another folder on the
system.
6. After copying the contents, unmount the ISO so that it is no longer in use
by Pismo File Mount.
Page 752 of 1229
Figure 6.10 Unmounting ISO file

Now that the contents have been extracted, the ISO can be deleted, the
contents copied to a network share, burnt to a disc, or copied to a flash drive
for installation on other computers.
6.1.6.3 Extract the .ISO files to your hard drive
The contents of an ISO file can be accessed directly using third-party tools that
allow files to be extracted from the ISO file to a temporary folder on the hard
drive. After the ISO file is extracted, the folder or drive will contain the same
files that would be on an installation disc. You can open it in Windows Explorer
or the Computer folder, and double-click the setup program such as setup.exe
to start the installation.
The following tools offer .ISO file support:
IsoBuster (www.isobuster.com)
Daemon Tools (www.daemon-tools.cc)
Winrar (www.rarlab.com)
As you might imagine, ISO files are very large files, but they are also very
important to technicians. Technicians use ISO images as bootable utility discs.
6.1.7 32-bit applications on 64-bit Windows computers

You can run both 32-bit and 64-bit applications on 64-bit operating systems.
Applications are often released in both 32-bit and 64-bit versions, giving you
the option to choose which one to run. To ensure that 32-bit applications work
without causing problems with 64-bit applications of the same type, the files
for the different versions are stored in different locations. On 64-bit systems,
you will see two Program Files folders: the (x86) folder stores all of the 32-bit
application files and the folder without (x86) stores the 64-bit application files.
Because 32-bit systems do not support 64-bit applications, they only have the
C:\Program Files folder. Refer to Table 6.1.
Page 753 of 1229
Table 6.1 Location of 32-bit and 64-bit application files
C:\Program Files
C:\Program Files
(x86)
Note
32-bit Windows systems 64-bit

Windows
systems
32-bit application files
Not used
Do not delete the (x86) folder. It will disable many applications and
most often requires reinstalling the OS to restore functionality.
WoW64 (Windows 32-bit on Windows 64-bit) is a subsystem of 64-bit versions

of Windows that enables the OS to run 32-bit applications. Windows 64-bit
shared system files (dynamic link library [DLL] and executable [EXE] files) are
stored in %SystemRoot%\system32 and 32-bit files are stored in
%SystemRoot%\syswow64 system folder.
6.2 Program compatibility

You might come across an application that works in a previous version of
Windows but does not work in the version you are currently using. You can use
the Program Compatibility tool to configure the application to run by using
specific settings from a previous OS. You can configure the settings manually
by right-clicking the application file, selecting Properties, and clicking the
Compatibility tab. You will see a display similar to Figure 6.11.
Figure 6.11 Compatibility mode

The Compatibility mode area allows you to select a previous OS. Figure 6.11
shows the check box that enables the program to run using compatible
settings for Windows XP (Service Pack 3). You can select other older operating
systems.
Page 754 of 1229
You can often get older applications to work in Windows by using the Program
Compatibility wizard. The Program Compatibility wizard checks with a
Microsoft website to determine whether there is a known setting that works for
the application and if so, will configure the settings. You can also manually
configure compatibility settings. The following steps show you how to start and
run the Program Compatibility wizard in the various Windows operating
systems:
In Windows XP, click Start > All Programs > Accessories > Program
Compatibility Wizard.
In Windows Vista, click Start > Control Panel (Category View ) >
Programs and select Use An Older Program With This Version Of
Windows.
In Windows 7, click Start Control Panel (Category view) > Programs.
Select Run Programs Made For Previous Versions Of Windows.
After starting the wizard, select the program and follow the wizards steps.
6.2.1 Windows XP Mode

Using Windows XP Mode, you can run programs designed for Windows XP on
computers running Windows 7 Professional, Enterprise or Ultimate editions.
Windows XP Mode has two parts: the virtualisation software such as Microsofts
free virtualisation program called Windows Virtual PC, and a disk image
containing a pre-installed, activated, licensed copy of Windows XP Professional
with Service Pack 3 preinstalled. It is useful for applications that are
incompatible with Windows 7 but will run on Windows XP and enables users to
migrate to Windows 7 even if they need to run legacy applications.
XP Mode is not installed on Windows 7 systems by default, but it is available as
a free download. You can find the instructions and download it from here:
www.microsoft.com/windows/virtual-pc/download.aspx
This also installs Windows Virtual PC, which allows you to run other virtual
operating systems from within your Windows 7 system. Virtualisation software
requires a processor capable of hardware virtualisation and you should make
sure it is turned on in CMOS Setup. You can start XP Mode by selecting Start
> Windows Virtual PC > Windows XP Mode. See Figure 6.12.
Page 755 of 1229
Figure 6.12 Windows XP Mode

Windows XP Mode runs as a virtual OS in a separate window on the Windows 7
desktop. When you install a program in Windows XP Mode, you can access the
program directly from Windows 7 because it appears in both the Windows 7 list
of programs and Windows XP Mode list of programs.
Figure 6.13 Windows XP Mode applications
6.3 RemoteApp and desktop connections

RemoteApp enables users at client computers to run server applications
within individual windows. When a user at the client computer accesses a
RemoteApp application, the server provides a separate operating environment
for the application, just as when the user accesses an entire desktop from the
server. If the client has a problem, the application continues to run, since
processing and storage is done on the server.
RemoteApp and Desktop Connections is a Windows 7 applet that you can
use to access programs and desktops (remote computers and virtual
machines) hosted on Windows servers. This is made available to clients
through port 3389. Before setting up a connection on the client, make sure the
administrator has already published resources such as applications to connect
to. The administrator will tell the user when resources are available and will
provide either a special file or a URL to use to set up the connection.
Page 756 of 1229
To start the application, click Start > All Programs > RemoteApp and
Desktop Connections. Then, click the name of the remote application and
sign into it using dialog boxes used by Remote Desktop.
Figure 6.14 Configuring a RemoteApp
6.4 Configure services

Windows runs many programs or processes called services in the background
without user interaction and with no windows displayed. Services handle many
tasks, from logon to application support, to printing and network functions and
both the OS and applications such as anti-virus, database and backup software
might install services.
Many services start automatically when Windows starts while others are
started by applications or manually by users. To see the status of all installed
services on the system, including services that are not running, and to stop,
start, restart, pause/resume and configure services, you can use the Services
console. You can access it by right-clicking (My) Computer, selecting
Manage, expand Services and Applications and click Services (or run the
services.msc command in the Search box or Run dialog box).
There are various reasons why you might need to go into Services. One such
reason is when the print spooler stops sending print jobs to the printer,
causing print jobs to back up in the print queue. A common solution to solve
the issue is to restart the Print Spooler service.
Figure 6.15 shows the Services console (on the left) with the Print Spooler
service selected and its properties page opened (on the right). When you
select a service, options appear on the left to stop, start or restart that service
depending on its current state, along with a short description about what it is
used for. You can also right-click the service to start, stop and change it or to
select Properties.
Page 757 of 1229
Start/Stop
buttons
Service Status
Startup Type
Figure 6.15 Services console and Service Properties

Look at the Startup type pull-down menu in the Properties page. It has four
options:
Automatic starts the service automatically when Windows starts.

Automatic (Delayed Start) starts the service automatically a short
time after Windows starts. The delay allows Windows to start more quickly.
Manual the service starts only when the user manually starts it or when
an application sends it a start signal.
Disabled the service cannot start.
Notice the four buttons below the Startup Type menu. They enable you to
start, stop, pause and resume the service.
Some services depend on other services to run. A service that depends on
another service is called a dependency. If a service will not start, it could be
due to a problem with a dependent service. You can click the Dependencies
tab to view a list of dependent services.
Tip
If you see messages in Event Viewer logs indicating that a service

cannot start, examine the service in the Services console. Verify that
it is started and its dependent services are also started.
Services can also be started or stopped using System Configuration

(msconfig.exe) and Task Manager and from the command prompt using the
net start service_name or net stop service_name commands.
6.4.1 Component Services

Component Services is used by application developers and administrators to
configure and administer Component Object Model (COM) components.
Components or objects are small programs that work cooperatively with the
main program of an application.
Page 758 of 1229
Microsoft provides many tools (such as COM, DCOM and COM+) that
programmers can use to share data objects (elements of programs) between
applications on a single computer and between computers.
COM is commonly used by programmers as a standard for reusing code and
includes ActiveX controls (such as the real-time charts found in Task Manager),
COM OLE (Object Linking and Embedding) which enables embedding and
linking of objects in files such as Excel and Word, COM+ (an extension to COM
with better memory and CPU management) and DCOM (programming between
networked computers). You might also need to configure Distributed
Transaction Coordinator (DTC), which uses a transaction manager to
coordinate information between databases, file systems and other resources.
You will only need to open Component Services in those cases when something
is wrong or when a company that creates in-house or buys custom applications
needs you to add or configure components or register new server applications
or reconfigure security permissions for existing services. In such cases, the
programmer will give you instructions on what to do. You can find Component
Services in Administrative Tools or you can start it with the comexp.msc
command.
Tip
For more information about configuring Component Services, visit the

following website:
technet.microsoft.com/en-us/library/cc731901.aspx
6.4.2 Data sources

Open Database Connectivity (ODBC) is a standard that applications can be
written in to locate and access database management systems, no matter
what application or OS is used. ODBC is primarily used for SQL database
systems but can also be used by Microsoft Access databases, dBASE and Excel
files.
Many applications use databases to provide dynamic data to users. That is,
users can use these applications to connect to a database, choose what data
they want from it, add data to it and edit existing data. Most applications that
use a database will automatically connect to it, but occasionally you might be
required to add the connection. You can do this using Data Sources (ODBC) in
Administrative Tools and then follow any instructions from the application
developer.
The ODBC tool in Windows is called ODBC Data Source Administrator and
can be used to manage database drivers and data sources. See Figure 6.16.
Drivers are server components that process ODBC requests and return data to
the client application. Drivers can modify an application's request so that
databases or files called data sources can understand it. Data sources are
identified by an entry called data source name (DSN). Use the ODBC Data
Source Administrator to add, configure and delete data sources. Typically
drivers are added when an application is installed. You might need to enter a
table name and logon credentials.
Page 759 of 1229
Figure 6.16 ODBC Data Source Administrator

Data sources can be set up using the My Data Sources folder that is created
within the users Documents folder in their profile.
6.5 System Configuration (msconfig)

You can use the System Configuration tool to view and change the
configuration settings and files that affect the way the computer boots and
loads Windows. The tool has changed a little from Windows XP to Windows
Vista/7. To open the tool, enter msconfig at the command prompt, run dialog
box or search box and press <Enter>. You can also access it from
Administrative Tools on Windows Vista/7.
Figure 6.17 shows some System Configuration tabs that are explained below:
General tab: select the type of startup. The default is Normal Startup
which loads all drivers and services. You can choose Diagnostic Startup and
restart the computer to cause Windows to load only basic services and
drivers. If you change any settings on the Services or Startup tabs, it will
automatically change to Selective Startup (a custom boot).
Boot tab: control how the computer boots and choose which OS on a multiboot system should be booted to by default when the user does not choose
an OS at the dual-boot menu. The Timeout setting indicates how long the
system must wait before it automatically boots to the default OS.
Note
The Boot tab on Windows 7 provides some of the same functionality

as the BOOT.INI tab in Windows XP, but instead of configuring the
BOOT.INI configuration file found in Windows XP, you are configuring
the Boot Configuration Database in Windows Vista/7. The Boot
options available on the Boot tab will be discussed later on in the
context of the different safe modes you can use while troubleshooting
a system.
Page 760 of 1229
Services tab: lists the services running on the computer and their current
status (such as running or stopped) and startup mode. You can enable or
disable a service by selecting or deselecting the services check box, but
your choices are limited when compared to the Services console. If the
service has been disabled, it lists the date and time when it was disabled.
Startup tab: enable or disable any startup programs that start when
Windows starts and when they are written to the registry. It also controls
application shortcuts placed in Start > All Programs > Startup folder.
Many applications configure themselves to start automatically. You can
disable these applications when troubleshooting an infected computer or a
problematic application or when Windows is slow to load on the computer.
Tools tab: provides a launching pad for many tools available on your
system. Tools such as Event Viewer, Registry Editor and Command Prompt
and so on. Select any tool and click Launch to start it.
Figure 6.17 System Configuration

Note
System Configuration in Windows XP includes extra tabs that can be

used to configure three different boot configuration files: System.ini,
Win.ini and Boot.ini. System.ini manages old hardware settings and
Win.ini manages older software and configuration settings. Windows
Vista/7 use different methods for these settings, so these files are not
needed. Also you will not find the Tools tab in Windows XP.
Page 761 of 1229
6.6 Task Manager

One tool you should master is Task Manager. You can use it to view activity
on the system, monitor the systems current performance and close nonresponsive programs. You can open Task Manager in any one of the following
ways:
Press <Ctrl> + <Shift> + <Esc>.

Enter taskmgr.exe in the Search box or Run dialog box.
Press <Ctrl> + <Alt> + <Delete> and select Start Task Manager.
Right-click on the taskbar and select Task Manager in Windows XP/Vista
or Start Task Manager in Windows 7.
After starting it, you will notice that it is has several tabs:
6.6.1 Applications tab

The Applications tab shows applications that are currently running and their
current status (such as Running or Not Responding). A simple way to force an
application that is not responding to shut down is to select it and click End
Task, but be careful as you will not be asked to save any data.
You do not need it very often, but you can click the New Task button and
enter a command to start another application, such as msconfig to start the
System Configuration tool.
Figure 6.18 Task Manager (Applications tab)
6.6.2 Processes tab

The Processes tab identifies every process running on the system and shows
the resources each individual process is using. A process can be an application
started by a user or a service started by the OS. Figure 6.19 shows the Task
Manager open with the Processes tab selected.
Page 762 of 1229
This tab is most commonly used to determine what process is using most of
the CPUs processing time (shown as a percentage) and using the most
amount of RAM (in kilobytes). Most processes also provide a description to help
you understand what the process is used for.
Click column name
to reorder in
alphabetical order
or click CPU or
Memory column
name to see which
processes are
using the most CPU
time or amount of
RAM
The System Idle
Process indicates
how much time the
CPU is not doing
anything other
than waiting for a
command.
Process shortcut menu
Click to end process
Figure 6.19 Task Manager (Processes tab)

Every process is named after its executable file, which usually has a .exe
extension but could have another extension (the name of the process is a
strong clue winword.exe is Microsoft Word), ever process has a username to
identify who started the process and every process is assigned a Process
Identifier (PID) by the OS so that it can identify it. Select View > Select
Columns and then select the PID (Process Identifier) checkbox to see the
PIDs.
If you right-click on a process in Windows Vista/7, you are given the following
options:
Open File Location takes you to wherever the file is located so that you
can find out what the process does.
End Process instantly ends the process. If the process is an application,
that application will close. Make sure you know everything about the
process before ending it.
End Process Tree although Task Manager does not give you any clue as
to which processes depend on other processes, it does give you the End
Process Tree option, which ends the process and any process it depends
on.
Debug is greyed out unless you are running a Windows debugger
program. This program is used by programmers to read dump files to
analyse problems with programs. Dump files show the status of the
program when you select Create Dump File. You will only use this option
when you are having problems with a program and support staff ask you to
create a dump file.
Page 763 of 1229
UAC Virtualization under this option, file and registry references to

certain system locations will be silently redirected to user-specific areas for
compatibility and debugging purposes. In most cases, Windows
automatically handles this, but there are rare cases where you will need to
set this manually.
Set Priority use this to devote more or less CPU time to a process. This
option is useful for when you have a process that is slowing your system
down or if you have a process that is running too slowly and you want to
speed it up. The best option would be to increase the priority of a single
process you need to run faster or reduce the priority of a single process
you need to run slower, without touching any other priority.
Set Affinity use this to give a process more CPU time. Windows tends to
use the first two CPUs (cores) more heavily than the others, but you can
change this if your CPU has more than two cores.
Properties this option opens the Properties page for an executable file.
Go to Service(s) this option switches to the Services tab, which shows
any services associated with the process. Depending on the process, it
could use zero or more services. This is a useful option for an error like
Program will not start because associated services are not running
Caution Do not kill a process needed by the system as it can reduce the
systems stability and cause it to fail or reboot without warning.
Also, you cannot kill the System Idle Process. When it is high, it
indicates that the CPU is not being tasked.
If you want to see what processes you are about to kill when ending a process
tree (process and dependent processes), use a program such as the free
Process Explorer. See Figure 6.20. Process Explorer is a much more powerful
task manager and monitoring tool than the one built-into Windows. Instead of
just listing all of the processes, Process Explorer uses a tree structure so you
can see all the dependencies. It can be downloaded from here:
technet.microsoft.com/en-us/sysinternals/bb896653.aspx
Figure 6.20 Process Explorer

Page 764 of 1229
6.6.3 Services tab

The Services tab in Windows Vista/7 shows a list of all services in the system,
a description and the current state of each one, such as Stopped or Running.
You can stop and restart a service in Task Manager and go to the process
associated with the service from the shortcut menu.
Figure 6.21 Task Manager (Services tab)
6.6.4 Performance tab

The Performance tab gives you an indication of the systems current
performance. Use this tab to determine if you need to install more RAM or
need to increase the size of the systems page file. Figure 6.22 shows this tab.
Figure 6.22 Task Manager (Performance tab)
Page 765 of 1229
This tab includes the following listed items:

CPU Usage and CPU Usage History: window on the left shows the current
CPU usage or what percentage of time the CPU is working (as a percentage)
and the window on the right is a graph of how busy the CPU is over a period
of time (usually the last 60 seconds).
Physical Memory and Physical Memory Usage History: window on the
left indicates how much memory is being used currently (excluding page
file) and window on the right shows memory usage over time.
Physical Memory (MB): shows the total amount of RAM (8145 MB)
installed and how much RAM is available (5228 MB). When the Available
memory is close to zero, it indicates that the system needs more RAM or
too many programs are running and using RAM.
Kernel Memory: shows how much RAM the OS is using. Windows will
normally change the page file dynamically if it is running out of space, but if
it is set manually you can increase the size using the Performance
Settings button on the Advanced page of System Properties.
System: a key piece of information here is the uptime, which is the time
the system has been up and running. It is reported in days, hours, minutes
and seconds. Commit charge is the overall memory used by programs.
Handles, threads and processes are software objects that run application
instructions and that are managed by the CPU.
Resource Monitor: if you click this button, it starts another tool called
Resource Monitor that you can use to get more information. The Resource
Monitor is not available in Windows XP.
6.6.5 Networking and Users tabs

Figure 6.23 shows the Networking tab (on the left) and Users tab (on the
right). If your computer is connected to a network, the Networking tab will
show you how much bandwidth your network card is using. The graph shows
how much data is being transferred and indicates the network usage as a
percentage. The Users tab shows you all the users who are logged into the
system.
Figure 6.23 Task Manager (Networking and Users tab)

Page 766 of 1229
Normally, you will only see your account listed on the Users tab, but there are
two ways that other users will show up:
Fast User Switching: this feature allows more than one user to be logged
into the system. If another user is logged in, the user shows up on the
Users tab.
Remote Desktop Connections: remote desktop services enable users to
connect to a system from a remote computer. Users connected using
remote desktop services are shown on the Users tab.
If other users are listed, you, as the administrator, can use this tab to send the
user a message to inform him or her that the computer will be shut down, for
example, and you can also select the user and click the Disconnect or Logoff
to disconnect or log off the other user.
6.7 Task command line tools

The two command line tools tasklist and taskkill enable you to work with
tasks or processes, similarly to what you can do with the Task Manager. The
tasklist command shows a list of processes, along with other associated
information as shown in Figure 6.24. You can use it to show processes running
on the local system or remote system (using the /s to specify the remote
system to connect to, /u to specify the domain/user under which the
command should execute and /p to specify the password for the given user).
Open up a command prompt on Windows XP/Vista/7 and type tasklist.
Figure 6.24 shows a partial example of the output.
Figure 6.24 Tasklist command output

You can kill a process using the taskkill command by entering either the name
or the PID with the command as shown below:
C:\>taskkill /pid 3932
Success: Sent termination signal to the process with PID 3932.
Page 767 of 1229
Note
You can also apply a filter to select a set of tasks using /fi criteria,
where criteria is PID, image name, service name, or you can target
multiple processes using a filter for CPU time, memory usage or
status (Not Responding for instance). Wildcard (*) characters can be
used to specify processes.
6.8 Time, region and language settings

The Clock, Language and Region applet in Control Panel on a Windows 7
system is where you can open the Date and Time and Region and
Language dialog boxes. You can use these dialog boxes to configure the
language and region specific information in Windows, such as the date and
time formats, currency and number formats, keyboard layout and so on. The
Region and Language dialog box becomes particularly useful to computer
technicians when they have to download and install a new language pack, such
as Zulu or Afrikaans, and have to change the format used to display dates,
times and numbers, or the keyboard layout, especially when in another
country. Region and Language in Windows 7 replaces Regional and Language
Options in Windows XP/Vista.
Figure 6.25 shows the Clock, Language and Region applet opened on the left.
Clicking on the Region and Language link will open the Region and
Language dialog box shown in the middle. If you click on the Keyboards and
Languages tab and select the Change keyboards button on this tab, it will
open the Text and Input Languages dialog box shown on the right of the
figure. You can use this dialog box to change the keyboards default input
language along with other keyboard settings.
Figure 6.25 Region, language and keyboard settings
Page 768 of 1229
Unit 7 Device and Power Management
Add and remove hardware.

Use Device Manager.
Configure Display settings.
Configure mouse and keyboard settings.
Configure Sound settings.
Configure Power Management settings.

(G185eng) Module2 Unit 2 (p.104-116)
Study
Notes

o Managing Devices (p.116)
Study
Notes
Skills
7.1 Configure hardware

Most devices are Plug-and-Play (PnP). You simply plug the device in and PnP
will detect and automatically install and configure resources for the driver. Two
important resources that are automatically assigned are a specific range of
memory addresses used by the device and an interrupt request (IRQ) that the
device uses to get the CPUs attention. The CPU identifies the device based on
the IRQ number and answers the request by addressing the device with the
memory address.
Figure 7.1 Found New Hardware wizard (shown after detecting a

new device in Windows)
Page 769 of 1229
7.1.1 Find drivers

Drivers are software and they are distributed like other types of software.
Usually, an optical disc comes with the device and contains the driver for the
latest OS version currently in use. Many operating systems come shipped with
drivers for basic devices. However, the drivers on the discs or supplied with the
OS are not always the most up-to-date ones. To get the most up-to-date
drivers, visit the manufacturer/vendor website.
Note
If you need to search for drivers online, make sure you download the
driver designed for your OS. If you have a 64-bit OS, you must get a
64-bit driver. A 32-bit driver will not work.
7.1.2 Connect devices

Connecting external devices to the computer can be done in several ways. To
connect the device properly, follow the manufacturers instructions and connect
the device in whatever method it uses.
7.1.3 Install devices

If the manufacturers directions say to install the driver first, it is best to do so.
If you are not sure, installing the driver first is always the safest option. For a
PnP device, if the directions tell you to plug the device in and let the OS install
and configure it, then do so, as illustrated by Windows in Figure 7.2.
Figure 7.2 OS indicating driver installation and device is ready to use

Sometimes you need to manually install the driver before connecting the
device. If the vendor provides a setup program on a disc or a downloadable
driver file, then use it. If not, you can use the Windows Add Hardware wizard
in Control Panel of a Windows XP/Vista system to manually add devices. In
Windows 7, you can use Device Manager to add devices. Select the computer
at the top of Device Manager, and from the Action menu, select Add legacy
hardware. See Figure 7.3.
Page 770 of 1229
Figure 7.3 Add Hardware wizard

Choose the type of hardware from the list and select the manufacturer and
models and Windows will try to allocate it resources. If the device is not on the
list, scroll to the bottom and select Add a new hardware device and then
click Next. If the device is a printer, network card, or modem, select Search
for and install the hardware automatically and click Next. In that case,
once the wizard detects the device and installs its driver, you are finished.
Often, after installing a device, you must reboot the computer so that the OS
sees the device and loads its driver properly.
Note
You can also type hdwwiz.exe in the Search box in Windows 7 to run
the Add Hardware wizard.
7.1.4 Devices and Printers

Another way of installing a newly connected device is by using Windows 7s
Devices and Printers applet. You can use this applet to perform many tasks,
which vary depending on the device. Here are the main tasks you can do in
Devices and Printers:
Add a new wireless or network device or printer to your computer by

selecting Add a device or Add a printer respectively.
See all the external devices and printers connected to your computer
through a port or network connection. Devices include smartphones, digital
cameras, USB devices, webcams, keyboards and mice, all printers
connected to your computer by USB cable, network or wirelessly, Bluetooth
and Wireless devices and network-enabled scanners and NAS devices.
See information about your devices, such as make model and manufacturer.
Double-click the device to open its properties or status page (known as
Device Stage).
For printers, you can see what is printing (its print queue) and configure
printer properties and preferences and set a default printer.
From a devices shortcut menu, you can set configurable properties, start a
troubleshooter to identify and resolve issues with the device if it is not
working properly and has the yellow warning icon
, and remove a device.
Figure 7.4 shows the shortcut menus for two different devices. The device on
the left is (My) Computer and the other one on the right is a malfunctioning
printer.
Page 771 of 1229
Figure 7.4 Devices and Printers

Note
As you know, USB and FireWire devices are hot swappable and can
simply be added and removed with the system switched on. You
simply plug them in and let the OS take care of them. On the other
hand, if a device is hot pluggable, you can install it while the system
is running but you cannot necessarily remove it without shutting down
the system first.
7.2 Device Manager

When you install a device, check that it works and is recognised by Windows
and listed in Device Manager. You can use Device Manager to install/uninstall
and update drivers or undo a driver update (called a driver rollback),
enable/disable devices, change device settings, troubleshoot devices and
resolve any known resource conflicts. Device Manager works similarly in
Windows XP/Vista/7, but there are different methods of starting it.
In Windows XP, click Start > Run. Type in devmgmt.msc and click OK.
In Windows Vista/7, click Start > Control Panel. If necessary, change the
view to Classic View on Windows Vista or to Large icons on Windows 7.
Select Device Manager.
In Windows Vista/7, click Start and type devmgmt.msc in the Search box
and click it from the results list.
7.2.1 Viewing devices in Device Manager

When you open Device Manager, it displays the devices by type in categories
such as disk drives, display adapters, network adapters and so on. If all the
devices in a category are working, the category is collapsed.
Page 772 of 1229
If a category contains a device with a problem, the category automatically

expands when you open Device Manager, indicating that the device needs your
attention. To view a particular category, click the plus + sign or arrow next
to the category name, as shown in Figure 7.5.
Figure 7.5 Device Manager with selected categories expanded

Note
You will not find the same category on every system. Device Manager
will only show categories for the hardware installed on the system.
7.2.2 Device properties

To see information about a specific device and configure its settings, doubleclick the device to open its Properties. The Properties dialog box will have
some of the following common tabs.
General: shows device type, manufacturer, location and status. It has an

enable/disable option and might have a Troubleshoot button. All devices
have this tab.
Advanced: use this tab to set wireless or cabled network adapter-specific
settings such as link speed and duplex, wake on LAN and 802.11 mode.
Properties: use this tab to set device-specific settings. Multimedia devices
have this tab.
Driver: shows information about the driver (driver provider, date, version,
digital signer) and has buttons to view details about the driver file, update
the driver, roll back to a previous driver version and uninstall the driver. All
devices have this tab.
Details: shows technical details about the device. All devices have this tab.
Policies: optimises external drives for quick removal or performance. USB,
FireWire and eSATA devices have this tab.
Resources: shows resource settings, such as IRQ, DMA, Memory and I/O
port address for the device and might allow you to configure them. I/O
devices have this tab.
Volumes: shows information about a drive, such as its status, type,
capacity and so on. Use the Populate button to get information. Hard
drives have this tab.
Page 773 of 1229
Power: USB root hubs and generic hubs have this tab and it shows the
power available per port.
Power Management: shows device-specific power management settings.
USB, network, keyboard and mouse devices have this tab.
Note
The availability of tabs is primarily determined by the driver and will

vary from one device to another.
Figure 7.6 shows some of these tabs. Notice that the General tab on the left
indicates that this systems network adapter is working properly.
Figure 7.6 Selected Device Manager tabs
7.2.3 Troubleshoot a device

If your computer has a device that is not working in a way that Device
Manager can detect or if the device is disabled or the driver is missing or
corrupted, it will show up in Device Manager with an icon when you open the
tool. Common icons and their meanings are shown in Figure 7.7. The icon
depends on what the issue is and is slightly different between the Windows
operating systems. Additionally, the issues can be somewhat different, but the
ones in the figure are common.
Page 774 of 1229
Yellow question mark. Indicates device has an issue.

Read error code on General tab of Properties.
Windows
XP
icon
Red X. Indicates device is disabled.

Black exclamation mark on a yellow background.
Indicates device has an issue. Read error code on
General tab of Properties.
Windows
Vista
icon
Black down arrow on a white background.

Indicates device is disabled.
Blue question mark on a white background. Indicates
device has an issue. Read error code on General tab of
Properties.
Black down arrow on a white background. Indicates
device is disabled.
Windows 7
Figure 7.7 Common device icons in Windows

Note
Another icon you might come across is a blue i with a white

background. It means that the Use Automatic Settings parameter for
the device is turned off. Go to the Resources tab and turn it on.
Figure 7.8 shows the Device Manager open on a Windows 7 computer. The
network adapters category has expanded automatically to indicate that the
network adapter has a possible problem. If a device has a problem, you can
right-click the device and select Properties. Use the General tab to display the
devices status and to troubleshoot a disabled or non-working device. The
Device status section will provide information about the problem. In this
case, the error indicates that the device is disabled (Code 22). To solve the
problem and make the error go away, click the Enable Device button to
enable the network adapter.
Figure 7.8 Viewing device errors in Device Manager
Page 775 of 1229
Note
If the malfunctioning or disabled device is a port, such as serial,

parallel or USB port, any device attached to that port will not work
until the port is working properly. Also, not all device problems show
up in Device Manager, but most problems with resource conflicts or
drivers will.
When you have a malfunctioning device, you have several options to fix the
problem:
Look up the error code number on the General tab to determine what the
problem is and how to fix it. Table 7.1 shows a few common examples.
Table 7.1 Common error codes in Device Manager
Code
number
Code 1
Code 3
Code 10
Code 12
Problem
Recommended solution
The device is not configured

properly.
Driver is corrupted, or system
is low on RAM or other
resource.
Device cannot start.
The device cannot find enough
free resources to use. To use
this device, disable one of the
other devices.
Update its driver.

Close some open applications,
or uninstall and reinstall the
driver, or install more RAM.
Update its driver.
Use
the
troubleshooting
wizard in Device Manager to
find where the conflict is and
then disable the conflicting
device.
The error code is not always so clear. A Microsoft knowledge base (KB) article
at the following website provides explanations for most error codes and how to
fix them. Although the article is based on Windows XP, the same codes apply
to Windows Vista and Windows 7.
support.microsoft.com/kb/310123
An
Click the Troubleshoot button (if any) on the General tab. The name and
usage of this button changes according to the problem.
Manually change resources for older non PnP systems that do not use ACPI
power management. If the problem is a resource conflict, such as when
two devices use the same IRQ, use the Resources tab and change the
settings to eliminate the conflict if possible.
Manually update drivers using the Driver tab.
Unknown
Device
listed
under
Other
Devices
in
Device
Manager
or a device of a Generic type with a yellow exclamation mark

indicates a problem. Make sure the correct driver is installed and is compatible
with the OS. You can also identify the Unknown Device using its hardware ID.
Access the unknown device properties and find its hardware ID using the
Property drop down list on the Details tab.
Page 776 of 1229
Copy the hardware ID (the first value) and go online and search the various
hardware ID databases or driver identifier websites with this information and
you should be able to find out who the vendor is and the device name, which
you can then use to search for its driver.
Note
If a device is not working properly, a warning message usually

appears in the notification area.
7.2.4 Working with drivers

If an existing driver is missing, not working, corrupted or has not been tested
properly, or if an error code indicates that an updated driver is needed, you
can replace the existing driver with a newer one by updating it. At other times,
you might realise that all of the features for the device are not available. By
updating the driver with a newer version, you can enable all features and fix
issues with an existing driver. If you right-click the device, select Properties
and select the Driver tab, you will be able to perform the various driverrelated tasks, as shown in Figure 7.9.
Driver Details: get a listing of each file
used by the driver and their location on the
hard drive.
Update Driver: update the driver by
allowing Windows to search the local system
and Internet for one. If one is available,
Device Manager will automatically locate and
install it. Otherwise, you can manually
search for one and install it.
Roll Back Driver: if driver version A is
installed and you updated to driver version
B, but driver B has caused the device to fail,
you can undo the driver update by going
back to the working driver A. You can roll
back only one version, such as B to A, not C
to A.
Disable: this disables the device. Use it until
you find a replacement for a problematic
driver or to improve security by disabling
unused devices (modems). Disabling the
driver keeps it disabled even after the
system restarts.
Uninstall: this uninstalls the driver and
Figure 7.9 Device Manager (Driver tab)
Take note of the following additional points about drivers:
Often the manufacturer will send the driver to Microsoft and it will be made
available through the Update Driver button. However, sometimes the most
up-to-date driver might not be available on Microsofts website.
Page 777 of 1229
You can download the most up-to-date driver from the manufacturers and
OEM vendors website and click the Update Driver button and select
Browse My Computer For Driver Software. You can then browse to
where you saved the downloaded driver and select it and let Device
Manager install it.
You can also update, disable/enable and uninstall the device driver from the
devices shortcut menu by selecting the appropriate option. See Figure
7.10.
Figure 7.10 Device shortcut menu

Tip
You can also disable devices in CMOS Setup. If you want to prevent
users from using a built-in device, disable it from within Device
Manager or from the BIOS.
Two kinds of drivers are available: signed and unsigned. A signed driver has
been digitally signed by Microsoft and carries with it a digital signature that
verifies the publisher of the driver and ensures that the driver file has not been
changed since it was digitally signed. An unsigned driver does not carry any
guarantee that whoever issued the driver can be trusted and that the driver
file has not been changed in any way and that it does not contain malware.
In Windows XP/Vista/7, only administrators can install unsigned drivers. In
Windows XP, you can configure driver signing to either ignore device drivers
that are not digitally signed, display a warning when Windows detects device
drivers that are not digitally signed (the default behaviour), or prevent
unsigned drivers from being installed. To configure driver signing in Windows
XP, open the System Properties window, click the Hardware tab and select
Driver Signing. Windows Vista/7 versions automatically configure driver
signing.
If you suspect there are unsigned drivers on your system that could be causing
problems, you can run the sigverif (File Signature Verification) tool from
the command prompt or Run dialog box to check it. Sigverif examines the
drivers and system files and verifies that they are digitally signed. When it
opens, click Start and wait for it to complete. When it completes, a dialog box
appears indicating that the files have been scanned.
Page 778 of 1229
7.2.5 Troubleshooting resource conflicts

To prevent system resource conflicts such as IRQ conflicts, each device should
have a unique resource. You can use Device Manager or a third-party program
to see which resources are being used by which devices and whether a
resource conflict exists. The benefit of using Device Manager is that it not only
shows you when a device has a conflict but also which device it is in conflict
with.
In Device Manager, choose Resources by type from the View menu to see
the system resources, such as DMAs, I/O Addresses, IRQs, etc., used by the
devices, as shown in Figure 7.11.
Figure 7.11 System resources for all devices

To view resources used by a particular device and to determine if any conflict
exists, follow these steps:
1. Click View>Devices by type to list all devices.
2. Right-click on the device in Device Manager and choose Properties.
3. In Properties, click on the Resources tab as shown in Figure 7.12. This
tab shows you the resources used by the device and if any conflicts exist.
Figure 7.12 Device Manager (Resources tab)
Page 779 of 1229
7.2.6 Motherboard ports

You can disable and enable motherboard ports in the CMOS Setup program.
However, if you are having a problem with a port, check the CMOS Setup
program to see if the port is enabled. Take note that the BIOS only recognises
the port or slot and not the device or card using that port or slot. Devices that
show up in CMOS Setup should also be listed in Device Manager, although not
all devices listed in Device Manager are listed in CMOS Setup.
7.3 Safely removing hot-swappable devices

For hot-swappable devices such as USB and FireWire, you should not unplug
the device without safely removing it first within the OS or when the computer
is turned off. If you ignore this instruction, you could cause electrical problems
with the port and even cause data corruption or data loss.
Additionally, do not remove a device if it has a file or program open. When you
open and edit a file in Windows, a bit called a dirty bit is set indicating that
the hard drive has an unsaved file. When all the files have been saved, the
dirty bit is cleared. If you insert a flash drive that has the dirty bit set, you will
see a message similar to this:
Do you want to scan and fix Removable Disk?
This indicates that there might be a problem with some files on the device.
This can happen if you remove the device before all files have been written to
it. If you choose to scan and fix it, the system will run Check Disk on the drive
and will attempt to resolve the problem.
You can avoid this by making sure all files are closed before removing the
device. Also make sure that a program is not writing to the drive before you
remove it, that is, if you remove a drive while a file is being edited, the system
might corrupt the file.
Follow these general steps to safely remove a hot swappable device:
1. On the Windows computer, save any data and close any applications and
files that might be using the device.
2. Click the Safely Remove Hardware icon in the notification area of the
taskbar. If you do not see the icon, click the Show hidden icons up
button to display all icons in the notification area. The icon looks like a USB
connector with a green tick on it. See Figure 7.13, which shows the icon for
different Windows operating systems.
Page 780 of 1229
Figure 7.13 Safely Remove Hardware icons

3. Depending on the Windows version, you can either click on the icon to bring
up a pop up menu listing the devices that can be removed or right-click it
and select the safely remove hardware option to bring up its menu and then
choose to stop the device from within that dialog box. Both ways are shown
in Figure 7.14.
Figure 7.14 Safely Remove Hardware dialog boxes

4. At the menu or dialog box, choose the option to Stop or Eject the device.
In the Safely Remove Hardware dialog box shown on the right in Figure
7.14, you must first select the device you want to remove before clicking
Stop.
5. Windows will then release the device's internal connections and will display
a notification message telling you that it is safe to remove the device, as
Figure 7.15 Safe to Remove Hardware

6. Only after receiving this message is it safe to physically unplug the device
from the port. If you encounter any error messages that state that the
device is in use, close any applications that are using the device and make
sure that its light is not flashing.
Page 781 of 1229
If you want to remove multiple devices, you must go through the same
process for each device. You can also safely remove devices from the
Computer folder. Open Computer, right-click the device you want to remove
and then click Eject.
If you are using a PnP device but cannot remove it because the safely remove
icon has disappeared, that is, Windows might have hidden it, then you can
enable it as follows:
Right-click on the date/time in the notification area.
Click Customize notification icons.
Find Safely Remove Hardware and Eject Media in the list that appears
and make sure that it is not set to Hide or it is set to Only show
notifications.
Also check to see if the plug-and-play service is running in the Services
console.
7.4 Display Settings

Once the monitor is connected to your system and the video driver is installed;
the display settings might need to be configured properly. The Display applet
(in Windows XP) and Personalization applet (in Windows Vista/7) provide a
central place for all display settings, including resolution, refresh rate, driver
information and colour depth. Resolution, colour quality and refresh rate are
key factors that affect display appearance:
Resolution: For an LCD, choose its native resolution, which is usually the
highest listed (see the instruction manual to find out). For a CRT, choose a
resolution that is comfortable to view.
Colour quality (or depth): For users that only work with basic office and
email applications, consider using 24-bit or 16-bit colour depth to increase
system performance (32-bit uses more video resources). Gamers, graphic
designers and other designers will probably want 32-bit colour depth.
Refresh rate: Common refresh rates for CRT monitors vary from 56 Hz to
85 Hz, but ideally use a flicker-free refresh rate of 75 Hz or higher to
produce less eyestrain and provide more comfort. LCDs never flicker, so
the default Windows refresh rate of 60 Hz works well.
7.4.1 Display settings in Windows XP

In Windows XP, you can access the Display Properties dialog by rightclicking the desktop and selecting Properties (or using the Display applet in
Control Panel). The Display Properties dialog box contains the following tabs:
Themes: use this to change the look and feel of the entire windows
environment. A theme is a design scheme made up of pictures, colours
and sounds that can be applied to backgrounds and windows.
Page 782 of 1229
Desktop: use this to set the background colour or image of the desktop
(wallpaper). You can also customise the desktop with icons and any web
pages you want to place on it.
Screen Saver: use this to set screen saver settings and power
management options. A screensaver is a program that fills the screen with
moving pictures or animation when the computer is not in use. Initially, a
screensaver was designed to prevent phosphor burn-in (screen burn-in) on
CRT and plasma monitors, but now it is used primarily for entertainment,
security or to display system status information.
Appearance: use this to fine-tune the theme. You can also configure
advanced appearance settings to adjust almost everything about the
desktop, including the types of fonts and colours of every part of a window.
Settings: use this to set the screen resolution and colour quality the video
card/monitor supports and enable multiple displays on a system that
supports two or more monitors. You can also change more advanced
settings for the monitor/video driver.
7.4.2 Display settings in Windows Vista

In Windows Vista, you can access the Personalization applet by right-clicking
the desktop and selecting Personalize. The Personalization applet offers
functions similar to the Display dialog box in Windows XP, but each function is
a clickable option/link rather than a separate tab. The options in Windows Vista
are quite similar to those in Windows XP and include Window Color and
Appearance (colour scheme, intensity, and transparency), Desktop Background
(background colour/image), Screen Saver, Theme and Display Settings.
Display Settings is where you can make adjustments to your monitor and
video card, particularly the screen resolution and multiple displays, colour
quality and refresh rate. You can also add icons to the desktop.
7.4.3 Display settings in Windows 7

With Windows 7, you can use the more visually oriented Personalization
applet to change the appearance of Windows and to access display settings.
Right-click on the desktop and select Personalization (or enter
personalization in the Start menus Search box and select it from the list).
Most users typically want to change only their background or theme rather
than anything else, so those options are clearly visible. Other options are in
the Tasks list on the left.
Page 783 of 1229
Figure 7.16 Personalization applet in Windows 7

Themes, Desktop Background and Windows Color allow you to adjust the
appearance of the screen. Windows 7 gives you the option to position the
image on the screen and to choose which system icons (such as Computer,
Recycle Bin and Network) appear on your desktop, as well as which graphical
icons they use (click Change desktop icons option in Tasks list).
You can also click Screen Saver to open the Screen Saver Settings dialog
box, where you can set screen saver options. You can also set power
management options for the system from within the Screen Saver dialog box
by clicking Change power settings. See Figure 7.17.
Figure 7.17 Screen Saver and Power Options

Clicking the Display link in the Tasks list of the Personalization applet takes
you to the Display applet in Control Panel (you can also access it by entering
display in the Start menus Search box). You can use this applet to change
the DPI or pixels per inch (PPI) settings to enlarge the size of text and icons on
your screen without changing the resolution and making items blurry (the
default is 96 ppi at 100%, 125 % is 120 ppi and 150% is 144 ppi). However,
not all applications are DPI aware and may not display correctly.
Page 784 of 1229
Figure 7.18 Display applet in Windows 7

You can also adjust the resolution, calibrate colour and change display settings
using this applet. Clicking the Change display settings link brings up the
Screen Resolution page. Here you can adjust the resolution, choose a
monitor, set up multiple monitors and change the screens orientation. Figure
7.19 shows the Screen Resolution page of a system that has only one monitor
and therefore, the Multiple displays option is not available.
Figure 7.19 Screen Resolution page

Tip
If a native resolution is needed for an LCD monitor, it will often be

listed as Recommended, as shown in Figure 7.19.
There are two ways to set up multiple monitors: plug in two or more video
cards or use a single video card with multiple video ports for the monitors.
Multiple monitors are easy to configure; you simply plug in the monitors and
Windows should find them. By default, the second monitor is not enabled. To
enable it, you can use the Multiple displays dropdown box and select the
appropriate option through the Display applet in Control Panel, as shown in
Figure 7.20.
Page 785 of 1229
Figure 7.20 Multiple displays settings

Clicking the Advanced settings link on the Screen Resolution page will
display the Properties dialog box for the monitor/graphics card. The two tabs
you are most likely to use here are the Adapter and Monitor tabs.
Figure 7.21 shows this dialog box for a computer using a normal LCD monitor
running off an NVIDIA GeForce 210 graphics card. The Adapter tab provides
detailed information about the video card, including the amount of video RAM,
the graphics processor and video BIOS information. You can click the List All
Modes button to change the current mode (resolution, colour depth and
refresh rate) of the graphics card, although you can also set these options in
the main tabs. If you are using the older CRT, you will find the Monitor tab a
handy place where you can set its refresh rate. Windows only shows refresh
rates that the monitor supports, but many monitors can take a faster and
therefore an easier on the eyes refresh rate. Clicking Properties on the
Adapter and Monitor tabs brings up the driver properties dialog box you
would find in Device Manager.
Figure 7.21 Advanced display settings (Adapter and Monitor tabs)

Most graphics cards add their own tabs to the Properties dialog box with more
advanced settings for the card. The options added to this dialog box vary by
the model of the card and the version of the driver.
Page 786 of 1229
7.4.3.1 Video drivers

Like any other driver, you can update a graphics card driver, roll back to a
previous version and uninstall it. You must take a careful approach when
working with video drivers. As a basic rule, always uninstall the old cards
driver before installing the new cards driver. To update the video driver, do
the following:
In Windows XP, open the Display Properties dialog box, select the
Settings tab and click the Advanced button.
In Windows Vista, access the Display Settings dialog box, select the
Monitor tab and click the Advanced Settings button.
In Windows 7, open the Display applet, click Change display settings in
the left panel and then click the Advanced settings link.
In the dialog box that appears in all versions, click the Adapter tab and then
click the Properties button. In the Properties dialog box for the adapter,
select the Driver tab and then click the Update Driver button and follow the
instructions to update the driver.
7.4.4 Projector settings

To use a projector, you will need an available video port. The following steps
show you how to connect to a projector in Windows:
Note

1. Plug the projector into the appropriate port and then turn it on. You might
have to use buttons on the projector to change the video mode to receive
video input from the computer. For a laptop, use a monitor/projector
function (Fn) key to activate the video port. When you first use the
projector, it will show an image of exactly what you see on the laptop or
computer screen.
2. Choose Start > Control Panel and click the Connect to a Projector link
in the Hardware and Sound settings (or in the Search box, type
projector, and then click Connect to a projector). This shows the
Projector settings window where you can choose how to show the desktop.
3. Select how you want to display the desktop using one of the following
choices:
Computer only shows only the computer desktop.

Duplicate shows the desktop on both the computer and projector.
Extend extends the desktop from the computer to the projector (useful
for presentations).
Projector only displays the desktop on only the projector; it turns off
the computer monitor.
Page 787 of 1229
4. After making the selection, the Projector settings window closes.

5. The new settings should take effect immediately.
7.5 Tablet PC Settings, Pen And Input Devices

A Tablet PC is a Microsoft term that refers to a laptop or a slate-shaped
computer that runs Windows and has a touchscreen that you can operate with
a stylus (or digital pen). It is not the same as tablets such as the Apple iPad or
Samsung Galaxy Tab. The latter devices are unique classes of mobile devices
and are not Tablet PCs.
You can use the Tablet PC Settings applet in the Control Panel on a Tablet PC
running Windows Vista/7 to configure the Tablet PC to recognise handwriting,
place menus conveniently for right- or left-handed users and configure other
tablet-related settings. See Figure 7.22.
Figure 7.22 Tablet PC Settings applet

In applications that are not tablet-aware, the stylus acts like a mouse,
enabling you to select items, double-click, right-click and so on. To input text
with the stylus, you can either tap keys on a virtual on screen keyboard (as
shown on the left in Figure 7.23), write in writing program such as in Windows
WordPad (as shown on the right in Figure 7.23), or use speech recognition
software. All these features are available from the Start > All Programs >
Accessories menu or in Control Panel.
Page 788 of 1229
Figure 7.23 Virtual keyboard (left) and Tablet PC input panel (right)
You can use the Pen and Input Devices applet in Windows Vista or Pen and
Touch applet in Windows 7 to configure how your pen (stylus) interacts with
the desktop and windows. You can configure how different pen actions (such
as a single tap or double-tap) and flicks are interpreted and whether the
system provides visual feedback. It is used only on mobile devices, such as
tablet PCs and graphics tablets.
Microsoft encourages graphics artists and software developers to use feature
called digital ink, which allows applications to accept pen strokes as input
without first converting the pen strokes into text or mouse-clicks. In the
Windows Journal application for example, you can write on the screen just as
though you were writing on paper. See Figure 7.24. Microsoft Office also
supports digital ink.
Figure 7.24 Windows Journal
7.6 Mouse and keyboard settings

Windows comes with good drivers for most keyboards and mouses, although
some keyboards with specialised keys and mouses with special extra buttons
require their own drivers to work properly. About the only issue that might
affect keyboard or mouse installation is making sure they are enabled in CMOS
Setup, as shown in Figure 7.25.
Page 789 of 1229
Figure 7.25 CMOS USB keyboard and mouse enabled options

There is not much to configure when it comes to a standard keyboard and
mouse after installing the device and enabling it in CMOS. The only settings
that might need to be configured can be found in the properties of the
keyboard and mouse. You can access the Properties by opening the Control
Panel, choosing Large Icons view and clicking Keyboard or Mouse. You can
also enter keyboard and mouse in the Start menus Search box and click the
appropriate option. Figure 7.26 shows the Properties page for a mouse (on the
left) and keyboard (on the right) on a Windows 7 computer. Some
manufacturers provide drivers that add extra tabs to the devices Properties
page to allow you to take advantage of their extra features.
Figure 7.26 Properties for mouse (left) and keyboard (right)

In Mouse Properties, pay attention to the Buttons tab. In particular, make
sure to adjust the option to switch between the primary and secondary mouse
buttons (useful for left handed users) and the mouse speed and double-click
speeds to fit the users preferences.
In Keyboard Properties, pay attention to the Speed tab, where you can change
the repeat delay (how long you must hold down a key before the keyboard
starts repeating the character), the repeat rate (how fast the character is
repeated after the repeat delay), and the cursor blink rate (how fast the cursor
blinks).
7.7 Gamepad and joystick settings

You might also need to configure your joystick or gamepad to make sure all
the buttons and controls work properly. In Windows XP/Vista, open the Game
Controllers Control Panel applet. In Windows 7, open the Devices and
Printers folder.
Page 790 of 1229
Right-click on the controller and select Game controller settings. Select your
device from the list of controllers and click Properties. Depending on what
gamepad or joystick you have, you might be able to configure its buttons,
sticks, triggers and more.
7.8 Sound settings

Many sound cards come with a special configuration program on their driver
disc. Every Windows system comes with at least one important sound
configuration program built into the OS: the Sound (or Sounds and Audio
Devices) applet in Control Panel.
To configure speakers, go to the Control Panel and click Hardware and
Sound (Category View); then click Sound or double-click the Sound applet
if in Classic view/Icon view. Either route opens the Sound applet.
This applet allows you to change the sound configuration, including volume
levels, speaker system and sound channels, and it allows you to test sound for
the sound card or onboard sound. Figure 7.27 shows the Sound applet (on the
left) and the Speaker Setup dialog box (on the right). To access this dialog
box, select the Speakers option on the Playback tab of the Sound applet and
click the Configure button.
Figure 7.27 Sound applet and speaker setup

Many sound cards install proprietary software to support configuration features
not provided by Windows while others come with a configuration program that
works with the built-in Sound applet, allowing you to customise the sound the
way you want to. Figure 7.28 shows a proprietary application that comes with
a sound card.
Page 791 of 1229
Figure 7.28 Speaker and headphone proprietary application

Figure 7.29 shows the Audio Manager program that comes with a
motherboard. One interesting feature about this program is that it finds what
types of devices are plugged into the computers audio ports and adjusts the
system to use them. If a microphone is plugged into the front speaker port,
the system just adjusts the output. The feature that allows software and sound
cards to automatically do this is called autosensing.
Figure 7.29 Motherboard audio manager

You can set the volume in Windows in two places: in software and on the
speakers. If the notification area is cluttered, making the speaker icon hard to
find, then open the Sound applet in Control Panel and double-click on the
sound device you want to adjust. Under the Levels tab in the Properties dialog
box, use the slider to adjust the volume. If you do not have a speaker icon in
the notification area, right-click on the taskbar and select Properties. Click
the Customize button under Notification area. Use the Notification Area
Icons applet to enable the volume controls.
Figure 7.30 shows you where the Audio icon is in the notification area (on the
left). It also shows the Volume Mixer and Volume Control Options dialog boxes
(the two on the right) that you can open by right-clicking on the Audio icon in
the notification area and selecting the appropriate option.
Page 792 of 1229
Figure 7.30 Volume control (far left) and volume mixer and control
options dialog boxes
7.8.1 Playing video and sounds

Various programs can play videos and sounds on a system. Some programs
come with the OS such as Windows Media Player while others can be
downloaded for a fee or for free online, such as the popular VLC Media Player.
Having many different video and sound playing programs is good because not
every program can play every sound and video format.
Windows Media Player can also be used to stream media from the Internet or
over a network. Streaming means to broadcast data that is played on the
computer and immediately discarded.
7.9 Hardware profiles

Hardware profiles allow you to select a set of hardware that is connected to
your laptop when it boots. For example, you can create and use one profile
that includes a wireless network card while traveling and create and use
another profile that includes a cabled NIC in the office. In such a case, you can
set up two hardware profiles and name them Office and Traveling. Hardware
profiles are available in Windows XP only. When you reboot the system, you
will see a menu choice that gives you 30 seconds to choose a different
hardware profile or boot into the default profile. To access the Hardware
Profiles page, use the following steps:
1. Click Start > Control Panel. If necessary, change the display to Classic
View.
2. Double-click System to open the System applet.
3. Click the Hardware tab.
4. Click the Hardware Profiles button. You can select any profile and use the
Copy, Rename, and Delete buttons to copy, rename or delete the profile.
Page 793 of 1229
7.10 Managing power

Part of managing a laptop is to manage its power wisely. A laptop has a
battery that gives it power to run when it is disconnected from the mains
power supply. Unfortunately, batteries do not last forever.
Also, most users do not want to carry around a heavy battery with their laptop,
but they do want their laptop to run for as long as possible. Manufacturers try
to strike a balance between how long the battery will last and how heavy it is.
You can also take steps to reduce power usage and keep your laptop running
longer.
Note
Reducing power usage is not limited only to laptops. Most of the

concepts in this section apply to both desktop computers and laptops.
7.10.1 APM/ACPI
Advanced configuration power interface (ACPI) is a power management
standard supported by Windows and most hardware devices, including hotswappable devices. ACPI is an update to an earlier standard called advanced
power management (APM), which always had problems with hot-swappable
devices. In APM, the BIOS controlled power management and the OS and
other software had little control. With ACPI, both the OS and BIOS work
together to control power management. This makes it easier for users and it
enables applications to work with the power management.
Tip
With ACPI, instead of using power management options in CMOS

Setup, all you really have to do is make sure that ACPI is enabled in
CMOS Setup and then configure all the power settings through the
OS.
7.10.1.1 Power management requirements

To function fully, power management requires the following compatible
components:
An SMM-capable CPU System Management Mode (SMM) is a specialpurpose operating mode that enables the CPU to slow down or stop its clock
without erasing registry information and it enables power saving in
peripherals. All modern CPUs support SMM.
Hardware devices it is important that the CPU, motherboard, hard drive
and display screen support power management. Such devices are usually
labelled Energy Star to indicate their compliance with the Energy Star power
saving standard.
BIOS: almost all BIOS support ACPI.
Operating system the OS must know how to send signals to a particular
device to change its power state. For example, the OS must be able to
request that a hard drive be shut down, or the CPU slow down, or the
display screen turn off after 10 minutes of inactivity. Current versions of
Windows provide full ACPI compatibility.
Page 794 of 1229
7.10.1.2 ACPI power states

ACPI defines many power modes or states and sub-states for systems and
hardware, such as global power states (G) that apply to the entire system,
device power states (D) that apply to individual devices, processor states (C)
that apply to the CPU and performance states (P) that apply to processors.
The following global states and sleeping states identify the level of computer
operation for the system:
G0: known as the working state. The system has full power and is running
normally.
G1: known as the sleep (S) or low-power state. The system can be in one
of four separate (S) states:
o S1: power to the CPU and RAM is available, but the CPU stops
processing.
o S2: CPU is powered down.
o S3: known as sleep, suspend or standby state. Power to RAM is still
on, but power to the hard drive, display and other devices is off. When a
user takes action, such as pressing a key, the system wakes up and
returns power to normal for the entire system. A system in this mode
still uses power, but it can return to full operation much quicker than in
the S4 state.
o S4: known as hibernation or suspend to disk state. A snapshot of
everything in RAM is saved to a file called hiberfil.sys on non-volatile
memory or to the hard drive and the system is then powered off. When
the system is turned back on, the snapshot is copied from the hard drive
into RAM. Many laptops are configured to go into hibernation state when
their lid is closed. The hibernate state saves the most power but the
system takes longer to turn back on.
G2 (S5): known as soft power off state. The system is off but still has
power available for devices used to wake up the system.
G3: known as mechanical off state. The system is completely
disconnected from power, except for the real-time clock (RTC).
Note
If you are going to perform maintenance on the systems hardware,

make sure the system is in the G3 state. If a system is placed in the
G2 soft power state, it can be turned on using the power switch on
the front panel or from signals sent over a network.
7.10.1.3 Hybrid sleep

The benefits of the sleep and hibernation states can be combined into what is
called a hybrid sleep state. In this state, the system copies everything in RAM
to the hard drive, as with hibernation, but then, instead of powering down, it
goes into a low-power sleep state. This enables the system to wake up quickly
when needed and return to normal operation from hibernation if it loses power.
7.10.2 Power options

You can use the Power Options applet in Control Panel of a Windows
XP/Vista/7 system to manage how the system uses power.
Page 795 of 1229
You can access the Power Options applet in the various Windows operating
systems as follows:
In Windows XP/Vista, click Start > Control Panel. Change the view to
Classic View and double-click the Power Options applet.
On Windows 7, click Start > Control Panel. Change the view to Large
Icons and then double-click the Power Options applet.
The dialog box in Windows XP looks different than it does in Windows Vista/7.
Windows XP uses power schemes and Windows Vista/7 use power plans,
enabling you to better control how the system uses power. Both the power
scheme and power plan are a pre-defined collection of power usage settings.
7.10.2.1 Windows 7 power plans
You can use power plans to reduce how much power your system uses,
maximise its performance, or strike a balance between the two. When you
open the Power Options applet in Windows 7, you will see the following
available power plans:
Balanced (recommended): strikes a balance between system

performance and power usage. This is recommended for most uses,
including on desktop computers.
Power saver: saves power by reducing CPU performance and screen
brightness more than with the Balanced plan, helping a laptop stay on
battery power much longer. It dims the laptops display so it uses less
power when necessary and it often ignores the keys that are used to
increase brightness. If the display is dimmed and it cannot be adjusted,
ensure that the laptop is connected to AC power.
High performance: prefers performance over saving power. This plan
provides the fastest CPU performance, brightest screen, but shortest
battery life. It is hidden by default.
Refer back to Figure 7.17, which shows you the Power Options applet in
Windows 7. Select one of the plans and click Change plan settings link. This
will take you to the Edit Plan Settings page where you can configure basic
settings. If you click Change advanced power settings link, you can view
and change advanced power settings. Figure 7.31 shows the Advanced
settings page for the Balanced (Active) plan that is active by default on this
system.
Page 796 of 1229
Figure 7.31 Balanced plan settings

Notice in Figure 7.31 that the display will turn off after 10 minutes of inactivity
and the hard drive will turn off after 20 minutes.
Also, the Allow wake timers option under Sleep is enabled, which allows the
system to wake up to perform a scheduled task.
Note
You can use the powercfg command to control power settings at the
command prompt.
7.10.3 Laptop power considerations

For laptops and other similar portable computers, disable their power-hungry
wireless components such as Wi-Fi or Bluetooth adapters if you are not using
them. This can be done by using the appropriate on/off switch or <Fn>key or
by configuring an option in the driver or software program.
Page 797 of 1229
Unit 8 System and Performance Monitoring
Use msinfo32 and dxdiag to report system information.

Use Performance Monitor and Reliability and Performance
Monitor.
Modify system settings and performance options.

Study
Notes

o Managing Performance (p.129)
Study
Notes
Skills
8.1 System tools

Windows includes the System Information and DirectX Diagnostic tools that
you can use to view configuration information about the system.
8.1.1 System Information

System Information (msinfo32.exe) is a tool that collects and provides a
detailed report on some of the configuration information found within the
registry. This information includes hardware components, the software
environment and hardware resources, such as IRQs, as shown in Figure 8.1.
To dig deeper, expand the nodes on the left and select each sub-node to view
related-information.
Page 798 of 1229

You can access System Information as follows:
In Windows XP, click Start > Run, enter msinfo32.exe and click OK. The
.exe is not needed.
In Windows Vista/7, click Start and enter msinfo32.exe in the Search box
and select it from the results list.
You can also access it by choosing Start > Programs or All Programs >
Accessories > System Tools > System Information.
It is important to note that you can also use System Information to collect
information about remote computers. To do this, select View > Remote
Computer and then enter the network machine name of the remote computer.
In Windows XP only, you can access several troubleshooting tools including Net
Diagnostics, System Restore, File Signature Verification, DirectX Diagnostics
and Dr Watson (application crash reporting tool) from the Tools menu. In
Windows Vista/7, you can use msconfig to access these kinds of tools,
including the DirectX Diagnostic Tool for checking your video card.
8.1.2 DirectX Diagnostic Tool

DirectX prevents programmers who create games and multimedia applications
from having to write code that directly accesses specific hardware such as the
graphics or sound card. It translates generic hardware commands into special
commands for the hardware, speeding up the development time for hardware
manufacturers and software developers.
Page 799 of 1229
The X in DirectX refers to the entire group of components or application

programming interfaces (APIs) that make up DirectX, and each component has
a name, such as Direct3D (for direct access to 3D graphics hardware),
DirectSound (for direct access to the sound hardware), DirectPlay (for direct
access to network devices for multiplayer games) and DirectShow (for direct
access to video and presentation devices).
Since almost all PC games today need DirectX and all graphics cards have
drivers that support it, you need to verify that DirectX is installed and working
properly on your system. Windows includes the DirectX Diagnostic Tool
(dxdiag) which you can use to run a quick check on DirectX. See Figure 8.2.
Figure 8.2 DirectX Diagnostic Tool (System tab)

Notice that the System tab provides information about this system and the
current version of DirectX. You can start dxdiag in Windows XP from within the
msinfo32 tool and in Windows Vista/7 by clicking Start, entering dxdiag in
the Search box and selecting dxdiag from the results list. If you are asked to
check whether your drivers are digitally signed and therefore verified by
Microsoft as compatible with the OS, select Yes. Figure 8.3 shows the Display
tab of this tool.
Page 800 of 1229
Figure 8.3 DirectX Diagnostic Tool (Display tab)

Notice that the Display tab shows information about the graphics card driver. If
you suspect your driver is not up to date, use DirectX to identify your version
and compare it to available versions. DirectX also identifies any problems, if
any, so that you can use the appropriate tool to fix the problem. You can also
click on the Sound and Input tabs to view information about sound and input
devices.
Note
DirectX is important to video gamers and other multimedia

professionals. Also, it is often updated, for example, from version 10
to version 11 and from 11.1 to 11.2.
8.2 Performance tools

It is important to understand how a system is performing and to determine
why it might be running slowly. Some of the reasons a system might slow
down are as follows:
It does not have enough resources such as RAM to cope with the demand.
An application is fully and entirely using up a particular resource such as
RAM for itself without freeing it up for other applications to use.
A resource is not working properly or is outdated.
A resource is not configured for maximum performance and needs to be
adjusted.
A resource, such as hard drive space or RAM, is not sharing workloads
properly and needs to be adjusted.
You can use several tools to track the performance of a computer or laptop.
These tools include Task Manager, Windows XPs Performance Monitor and
Windows Vista/7s Performance Information and Tools and the Reliability and
Performance Monitor.
Page 801 of 1229
8.2.1 Performance information and tools

If you enjoy seeing how well your system performs by running benchmark
applications, then you should try out the Performance Information and
Tools applet in Control Panel. This applet tests your systems hardware and
software configuration and provides a strength and weakness rating known as
the Windows Experience Index. Windows Experience Index runs on a scale
from 1.0 to 7.9. Each hardware subsystem (such as CPU, memory, disk and
graphics) is tested and given a subscore and the lowest subscore determines
the overall score (the systems base score).
The system in Figure 8.4, for example, has an excellent Intel Core i5 CPU and
has lots of fast RAM (8 GB), but a relatively modest hard drive and graphics
card. The next upgrade for this system would be to get a better graphics card
and move from a platter-based drive to a solid-state drive. Disk and graphics
performance would then certainly reflect a higher score.
Figure 8.4 Performance Information and Tools applet showing this

systems score
The links on the left of the applet allow you to open the Visual Effects dialog
box, indexing options, power settings, Disk Cleanup and advanced tools such
as Event Viewer, Performance Monitor and Resource Monitor.
8.2.2 Performance Monitor and Resource Monitor (Windows

XP/Vista/7)
You can use Task Manager to monitor your systems current performance, but
what happens when there is a problem when you are not around? That is, what
if your system is always running at a CPU utilisation of 20 percent? Is this good
or bad? Also what happens when you want to monitor performance at different
times of the day, week or even a year?
Page 802 of 1229
Viewing a systems performance when a problem occurs is good, but it is

easier if you know what your systems performance is under normal working
conditions. To help with this, you can create a baseline. A baseline is
snapshot of system performance during normal operations (before any
problems occur). You can compare the baseline later on to the systems
performance after it has had a problem or at any time afterwards to see
performance patterns and to determine if you must improve performance,
perhaps by adding more resources to the system.
Task Manager can give you an idea of what your systems normal performance
is, but the Performance Monitor tool in Windows XP and the Windows Vista/7
Performance Monitor and Reliability Monitor tools are better suited to capturing
and analysing specific resource data over time. You can use Performance
Monitor as an extension of the Task Manager to monitor and record usage of
the four primary resources: processor, memory, physical disk and network.
To access Performance Monitor:
In Windows XP, click Start > Control Panel. In Category view, select
Performance and Maintenance > Administrative Tools and doubleclick Performance.
In Windows Vista, click Start > Control Panel > System and
Maintenance > Performance Information and Tools. Then select
Advanced Tools and click the Reliability and Performance Monitor link.
In Windows 7, click Start > Control Panel > System and Security
(Category view) > Administrative Tools > and double-click on
Performance Monitor. See Figure 8.5.
Figure 8.5 Initial Performance Monitor screen in Windows 7

Note
The Performance tool can also be accessed from a command prompt,

Search box or Run dialog box by typing perfmon.msc and pressing
<Enter>.
Page 803 of 1229
The terms you should be familiar with when working with the Performance
tools in the various Windows operating systems are objects, counters and
instances. An object is a resource such as memory, physical disk, processor
and network that is given a set of characteristics. A counter is a measurement
that tracks specific information about an object and there can be multiple
instances of the same type of object. For example, the Physical Disk Length
object has a counter, Average Queue, that tracks how many disk operations
are waiting while the disk is busy servicing other disk operations, and if there
are two disks, three instances of the object can be viewed: disk 0, disk 0 and
disks Total. Many counters can be associated with an object. Table 8.1
describes some common counters used. Note that each counter refers to an
object, such as physical disk, memory, or the processor.
Table 8.1 Commonly used performance counters
Object
Physical
Disk
Memory
Counter
% Free Space
Memory
Pages/sec
Processor
% Processor Time
Available bytes
Description
Percentage of free space on the physical
disk. Should be at least 15%.
Amount of memory available. Should not
be below about 10% of Total RAM.
Number of pages retrieved or written to
the disks virtual memory page files per
second. Should not be excessive,
averaging about 50.
Percentage of the processors time that it
is busy doing work rather than sitting idle.
Should be 85% or less.
In Windows XP, Performance Monitor has two nodes or snap-ins:
System Monitor collects real-time data on resources such as memory,

physical disk, processor, and network and displays the data as a graph (line
graph), histogram (bar graph), or simple report. Data can be collected from
the local computer or, if configured, from remote computers.
Performance Logs and Alerts allows you to create a written record of
just about any performance-related event that happens on the system in a
file called a log, as well as create alerts that notify you when a specific
instance being monitored reaches a defined threshold. A previously
captured log file can also be loaded and log files can be exported to other
programs.
Running any performance monitor tool affects system performance, especially

when using the Graph view and collecting large amounts of data. The following
steps help when running any performance monitoring tool:
1. Disable the screen saver or any other program that can affect performance.
2. Use Report view instead of Graph view to save on resources.
3. Keep the number of counters being monitored to a minimum.
Page 804 of 1229
4. If collecting data for a short time, then using a short sample interval of few
seconds is fine, but if collecting data over long periods, then set longer
sample intervals such as 10 to 15 minutes to avoid overloading the system
and generating a large, unmanageable log file.
In Windows XP, Performance Logs and Alerts enables you to create graphs, bar
charts and text reports that can be saved and viewed at a later time, as well as
set parameters that generate an alert when a certain counters threshold has
been reached. There are three types of logs or alerts that can be created:
Counter logs creates log files using objects and counters that you select
to determine system health and performance.
Trace logs creates log files based on statistics collected about services.
Alerts use to select objects and counters and set when the tracking is to
begin, how often the system is monitored, and how alerts are to be
handled. Alerts by default are sent to Event Viewer in the application event
log.
In Windows Vista, Reliability and Performance Monitor allows you to

configure just about everything you can find in the Performance console of
older versions of Windows with objects and counters. By default, all the
primary objects are monitored, so there is no need to add any. In addition, it
adds an excellent Resource Overview, a Reliability Monitor tool and a much
more flexible way to use counters with Data Collector Sets and Reports.
Resource Overview this is an advanced Task Manager that provides

details on CPU, disk, network and memory usage.
Reliability Monitor you can use this see what has been done to your
system over time, including software installations and uninstallations,
hardware or application failures and general uptime. This is particularly
useful for checking a system that is new to you and is useful for showing
important events such as application or OS crashes.
Data Collector Sets this is a grouping of counters you can use to make
reports. You can make your own Data Collector Sets (User Defined) or use
one of the predefined System sets.
Windows 7 drops Reliability Monitor from this tool and simply names it
Performance Monitor, but it functions almost identically to Reliability and
Performance Monitor in Windows Vista. You can still find Reliability Monitor in
Windows 7 by searching for it in the Search box or as part of the Action Center
Control Panel applet. Figure 8.6 shows the reliability monitor.
Page 805 of 1229
Figure 8.6 Reliability Monitor in Windows 7

Performance Monitor in Windows 7 opens to a screen that displays some text
about Performance Monitor and a System Summary. Refer back to Figure 8.5.
You can get to the Overview screen by clicking the Open Resource Monitor
link on the main screen. The Resource Monitor tool is almost the same as
Resource Overview in Windows Vista and provides details on CPU, disk,
network and memory usage. See Figure 8.7.
Figure 8.7 Resource Monitor in Windows 7 displaying CPU usage

Now, going back to the Performance Monitor console, selecting the
Performance Monitor option under Monitoring Tools displays the main
screen of Performance Monitor. The tool works almost exactly like the tool in
Windows XP and is useful for checking specific counters.
Page 806 of 1229
Figure 8.8 shows the Performance Monitor on the left and as a result of clicking
the Add Counter (green plus) button (indicated by the arrow), the Add
Counters dialog box on the right.
Figure 8.8 Performance Monitor and Add Counters

You can run a quick check on your system and view a comprehensive report by
using the following steps in Windows 7:
1. With Performance Monitor open, if necessary, double-click Data Collector
Sets to expand it.
2. Double-click System.
3. Right-click System Performance and select Start. It will run for one
minute and then stop.
4. When it stops, expand Reports > System > System Performance.
5. Select the report you just ran from the middle pane. Your display should
look similar to Figure 8.9, but with different statistics.
Figure 8.9 Viewing system performance report

The left pane in Figure 8.9 shows the System Performance Data Collector Set
and the System Performance report. The middle pane shows some parts of the
report.
Page 807 of 1229
Note
Data Collector Sets not only enable you to choose counter objects to
track, but also enable you to schedule when you want them to run.
8.3 Advanced system properties

Upgrading the CPU, RAM and hard drive of an older system to make it perform
better is fine if the customer can afford it and if you can find compatible parts,
but computers and laptops often get left behind in terms of how they can be
upgraded because computer technology changes quickly. There are various
adjustments that you can make to these systems without having to upgrade
them so that they can perform better.
If you click on Advanced System Settings link in the System applet as
shown in Figure 8.10, it opens the System Properties dialog box with the
Advanced tab selected. On this tab, you can configure the following settings
simply by clicking the appropriate button:
Performance takes you to settings for configuring virtual memory

(paging file) and foreground/background processing.
User Profiles administrators sometimes use this to copy user profiles.
Startup And Recovery takes you to settings for configuring system
startup, system failure and debugging information.
Environment variables takes you to the Environment Variables dialog
box.
Figure 8.10 System Properties (Advanced tab)
8.3.1
Performance options
On the Advanced tab, click the Settings button in the Performance section.
This opens the Performance Options dialog box, which has three tabs (as
shown in Figure 8.11 and described below):
Page 808 of 1229
Visual Effects: here you can change visual effects that impact performance,
such as animations, and thumbnails..
Advanced: this tab enables you to configure settings for Processor scheduling,
Memory usage (Windows XP only) and Virtual memory. Under Processor
scheduling, you can choose how to allocate processor resources for best
performance of either programs or background services. Under Memory usage
settings, you can allocate more of memory to programs or to the system
cache. Under Virtual memory, you can change the size and location of the page
file.
Data Execution Prevention: DEP runs in the background to stop malicious
software from taking over programs loaded into RAM. It does not stop the
malicious software from being installed on a system, but it does make the
software less effective. Changing the default setting of monitoring only critical
OS files in RAM to all running programs and services will have a negative effect
on system performance, so it is best to leave this setting to its default for most
of the time.
Figure 8.11 Performance Options
8.3.2
Understanding paging
Computer systems use both physical memory and virtual memory. Physical
memory is the installed RAM and virtual memory is a file on the hard drive that
works as an extension of RAM through what is known as RAM cache. The file
is called a page or paging file, swap file or virtual memory.
With virtual memory, when a system starts running out of physical RAM
because too many programs are running at the same time, it swaps
applications from RAM to the page file. This allows you to run more programs
even if you run out of physical RAM. All versions of Windows use a page file.
Page 809 of 1229
Technically, RAM is organised in 64 KB pages and the OS works on these pages

when swapping data between RAM and the page file. That is, if the OS needs
to move something out of RAM temporarily, it looks for and swaps the 64 KB
pages that have not been used recently to the page file.
8.3.2.1 Excessive Paging
If there is not enough RAM for what you want to do, then your system will
experience excessive paging and it will constantly swap data back and forth
between the page file and RAM and will slow down drastically. To avoid this,
you can close some programs to free up RAM so there is very little paging or
add more RAM to your system. A system with enough RAM will not experience
much paging.
Now you might ask how much RAM is enough. That depends on what you are
going to do. If you are only going to browse the Internet and send and receive
emails, then a few GB is enough. But if you are going to run many virtual
machines and use graphic design programs, then many more Gigabytes of
RAM will be needed.
8.3.2.2 Virtual memory settings
Windows automatically sets the minimum and maximum size of the page file
and grows it as needed by default. It is best practice to let Windows
automatically manage the page file. However, occasionally you will run into
problems and need to change its size or delete it and let Windows re-create it
automatically. The page file is named PAGEFILE.SYS and you can find it in
the root directory of the C: drive by default, although it can be stored
somewhere else. Wherever it is, it is a hidden system file, which means you
will have to change the folder-viewing options to see it.
If you do change the size of the page file, you should ensure that the
Maximum Size (MB) is at least 1.5 times the physical RAM. One reason to
change the virtual memory settings is to move the file. If it is on the same
drive as the OS, which it is by default, you can move it to a different internal
physical drive to boost system performance slightly. This way, the OS and
page file do not compete with each other for disk access.
To configure virtual memory settings, click the Change button in the Virtual
memory section on the Advanced tab of Performance Options. In the
Virtual Memory dialog box, de-select Automatically manage paging file
size for all drives, as shown in Figure 8.12 and you are ready to make
changes.
Page 810 of 1229
Figure 8.12 Virtual memory settings

You can select Custom Size and enter the Initial Size and Maximum Size MB
values for the file. If your system has multiple internal disks, you can select a
different disk and configure the file for this disk. When moving the file, you
need to configure it for a different disk and then select No Paging File for the
disk currently holding the paging file and click the Set button to apply the
changes. Be careful to not turn virtual memory off completely. Although
Windows can run without virtual memory, it will have a major negative impact
on performance, especially if there is very little RAM installed.
Note
Programs do not actually run from the page file, the OS must load
them back into RAM and this entire swapping process takes time.
8.3.2.3 ReadyBoost and SuperFetch

A system can fetch data from RAM much quicker than from the hard disk. This
is why it uses cache, which is a portion of RAM that stores a copy of
frequently-used data. Windows Vista/7 use a service based on the prefetcher
function in Windows XP called SuperFetch to keep track of the programs you
use most often and pre-loads them into RAM, which allows them to be opened
more quickly. SuperFetch is aggressive in the way it uses free RAM and
intelligent in that it continually analyses your application behavior and usage
patterns, for example, what applications are typically used in the morning after
logon. Windows handles SuperFetch automatically with nothing for you to
configure.
ReadyBoost is a Windows Vista/7 feature that allows high-speed flash
memory devices such as USB 2.0+ flash drives and memory cards to be used
as hard disk cache, as long as the flash device has 1 GB free space. With
ReadyBoost, SuperFetch will preload your files into the ReadyBoost cache. This
speeds up read performance because data can be read more quickly from the
flash drive than from the hard drive.
Page 811 of 1229
All files in the cache are encrypted for removable flash devices and hardware
manufacturers can choose to disable encryption on internal, non-removable
ReadyBoost devices.
Windows will ask you if you want to use ReadyBoost when you plug the USB
device into your system. You can also enable it manually with the following
steps:
1.
2.
3.
4.
Start Windows Explorer by clicking Start > Computer.

Right-click the USB ReadyBoost approved drive and select Properties.
Click the ReadyBoost tab.
Select Dedicate this device to ReadyBoost and adjust the amount of
space you want to use for ReadyBoost or select Use this device. See
Figure 8.13.
Figure 8.13 ReadyBoost drive settings

5. Click OK.
Note
Windows stores a copy of files in the Readyboost cache. This means

that you can remove the flash drive at any time without affecting the
system and Windows will instead read the original files from the hard
disk cache.
Page 812 of 1229
8.4 Performance benchmark software

There are many benchmarking tools online, some free and some for a fee, that
you can run to test the performance of your systems hardware and
configuration for multimedia and gaming and make improvements where
necessary, including:
PassMark PerformanceTest: PC speed testing and benchmarking

software that allows you to benchmark a PC using different speed tests and
compare the results to other PCs. Visit www.passmark.com
Futuremark: Offers benchmarking software that helps you measure the

hardware performance of your computer, tablet and smartphone. Visit
www.futuremark.com
Unigine: This is a cross-platform 3D game engine. Use Unigine to compare

graphics cards. Visit www.unigine.com
Fraps: a benchmarking, screen capture and screen recording tool for

Windows. It supports programs that use DirectX and OpenGL (such as
games). Visit www.fraps.com
HD Tune Pro: A hard disk/SSD tool that can be used to measure the
drive's performance, scan for errors, check the health status, securely
erase all data and do much more. Visit www.hdtune.com
Figure 8.14 HD Tune Pro (left) and Unigine benchmark result (right)
Note
To get a more accurate idea of how well your system is performing, it

is recommended that you run many benchmark programs instead of
just one and run them more than once.
Page 813 of 1229
Unit 9 Maintenance and Backup
Maintenance consists of the jobs you do to keep your system running well,
such as by running hard drive tools, while optimisation consists of the jobs
you do to your system to make it better, such as updating drivers so that
hardware performs better.
Identify the tools needed to optimise drives.

Use Task Scheduler to schedule tasks.
Identify and apply operating system and driver/firmware
updates.
Use tools to backup data.
Use Shadow Copies.

Study
Notes

o Maintenance and Backup (p.150)
Study
Notes
Skills
9.1 Maintaining disks

To keep your hard drive clean and in good working condition, it is
recommended that you use the Disk Cleanup tool from time to time to
remove temporary and older files that use up hard disk space and decrease
system performance. Use the Check Disk (chkdsk) tool to check the disk
periodically to fix basic errors and attempt to recover from bad sectors. And
use Disk Defragmenter (defrag) to keep data organised on the disk so that
it can be accessed quickly.
9.2 Scheduling tasks

You can use the Task Scheduler tool to schedule tasks such as disk
defragmentation and disk checking to run automatically at a scheduled time.
To be able to run tasks, you must know the names of the executable programs
and any special switches you might need to enter. With that information, you
can then schedule the program to run automatically.
Page 814 of 1229
Task Scheduler is available in Windows Vista/7 from within Administrative

Tools. In Windows XP, it is called Scheduled Tasks and can be found within
the Control Panel. Alternatively, you can open the tool from Start > All
Programs > Accessories > System Tools. If you open Task Scheduler, you
can view existing pre-configured tasks or create your own. Figure 9.1 shows
the Task Scheduler opened to the preconfigured Defrag task, which is
preconfigured to start the defrag.exe c command at 1:00 a.m. every
Wednesday of every week.
Figure 9.1 Task Scheduler

All you need to do to create a basic task in Windows Vista/7 is give it a name,
set how often it should run and decide what it should do. You can use the links
in the right pane to create tasks and tasks have several configurable
properties, including:
Triggers: identify the criteria that will start the task and are normally
based on a day and time or an event like when a program starts.
Actions: identify whether the system should start a program, send an
email, or display a message at the scheduled time and how it should be
done. A task can have a single action or multiple actions.
Conditions: identify extra conditions that must be met for the task to run,
such as to run the task only when the system is using AC power (not on
battery power), or only when the system is idle, or connected to the
Internet.
Settings: allow you to fine tune the behavior of the task. For example, you
can choose settings such as If task fails, restart every: <time period> or
Stop the task if it runs longer than: <time period>.
History: shows details about when the task has run.
It is not only the Windows defrag tool that includes a built-in scheduling
option, many Windows programs offer it, including the backup program, but
they still use Schedule Tasks/Task Scheduler. If you set up an automated
defragmentation from within Disk Defragmenter for example, you can open
Task Scheduler and it will be listed as a scheduled task.
Page 815 of 1229
9.3 Updating systems

An OS is made up of millions of lines of program code created by different
people. In a perfect world, all this code would work without any problems, but
in reality, although the code is tested as much as possible, problems do occur.
For this reason OS vendors regularly release patches to fix them. A patch or
update is a file designed to fix a problem with a system or application file by
replacing pieces of program code in the original file. This fix could also improve
reliability, performance or security.
Updates are individual fixes that are usually no more than a few megabytes in
size and come out once a week or every so often. A service pack is a group of
tested patches and updates plus anything else Microsoft might choose to add
to the pack, such as additional features and services. Service packs are
cumulative, that is, service pack 1 (SP1) includes all the patches and updates
that were released since the OS first came out. The next service pack is SP2,
then SP3 and so on. Service packs are usually hundreds of megabytes in size
and can be packaged as a service pack only or with the Windows operating
system.
9.3.1 Windows Update

Microsoft includes Windows Update that you can use to automatically check
for and install updates from the Windows Update website. You can access
Windows Update on Windows XP/Vista/7 by clicking Start > All Programs
and selecting Windows Update. In Windows XP Windows Update is a website
(update.microsoft.com) that hosts critical updates and security patches and
software and hardware updates to add or change features or drivers. In
Windows Vista/7, it is an applet in Control Panel that connects to the Windows
Update website. The system checks with a Windows Update site for available
updates and compares them with updates currently installed on your system.
If there are updates available, Windows Update will indicate this, as shown in
in Figure 9.2, or patch your system automatically if configured to do so. If not,
you can click Install updates to begin the installation.
Page 816 of 1229
Figure 9.2 Windows Update in Windows 7

Because updates are so important, Windows helps you keep track of the
updates that you have installed or attempted to install. To access this
information, click View Update History on the Windows Update screen. The
View Update History window (shown in Figure 9.3) displays the information.
You can get full information about an update by double-clicking the name of
the update.
Windows Update can run automatically, so there will probably be new updates
for you to install every time you open the applet. Updates available through
Windows Update can be designed to patch security, performance or reliability
issues. These updates are classified as follows:
Important: critical updates that improve the security, privacy and

reliability of the system. They should be installed immediately and Windows
Update can be configured to install them automatically. These are called
high-priority updates in Windows XP.
Recommended: these updates add features or enhance the system and
target non-critical issues such as minor bug fixes, adjustments to a program
and functionality corrections. They can be installed automatically.
Optional: these are non-essential updates for drivers, language packs or
new software and can be installed manually.
Note
It is important to apply updates to systems, particularly important

updates. If you do not, your systems will be vulnerable to anything
from graphical corruptions on screen when using new video drivers, to
system crashes and malware.
To check for updates, you can click Check for updates and then wait while
your system looks for the latest updates. If there is a message telling you that
important updates are available (as shown in Figure 9.2), or telling you to
review important updates, then click the Important Updates Are Available
message.
Page 817 of 1229
This will open the Select updates to install page as shown in Figure 9.3. This
page provides you with information about each update that is ready to be
installed. In the list, click on each update for more information and you can
also click on the More information link on the right. Select the check boxes
for any updates that you want to install, and then click OK to install them.
Figure 9.3 Windows Update in Windows 7

You can also hide updates that you do not want to install and look at every
time you open Windows update. To do this, right-click on the update and select
Hide update.
Note
The WindowsUpdate.txt log file (stored in the %SystemRoot%,

usually C:\Windows folder) records update history and should be
checked if an update fails. The failed update will have an error code
whose meaning and solution you can look up on the Microsoft
Knowledgebase website (support.microsoft.com).
9.3.2 Automatically installing updates

As a best practice, use Automatic Updates to tell Windows to periodically check
for, download and install new updates automatically. If you click the Change
Settings link in the Windows Update applet in Windows 7, it will take you to
Change Settings page for Windows Update, where you can configure how and
when updates should be applied. See Figure 9.4.
Page 818 of 1229
Figure 9.4 Change Settings in Windows Update

Figure 9.4 shows the various options available from the drop-down box on the
right. These are self-explanatory. By default, the system will periodically check
for and download updates and install them at 3:00 AM. You might also see a
Microsoft Update checkbox if other Microsoft products are installed, such as
Microsoft Office. Unchecking this box disables these updates. Also, if you select
the Software notifications check box, you will receive pop-ups in the
notification area providing information about any new Microsoft software.
Note
In Windows XP, you can access these settings on the Automatic

Updates tab of the System Properties applet with the Control
Panel.
9.3.3 Patch management

Patch management refers to planning, testing and deploying patches in a
safe and timely way to keep systems up to date. Most home users and small
companies configure their systems to automatically download and install
patches. Many large companies, however, use detailed patch management
practices to test patches before deploying them. There are two approaches to
applying updates:
Apply the latest updates to make your system as secure as possible against
software attacks. This requires you to do more work and keep up-to-date
with security bulletins.
Only apply the patch if it solves a problem with the system.
Depending on the purpose of the patch, the wisest approach is to apply the
patch only if it solves a particular problem. However, the exception to this
approach is when an important or critical patch is available, such as a security
path for example, in which case you should test and install immediately, as it
might be too dangerous to leave the system unpatched for too long.
Page 819 of 1229
It is very important to read the documentation, such as a ReadMe text file,

released with the patch or service pack, because the patch might need to be
applied in a particular order or it might have compatibility requirements.
It is also important that there is a rollback plan in place so that you can
recover systems to a known good configuration before the patch was installed,
should the patch cause undesirable results. The information provided as part of
the update history can assist you if you find that you have installed an update
that needs to be rolled back or otherwise removed from the system. You can
uninstall patches or updates using the Add or Remove Programs/Programs
and Features applet in Control Panel. Select the update and click Uninstall or
select the option from the shortcut menu and then confirm the removal.
9.3.4 Updating applications

Software applications might also need to be kept up to date with the latest
patches. Applications could have bugs or code errors that can be targeted by
attackers because users are less likely to patch them than the OS. Therefore,
keep them updated with the latest patches.
This can be done using an update function within the application, which
connects to the vendors website and downloads the update and will typically
ask you to install it. See Figure 9.5. Alternatively, you can search the vendors
website for an update and download and install it.
Figure 9.5 Adobe Reader Updater
9.3.5 Updating hardware devices

There are two types of updates for hardware devices:
Drivers can be added to a Windows system in a number of ways.

Windows comes with core and third party drivers for hardware devices. In
some cases, new drivers can be downloaded or old drivers updated through
Windows Update, but you might have to install the driver manually. Most
third-party drivers come on a vendor-supplied disc or as a downloadable
driver file from the vendors website. The installation process for the
downloaded driver is the same as the installation disc.
Page 820 of 1229
Once you have installed the driver, you can update it using its Properties
dialog box in Device Manager.
Firmware check the motherboard manufacturers website regularly for

BIOS updates that fix bugs, solve incompatibilities with the OS or add new
features. Devices such as external drive units, printers and networking
equipment might need their firmware updated. USB and FireWire devices
that are directly connected to the Windows system can be updated from
within Windows. Network devices can be updated through their
management software or web configuration page. Figure 9.6 shows the
upgrade firmware page of a wireless router.
Figure 9.6 Firmware upgrade page

Note
Before updating a driver or firmware, make a backup of the system

configuration.
9.3.6 Registry maintenance

The registry is modified every time you add a new application or hardware or
make changes to existing applications or hardware. For this reason the registry
tends to become filled with old and unused entries. These usually do not cause
any problems directly, but they can slow your system down. To clean the
registry, you need to run a third-party tool. There are a few registry cleaners
that you can download, including the popular CCleaner. See Figure 9.7. You
can download it from www.piriform.com/ccleaner/. Just make sure to
download the tool that supports the Windows version you are running.
Page 821 of 1229
Figure 9.7 CCleaner program

You can also use CCleaner to clean other areas of the system and non-critical
files created by web browsers and other applications, such as temporary files.
Note
Keep in mind that all registry cleaners are risky in that they might
delete entries that the system or you the user wants to keep.
Additionally, some registry cleaners might be malware and are often
advertised for free on the Internet. Be careful what you download
from the Internet.
9.4 Data backups

One of the most important tasks you can do is back up data and train users on
how to perform backups. Files can become corrupted, destroyed by malware
or accidentally deleted by users. The goal of backing up is to ensure that when
something goes wrong, there will be an available, recent copy of data that can
be restored. Backups should be done on a regular basis and before making any
change to the system that can affect user data.
When it comes to deciding which files and folders to backup, a general
rule of thumb is: If you cannot do without it, back it up.
Note
An archive is different from a backup. Archiving refers to

permanently storing data for historical, regulatory or legal reasons.
Backing up refers to making copies of data which can be used to
replace the original data should it become lost or destroyed.
9.4.1 Types of backups

It is important to understand the archive attribute when performing backups
other than a full complete backup.
Page 822 of 1229
An archive attribute is a 1-bit storage area that all files have and when a file
is changed, even by just opening it, its archive attribute is turned on. When a
backup program backs up a file, it usually turns the archive attribute off. If the
archive attribute is turned on, it means that the file has been changed since it
was last backed up.
Windows Explorer or (My) Computer by default do not show much about files
in any view, even when you select Details from the View menu (as shown in
Figure 9.8 on the right). To customise your view, right-click the column bar
that says Name, Size and so on to look at the default options. You will see
options such as Name, Date and Size. The options differ according to the
version of Windows you are running. Selecting the More option brings up a
menu offering more view options. See Figure 9.8.
Archive attribute
Figure 9.8 Windows Explorer showing archive attribute, column

shortcut menu and views
Table 9.1 lists the most common types of backups available and what they are
used for. Most backup software solutions support many of these backups
beyond a full backup. The type of backup you choose depends on how much
data you want to back up and the time it takes to back it up and restore it. A
full backup is a back it all up solution while incremental and differential
backups check the archive status of each file to determine whether or not to
back up the file.
Page 823 of 1229
Table 9.1 Types of backups

Type
Full or normal
Copy
Incremental
Differential
Daily or daily
copy
Description
Every file and folder selected is backed up and the archive
bit is turned off for every file backed up. This can take a
long time on large systems, but has the shortest restore
time. Only one tape set is required.
Identical to a full backup, except that the archive bit is not
changed. This is used for making extra copies of a
previously completed backup.
Backs up only the files that have been changed since the
last full or incremental backup, that is, files with the
archive bit turned on. This is a fast backup, but is the
slowest when it comes to restoring data. Multiple tape
sets are required.
Backs up files that have changed since the last full
backup, but does not turn off the archive bit. A maximum
of two tape sets are used.
Makes copies of all the files that have been changed
during the day. It does not change the archive bit.
9.4.2 Backup media

On networks, it is common to use a tape system with advanced backup
software that can be used to back up file servers and online live databases
and remote systems. For client systems connected to networks, home folders
can be created where users can store data on file servers and scripts can be
used to automate the backup process. Personal backups for home users and
small networks can be done with the backup tools available in Windows. Table
9.2 lists the different types of backup media that can be used.
Table 9.2 Backup media types
Backup
media
Hard disk
Tape drives
Optical
media
Description
A practical and common option for backing up because it does
not cost much, it can store lots of data, has fast access times
and it is easy to use. It can be used for personal and network
backups.
Magnetic tapes are suitable for backing up because of their
low cost, portability and large storage capacity, and they can
also be reused when old information is no longer required.
This is typically used for network backups.
Although optical media can be used to store files and folders,
they are not suitable for backing up because they can only
store a limited amount of data, their recording speeds are
slow and they are not designed to be continually overwritten.
Page 824 of 1229
9.4.3 Tape rotation

There are many different ways that backup media can be reused. One of the
most common ways is by using a backup media rotation system called
Grandfather-Father-Son (GFS). This method uses three sets of backups:
Son tapes an incremental or differential backup performed on a daily

basis and media is reused weekly.
Father tapes a full backup is performed every week of the month, except
for the last week.
Grandfather tapes a full backup is performed at the end of the month
(usually performed on the last Friday) and is typically archived for long time
keeping.
It is important to label backup media accordingly.

It is common to do a full weekly backup and a daily incremental backup which
only includes files changed during that day or a differential backup that only
includes files changed since the last full backup.
Note
Do not use differential backups with incremental backups together.

Use a full backup with an incremental or a full backup with a
differential. Copy and daily backups are less common but can be used
when needed.
9.4.4 Backing up Windows systems

Each version of Windows includes a backup tool that can be used to back up
and restore data, although the tool in each version is different. Windows
Vista/7 support full image backups. A full image backup captures everything
on the hard drive, including the OS, applications and all user data.
9.4.4.1 Backups in Windows XP
You can use the Backup Utility (ntbackup) to back up and restore files and
folders on a Windows XP system. You can start the Backup Or Restore
Wizard with the following steps:
1. Click Start > All Programs > Accessories > System Tools and choose
Backup. You can also access it by clicking the Backup Now button on the
Tools tab of the local disks Properties dialog box or run the command
ntbackup.
2. Follow the instructions in the wizard to back up or restore data. The wizard
differs depending on whether you run the utility in Wizard Mode, which
runs a Backup or Restore Wizard, or Advanced Mode, which runs the
Backup wizard from where you can create a backup of system state
information such as the Registry and boot files and personal data.
9.4.4.2 Backups in Windows Vista
You can use the Backup And Restore Center applet in Windows Vista to
back up and restore files, configure automatic backups and back up the entire
system.
Page 825 of 1229
You can open the Backup And Restore Center as follows:

1. Click Start > Control Panel. If necessary, change the view to Classic
View.
2. Double-click Backup And Restore Center.
This tool allows you to choose the types of files to back up based on
categories, such as document files and music files. It will then locate all of the
files in the category and back them up. You can also back up the entire system
and configure the tool to back up data to multiple locations, including a second
internal hard drive, external hard drives, writable CDs or DVDs and network
locations.
The Windows Complete PC Backup And Restore tool can be used to create
an entire image of the system.
To create a complete backup of your PC with Vistas Complete PC Backup,
complete the following steps:
1. Start the Complete PC Backup by going to Start > All Programs >
Accessories > System Tools and selecting Backup Status and
Configuration.
2. Click the Complete PC Backup button.
3. Select Create a backup now and follow the instructions. Have media
ready that can hold an OS image.
Note
All Windows Vista editions do not allow you to select the files and
folders you want to back up. If you want to choose a file to back up,
you need to buy a third-party tool. Windows Vista does not support
backing up data to USB flash drives on any edition.
9.4.4.3 Backups in Windows 7

You can use the Windows 7 Backup And Restore program to backup
individual folders and files, create an image of the system and create a repair
disc. You can back up data to multiple locations, including another internal
hard drive, external hard drives, writable CDs and DVDs, and network
locations. To create a backup with Backup and Restore, complete the following
steps:
1. Click Start > Control Panel. If necessary, change the view to Large
icons.
2. Select Backup And Restore.
3. Click Set Up Backup (if necessary) or Back Up Now if a backup device
has already been set up. Have an external drive, second internal hard
drive, or second partition ready. If no media is found, the only other option
is to back up to a network location.
4. Select the media or partition you want to back up to and click Next.
5. Select whether Windows will automatically back up data or choose your
own files to back up and click Next.
Page 826 of 1229
6. Select the folders and files to back up and whether to include a system
image of each drive. Click Next.
7. Review your selections and click Save Settings and Backup. This starts
the backup, which you can monitor using the progress bar shown in the
Backup and Restore applet. Backups can take a long time depending on how
much you are backing up. Backups can be restored using this applet as
well.
Figure 9.9 Backup and Restore applet (left) and Set up backup
wizard (right)
Unlike Windows Vista, Windows 7 allows you to create image backups to a
network location and back up data to USB flash drives, but the drives must be
at least 1 GB in size. However, unlike Windows XP, both Windows Vista and
Windows 7 do not support backing up to tape.
Note
All Windows 7 editions include a backup and restore tool. However,

the Starter and Home Premium editions do not support backing up
data to network locations.
9.4.5 Backups: testing, storage and documentation

In an emergency, the files you back up are only as useful as the files you can
restore from the backup. Otherwise what is the purpose of making backups if
you cannot use them to restore data? Test that the restore works properly by
restoring the data from the backup to a different folder or drive and avoid
overwriting live data. Make sure that all expected data has been backed up by
checking the medias catalog and that it can be restored. Backup software
usually has a verify option and reports any errors to a log file. Restores must
be done on a regular basis. Ideally, you should make two copies of each
backup media, storing one copy at another location or off-site. This also
provides protection against media failures.
Page 827 of 1229
Keep documentation for each backup. A backup log or catalog for each
backup will make it easy to find files that need to be restored. The log can
include information about the backup method used, which files and folders
were backed up and when they were backed up, and on which backup media is
the data stored.
9.5 Shadow Copy (Previous Versions)

System protection is a feature that regularly creates and saves information
about the computer's system files and settings. Previous versions, also
known as shadow copy or shadow copies, are copies or snapshots of data
files and folders that are automatically created when a restore point is created.
Shadow copies depend on the Volume Shadow Copy Service (VSS), which
enables the OS to make backups of any file, even one that is open, and
provides system restore functions.
You can find out if a data file has been shadow copied by right-clicking it,
select Properties, and then click the Previous Versions tab (or simply rightclick on the file and select Restore previous versions, which also takes you
to the Previous Versions tab). Figure 9.10 shows the properties of a text file
named document 1 with the Previous Versions tab selected. There are two
older copies of this file listed.
Figure 9.10 Previous Versions tab

When you select a previous version, you can select the following options:
Open: select this to open the file so that you can view it before you
actually restore it.
Copy: select this to create a copy of the file to store it in another location.
Restore: select this to overwrite the current version of the file with the
previous version.
Page 828 of 1229
It is also possible to get a previous version of a file that has been deleted, but
the way to do this is slightly different. You will not be able to right-click on the
file that is deleted. Instead, you have to go through the following steps:
1.
2.
3.
4.
5.
6.
Click Start > Computer to open Windows Explorer.

Find the folder where the file existed before it was deleted.
Right-click the folder and select Properties.
Click the Previous Versions tab.
Select a version of the folder that includes your file and click Open.
Double-click the file to open it. You can then save it.
To use previous versions in Windows Vista/7, your system must be configured

to use system restore points or you must have made a backup of the file or
folder using the backup program. You must also make sure that System
Protection is enabled. Go to the System Protection tab in the System
Properties dialog box (see Figure 9.11) to see if it is turned on (it should be
on by default).
Figure 9.11 System Protection tab
Page 829 of 1229
Unit 10 Troubleshooting Systems
Identify procedures and techniques to use when

troubleshooting a system.
Describe the best attitudes to take when approaching a
problem.
Use sources of help such as documentation and training
effectively.
Understand the Windows boot process.
Identify common boot symptoms and tools to troubleshoot
boot problems.
Use Advanced Options menu to troubleshoot boot problems.
Create restore points and use System Restore to recover
Windows.
Monitor system logs using Event Viewer.
Identify basic problems and solutions affecting Windows and
software applications.
Troubleshoot hardware errors, power and POST issues, and
CPU and memory errors using appropriate tools.
Troubleshoot hard drives and RAID arrays with appropriate
tools.
Troubleshoot common display problems.
Troubleshoot common laptop problems.

(G185eng) Module 3 Unit 1, 2 and 3, Module 4 Unit 1, 2
and 3 (p.183-224 and 263-298)
GTS A+ Certificate 802 Support Skills Study

o Troubleshooting theory (p.192)
o Troubleshooting Boot Problems (p.213)
o Troubleshooting Applications (p.224)
o Troubleshooting System Components (p.279)
o Troubleshooting Storage and Video (p.291)
o Troubleshooting Laptops (p.298)
Notes
10.1 Troubleshooting theory

Troubleshooting describes the steps a computer technician takes to solve
problems. Troubleshooting theory is the set of steps a computer
technician memorises and uses along with the computing process to
troubleshoot a computer and network system.
Page 830 of 1229
It includes talking to users to determine how and when the problem took
place, determining the cause of the problem, such as a faulty hard drive,
its symptom(s), such as a bluescreen shown onscreen, its consequences
such as the user no longer able to work because of the fault, and its
solutions, such as to replace the hard drive. In addition, it also involves
testing and verifying the solution and documenting the entire process.
10.1.1 Problem management

Problem management means tracking and documenting support
requests. Many companies use a trouble-ticketing system with tickets that
track the name and other information about the user looking for help, the
date, time and length of the help-desk or on-site call, the causes of and
solutions to the problem addressed, who did what and when (who is
dealing with the problem), how each problem was resolved and whether a
follow up was done.
When a user calls for help, the computer technician creates the ticket by
entering it into the system, which keeps the ticket open until the problem is
resolved and a follow up is done and the user is happy. Afterwards, the
ticket can then be closed. Tickets are prioritised and can be escalated to a
more senior troubleshooter when needed.
10.1.2 Approaching troubleshooting and preparations

When approaching a troubleshooting situation, keep the following points in
mind:
Stay calm and take your time coming to the correct solution.
Consider taking breaks to refresh your mind.
Do not assume anything. Even though the symptoms of a current
problem are similar to a problem you have experienced before, the
problem and its solution could be completely different. Treat every
problem as a new challenge.
Do not overlook the obvious. Simple things cause sometimes problems.
Run through what should happen and verify that there is not a user or
configuration error.
Keep an open mind and be patient. Be prepared to try different things
and to start over again when needed.
When assessing whether to repair a part, consider how much that part
will cost and how much it will cost for you to perform the repair. In
many cases, a replacement is the best and most effective option.
Know when to give up! When you cannot fix a problem, be prepared to
pass the problem onto a senior technician who can fix it to avoid wasting
the customers time.
Page 831 of 1229
When preparing for a troubleshooting situation, keep the following points in

mind:
Make sure you have all the hardware and software tools, documentation
and any other information needed before visiting a user or customer.
When helping a user over the phone or online, make sure you provide
clear, concise and accurate information.
If you need to take a system offline, make sure it is scheduled
appropriately and sensitively and that everyone affected is informed and
provide time frames.
Handle and maintain the users equipment and resources with care.
The users data is important. Check when the last backup was made and
if one was not made, make a backup before making any system
configuration change. Many technicians use drive imaging software such
as Norton Ghost to make image backups.
10.1.3 Troubleshooting model

It is necessary to approach problems from a logical standpoint by using a
troubleshooting theory model. This book focuses on CompTIAs six-step
troubleshooting model. Many technicians use the steps in this model to
ensure that they can identify and resolve problems methodically (so that
possible causes and solutions are not overlooked), and efficiently (so that
the problem can be solved quickly) and to avoid additional problems.
Note
Remember that a cause of a specific problem might be a symptom

of a bigger problem. Also there might not be a simple solution to
the problem, that is, there might be several solutions to the
problem or a solution might be too costly or impractical to use or it
might cause further problems that are worse than the original
problem. In this case, you must be able to make effective
decisions when troubleshooting.
A technician is expected to take an organised, methodical route to a

solution by memorising and using the following six steps. Know these steps
and their order as you read through this book and whenever you
troubleshoot a computer, printer, mobile device or networking problem.
Step 1: Identify the problem

In step 1, you already know that there is a problem and now you have to
identify exactly what it is by gathering information from the user. You can
do this in a few ways:
Question the user: ask the user who reported the problem detailed
questions about the problem. Ask questions like What are the exact errors
shown?, Has anyone else experienced this same problem? (useful on
networks), What changes have been made to the system recently? and
Has anything been tried to solve the problem?.
Page 832 of 1229
You want to find out about symptoms, unusual behaviour or anything that
the user might have done recently that could have directly or inadvertently
caused the problem. Gather information by asking good questions that the
user can answer simply (that is, without having to know anything about the
system and its software). Good questions include open questions that the
user can explain in their own words like What is the problem? or What
happens when you try turning the system on? and closed questions that
require a Yes/No or a fixed response like What does the error message on
the screen say?. If the user cannot properly explain the problem any
further, then you will need to physically inspect the system.
Identify any changes made to the system: you cannot always rely on
the user to let you know everything that has happened. Therefore
physically look at and listen to the system, and even smell it. See if any
new hardware or software has been installed. Look around for anything
that might seem out of place. In some cases, you might need to inspect the
environment around the system that might affect a problematic system.
Check system logs or diagnostic software for information.
Review documentation and consult: your company might have
documentation that logs past problems and solutions. Perhaps the same
problem has happened before, or other related problems can help you to
find out what is wrong. Maybe another technician listed in the
documentation can assist. Perhaps the user has documentation or a manual
concerning the system, component, software or other device that has
failed.
Note
In this step, it is also important to back up any critical data before

making any changes. Rebooting solves many issues and it is
common to reboot the system after identifying the symptoms of a
problem and then see whether the symptoms have disappeared.
Step 2: Establish a theory of probable cause (question the

obvious)
In step 2, you must analyse the problem and come up with a theory or an
educated guess as to what is most likely wrong. Step through what should
happen and identify the points at which there is a problem and also work
up and down the layers (for example, start with power, then hardware
components, drivers/firmware, software, network and finally user actions)
or vice versa. A useful troubleshooting practice is to check the easy and
obvious things first. If the monitor is dark, an obvious theory is that the
monitor is not plugged into the power outlet and turned on, or not plugged
into the video port or that the computer is not plugged in and turned on.
Page 833 of 1229
This step is different from the other steps in that you are not making a list
of causes but instead choosing one probable cause as a starting point.
Unless the problem is of little importance, you might need to break down
the troubleshooting process into logical areas and decide whether the
problem is with hardware or software (or both) by using your knowledge
and understanding and your senses:
Sight: watching the computer boot, Windows load, looking at lights, etc.
Hear: listen for beeps and other sounds.
Smell: burning components.
Step 3: Test the theory to determine cause

In step 3, take your theory and test it. Returning to the example, go ahead
and check all plugs and power connections and plug in the computer and
monitor. If the computer starts and the display is on, you know that your
theory works. At this point move to step 4. But what if the monitor is
plugged in and connected properly? Or what if you plug in the computer
and it does not start? Some problems are not so simple and obvious, so
you might need to take a few steps to test the theory. Establishing and
testing are listed as separate steps, but experienced technicians go through
the steps very quickly. For example, if you have a blank display, you might
go through the following steps:
Theory: computer is on.

Test theory: check to see whether it is on.
Theory: monitor not plugged in or turned on.
Test theory: check power indicator on monitor.
Theory: monitor not plugged into correct graphics port.
Test theory: verify cable plugged into port on extension card instead of
into motherboard on-board connector (which is de-activated in CMOS
Setup).
The theory might mean that you must bring the system back to base. This
means that you must take the system down to the minimum configuration
needed to run and if this works, then add peripherals and devices one-byone to the system and test it after each one until you find the problem. This
takes a lot of time but might be necessary. Also, when troubleshooting a
cable, connector or device, it is good to have a known good working
copy at hand, so that you can swap the failed one with the working one
when needed.
If the first theory fails during testing, go back to step 2 to establish a new
theory of probable cause and continue doing this until you find a theory
that works. If you run out of ideas and have tested all your theories, you
might need to escalate the problem by calling in some help. Some help
sources you can go to include:
Senior technician or support staff.

Manufacturer websites and support vendors.
Online Knowledge Base (KB), frequently asked questions (FAQs) or
other articles.
Page 834 of 1229
Warranty and support contract.

Search engines.
Step 4: Establish a plan of action to resolve the problem

and implement the solution
After you have confirmed that your theory works, establish a plan of action
to resolve the problem and implement the solution that solves the problem.
In the previous scenario, it is simple; plug in the computer and monitor and
make sure everything is connected properly. Although this step might seem
the same as step 3, your plan of action might be more complicated than
step 3. For example, you might need to fix other problems that occurred
because of the first problem or the problem might affect multiple
computers, and your plan of action would include repairing all those
computers.
Consider another problem example with all four steps:
Step 1: Identify problem. You turn on a computer and its fans are
spinning but nothing else works.
Step 2: Your theory of probable cause could be: a faulty power supply,
faulty CPU, faulty motherboard, faulty RAM, or faulty expansion card. All of
these could be the cause of the problem.
Steps 3 & 4: Your theory test, plan of action and solution could be:
to start replacing everything one by one. You might be fortunate and fix the
problem, but if you take the time to test your theories and implement fixes
individually, you will end up with better results.
There are typically three solutions to any problem:
Repair: determine whether the cost of repair is the best option.

Replace: often the most expensive option and might take up a lot of
time. However, this option might give you the opportunity to upgrade
the component or software.
Ignore: not all problems are critical, particularly software ones. If a
repair or replacement is not an option, it might be best to find a
workaround or just document the problem and move on.
When faced with a challenging problem, avoid a process called

shotgunning, which refers to trying everything without taking time to
think things through or analyse the problem. Take your time and work
carefully.
Step 5: Verify full system functionality and if applicable,

implement preventative measures
After implementing a solution, make sure the solution fixes the problem
and that the entire system is working properly and that the user is happy.
Page 835 of 1229
This might mean restarting the system once or twice, opening applications,
using the newly-installed hardware device, using Device Manager to
confirm that the device is configured properly, updating software or the
device driver, installing anti-virus software permanently, accessing the
network and even watching the user do whatever he or she needs to do on
the system for a few minutes.
You will not only want to verify functionality, but also prevent the problem
from happening again if possible by implementing a preventative measure.
For example, if you are troubleshooting a system and you notice that there
is too much dust on the fans and the inside of the system, you should use
the proper tools and vacuum it out. Whatever preventative measure you
take, make sure it does not affect other systems or policies, and if it does,
get permission first.
Step 6: Document Findings, Actions and Outcomes

The last step involves documenting every step you took to resolve the
problem. Depending on the company, you might be required to document
the process, from start to finish, in a trouble-ticketing system. In this step,
finalise the documentation including the problem, cause, solution,
preventative measures and any other steps taken.
Ticketing systems are useful since they allow technicians to easily share
their knowledge or to research the solution to a previously solved problem.
For example, Microsoft uses a Knowledge Base (KB) system which
provides KB articles on resolved problems. If you are troubleshooting a
software problem that is giving you a specific error, you can type the error
as a search phrase into a search engine and you will often be directed to a
KB article that describes the problem and its solution.
Some systems track trends and can identify systems that fail more often
than others. Using such a system can help you take pro-active steps to
reduce problems with such systems.
Note
These six steps are not the only troubleshooting steps you are
likely to see in your career, but they will improve your problemsolving ability when working in the field. Also, your role as a
technician is not only to solve problems, but also to communicate
and provide feedback to the user in a professional and honest way
and to share your knowledge and educate the user.
10.2 Understanding the boot process

When the computer first receives power, hardware, firmware and software
enable it to pull itself up by the bootstraps or boot itself. There are several
boot stages the computer goes through before you see the Windows logon
screen. Understanding these stages will help you solve errors that occur if
any of these stages fail.
Page 836 of 1229
Note
Rebooting a system solves many problems, so it is common to try

a reboot first.
10.2.1 Power On Self-Test (POST)

When the system is first powered on, it loads information from the BIOS
and runs POST to check basic hardware such as the CPU, RAM, keyboard
and video. If this check fails, use the POST beep codes and errors onscreen
to identify the faulty hardware. When POST completes successfully, it starts
the bootstrap loader. This is BIOS program code located at the end of the
POST program whose job is to find the bootable OS.
10.2.1.1 Look for master boot record and boot sector
The bootstrap loader looks for bootable media by reading the boot order in
CMOS Setup. When booting from a hard drive, the bootstrap loader looks
for a master boot record (MBR) in the first sector of the first partition
and passes control over to it. The MBR stores information about the
partitions on the disk and contains master boot code that points to the
location of the active boot sector. The boot sector is located either after
the MBR or in the first sector of each partition and it describes the
partitions file system and contains the code that points to the method of
loading the OS (BOOT.INI file in Windows XP or Boot Configuration
Database in Windows Vista/7).
Note
Every MBR-based hard drive has one MBR, and each partition on
the hard drive has a single boot sector, but only one of them can
be marked active.
Figure 10.1 shows a single hard drive with two partitions. Remember that a
hard drive can have up to four primary partitions, with one partition
marked as active. The active partition includes code within the boot sector
that identifies the location of the files that start the OS.
Hard disk
MBR
Boot
Sector
Partition 1
(Active)
Boot
Sector
Partition 2
Figure 10.1 MBR and boot sector

The following steps show the boot process from a hard drive:
1. The BIOS takes the master boot code from the MBR and loads it into
RAM.
Page 837 of 1229
2. The master boot code scans the partition table or partition boot record
(PBR) on the disk, looking for the active partition. The partition table
describes the number and size of partitions on the disk.
3. The master boot code loads the contents of the active partitions boot
sector into RAM and runs it:
a) On Windows XP, the NTLDR file is run.
b) On Windows Vista and Windows 7, the Windows boot manager
(bootmgr) is loaded.
Note
A Windows Vista/7 system that uses EFI or UEFI instead of the

traditional BIOS includes an entry to start the bootmgr directly,
without looking for an MBR/GUID partition table (GPT).
10.2.1.2 Load system boot files on Windows XP

In Windows XP, the system boot files are located in the root folder of the
active partition (typically C:). These system files are hidden by default. The
files are as follows:
NTLDR (NT Loader): this is the program that loads the OS by reading
the BOOT.INI file. To do this, it loads its own minimal file system that
enables it to read the file.
BOOT.INI: this text file lists the disk, partition and folder of the location
of the OS available to NTLDR. On multi-boot systems, it contains the
menu of operating systems that can be selected on the boot menu and
specifies the default OS. See Figure 10.2. It is a hidden system file in
the root of the system partition that can be modified with msconfig,
automatically with System Startup settings and by using a text editor.
NTDETECT.COM: NTLDR starts this to detect hardware installed in the
system.
Figure 10.2 BOOT.INI file

When NTLDR completes the initial load, it runs the NT Kernel program
NTOSKRNL.EXE from the \Windows\System32 folder to start Windows
XP.
The following files are optional when starting Windows XP:
NTBOOTDD.SYS: this mini SCSI disk driver is used only if the system
boots from a SCSI drive whose host adapter does not have an on-board
SCSI BIOS enabled.
Page 838 of 1229
BOOTSECT.DOS: this contains the boot sector location for each OS on a

multi-boot system.
10.2.1.3 Load boot manager on Windows Vista and Windows 7

The 100-MB system partition that you can see when installing Windows is
used for system boot files. The following system boot files are used on
Windows Vista and Windows 7:
Windows boot manager (bootmgr): this is a hidden file that controls

the boot process and is located in the root of the system partition (which
is not assigned a drive letter). It takes care of reading the BCD and
displaying the OS menu to allow the user to choose an OS to boot to or
displays the Advanced Boot Options menu. Bootmgr switches CPU
operation from real mode to protected mode, which could be 32-bit or
64-bit, depending on what OS version is installed.
Boot configuration database (BCD): this is used instead of BOOT.INI
and contains information about the location of the various operating
systems including the default OS and instructions for how to load them.
It is located in the \boot folder of the system partition. The database
can be modified using msconfig and the bcedit command line tool.
When bootmgr completes the initial load, it runs the boot loader program
Winload.exe to start Windows Vista/7, or alternatively, the
Winresume.exe program to restore a previous session if the OS is placed
into a hibernation state. Both of these are called from the
Windows\System32 folder.
Note
The same files are used with EFI, but are assigned the .efi file
extension as in bootmgr.efi and stored in the EFI System
Partition (ESP).
10.3 Repair environments and boot errors

Windows startup errors prevent users from accessing the OS. All versions
of Windows come with startup tools, menus and repair environments that
you can use to troubleshoot startup and boot errors.
10.3.1 Advanced boot options menu
If the system boots but the OS does not start and you do not see an error
onscreen, it could be due to a video driver, new configuration or other
system issue. Fortunately, Windows comes with several start-up options
that provide access to tools that can help you fix the problem.
To access these startup options, press the <F8> key during the boot
process immediately after the memory count to bring up the Advanced
Boot Options menu. Figure 10.3 shows what this menu looks like on a
Windows 7 system.
Page 839 of 1229
Figure 10.3 Advanced Boot Options in Windows 7

Note
If you do not press the <F8> key, the system will boot into
Windows and you will have to restart to try again. Try tapping the
key repeatedly if the menu does not appear. The worst that can
happen is a Keyboard Error that POST interprets as a stuck key on
the keyboard.
The various options will be explored in the next few sections. The options
provide access to the Windows Recovery Environment, Repair Your
Computer, safe modes and the Last Known Good Configuration. All of the
options are the same on Windows Vista and Windows 7, but Windows XP
does not provide the following menu options:
Repair Your Computer

Disable Automatic Restart On System Failure
Disable Driver Signature Enforcement
10.3.1.1 Safe modes

Safe mode starts the system with a minimal set of very basic, non-vendorspecific drivers, keyboard, mass storage, low resolution (640 x 480 in XP
and 800 x 600 in Vista/ 7) and system services. Use safe mode when a
change has been made to Windows that prevents it from starting. For
example, you can remove or roll back from a faulty driver installation using
Device Manager, scan the system for viruses, copy user files to external
drives, apply restore points using System Restore and restore an image
using System Image Recovery. There are three safe mode options:
Safe mode: starts the system with a minimal set of drivers: the most
basic version.
Page 840 of 1229
Safe mode with networking: starts the system with basic network
drivers and services needed to access network resources and the
Internet. This mode is useful if you need to research a problem or
download updates from the Internet. If you cannot start this mode,
then the problem is a network driver or other network problem. Reboot
into safe mode and use Device Manager to disable network components
starting with the network adapter.
Safe mode with command prompt: starts the system with a minimal
set of drivers and loads the command prompt but not the Windows GUI.
This is useful if the desktop does not display or if the the explorer.exe
program is corrupted. You can delete the corrupted explorer.exe file and
copy in an undamaged file from the disc using the prompt. You must
know how to navigate the directory structure and know the location of
the file you are replacing. Although Explorer cannot be loaded in this
mode, you can load other GUI tools that do not depend on Explorer,
such as Event Viewer using eventvwr.msc and system restore using:
C:\Windows\system32\restore\rstrui.exe.
You will know when the system is booted into safe mode because the
screen will be black and the words safe mode will be in white letters
located in the four corners of the screen as shown in Figure 10.4.
Figure 10.4 Safe Mode in Windows 7
10.3.1.2 Last Known Good (LKG) configuration

If Windows will not start immediately after installing a new hardware driver
or software but before you have logged in again, you can try the Last
Known Good Configuration option to start the system with the last
configuration known to work. It is easier to understand how this works by
understanding how Windows records system settings. After you log into
Windows, it copies system settings into an area of the registry known as a
control set. Figure 10.5 shows the different control sets in Windows 7.
Page 841 of 1229
Start using ControlSet001

ControlSet002
named
LastKnownGood
Figure 10.5 Control sets in registry

The system starts by using the settings in ControlSet001. Immediately
after logging in, Windows copies those settings to ControlSet002 and
names it LastKnownGood. Any changes you make to the system while
logged in are applied to ControlSet001 but not to ControlSet002. If you
update a driver and restart the system and that driver crashes the system
to a point where Windows can no longer start, you can select the Last
Known Good Configuration option at boot time to restore the settings from
ControlSet002 before the driver was added to the system and the system
should start.
Note
It is very important to remember that you can use the Last Known
Good Configuration only before you log in again. Also, it is best to
test the driver or software installation on another test computer or
virtual machine before trying to install it again on the users
computer.
You cannot use Last Known Good Configuration if you have logged in after
experiencing a problem caused by a recently updated driver, but there is a
workaround: you can boot into safe mode and use Device Manager to roll
back the faulty driver to a previous working driver.
10.3.1.3 Repair your computer and Windows RE
The Repair your Computer option starts the Windows Recovery
Environment (Windows RE or WinRE). Windows RE provides a list of
automated and manual tools that you can use to troubleshoot and repair
problems. Also known as System Recovery Options, the purpose of
Windows RE is to recover Windows Vista/7 from errors that prevent it from
starting and is very useful to use to fix errors that cause the system to
freeze and when you cannot boot into safe mode.
Page 842 of 1229
You can access Windows RE in the following ways:
Boot from the Windows installation media, start the OS installation,

and after the language settings page, select Repair your computer. This
option is available on all Windows Vista installation discs, but not all
Windows 7 installation discs.
Boot to the Advanced Boot Options (F8) menu and select Repair
your Computer. This is available if the tools are installed on the hard
disk in Windows 7. Windows Vista does not have the Repair Your
Computer option. You can either use a Windows installation medium or,
if you have SP1 or later, make a bootable system repair disc.
Create a system repair disc that will boot you directly into Windows
RE. This disc should be created before you have problems and can be
used when you cannot access the Advanced Boot Options menu. On
Windows 7, you can create it from the Backup And Restore Center in
Control Panel.
Boot to the Windows RE partition. Some OEMs create a separate
partition on the hard drive and install Windows RE on it so that users
can boot into it without having to search for and boot off the Windows
installation disc.
Tip
It is recommended that you access Windows RE from the

installation media because the hard drive might be damaged to the
point that you cannot access the Advanced Boot Options menu, the
option in the Advanced Boot Options menu requires a local
administrator password, and a bootable disc avoids any malware
on the system.
When you select the Repair your computer option, you might be asked to
configure one or more of the following options depending on how you start
the tool (installation media, boot menu or repair disc):
Restore your computer using a system image that you created earlier.
Use Recovery Tools. You will also be asked to choose an OS to repair.
Choose this option to access the Windows RE tool set shown in Figure
10.6.
Keyboard language.
Log on with a local account.
If you use an administrative account, the options will include the command
prompt, as shown in Figure 10.6.
Page 843 of 1229
Figure 10.6 System Recovery Options

Note
This minimal graphical OS with the various tools you get when you
boot directly to the Windows installation disc is called a Live DVD
because the system directly loads from disc into RAM and does not
access or modify the hard drive, unless you run the installation or
the tools.
You can run the following tools at the system recover options screen:
Startup Repair: this tool automatically runs a series of checks and
attempts to repair almost any boot problem so that Windows can start
properly. It can repair a corrupted registry using a backup copy on the
hard drive, restore critical system and driver files, roll back any nonworking drivers, uninstall incompatible service packs and patches, run
chkdsk, write a new boot sector, repair the MBR and run a memory test
on RAM.
System Restore: this tool allows you to apply a snapshot or restore
point of the system at a point in time so that you can return your
system to a previous working state. This is similar to how you can apply
a restore point from within Windows or within safe mode, but if you use
system restore in safe mode, you cannot undo the restore operation.
System Image Recovery (Windows 7) or Windows Complete PC
Restore (Windows Vista): if you created a system image and have a
drive containing the image plugged in, you can use this tool to apply the
image to the system to restore it.
Windows Memory Diagnostic: use this tool to run thorough tests on
RAM. It will open the same diagnostic tool that you can start from within
Windows.
Command Prompt: this provides access to a Windows RE Command
Prompt. It includes troubleshooting commands such as bootrec and
bcdedit, but it does not include some of the normal command prompt
commands (although it does include the important ones).
Page 844 of 1229
Note
The System Repair option will repair most problems on Windows

Vista/7 with very little interaction from you. To repair other
problems affecting the MBR, boot sector, or BCD, use the Windows
RE Command Prompt.
10.3.1.4 Other advanced boot menu options

Enable Boot Logging: if you see Windows start, but it does not finish
starting normally or restarts automatically, or Windows does not start
and you want to know what device driver or process is preventing it
from working, then one way to identify the problem is by enabling boot
logging. This option starts the system with all its normal drivers and
settings and logs the activity of the boot process in a file called
Ntbtlog.txt in the C:\Windows folder. You can restart the system and
open the log file by browsing to the C:\Windows\Ntbtlog.txt file or
entering the notepad c:\windows\ntbtlog.txt command from the
command prompt to determine what driver file loaded last. See Figure
10.7. You can then update the problematic driver or disable problematic
devices or services.
Figure 10.7 ntbtlog.txt file sample
Enable Low-Resolution Video (Windows Vista/7) or Enable VGA

Mode (Windows XP): this option starts Windows using the current VGA
video driver and using low resolution and refresh rate settings. Choose
this if Windows will not start after installing a different video driver or
monitor or if the current video driver is configured incorrectly and you
need to reconfigure the Display settings in the Windows GUI. Do not use
safe mode as it uses the basic video driver and you would not be able to
modify the settings for the regular video driver, so safe mode will not
help.
Disable Driver Signature Enforcement: Windows Vista/7 require
drivers to have a Microsoft digital signature. If you need to bypass this
requirement when testing new drivers for example, you can select this
option and restart the system to do so.
Disable Automatic Restart on System Failure: Choose this option
only if Windows is stuck in a loop where Windows fails, attempts to
restart, and fails again repeatedly. This option stops the system from
rebooting on the error and gives you time to read and write down the
error information shown onscreen and hopefully fix it.
Page 845 of 1229
Directory Services Restore Mode: this option is used to restore

Active Directory on Windows Servers functioning as domain controllers.
Even though it is listed, it is not used on desktop systems.
Debugging Mode: this is an advanced troubleshooting mode that
enables advanced users to use a debug program to troubleshoot
advanced software problems.
Start Windows Normally: use this to boot to regular Windows.
10.3.1.5 Msconfig and Advanced Boot Options

Figure 10.8 shows System Configuration (msconfig) tool opened with the
Boot tab selected. You can select the option on this tab to force a system to
boot into one of the safe modes.
Figure 10.8 Boot tab of System Configuration

Note
Selecting an option to boot into one of the safe modes forces the
system to boot into that safe mode every time until the setting is
changed back.
All but one of the settings in the Boot Options area of the Boot tab directly
relate to menu items in the Advanced Boot Options menu:
Safe boot minimal: same as Safe Mode.

Safe boot alternate shell: same as Safe Mode With Command Prompt.
Safe boot Active Directory repair: same as Directory Services
Restore Mode.
Safe boot network: same as Safe Mode With Networking.
No GUI boot: starts Windows without displaying the Logon screen. This
option is not available on the Advanced Boot Options menu.
Boot log: same as Enable Boot Logging.
Base Video: same as Enable Low-Resolution Video.
OS boot information: shows the same information that is logged in the
Ntbtlog.txt file if Boot Log or Enable Boot Logging is selected.
Page 846 of 1229
10.3.2 System recovery tools

If a simple fix to a problem such as LKG does not work and you cannot boot
to the Windows logon screen, first try booting into safe mode. If you can
boot into safe mode, then you know the problem is with a particular driver
or service. If you cannot boot into safe mode, then something is wrong
later on in the OS load process. If the system will not boot at all, then you
need to perform a repair process. The best option is System Restore.
10.3.2.1 System Restore
System Protection includes a very important tool called System Restore.
System Restore enables you to take a snapshot copy of a number of critical
system files and settings of a working system at a point in time so that you
can return the system when it fails back to a working state later on. For
example, if you install an application, update or other software and
hardware that that makes a change to the registry, and find that the
change is causing problems with the system, you can use System Restore
to undo the changes by applying the previously created restore point
(snapshot) to the system. System Restore can uninstall applications, roll
back drivers and remove Windows Updates all at the same time.
To create a restore point in Windows Vista/7:
1. Right-click Computer and select Properties.
2. Click the System Protection link. This displays the System
Protection tab of the System Properties dialog box, as shown on the
left in Figure 10.9.
3. Click the Create button. This opens the System Protection dialog box.
4. Enter a name for the restore point and click Create. Alternatively, you
can go to Start > All Programs > Accessories > System Tools
System Restore to create a restore point.
To view restore points, click the System Restore button and click Next to
access the System Restore dialog box shown on the right in Figure 10.9.
Figure 10.9 System Restore

Page 847 of 1229
Windows shows both recent and automatic restore points that you can
choose from. If you want to view more options, select Show More
Restore Points. By default, the Task Scheduler tool in Windows
automatically creates restore points periodically and before a certain event
has taken place, for example, before an application is installed or a
Windows or driver update is applied. However, it is recommended that you
create a restore point before making changes that might not trigger an
automatic restore point, such as when directly editing the registry or
making another system configuration change.
In Windows XP, you can create restore points and access and restore them
by clicking Start > All Programs > Accessories > System Tools, and
selecting System Restore.
System Restore is turned on by default and uses some disk space to save
information on restore points. To turn System Restore off or change how
much disk space it uses, in Windows XP, open the System Properties
applet in Control Panel and select the System Restore tab. In Windows
Vista/7, right-click Computer and select Properties, and then click the
System protection link. On the System Protection tab, click the
Configure button.
Note
If System Restore is not available, it might be turned off. There

are several reasons why it may be turned off: for example, if the
system was scanned recently for viruses. Be wary of System
Restore when fighting a virus or malware infection. If a restore
point is created while the system is infected, the system could be
re-infected if you go back to that restore point.
System Restore does not affect any user files, such as documents or
pictures, when a restore point is applied. It restores only system files,
applications and drivers. However, when restore points are created, they do
save previous versions of files that can be restored by using the Shadow
Copy Previous Versions feature. Also, System Restore will not usually reset
passwords, but it will reset the password to what it was when the restore
point was created. This is very useful in that it enables you to recover from
a forgotten password.
To restore the system to a previous point, start the System Restore
Wizard by choosing Start > All Programs > Accessories > System
Tools > System Restore. You can also run the System Restore tool
(rstrui) from the installation media or by selecting the Repair Your
Computer option from the Advanced Boot Options menu on startup, as
Page 848 of 1229
Figure 10.10 Choosing a restore point to restore the system

Note
System Restore should not be the first step you try when
troubleshooting a system. Simply rebooting is known to fix many
issues and LKG is a good option.
If system restore does not work, they you need to go to a backup (if you
made one that is). The next few sections explore the different backup
methods available in the different operating systems.
10.3.2.2 Automated System Recovery (ASR) for Windows XP
ASR is a recovery option in Windows XP that recovers the system
configuration to a point in time. It is intended as a last resort after trying
Last Known Good Configuration, rolling back drivers, troubleshooting in
safe mode and using previous restore points. ASR includes two steps:
Step 1: ASR backup involves creating a large file that includes the
boot and system volume, system state information (registry and boot
and system files), and application and user data and copying it to
backup storage media. ASR will not back up extra partitions or drives.
You also need a blank ASR floppy disk that stores information critical to
the restoration process. You can create an ASR backup from the
Windows XP backup utility (ntbackup) by choosing the Automated
System Recovery Wizard from the Advanced Mode option.
Step 2: ASR restore to recover from a catastrophic failure using
ASR, boot to the Windows XP installation disc and press <F2> when
asked to run ASR. Insert the ASR floppy disk when asked and follow the
instructions on the screen. ASR will format the boot and system
partition(s) and perform a mini-installation of devices, drivers and other
basic configurations. After a few moments, the ASR Recovery wizard will
ask you for the location of the backup file you made. Select it and the
restoration process will complete.
Note
Emergency Repair Disk (ERD) is a tool that was phased out with
Windows 2000. It was a much simpler version of Windows XPs
ASR that backed up critical system and boot files.
Page 849 of 1229
10.3.2.3 Recovery images and repair disks in Windows Vista/7

Windows Vista/7 allow you to make a complete backup of the entire
system, including the OS, system configuration, all applications and user
data to a file called an image. This image is also called a system or backup
image. It is easy to create an image, but you will need a backup device
such as a removable hard drive with lots of space to store the image. You
will also need to keep the image up to date or create a new image.
You can create an image by opening the Backup and Restore (Center)
applet in Control Panel. From there, you can:
1. Click the Back up computer button in Windows Vista.
2. Select Create A System Image in Windows 7. See Figure 10.11.
Figure 10.11 Creating a system image

3. You will be asked to select the backup device and give the image a
name.
Note
This is different than using images to deploy a new installation,

which does not include user data. A recovery image from the OS
includes everything.
To use the image to recover the system after a catastrophe, complete the
following steps:
1. Use the Backup and Restore (Center) applet in Control Panel if you
can log into Windows.
Page 850 of 1229
2. If you cannot start Windows, then boot to the installation disc and
choose the repair option or use the repair option in the Advanced
Options boot menu. Select the System Image Recovery (Windows 7)
or Windows Complete PC Restore (Windows Vista) option and follow
the instructions on-screen to re-image the system. See Figure 10.12.
Figure 10.12 Using a recovery image to restore the system

Vendors might provide repair disks or tools that provide the capability of
recovering the system or restoring it to the factory configuration. For every
version of Windows, you can also use third-party tools such as Norton
Ghost or Acronis to create OS images, but remember, the image needs to
be created before the disaster occurs.
Note
You can use Backup and Restore applet in Windows 7 to create a

system image and a system repair disc.
10.3.3 Command prompt recovery tools

If Safe Mode, LKG and System Restore do not work and you cannot restore
from a system backup, you might be able to solve the problem from the
command prompt.
10.3.3.1 Boot repair disks
If you find yourself with a Windows XP system that will not boot because of
corrupted or missing boot files, but the system files are still intact, you can
fix the problem by using a boot disk to boot the system so that you can
replace the corrupted or missing files.
To create a boot disk, format it as a system (bootable) disk with Windows
XP and copy the following core boot files over to the disk.
NTLDR
NTDETECT.COM
BOOT.INI
NTBOOTDD.SYS (if it exists)
This disk can then take the place of a corrupted boot sector and you can
use it to replace the missing or corrupt boot files. You cannot use it to solve
other problems.
Page 851 of 1229
10.3.3.2 Recovery Console in Windows XP

In Windows XP, the boot troubleshooting command prompt is called
recovery console. You can use the recovery console to run disk and
volume tests, make configuration changes, disable problematic services,
replace drivers and run commands that repair problems with the MBR, boot
sector and BOOT.INI files. The recovery console is not available by default
in Windows XP, but there are two ways to run it:
Boot to the Windows XP installation disc and run the Recovery
Console as follows:
1. Boot the system to the Windows XP installation disc.
2. When the blue setup screen appears, press <R> to start the Recovery
Console.
3. Log into the Recovery Console by selecting the installation to log into
(normally 1) and press <Enter>.
4. Type in the Administrator password for the OS and press <Enter>.
Install the recovery console on the hard drive and boot to it from
the OS boot menu. It will only appear if boot files are intact. To
install and use the recovery console:
1. Log into Windows XP.
2. Insert the Windows XP installation disc into an optical drive. Take note
of the drive letter assigned to the optical drive.
3. Start the command prompt or Run dialog box and enter the following
command using the drive letter assigned to the disc. The example
assumes the letter D was assigned.
d:\i386\winnt32.exe /cmdcons
4. You will see a dialog box asking whether you want to install the recovery
console.
5. Click Yes.
6. When the installation completes, click OK.
When you restart the system, you will see Microsoft Windows Recovery
Console listed as a boot option on a multi-boot menu similar to the screen
on the left in Figure 10.13.
Figure 10.13 Starting the recovery console

When logged in, you will end up with an interface that looks like the
Windows command prompt with a blinking cursor after C:\WINDOWS>,
similar to the screen on the right in Figure 10.13, waiting for you to enter a
command.
Page 852 of 1229
You can run commands such as attrib, cd, chkdsk, copy, del, dir,
diskpart, format, md, mkdir, rd, rmdir, disable and enable (for
services), listsvc (to see a list of services and drivers on the system) and
many more important ones from the Recovery Console. To learn more
about individual commands, their syntax and switches, use the help system
(/?). The command syntax is different under recovery console.
You should understand the following three important boot troubleshooting
commands when working at the recovery console:
fixboot writes a new boot sector for a partition.

fixmbr repairs the master boot record for a drive.
bootcfg /rebuild scans the disk for bootable operating systems and
can add them to or rebuild the BOOT.INI file.
Note
When using the recovery console, you will only be able to access
the root folder, %SystemRoot% (Windows) folder and its
subfolders, the cmdcons folder and removable drives. You will not
be able to access user data files.
To exit the recovery console, type exit and press <Enter> and then
restart the system.
10.3.3.3 Windows Vista/7 RE command prompt
In Windows Vista/7, the boot troubleshooting command prompt is called
Windows RE command prompt.
The Windows RE command prompt functions similarly to the regular
Windows command prompt with all the most important regular commands,
but includes a few additional diagnostic commands that you will not find in
the regular command prompt. You can start the Windows RE Command
Prompt on a Windows Vista/7 system as follows:
1. Start the system and press <F8> to access the Advanced Boot
Options menu.
2. Select Repair Your Computer to access System Recovery Options.
3. Select Command Prompt to access the Windows RE Command Prompt.
The most important command to know for recovery is the bootrec (boot
recovery) command. You can run bootrec with the following key switches:
bootrec /fixboot rebuilds the boot sector for the active system
partition.
bootrec /fixmbr repairs the MBR by rebuilding it for the system
partition.
bootrec /rebuildbcd scans disks to locate bootable operating
systems and re-creates the BCD file or store similarly to how bootcfg
/rebuild re-creates the BOOT.INI file in Windows XP.
bootrec /scanos scans the system looking for operating systems not
in the BCD.
Page 853 of 1229
10.3.4 Troubleshooting boot problems

There are various reasons why a system will not boot. If it is not a problem
with hardware, then it is typically an OS-related error such as a missing or
corrupt file that can be replaced from the source or from a repair disk. In
such cases, you will usually get some type of message onscreen that can
help you to troubleshoot the problem. This section lists many of the
symptoms you might see when troubleshooting boot problems and the
solutions you can take to resolve them.
10.3.4.1 Invalid boot disk
An Invalid boot disk error indicates the system is trying to boot a hard disk
that does not have boot files on it. It points to a hardware or CMOS issue.
Table 10.1 lists its causes and solutions.
Table 10.1 Invalid boot disk causes and solution
Cause
Solution
A floppy disk with no boot files is in Remove floppy disk.
the floppy drive.
The BIOS is set to boot to USB first. Change the boot priority in CMOS
Setup or make sure that USB is
set as the bootable drive for OS
installation.
The boot order in CMOS Setup is Change the boot settings to point
missing the disk or drive where boot to the drive with the bootable OS
files are located.
(C:\drive).
A non-bootable disc is in the optical Make sure there is no disc in the
drive.
optical drive or insert a bootable
disc.
The connection between the hard Check connections.
drive and the motherboard is loose.
If a message occurs a few times Make sure BIOS can see the
when starting, the hard disk might device, try Startup Repair, or
be failing or the BIOS cannot detect replace hard disk.
the drive.
10.3.4.2 Operating System Not Found/Missing OS
Table 10.2 lists the causes and solutions to an Operating System Not Found
or Missing Operating System error.
Page 854 of 1229
Table 10.2 Operating System not found/missing causes and

solution
Cause
Hard disk does not report the
location of OS loader and could be
faulty.
BIOS cannot detect hard disk.
BIOS
detects
hard
disk,
but
Windows does not boot. Indicates a
problem with the disks MBR.
USB drive is plugged in at boot time
and set to a higher boot priority
than hard disk.
Solution
Run disk diagnostics first and then
run
chkdsk
from
recovery
console/WinRE command prompt
or run Startup Repair.
Make sure drive is correctly
identified in CMOS Setup or reset
them to the default.
Use fixmbr command at recovery
console or Startup repair or
bootrec
/fixmbr
at
WinRE
command prompt.
Unplug USB drive and change boot
order settings in CMOS Setup to
boot to hard disk.
10.3.4.3 Improper shutdowns/ spontaneous shutdowns or restarts

All operating systems must be shut down properly so that files can be
closed and processes can be ended properly. When Windows is not shut
down properly, you will see the Windows Error Recovery menu the next
time the system boots and you will be given 30 seconds to make a choice
between safe mode and boot normally before the default action of Start
Windows Normally is automatically selected. See Figure 10.14.
Figure 10.14 Windows Error Recovery menu

Note
When Windows finds a file system error for a drive such as when it
is shut down improperly, it flags that drive as a dirty bit or volume.
The next time the system reboots but before Windows loads, the
autochk disk checking program automatically runs to correct
errors in the file system.
Page 855 of 1229
You have a few choices when an improper or spontaneous shutdown

occurs or reoccurs:
If an improper shutdown happens once or appears to be random, such
as with a power failure or a user inadvertently unplugging the system,
you can often ignore this menu by selecting Start Windows Normally to
continue to boot in Windows. However a best practice is to boot into
safe mode and perform a shut down/restart from the Windows desktop.
If there are no serious problems, the system will restart correctly.
If an improper or spontaneous shutdown happens more than once or
reoccurs or you believe that there is a serious issue, you need to do
some troubleshooting. It might be a more serious problem caused by
many things, including power issues, hardware failure, startup
programs or services or malware infections. Some of the methods you
can use to troubleshoot these issues include:
o Check Event Viewer: look for any events in the System log that
point to hardware failures, service failures and so on.
o Use Msconfig: select Selective Startup and Load startup items
on the General tab. To determine if the issue is with the services
provided by all third-party programs, select the Services tab, click
Hide All Microsoft Services, and then click Disable All. Restart
the system and see if the same issues re-appear or if events are still
written to the Event Viewer. You can also re-enable services and
programs individually to determine which service or program is
causing issues. Remember to restore Normal startup in Msconfig
when finished troubleshooting.
o Boot into Safe Mode: further investigate the problem. If it is a
driver issue, you might be able to find out about it in Safe Mode.
o Run a virus scan: use up-to-date anti-virus software to scan the
system.
o Check power: make sure the AC outlet is supplying clean power.
Make sure the power plug is plugged into the wall outlet and system
firmly. If necessary, you might have to check the power supply
voltages. Unexplainable shutdowns and shutdowns that stop and
start at irregular intervals can sometimes be linked to the power
supply or other hardware failures.
The following are additional possible causes and solutions to spontaneous
shutdowns, but more particularly to spontaneous restarts:
Virus infection: run antivirus software to check it. You might need to
run sfc/scannow to repair system files.
Faulty RAM: run memory diagnostics to check RAM.
Faulty power supply: check the power supply voltages to ensure they
are correct.
10.3.4.4 Missing GUI/GUI fails to load

If Windows boots but the logon screen does not appear or the desktop does
not load after logging in, the most likely cause of this is malware, corrupt
or missing drivers or other system files, or registry problems.
Page 856 of 1229
You can take the following actions to correct this:
If the system boots to the GUI in Safe Mode, replace the video driver.
If the system cannot boot to the GUI at all, use a backup to repair or
recover the Windows installation.
If the boot settings have been changed on the Boot tab of msconfig,
then change them back to their proper settings.
If the missing GUI is registry-related, attempt a System Repair from the
Windows installation disc or if possible, restore a backup copy of the
registry.
Note
Several issues can cause the GUI to fail to load. Bugs in drivers or
registry problems and even auto-loading programs can cause
Windows to hang during the GUI-loading phase. The first step to
troubleshooting these issues is to use one of the Advanced Boot
Options to try get past the hanging point and into Windows. If the
GUI files are corrupted for what is called a Missing Graphical
Interface problem, your only choices are to restore from a backup
or rebuild from the installation disc.
10.3.4.5 Bluescreen errors

If Windows experiences a critical system error that it cannot resolve, such
as those caused by faulty hardware or drivers, it stops and shows a Blue
Screen (of Death or BSoD) with a STOP error. Sometimes a black screen
is shown instead of a blue screen and the error can occur when Windows
starts or while it is running. Stop errors start with 0x (read as
hexadecimal) followed by a string of zeros and a number, as shown by the
white arrow in Figure 10.15. For example, the stop error of 0x0000007B
(read as hex 7B or 0x7b) might refer to an inaccessible boot device error
and this then indicates a problem with the hard drive.
Figure 10.15 A STOP (BSoD) error

There might be another reason for the 7B error, but the important point is
that you now have the information to troubleshoot the system. Sometimes
the STOP error will provide more information, such as the name of the
error and the file that caused the error, as shown by the two white arrows
in Figure 10.16, and a suggested action.
Page 857 of 1229
Figure 10.16 A STOP (BSOD) error showing name and text

A knowledgeable technician reads the error to find out what the problem is
and investigates it further from there. For example, you can search the
code 0x0000007B or text inaccessible boot device online at
support.microsoft.com/search or at third-party websites to find out what
the problem is and how to fix it. You might find that a knowledge base (KB)
article describes the problem and includes an easy-to-follow solution.
Blue screen errors can be caused by any of the following:
Incompatible or faulty hardware or software: depending on the

problem, remove recently added hardware and uninstall its driver, or
uninstall recently installed software and download updates before
testing and re-installing hardware, drivers and software. Check seating
of hardware components and cables. Use LKG or System Restore to
restore the system. Test memory or exchange it if faulty. Run sfc
/scannow to check problems with system files, chkdsk for disk errors,
and other hardware diagnostic software.
Registry problems run LKG.
Viruses scan for viruses and remove them.
Other causes: check System log in Event Viewer. Research BSoD error
online.
If the system stops without displaying any kind of error message onscreen,
it is most likely a problem with the CPU or power.
10.3.4.6 Windows XP boot errors and failures
If the NTLDR, BOOT.INI, NTDETECT.COM or NTOSKRNL.EXE files are
corrupted or missing, you will see the corresponding error message listed in
Table 10.3. The table also describes the causes of and the solutions to the
error.
Page 858 of 1229
Table 10.3 Windows XP boot errors, causes and solutions

Error message
NTDETECT failed
NTLDR is missing or
bad
Invalid boot.ini
Windows could not
start
Hal.dll is missing or
corrupt
Ntoskrnl.exe
missing
is
Cause and solution

NTDETECT.COM file is missing. Within the
recovery console, copy the file from the
Windows XP installation disc using the following
command (replace d: with optical drive letter)
and restart system:
copy d:\i386\ntdetect.com c:\
NTLDR file is missing or corrupted. Restore the
file from within recovery console and copy the
file from the Windows XP installation disc using
the following command (replace d: with optical
drive letter) and restart system:
copy d:\i386\ntldr c:\
BOOT.INI file is missing, corrupted or has invalid
entries pointing to the wrong location. The file
might need to be modified or re-created. Use
Notepad if you know the correct settings to
modify it, or you can rebuild the file by running
the following command from the recovery
console:
bootcfg /rebuild
This command scans the system for bootable
operating systems and automatically creates the
BOOT.INI file with the proper settings.
Ntoskrnl.exe file is missing. This can be fixed by
repairing or re-creating the BOOT.INI file, or reinstalling the file from the installation disc. The
file is a compressed file on the disc and you will
need to run the expand command from the
recovery console. For details, see:
support.microsoft.com/kb/314477/
Some of these errors indicate that the system is trying to boot from a nonbootable disk. They indicate that there is a problem with either the files or
that BIOS is not configured correctly. Verify the boot order in CMOS Setup.
Ensure that the system is not trying to boot to media without an OS (such
as a CD or DVD). You can also remove any CDs or DVDs from the drives.
Additional steps you can take to fix Missing NTLDR or Missing boot.ini
errors include:
Run the recovery console as the administrator from the Windows XP

installation disc or from the boot menu if installed and accessible. Run
the following command first to view information about the drives on the
system and the parameters you will need to use:
map
Page 859 of 1229
Fix the boot sector. If the active partition has a corrupted boot sector,
it might not be able to locate the NTLDR file. Run the following
command to repair the boot sector:
fixboot x
(Substitute x with the driver letter of the partition containing the boot
sector you want to repair)
Fix the MBR. The MBR might be corrupted, causing this error. Run the
following command to fix the MBR:
fixmbr device
(Substitute device with the device parameters you obtained from the
map command to repair it. For example, fixmbr \Device\Harddisk0)
If a Windows XP system is failing to boot with a catastrophic error message

shown on the screen, you have a three-level process to get the system
back up and running.
First step repair: use commands at the recovery console to either fix
the master boot record, replace missing or bad boot files or rebuild the
boot.ini file, depending on what the problem is.
Second step restore: if the repair fails, attempt to restore from a
backup copy of Windows using ASR.
Third step rebuild: if a restore is not available or fails, rebuild the
system by rebooting to the Windows installation disc and install on top
of the existing OS (repair installation) or use a recovery OEM disc or
partition if available. To avoid losing important data though, it is better
to swap the C: drive for a blank hard drive and install a clean version of
Windows on the blank drive.
Note
You will lose data at the restore and rebuild steps, so you definitely
want to spend a lot of time and energy on the repair step first.
10.3.4.7 Windows Vista/7 boot errors

Boot errors in a Windows Vista/7 system can be caused by problems with
the boot sector or MBR, a damaged or missing BCD file, or a missing
bootmgr entry in the BCD store. Two critical boot files risk corruption in
Windows Vista/7, bootmgr and bcd, both of which can be fixed using the
tools in Windows RE.
If boot sector information is missing, a disk does not have an active
partition, or there is a problem with the MBR, you might see any of the
following errors:
Error loading operating system

Missing operating system
Invalid partition table
Page 860 of 1229
Note
These errors are also described generically as the graphical

interface fails to load or the graphical interface is missing.
Errors that indicate a problem with the boot sector (or that the system is
trying to boot from the wrong disk) include:
Non-system disk or disk error

Invalid boot disk
Disk boot failure
No boot device present (usually indicates a bad boot sector)
A problem with the MBR or boot sector can give any of the following errors:
Bootmgr not found

Bootmgr is missing
If there is no bootmrg entry in the BCD store or the Boot\BCD file on the
active partition is damaged or missing, the following error message will be
shown:
The Windows Boot Configuration Data file is missing required

information.
The solution to all of these errors is summarised as follows:
Verify boot order in CMOS Setup and ensure that the system is booting
from the correct media.
Repair a missing BOOTMGR file.
Repair or replace the BCD.
Fix the boot sector.
Fix the MBR.
There are two ways to repair a missing BOOTMGR file:

Options menu. Select Repair Your Computer to access System
Recovery Options. Run the Startup Repair tool. This should
automatically repair the system and ask you to restart it. If this does not
work, run the command in step 2.
2. Boot to the System Recover Options, and choose the Command Prompt
tool. In Windows RE command prompt, run the following command to
repair the boot sector, which also repairs the BOOTMGR file:
bootrec /fixboot
Page 861 of 1229
To repair the BCD store or rebuild it, you can use the following steps:
Options menu. Select Repair Your Computer to access System
Recovery Options. Run the Startup Repair tool. This should
automatically repair the system and ask you to restart it. If this does not
work, go to step 2.
2. Boot to the System Recover Options, and choose the Command Prompt
tool. In the Windows RE command prompt, run all the commands listed
in Table 10.4 to rebuild the BCD. The table contains explanations about
what each command does.
Table 10.4 rebuilding the BCD
Commands to run to rebuild Usage
BCD
bcdedit /export C:\backup_bcd
Creates a backup of the current
BCD if you later need to import
data from it. Replace export with
import to import BCD copy.
c:
Windows RE boots into the hidden
100-MB system partition and
identifies it as C within Windows
RE.
cd boot
The BCD file is in the boot folder of
this partition.
attrib bcd -s -h -r
Removes the system, hidden and
read-only attributes of the BCD file
so that it can be renamed.
ren c:\boot\bcd bcd.old
Renames the file as Bcd.old in case
you need the original file later.
bootrec /rebuildbcd
Creates a new BCD for the system.
You
can
also
use
the
third-party
program
EasyBCD
from
neosmart.net/EasyBCD/ to configure and tweak the BSD. See Figure
10.17. This program provides more power and safety than bcdedit.
Figure 10.17 EasyBCD

Page 862 of 1229
If you need to repair the boot sector and/or the MBR on a Windows Vista/7
system, run the Startup Repair tool first. If this does not work, use the
following steps:
1. In Windows RE command prompt, run the following command to repair
the boot sector:
bootrec /fixboot
2. Run the following command to repair the MBR:
bootrec /fixmbr
If the records in the MBR or boot sector are damaged, resulting in the
following errors, it might be caused by malware, disk corruption or the user
installing too many operating systems in a multi-boot configuration.
OS not found
Invalid drive specification
If it is caused by malware, the best way of fixing these errors is by using

the boot disk option in the anti-virus software to create a recovery disc that
might detect the virus and remove it or run the repair options and
commands that come with the Windows installation disc.
Note
The fixboot and fixmbr commands are useful if a virus has

damaged the MBR or boot sector on Windows XP. The bootrec
/fixboot and bootrec/ fixmbr commands can repair similar
problems on Windows Vista/7 systems.
10.3.4.8 Startup and Recovery settings

The Startup and Recovery dialog box shown on the right in Figure 10.18
allows you to change how the Windows system boots and how it behaves
by default after experiencing a system failure. This dialog box looks very
similar between Windows XP, Windows Vista and Windows 7. Windows 7 is
selected as the default operating system and it will boot into Windows 7
after 30 seconds if no other OS is chosen on the boot menu. On a multiboot system, you can select a different operating system the system will
default to during boot by using the down arrow under Default operating
system.
Page 863 of 1229
Figure 10.18 Startup and Recovery in Windows 7

The System failure area indicates what Windows should do when a stop
error occurs. By default, it writes an event to the System log in Event
Viewer and automatically restarts after displaying the error. If you deselect
this Automatically restart check box, it will give you time to read the error
on the blue screen until you choose to restart the system.
It is also configured to write debugging information from memory to a file
that can be used for advanced troubleshooting with memory dump
debugging information.By default, this option is set to Kernel memory
dump and it will only write a portion of the contents of RAM to a file called
Memory.dmp in %SystemRoot%. You can change this to Small memory
dump (256), and it will create a file named %systemroot%\Minidump,
which can be read using an advanced command line tool called
Dumpchk.exe.
10.3.4.9 Automatic boots to safe mode
The most common reason why a system will automatically boot into safe
mode every time is because it is configured to do so in the System
Configuration (msconfig) tool. Check the settings on the Boot tab. The
other reason might be because malware has corrupted system files,
causing the system to boot into safe mode. Run up-to-date anti-virus
software from within Safe Mode to clean the system of malware.
10.3.4.10 Failure to boot
If the system will not boot, use the following task list to help you repair it:
Restart the system, which might resolve the problem.
Read the onscreen error for important clues.
Use LKG for recently changed hardware or drivers if you have not
logged on since.
Use Startup Repair to perform various checks.
Boot into Safe mode to perform repairs such as:
o Scan for viruses using antivirus software.
o Restore the system using System Restore.
Page 864 of 1229
o Verify system files by running sfc /scannow.

Use the appropriate Windows tools to fix the boot sector, MBR or boot
files.
Restore the system from an image after recovering user data from a
backup.
10.4 Troubleshooting the registry

Windows loads registry files every time the system boots. Registry errors
might show up as blue screens with errors like Registry File Failure or
Windows could not start. When this happens, you need to restore a good
copy of the registry from a backup. You can do this using the LKG boot
option, but if that does not work, you can restore an earlier version of the
registry through the Recovery Console in Windows XP or Windows RE
command prompt in Windows Vista/7.
In Windows XP, boot to the Windows installation disc, start the Recovery
Console and run each of the following commands to back up the existing
registry files to a temporary folder, delete the registry files at their existing
location, and then copy the registry files from a repair folder to the
System32\Config folder. When finished, a registry is created that you can
use to start Windows XP.
md tmp
copy c:\windows\system32\config\system c:\windows\tmp\system.bak
copy c:\windows\system32\config\software c:\windows\tmp\software.bak
copy c:\windows\system32\config\sam c:\windows\tmp\sam.bak
copy c:\windows\system32\config\security c:\windows\tmp\security.bak
copy c:\windows\system32\config\default c:\windows\tmp\default.bak
delete
delete
delete
delete
delete
copy
copy
copy
copy
copy
c:\windows\system32\config\system
c:\windows\system32\config\software
c:\windows\system32\config\sam
c:\windows\system32\config\security
c:\windows\system32\config\default
c:\windows\repair\system c:\windows\system32\config\system
c:\windows\repair\software c:\windows\system32\config\software
c:\windows\repair\sam c:\windows\system32\config\sam
c:\windows\repair\security c:\windows\system32\config\security
c:\windows\repair\default c:\windows\system32\config\default
In Windows Vista/7, the RegIdleBackup task runs every 10 days and

makes a backup of the registry in case you need to overwrite a corrupted
registry. Even though it is better to make your own regular backups of the
registry, at least the damage would be limited since Windows does it for
you automatically. You can find the backed-up registry files in:
\Windows\System32\config\RegBack
To replace the registry, boot to the Windows installation disc to access the
Windows RE command prompt, run the reg command to get to the reg
prompt. From there you can run many commands to deal with the registry.
Page 865 of 1229
The easiest command is copy. All you need to do is copy the backed-up
registry files from the RegBack location to where the main registry files are
(hint: move up one level in the tree to the \config folder).
10.5 Troubleshooting applications and Windows errors

The following sections describe some common troubleshooting tools you
can use within Windows to resolve application-, service- and file-related
problems.
10.5.1 Event Viewer

Applications can fail and the OS itself can also cause issues as well as
underperform, lock up, or cause other stop-start issues at irregular
intervals. One good tool for analysing the system is the Event Viewer. You
can use it to view events about the OS, applications, services, system and
security that Windows regularly records into different log files.
You can start Event Viewer in all Windows versions by clicking Start > All
Programs > Administrative Tools, or within the Computer
Management console, or by typing eventvwr.msc in the Run dialog box or
Search box (in Windows Vista/7). Although Event Viewer has been
enhanced in Windows Vista/7, making it much easier to understand and
use the information, the core functionality remains the same in all Windows
versions.
For example, Table 10.5 lists the three primary log files you will find in
each system that you should know about.
Table 10.5 Event Viewer log files
Log file
System log
Application
log
Security log
Description
Contains events specific to and logged by the OS, such
as service load failures, driver load failures, hardware
conflicts and so on.
Contains events logged specifically by applications, such
as application errors or virus scan start/stop status.
Application developers choose which events appear in
this log.
Contains events called audits, which record anything to
do with security and are described as failed or
successful. Examples include the number of logon
attempts, who tried to log on and who tried to access or
delete a file. Administrators choose which events to log.
Most of the audit records available to Windows are
turned off by default but can be turned on in
Administrative Tools > Local Security Policy.
Page 866 of 1229
In Windows Vista/7, these logs are inside a folder called Windows Logs
within Event Viewer, and in Windows XP they are directly within the Event
Viewer. By default, log files are given the .evtx extension and stored in
C:\windows\ system32\winevt\logs.
Figure 10.19 shows the Event Viewer opened in Windows 7. You can see
that Windows Logs is expanded in the left pane and the System log is
selected. The middle pane shows the events for the System log. By default,
the events are organised in the order in which they are recorded, but you
can reorganise them. For example, if you click the Level heading, it will
reorganise the display in alphabetical order, with Critical events list first,
then Error events, and so on.
Figure 10.19 Event Viewer in Windows 7
10.5.1.1 Event properties and levels

You can double-click any event to open its properties and see all of the
event information as shown in Figure 10.20.
Page 867 of 1229
Figure 10.20 Event Properties

Events are broken into types or levels so that you can determine how
serious the event is. Table 10.6 provides a description for the different
event levels.
Table 10.6 Event Viewer event levels
Event
Information
Warning
Error
Critical
Success
audit
Failure audit
Description
A blue i in a white circle. Indicates successful activities
have occurred, such as a driver or service started.
Investigate for informational purposes.
A black exclamation mark ! in a yellow triangle.
Indicates issues that can impact system operations or
result in a more serious problem, such as when the
system runs low on disk space, or installation did not
complete or a service timed out. Investigate now and
again.
An exclamation mark ! in a red circle in Windows
Vista/7 (a white X in Windows XP). Indicates a failure
or corruption that can impact the functionality of an
application or the OS, such as service failed to start or
device conflicts. Investigate right away.
A white X inside a red circle. Indicates an
unrecoverable error that caused the application or
Windows to close unexpectedly. Critical events often
result in a STOP error or system reboot. Investigate
right away.
A gold key. Indicates that the security event was
successful, such as an account was successfully logged
on or off.
A gold lock. Indicates that the security event was
unsuccessful, possibly a security breach or a user typing
an incorrect password. Investigate right away.
Page 868 of 1229
An event will also have a date and time when the event took place, the
process or activity that logged the event (source), the username, computer
name, event ID, the name of the log where the event was recorded, data in
bytes and words and a description of the event.
You can find more information about a specific error by either typing in the
error code/event ID for the event or typing the description into Microsoft
Help and Support website: support.microsoft.com.
You can use the Find command on the Action menu and Filter command
on the View menu to find and filter particular errors or levels.
10.5.1.2 Log properties
Event logs are configured as circular logs by default in that they record
data until they reach a maximum size. New events will overwrite older
events. You can right-click any log and select Properties to set its maximum
size and set other options as shown in Figure 10.21.
Figure 10.21 Event Log Properties
10.5.2 Error reporting tools

Windows error reporting is a tool first introduced in Windows XP that
gives the user the option to send information about system and application
crashes to Microsoft or its support department over the Internet. It is very
likely that if you have used computers for a long time, you have run into a
crash error that looks like the one shown in Figure 10.22.
Page 869 of 1229
Figure 10.22 Program has stopped working

The problem with this error and other similar ones is that, while it might
help Microsoft create fixes and release patches, it traditionally did not give
users solutions to help fix the problem. Windows Error Reporting was a
one-way tool until the Problem Reports and Solutions applet in Windows
Vista came along. This is a much more advanced two-way tool that gives
the developers at Microsoft a way to give users solutions with steps that
they can take to resolve the problem. You can access it directly within the
Classic view of the Control Panel.
Windows 7 replaces Problem Reports and Solutions with the Action Center
applet, which you can open by clicking its icon in the notification area or by
navigating to Start > Control Panel > System and Security > Action
Center. Action Center includes the same features as Security Center
found in previous Windows versions such as the ability to monitor key
security settings, but adds more improved features. The applet has two
sections called Security and Maintenance and it collects event messages,
warnings and maintenance messages from well-known tools such as Event
Viewer, Windows Update, Windows Firewall, and UAC and places them into
an easy-to-read one page format.
Figure 10.23 Action Center
Page 870 of 1229
Windows 7 also comes with a Troubleshooting applet that includes links

to several different troubleshooters as shown in Figure 10.24. Clicking on
the link starts the troubleshooter. A troubleshooter is a software wizard
that checks for common issues and can often resolve them with little user
interaction. From this applet you can have Windows troubleshoot program
and hardware issues, network and Internet connectivity problems, and
security issues.
Figure 10.24 Troubleshooting applet
10.5.3 Program crashes

Occasionally, a program is released sooner than it should and has errors in
its code that cause it to crash or even the OS to crash. Poorly written
programs or those with bugs can result in the system locking up or
spontaneously shutting down and restarting. Crashing can also be caused
by hardware and driver problems.
10.5.4 Recording troubleshooting steps

The Problem Steps Recorder is a troubleshooting and assistance tool in
Windows 7 that you can use to record your actions taken within the OS.
Once recorded, it can be sent to another person who can assist in the
troubleshooting. The tool takes screenshots of your actions and includes
those in the recording saved as a .mht file within a .zip folder. The folder
can be unzipped by the other person and the .mht file can be opened in a
web browser. This tool is useful for demonstrating how to perform a task or
to illustrate what actions were taken. See Figure 10.25.
To start the tool, type the following command in the Search box and press
<Enter>: psr.exe.
Page 871 of 1229
Figure 10.25 Problem Steps Recorder
10.5.5 Troubleshooting Windows Errors

The following sections look at the causes of some common Windows error
messages and what you can do to solve them.
10.5.5.1 Slow System Performance
If the system is running slowly, there could be many causes. The most
common causes and their solutions include:
Install the latest updates and drivers, which can help improve
performance.
Make sure there is enough disk space and RAM.
If the drive containing the page file and temporary files is nearly full or
badly fragmented, use disk cleanup to remove unwanted files, check the
drive for errors and defragment it.
Move the page file and temporary files to a second drive if available.
Make sure virtual memory is enabled.
A malware-infected system can slow the system down. Scan it using
anti-virus software.
Anti-virus software can affect performance. Try disabling scanning
temporarily or schedule scans to run when the system is not used.
Do not run more applications than the system can handle and close
some open applications if you need to; otherwise add more resources to
the system.
Check task manager for high CPU and RAM usage. Check with the
software vendor for known problems.
Page 872 of 1229
Use task manager, resource manager or performance monitor to

monitor resource usage. If the CPU, RAM, disk and network resources
are continually stretched, then upgrade each resource or the entire
system.
The more programs and services loaded at startup, the slower the
startup. Use msconfig to disable services and programs that are not
needed from running at startup.
Ensure the system is not working in a power saving state (CPU running
at reduced speed).
If the user has been closing sessions using sleep or hibernate, try
restarting the system.
Cases and case fans that are clogged or dirty can also cause the system
to slow down or even worse, fail. The easy solution is to clean the fan
along with the case, which can gather up dust.
10.5.5.2 Device fails to start

A device that fails to start will appear with an error icon in Device Manager
and The Device Cannot Start (code 10) error in its Properties page. Its
causes and solutions include:
The problem is usually an outdated or corrupted driver, so reinstall it.

Make sure the device and its driver are compatible with the OS and the
fault is not with the device.
Check that the device is plugged in properly and there are no damaged
cables/connectors.
Check for a resource conflict.
Check the System log in Event Viewer for any error messages.
10.5.5.3 Service Fails to Start

A number of services are started when Windows loads. If you see any
message about a service failing to start, know that it can be an easy or
difficult issue to solve.
Figure 10.26 Service not running error

Here are some of the causes and solutions to such a problem:
If a service critical to Windows does not start, the OS will tell you with
an error message as soon as it happens. If a service that is less than
critical to Windows fails to start, the OS usually waits until you run a
program that needs that service before it shows the message.
Page 873 of 1229
A good place to check for problems with services is the System log in
the Event Viewer.
Another good place to check is the Services console. Make sure that the
Startup Type for the service is set to Automatic so that it starts
automatically; otherwise set it to Manual if the service becomes stuck
and fails to run at startup or Automatic (delayed start) if the service
does not have to start immediately but only after every other service
has started at boot.
A service might not start when the hardware used by the service is not
available. For example, a wireless network configuration will not work if
a wireless adapter is not installed.
Some services depend on other services to run and if a service is not
running, it might prevent the other services that depend on it from
running or from working correctly. Investigate service dependencies in
the Services console.
Services must interact with the OS and network and must have the
appropriate account permissions to do so. Make sure the service is
associated with a valid user or system account and the password for the
account is correct.
For a critical Windows service failure, check system files and scan the
disk for errors and malware.
For an application service failure, use the Properties box for the service
in the Services console to find the path and filename to the executable
program. Then use Windows Explorer to make sure the file is not
missing or corrupt. Also try reinstalling the application that uses the
service.
You might be able to re-register the software component that the
service relies on by using the regsvr32 command.
Check msconfig to see if the service is disabled. Sometimes software
uninstall routines leave behind registry entries and startup shortcuts
called orphans, which can appear as blank entries in the Startup tab of
msconfig. Use msconfig and regedit to look for and manually remove
orphaned items properly.
If you enable or disable a service and you encounter a problem starting
the system, you can boot in Safe Mode and change the service
configuration or restore the default configuration.
10.5.5.4 Missing DLL messages

A Dynamic Link Library (DLL) is a binary file that contains programming
code that several different programs and other DLLs can call upon to
perform some function. This way, multiple programs can use and share the
executable functions programmed into the DLL file. Windows includes many
DLL (.dll) files that almost every Windows program uses. Third-party .exe
programs also use them. Windows protects all critical shared DLL files very
carefully by keeping multiple versions of them in an attempt to prevent a
problem called DLL hell where a program tries to install a newer or older
version of a DLL without checking what other programs depend on it and
therefore cause issues with those other programs.
Page 874 of 1229
If Windows or an application tries to access a DLL and it is corrupted,

missing, changed or renamed (or damaged by malware), you might see a
DLL missing error like A required .DLL file (name.dll) could not be found
or Error loading xxxx.DLL. Although rare, the core system files that make
up Windows itself might become corrupted, preventing Windows from
starting properly. In these cases, you can run the sfc /scannow command
to scan all protected DLL files and attempt to repair them, including the
ever-important DLL cache. You can also use the sfc /scanfile command
to repair a specific DLL.
Figure 10.27 Missing dll error

If you see the error when you run an application, it is possible that the DLL
is specific to the application. In that case, reinstall the application or use
System Restore to change the system back to a restore point before the
problem occurred.
Normally, when an application is installed, it enters the DLL entry into the
Registry automatically through a process called registration. In some rare
cases, you might need to manually register the DLL so that the OS can use
it. To register and unregister (/u) DLLs, you can run the regsvr32.exe
command as follows (where file_name is name of the DLL file):
regsvr32 file_name.dll
regsvr32 /u file_name.dll
Note
The command located in %SystemRoot%\System32\regsvr32.exe

is called by default and used with 64-bit DLLs. The command
located in %SystemRoot%\SysWOW64\regsvr32.exe is used with
32-bit DLLs.
If you need to troubleshoot OLEs such DLL files or ActiveX (.ocx) controls
(for example, ones that work with Internet Explorer), they can also be
manipulated with the regsvr32 command.
Note
Downloading and installing system DLLs from the Internet is not

recommended, as they might be infected with malware.
Page 875 of 1229
10.5.5.5 File Fails to Open

When a file cannot be opened, the possible causes and solutions include:
Unknown extension: if a file has an unknown extension, the OS will

not know what application to open it with. You can change the
association from within Windows Explorer by right-clicking the file and
selecting Open With > Choose default program. Browse to the
correct application and select it. You can also see and change file
associations as follows:
o In Windows XP, select the File Types tab in the Folder Options
dialog box.
o In Windows Vista/7, start the Default Programs applet in Control
Panel and click Associate A File Type or Protocol With A
Program.
Shortcut fails to open: make sure the target of the shortcut is
available, or the application the shortcut is pointing to is not installed.
Access Denied: the user does not have the correct permissions to open
the file. Change the files security permissions to include the user
account or add the user account to the appropriate security group.
Malware infection: the file might be infected with a virus. Scan the
system with antivirus software.
File corruption: if you cannot open a file even after trying every other
means including searching for solutions online, it might be corrupted.
The best thing you can do is restore the file from a backup.
10.5.5.6 Compatibility errors

A compatibility error is usually associated with a program that is not
compatible with the OS. In some cases, an incompatible program will give
an error, similar to the one shown in Figure 10.28, but more often than
not, it will just fail to start. You can check the Application log in the Event
Viewer to further investigate the issue. The best solution though is to use
the Compatibility tab of the program or the Compatibility Wizard by
right-clicking the programs shortcut or executable file for help. If you want
to be really careful, do a web search on your program before you try to run
it.
Figure 10.28 Program incompatibility notification
Page 876 of 1229
10.6 Troubleshooting system components

When solving problems with hardware or software, look for the easy
solutions first:
Find out if the system has been changed in any way.

First determine if hardware is the problem.
Try one thing at a time.
Make sure user data is backed up before starting.
10.6.1 Hardware symptoms

There are several things you can look for without having to open the
systems chassis (or that result in you having to look into the chassis):
Indicator light: tells you the state of the component (e.g. has power
and switched on, is reading/writing data, sending packets; or does not
have power). For example:
o Hard drive: if its light flickers periodically, it indicates normal
read/write activity. If the light is solid for long periods (without
flickering), it might indicate a problem (especially if no processing is
going on).
o Network adapter: it can have one or more lights to indicate network
activity and other information such as connection speed.
Alerts: most computer systems have internal systems that monitor

conditions like temperature and can detect problems and display an
alert on the local system through diagnostic software or to a network
management system. The OS can also sometimes detect a hardware
failure and tell you about it via an alert.
Overheating: Make sure the fans on a hot system are working properly
and not clogged with dirt or dust. Burning smells or other odours or
smoke indicate something is overheating often to a point where it is too
late to save the component. Shut down the system and unplug it
immediately and investigate. Check the vendor documentation to see if
the system is working within acceptable limits. Heat problems can cause
symptoms like spontaneous reboots, bluescreens, lockups and so on.
These symptoms will typically be cyclic in that if you turn off the
system, let it cool down, turn it back on again and let it run long
enough to build up heat, the symptom reappears.
Loud noise: learn to distinguish between healthy and unhealthy

noises for each component. Loud and unusual noises indicate that a
component such as a fan or hard drive might be failing or something is
brushing up against a fan. Check both the hardware and the software
driver that controls the component, such as a fan, as it might be
configured to run faster than it should.
Page 877 of 1229
A hard disk that makes a whirring whine when first spinning up and a
chattering noise when written to are normal sounds, but clicking,
squealing, loud noises, or continual noises can all point to a problem.
Newer drive models make very little noise. You might be able to
optimise disk performance in CMOS Setup to reduce noise.
Visible damage: learn to look for a liquid spillage or a dirty or dusty

component and physical damage to the computer case (dents and
cracks). For a peripheral device, inspect its cable, pins (if bent or
broken) and connectors for damage and dirt. Physical damage to
components inside the case is only really likely if the case was moved,
knocked or dropped.
10.6.2 Troubleshooting power problems

When you first turn on the computer, the circuitry inside the power supply
tests for proper voltage and then sends a power good signal down a wire
to wake the CPU up. When the CPU is awake, it immediately sends a builtin memory address over its address bus. This address is the first line of the
POST and that is how the system starts POST.
A computer needs constant, stable power to run. Power supplies do not last
forever. Here are some issues you might encounter with power supplies:
Dead system: problems with the AC wall outlet, AC power to the power
supply, power cables and connections, power supply failure or
misconfiguration, or other component failure or other component
causing a short circuit.
Overheating: power supply is overloaded with devices drawing too
much power (in watts), fans inside power supply have failed, inadequate
airflow outside or inside the system and dirt and dust.
Random or spontaneous reboots: due to incorrect voltage on the
power good line between the power supply and motherboard.
Loud noises: a whirring, rattling or thumping noise from the power
supply while the system is running indicates a power supply fan failure.
A loud bang, followed by a system crash indicates a blown capacitor and
will give off a burnt smell. In either case, replace the power supply
immediately.
Fuse failure: the fuse can fail due to an overload or due to the power
supply failing. If the power supply simply pops and stops working, it is a
blown fuse. The proper course of action is to replace the power supply.
You can test the fuse, but do not attempt to replace it. It is likely that
the power supply is faulty if the fuse is blown.
Fan failure: the fan inside the power supply can fail for various
reasons, it could be due to the fact that the power supply is old,
extremely clogged with dirt, or the fan was of a cheaper design. The
course of action is to replace the power supply.
Broken power switch: sometimes a faulty PC power switch prevents
the power supply from starting. The power switch is behind the on/off
button on every computer. To test, make sure it is plugged in and try
shorting the soft power jumpers using a key or screwdriver.
Page 878 of 1229
You can try the following tests to isolate the cause to power:
If the lights on the front panel are off and you cannot hear the fans or hard
drives spinning, the computer is not getting power. This is likely due to a
power switch, connection to the motherboard, power supply problem,
power coming from the AC outlet, power cables/connectors, or fuses. Try
the following tests to determine what the cause is:
1. Check if every other equipment in the area is working. There may be a
blackout.
2. With no power to the computer, make sure the power supply is
connected to the motherboard.
3. Make sure the power supply cable is plugged into the computer and the
wall outlet correctly and the wall outlet and power supply switch is on.
If connected to a surge protector, make sure it is turned on and works.
4. Swap the power cable with a known good cable. There might be a
problem with its plug or a fuse. Use a multimeter to check the fuse
resistance.
5. Test the wall outlet by plugging in another piece of known good
equipment such as a lamp. If the lamp does not turn on, get an
electrician in to investigate the faulty wall outlet.
6. Disconnect extra devices, such as optical drives. If this solves the
problem, the power supply is underpowered and overloaded and you
will need to get one with a higher wattage to meet the demand.
Power supplies can die suddenly with the computer failing to start and the
power supply fan not turning. This can be caused by anything from an
electrical spike to hardware malfunction. When the power supply dies
slowly over time, it typically means that the internal circuitry of the power
supply has begun to fail. A slow death can result in intermittent errors, or
frequent failure of hard drives and other devices and it could be tough to
troubleshoot.
Some clues to intermittent errors that point to the power supply include
when users say things like Sometimes when I start the computer I get an
error code. If I reboot, it goes away. Sometimes I get different errors, or
my computer will run fine for an hour or so and then it locks up,
sometimes once or twice an hour. Begin troubleshooting intermittent
errors by swapping out the power supply with a known good one and boot
the computer and watch it for a while to see if the same errors occur.
10.6.2.1 Testing power
When troubleshooting power supplies, your best tools are a known good
backup power supply, a power supply tester, a multimeter and your eyes
and ears.
A multimeter is used to measure DC voltages (VDC) to determine if the
power supply is working correctly and AC voltages (VAC) to determine if
the wall outlet is supplying the correct AC voltage.
Page 879 of 1229
It is also used to measure continuity to test if electricity flows from one end
of the cable to another and resistance (Ohms) to determine if a fuse or
network cable is working properly amongst other electrical tests. The meter
will have two test leads, a black and a red. Most meters are digital (DMM),
often also referred to as a volt-ohm meter (VOM), and have an LED or LCD
screen for readouts. Keep note of the following points when using a
multimeter:
Check leads before using them. Do not use leads with broken probes or
damaged insulation. Hold both leads by the plastic handles; never touch
the metal probes with your hands when connected to an energised
circuit. Never touch the probes together when testing an energised
circuit. You can measure the voltage only when the power is on and
supplying voltage to the system. Therefore, do not touch anything within
the computer except the connector and multimeter when testing. Do not
touch components with your hands or with the multimeter probes.
Remove jewellery when testing to avoid shocks. Turn off the power
supply immediately if there are any unusual sights, smells or noises.
If possible, connect the meter before powering up and power down
before removing the meter.
When measuring voltages, always connect the black lead to the COM or
REF (ground pin or terminal) and connect the red lead to the power
source (pin or terminal to be tested). Examine the markings around the
terminal as there might be more than one terminal for the red lead.
Digital multimeters might only have one setting for each AC and DC
measurement while autoranging meters can automatically adjust to the
correct range for the test selected and the voltage present.
Make sure you set the switch on the multimeter to the highest value or
range that will be tested to avoid damage. If you set it at a low voltage,
such as 5V, and then measure 12V, you might damage the meter.
Make sure the leads are connected to the correct terminals and all
switches are set to the correct position before taking measurements.
Do not adjust switch settings on the meter while it is on and connected
to an energised circuit; it could damage the meter.
Note
Many CMOS tools and software programs monitor voltage, so you

do not have to use a multimeter. Also, it is easier to have a known
good power supply or AC adapter to test power issues rather than
a using multimeter. If you have tested every possible cause and
know the power supply or AC adapter is faulty, you should recycle
and replace it with a new one.
Figure 10.29 shows a digital multimeter set to measure DC voltages.
Page 880 of 1229
Figure 10.29 A digital multimeter

Table 10.7 summarises common tests you can perform with a multimeter.
Table 10.7 Multimeter usage
Test
AC voltage
(wall outlet)
Multimeter
setting
AC
Probe
position
How to test
Red to live.
Black to
ground.
Check voltage on meter,

should be near 220240V
for South Africa or near
115 for North America.
Check voltages on meter,
compare to default
values for each
connector.
Check reading, compare
rating to resistor. A good
fuse should show zero
ohms. A bad or blown
fuse will not show any
reading. This is an
example of testing
impedance.
Meter will beep indicating
continuous connection
and good cable. NO CONT
signal or no beep
indicates bad or broken
cable or bad fuse.
DC voltage
(PSU outputs to
motherboard,
drives)
Resistance
(fuse)
DC
Red to live.
Black to
ground.
Ohms
Touch the
probes to
both ends of
fuse.
Continuity
(cables, CONT
fuses)
CONT
Touch red
lead on one
end and
black lead
on other end
of the cable.
Figure 10.30 shows the usage and voltages for the various power supply
connectors and the pin-outs for an ATX 24-pin P1 motherboard connector.
Page 881 of 1229
Figure 10.30 Power supply connector voltages and 24-pin

motherboard pinout
Notice in the P1 24-pin connector section in Figure 10.30 that it shows pins
for the following three important wires:
Power good signal (sometimes labelled PWR_OK): sent from the
power supply to the motherboard to indicate voltage has been tested
and is stable and ready for use.
Power On or PS_ON#: a signal from the motherboard and controlled
by the PCs power button or through soft power (software) to the power
supply telling it what to do.
Standby mode (5VSB): supplies power to the motherboard even
when the rest of the power is turned off and controls the Power On
signal. It allows activities that enable the computer to wake up from
sleep mode for features such as Wake on LAN.
Sometimes power supplies cannot constantly supply steady power. For
example, instead of supplying 12V, a power supply might safely vary the
supply between 10V and 14V. Even though a system can tolerate a little
variation of around 5 percent and this is noticeable when testing, anything
over 5 percent in general can cause problems such as random restarts.
Therefore, the 12V line should not vary for more than plus or minus 0.6 V
(11.4V to 12.6V).
Figure 10.31 shows how to use a multimeter to test different components.
The two pictures on the left show how to connect the probes to measure
the voltages for the main power connector plugged into the motherboard
and the SATA drive power connector, respectively. The picture on the far
right shows how to test the DC jack on an AC adapter for a laptop.
Page 882 of 1229
Figure 10.31 Using a multimeter to test voltages for different

components
To test a power supply:
1. Turn off the power supply.
2. Set the multimeter to use the appropriate voltage range.
3. Insert the black probe into the ground pin of the connector (with a black
wire).
4. Insert the red probe into the voltage pin in the connector to be tested.
5. Turn on the power supply. Make sure you do not touch any other part of
the computer. Listen to the power supply fans. If they do not, spin the
power supply is faulty or not receiving power from the wall outlet (if
plugged in and turned on).
6. Repeat these steps for each voltage pin.
For example, if you want to measure 12V provided on a connector, connect
the red probe to the pin with the yellow wire. If you want to measure the
5V, connect the red probe to the pin with the red wire. The black probe will
always connect to the ground pin in the connector.
Note
When testing, valid voltages on the different connectors include:

black wires carry 0V (ground), orange wires carry 3.3V, red wires
carry 5V, yellow wires carry 12V, and blue wires carry -12 V.
To test an AC adapter:
1. Turn off the AC adapter.
2. Set the multimeter to use the appropriate voltage range.
3. Insert the red probe into the middle of the DC jack. Do not push the
probe too far into the jack. Shorting the jack will damage the adapter.
4. Turn on the multimeter.
5. Turn on the AC adapter.
6. Touch the black probe to the metal part outside the DC jack.
Note
When power supplies fail, you can sometimes see smoke or smell
burning components or hear sparks. In this case remove the power
immediately.
Page 883 of 1229
Most power supplies will not supply voltages unless they are plugged into a
component. If you need to test a power supply but do not have a
motherboard, you use a power supply tester as shown in Figure 10.32 to
do so. A power supply tester can test an unconnected power supply, but
not one that is plugged into a system.
Figure 10.32 Using a power supply tester

To use it, plug the power supply connector into the tester and turn it on.
The tester simulates the load for a power supply and normally tests for
+12V, 12V, +5V, 5V and +3.3V, but it might not test every single pin. If
there are error lights, no lights or missing lights for specific voltages on the
tester, replace the power supply.
10.6.3 Troubleshooting POST errors

Once the CPU is given the power good signal, the BIOS runs POST. The
basic POST process is as follows:
POST finds the video card BIOS. If found, the video card starts from its
own BIOS and passes control over to it and information from the card
manufacturer might be shown on screen.
The BIOS logo screen might appear (if supported and configured).
The startup screen appears showing tests done on the system including
a count on the amount of RAM. If any errors are picked up here, a
number code on older systems or descriptive text message such as key
stuck on newer systems might be shown on screen. You should be able
to access CMOS Setup at this point using the appropriate key/key
combination determined by the BIOS manufacturer.
Some systems indicate that system checks have completed successfully
with one or two short beeps, but modern systems tend to be boot
silently.
Search for other devices with ROM BIOS chips and ensure that checks
have been done.
The BIOS might display a summary screen about system configuration
that can be paused using the <Pause> key.
The OS load sequence starts.
Note
POST also ensures that the CPU and system timer are both
running, the keyboard is working and that BIOS is not corrupt.
Page 884 of 1229
Problems that occur during the POST are usually caused by incorrect
hardware configuration or installation.
10.6.3.1 POST not running
If the computer has power and its fans are spinning, but it does not start or
its screen is blank and there are no beeps from its speaker (assuming that
it is connected), then it is likely that POST is not executing. The most likely
cause is a faulty cable or a damaged CPU or a CPU that is not seated
properly. You can troubleshoot this by going through the following tests
and solutions:
Ask what has changed before the problem occurred. A recent BIOS
update may have failed and resulted in the system failing to boot.
Recover from BIOS update failure.
Check cabling and connections and reseat adapter cards before
rebooting the system.
Check for faulty connectors and devices that stop POST from executing.
Remove one device at a time or all non-essential devices and add them
back one-by-one.
Use a POST card. See Figure 10.33. Plug the POST card into a PCIe
expansion slot and watch its LED display run through a series of twodigit hexadecimal codes as the system starts. If 00 or FF is shown on
the cards display after the system finishes booting, everything is
probably OK; otherwise any other number indicates a problem that can
be cross-referenced in the accompanying booklet, disc or online
documentation. The card is very useful when there is a blank display.
Figure 10.33 POST test card
Check for a faulty CPU or BIOS and replace the CPU or BIOS chip if
necessary.
For motherboards that have jumpers to configure modes such as BIOS
recovery and password settings, make sure the jumpers are configured
correctly.
10.6.3.2 POST errors

If the system passes the tests, it will continue to boot with one or two short
beeps or silently. If any test fails, POST stops and reports the error in any
of the following ways:
Page 885 of 1229
Beep code
The beep code is heard through the speaker attached to the motherboard.
An error is often indicated by a series of beeps. However, POST cannot
entirely rely on showing a message on screen because it might find a
video-related error that causes a blank screen. Therefore the error must
become evident through beeps.
The POST routine is in the BIOS and there are many different types of BIOS
and many versions of beep codes and the BIOS vendor determines what
the BIOS code means. You can find meaning of the code in the
motherboard documentation or at the manufacturer website, although it
not always possible to list what every POST beep code means. The
following are a few examples of what you might hear:
No beep: often indicates a power supply or motherboard problem or a

non-functioning speaker. However, it can also indicate that the system
has passed POST.
One short beep: usually indicates the system has passed POST. On
some systems, two short beep codes mean the system has passed
POST.
Continuous beep: often indicates a problem with the power supply,
motherboard or keyboard.
Repeating short beeps or buzz: often indicates a motherboard, power
supply or RAM problem.
One long beep and three short beeps: indicates a video adapter
error.
Three long beeps: indicate a keyboard-related error.
Onscreen error message

An onscreen message is displayed only after the video adapter is initialised
and usually indicates a specific failure. It might, for example, indicate a
problem with RAM, the keyboard, hard drive or other component. The
message is usually, but not always, self-explanatory, allowing you read it
and take the appropriate action. For example, if the CMOS memory which
stores CMOS parameters is corrupt, possibly because the battery is failing
or the CMOS memory has been cleared, you might find the system
displaying any one of the following messages:
System CMOS Checksum Bad

CMOS Checksum Invalid
CMOS Checksum Error Default Loaded
If the computer is losing the correct time or resets the time to January, and
displaying these kinds of CMOS errors, it most likely means that it is time
to replace the CMOS battery with a new one and re-enter the CMOS
parameters into CMOS Setup. Here are a few more examples of errors that
point to lost CMOS information:
CMOS configuration mismatch

CMOS date/time not set
Page 886 of 1229
No boot device available

CMOS battery state low
Note
Problems with BIOS Time and Setting resets are typically caused
by a problem with the CMOS battery or CMOS chip itself. If
replacing the battery with a new one and resetting BIOS settings
to their correct values does not solve the problem, the CMOS chip
on the motherboard might be damaged, which means the
motherboard itself will have to be replaced.
If the message is unclear or the issue is unknown, you can find its meaning
in the motherboard manual, BIOS vendors website, third-party website or
performing an online search.
(Hex) error code
A hexadecimal (also called a numeric or POST code) is sent through an I/O
port address and shown onscreen after the video adapter is initialised.
Older systems displayed cryptic codes such as Error 301 to indicate a stuck
key on the keyboard. You will rarely see messages with just an error code
today. Instead, if a key is stuck, you will see a display indicating that a key
is stuck. If you have to, you can monitor these codes using a POST card.
10.6.3.3 OS search
Once POST has finished testing the system:
It passes control to the BIOS bootstrap loader, which is loaded into

RAM. The loader goes through the boot order in CMOS Setup starting
with the first boot device, then the second, and so on. If no boot device
is found, the system displays an error message and stops the boot
process. At this point, make sure that removable drives with no media
are not interfering with the boot process and that the boot order is
configured correctly.
The loader loads the code from the boot sector on the selected drive
into RAM. The boot sector code takes over from the BIOS and loads the
rest of the OS files into RAM. Any errors after this point indicate a
problem with software or drivers, rather than with hardware.
10.6.4 Troubleshooting motherboards

Although the motherboard does not cause too many system problems, it
does hold the most essential components, and can be the cause of
problems. Problems with the motherboard include:
Chips are damaged by ESD, electrical spikes or overheating.

The pins on built-in connectors are damaged by users inserting plugs
incorrectly.
Errors caused by dirt (clean the contacts on connector) and or chip
creep (where chips and boards work themselves out of their connectors
over time). Make sure chips and boards are seated properly.
Manufacturing defects.
Page 887 of 1229
Unexpected shutdowns caused by loose metal parts short circuiting the

motherboard or a power supply overheating.
Continuous reboots caused by the following problems
o Power supply: when the power good line on the motherboard carries
too much or too little voltage, the CPU resets, shutting down the
system and restarting it. Test power supply voltages.
o Windows Configuration setting: if Windows is configured to restart
the system when a STOP error occurs, the system will continuously
restart until the error is resolved. Many components can cause STOP
errors, include motherboard, CPU, RAM, devices, overclocking the
CPU or RAM and others.
BIOS Time and settings resets caused by CMOS chip.
System lockups typically caused by corruption of RAM.
POST Code beep at startup caused by various errors that relate to CPU,
RAM or motherboard problems.
Blank screen on Bootup usually caused by incorrect storage and video
configuration or cabling problems.
Smoke or burning smells caused by failed capacitors on the motherboard
near the CPU.
System will not start caused by incorrect front panel header wiring,
loose or missing power leads from the power supply, loose or missing
RAM modules, loose BIOS chips, dead short (short circuit) in the system,
incorrect position of a standoff, or loose metal parts inside the case.
No power: faulty motherboard.
If you suspect a motherboard or its built-in components are faulty, there

usually is not much you can do. If the motherboard itself is faulty, you can
either send it back to the manufacturer if it is under warranty or replace it
with another motherboard.
10.6.5 Troubleshooting system crashes or hangs

It is difficult to find the exact cause of symptoms such as the system
locking up and not responding to user input, or showing a Bluescreen error,
or suddenly rebooting, especially when you are not sitting in front of it to
watch what is going on. The following points can help you isolate the
cause:
Software, disk problems or malware are likely causes of such symptoms.

If you can eliminate these, then try to determine if there is a pattern to
the errors; that is, if they happen when the system has been running for
some time, it could point to a heat issue.
Make sure the power supply is providing the system with good, steady
voltages.
If the power supply is good, suspect a problem with RAM, CPU or the
motherboard. Overclocking the CPU and RAM can cause them to
overheat and the system to crash. Check settings.
Check the motherboard for signs of damage caused by heat, such as
scorch marks, ESD or a power surge or spike. Also consider the
environment the system is running in and the maintenance procedures
for the system. You could also run diagnostic software to determine if
there is a problem.
Page 888 of 1229
10.6.6 Troubleshooting CPUs

The CPU rarely causes problems when its installed and configured properly,
but when it does, it is most likely because it is not installed properly or
securely, or it is overheated, incorrectly configured or there is a problem
with another failed component. This could possibly cause the system to
completely fail when it is turned on and could cause the system to sound a
series of beeps during POST. If this happens, it is possible that the system
turns on and power will be supplied to the system, but nothing else
happens: no POST, no display, no hard drive activity, etc. In either of these
situations, after checking power, turn to the CPU. The following are possible
causes, symptoms and solutions to problems related to the CPU:
10.6.6.1 Check other components first
Always check other components and connections first before taking the CPU
assembly apart.
10.6.6.2 Heat
The main problem with CPUs is insufficient cooling. Problems with heat
normally results in the system working for some time, crashing and then
working later on when the system has been off and the CPU has cooled
down. Here are some checks you can go through to eliminate heat as a
cause to the problem:
Fan is connected and working: a CPU that is running too hot can
decrease performance while a CPU that is overheating can cause crashes or
system restarts. Check if the CPU fan is properly connected and working
and not jammed, clogged with dust or dirt or too small. You can get a
replacement fan if needed, one that is compatible with the heat sink and
motherboard.
Heatsink: make sure that the heat sink is flush against the CPU and that it
is securely fastened to the motherboard (or socket housing). Too much
thermal paste can block the flow of heat from the CPU to the heat sink and
cause the CPU to heat up quickly while not enough thermal paste or
thermal paste spread unevenly can cause the CPU to heat up and
consequently shut itself down. Use good quality paste that will help the CPU
run at a lower temperature.
Blanking plates: use blanking plates to cover holes in the front and back
of the case, so that the system and the components inside it can be cooled
effectively. Clogged vents can result in a system running slowly or reboot
spontaneously. If the fans are clogged, not working or blocked somehow,
the inside of the case can heat up and overwhelm the CPU cooling system.
This will result in a system running slowly or spontaneously rebooting.
Page 889 of 1229
Speed: check the voltage and timings settings in CMOS Setup and make
sure the CPU is running at the correct speed. The CPU should not run at a
higher clock speed, which can cause it to overheat.
Environment: make sure the room is not too hot or dusty or the system is
near hot equipment such as radiators or placed in direct sunlight.
Note
Heat can also cause loose connectors to drift apart, components to

move in their sockets or cause circuit board defects such as their
cracks widening or broken connections. You can check this by
physically inspecting the components.
10.6.6.3 CPU appears not to work

The following simple checks can help you troubleshoot a newly installed or
upgraded CPU that appears not to work:
Compatibility make sure the CPU is supported by the motherboard.

Correct insertion make sure the CPU is plugged into the socket
correctly.
Voltage ensure voltages in CMOS Setup are correct and test to see if
the CPU works after configuring the correct settings.
Configuration make sure CMOS Setup settings and motherboard
jumpers are correct.
Swap if you swap the new CPU with an old one and it works, the new
CPU might be faulty.
10.6.6.4 CPU speed problems

If the system is running slowly or the wrong clock speed is shown at boot
time, check CMOS configuration on new systems or motherboard jumpers
on old systems. Also, since all modern CPUs have built-in protection
features that tell them to slow down or throttle when getting too hot and
before overheating, investigate why the CPU might be overheating.
Note
Verify that it is not software or network usage that is making the

system run slowly. Check CPU and network usage in Task
Manager. If the CPU runs consistently at 90100%, the cause is
most likely a faulty application process.
10.6.7 Troubleshooting RAM

A system will not work without RAM, with faulty RAM or improperly installed
RAM. First, make sure the RAM installed is compatible with the
motherboard. Next, try reseating the RAM. If you suspect faulty RAM,
corroded contacts or a faulty RAM slot, try taking the RAM out, cleaning the
module and slot if necessary (with compressed air), and putting the module
back in properly. Next, if the system has two modules, try booting it with
just one (if the motherboard allows it), or try moving modules to different
slots.
Page 890 of 1229
The following are some possible causes and symptoms related to RAM
problems:
Failure to boot/ unexpected shutdowns: the most likely cause of

this is heat, so a good first step is to ensure that the system has
adequate airflow and the fans are clean. You can buy heatsinks for RAM
if needed.
System lockups: Faulty RAM chips or incompatible RAM can cause the
system to freeze and stop responding to user input. If you suspect a
RAM problem, check compatibility and use a memory checker to run
memory tests.
Continuous reboots: In some cases, a hardware issue such as RAM
can prevent the system from booting completely. It starts, gets so far
and then restarts itself.
Blue screen: Faulty RAM chips can cause blue screens with an error
code indicating a memory problem. If you suspect a RAM problem, use a
memory checker to run memory diagnostics.
Page faults (hard faults), out-of-memory or low-on-virtual
memory errors: These are usually issues with the OS or a running
application, but are less common nowadays. If a particular application
keeps failing, or if you get a particular message listing a specific memory
location over again, it can indicate faulty RAM chips. Be sure to
document error messages and any error codes or memory locations that
display on the screen and investigate the issue online.
Memory error indicated by BIOS: The BIOS can indicate a memory
error by displaying a message onscreen and a flashing cursor or by
beeping. Sometimes a CMOS Setup setting, such as RAMs latency, is
incorrect. You can try going back to a saved version of the CMOS
settings or trying loading the BIOS defaults.
Intermittent memory errors: Sometimes problems are consistent, but
more often than not they are intermittent, that is, sometimes you see
the problem and sometimes you do not. Intermittent memory errors can
come from various sources, including a dying power supply, electrical
interference, bugs in applications or hardware and so on. These errors
show up as lockups, general protection faults, page faults and parity
errors.
Parity errors: These errors can stop the system and require you to
restart it. They can result from software issues, heat, dust, power
fluctuations, mixing parity and non-parity modules, mixing slow and fast
RAM, loose or corroded chip or module contacts or chip/module failure.
Memory not recognised: Make sure the modules are properly seated
and secured and are compatible with the motherboard. Perhaps the
BIOS does not have the programming needed to identify the latest type
of RAM that was installed, so a BIOS update might help.
Tip
The power supply and RAM are the primary hardware causes of
intermittent problems while malware is the primary software cause
of intermittent problems.
Page 891 of 1229
10.6.7.1 Memory diagnostic tools

You might need to check RAM from within Windows or perhaps when
Windows will not boot and you want to check RAM at boot time. You can do
this by using the Windows Memory Diagnostic tool in Windows Vista/7.
The tool can perform a quick or an in-depth test of RAM and CPU cache,
depending on which Test Mix option you choose:
Basic: Runs a quick test on RAM.

Standard (default): Runs for a few minutes and tests
aggressively than basic.
Extended: Runs for hours and performs a more extensive test.
more
You can either run the tool from Administrative Tools or boot to Windows
PE and select Windows Memory Diagnostic. Select Restart now and
check for problems. After the system restarts, the tests will start
automatically and you will see a display similar to Figure 10.34. By default,
two passes of the standard test mix are run and this is usually good
enough.
Figure 10.34 Windows Memory Diagnostic

If the tool finds any errors, it will display them in the Status area without
stopping the test from running. After the test completes, the system
automatically restarts. About a minute or so after logging on, you will see a
balloon message appear in the notification area indicating the results. If
you miss it, you can also view the results in the System log via the Event
Viewer. It is listed with a source of MemoryDiagnostics-Results and an
Event ID of 1201 as shown in Figure 10.35.
Page 892 of 1229
Figure 10.35 Memory Diagnostics-Results event

If the memory diagnostic gives any errors, you might be able to identify
the problem by going through a process of elimination, that is, by removing
and reseating all of the modules or removing all of them except for one,
and retest. The reason why you would do this is that electrical components
expand and contract from heat and cold, causing some movement and the
contacts on the module can become dirty, preventing a good connection.
You can clean contacts with contact cleaner created specifically for this
purpose or use isopropyl alcohol and a lint-free cloth or cotton swab.
Tip
This same fix can be used on any expansion card as well.
There are a few memory test programs available online, including:
Windows Memory Diagnostic: oca.microsoft.com/en/windiag.asp

GoldMemory: www.goldmemory.cz
MemTest86: www.memtest86.com
Although these programs can help you determine whether a module needs
to be replaced, in general, use your common sense. For a large number of
modules, a more expensive RAM tester can provide a more accurate way
of finding RAM problems.
10.6.8 Troubleshooting expansion cards and I/O ports

Here is what you can do to solve problems with expansion cards:
Make sure the card is compatible, installed properly and given power
and shows up in Device Manager without any errors. Also, make sure its
contacts are clean.
If the card stops working or does not show up in Device Manager, try
reinstalling the driver before checking seating or dirt.
If the card comes with diagnostic software, run it.
Page 893 of 1229
You can also run a loopback test that sends data out of the cards
output port and checks to see if it comes (loops) back into its input
port. This can be done by plugging in a loopback plug into the port
and using the diagnostic program that comes with the plug to perform
the test. If the card is bad, replace it.
If Device Manager does not recognise the card, test it on another
system and if it still does not work, the card itself might be damaged
and must therefore be replaced.
10.6.8.1 USB ports

USB ports are the most common I/O ports used. As such, here is what you
can do so solve problems with USB:
USB port not enabled in BIOS: Check CMOS Setup settings.

USB port does not work on old system: Some USB ports on older
systems do not conform to current USB 1.1, 2.0 and 3.0 standards.
Disable these ports and replace them with an expansion card with USB
ports.
Drivers for the device not properly installed: Always install the
driver for a new USB device before you plug it into a USB port. The
exception is a PnP device that Windows will detect and install its driver.
Once you have installed the driver and you know the ports are active
(running properly in Device Manager), plug in the new device. Windows
only comes with drivers for USB mass storage and input devices, while
other devices such as webcams and network adapters require
manufacturer-specific drivers. Install their drivers.
Device not recognized: If the device appears as an Unknown Device
in Device Manager, try installing a new driver, using a different port, or
replace its cable.
USB device does not work at maximum speed: Plugging in a highspeed device into a low speed port will cause the device to work at the
low speed with a warning message to be shown.
Power: A mismatch between available and required power can cause
the USB device to fail or not work properly. If the device is drawing too
much power, you must take devices off that root hub until the error
goes away. You can install an add-in USB hub card if you need to use
more devices than your current USB hub supports. In some cases a Low
Power Warning message will appear.
To check USB power usage, open Device Manager and locate any USB
hub under the Universal Serial Bus Controller icon. Right-click the
hub, select Properties and select the Power tab. From here, you can
verify the power provided per port and compare the power available
from the hub to the power required by each device, as illustrated by
Figure 10.36. Figure 10.36 shows the Power tab for a bus-powered hub
that provides a maximum of 100 mA per port.
Page 894 of 1229
Figure 10.36 Generic USB Hub Power tab

Tip
The Power tab shows the power usage only for a given moment, so
click the Refresh button to keep getting accurate readings.
There is another issue with USB power: when the system places the device
into a sleep state to save power and it does not wake up. This is noticeable
when accessing a USB device that was working earlier on but suddenly no
longer appears in Device Manager. To fix this, open Device Manager and
then open hubs Properties page, click the Power Management tab and
uncheck the Allow the computer to turn off this device to save power
checkbox.
For problems where devices such as network adapters and mouses
periodically wake up the computer or fail to work after the computer has
been in sleep mode, you can deselect the Allow this device to wake up
the computer in Windows Vista/7 or Allow this device to bring the
computer out of standby in Windows XP option on this tab. If that fixes
the problem, look for an updated device driver or system chipset driver.
You can get USB loopback plugs with software that tests, among other
things, to see if the USB port has power, that data can be sent and
received from the port, USB error rates and speeds and USB cabling. See
Figure 10.37.
Figure 10.37 PassMark USB loopback plug
Page 895 of 1229
10.6.9 Troubleshooting hard drives, SSDs and RAID arrays

Power, heat and vibration, among other things, make the hard disk
susceptible to failure. Some common symptoms of problems with hard disk
drives include:
Installation errors: if you make a mistake at the connectivity, CMOS,

partitioning or formatting points of installation, the drive will not work.
Failing to partition will result in the drive not appearing in (My)
Computer and Disk Management and setting the wrong partition type or
size becomes obvious as the drive fills up with data. The fix for
partitioning errors is simply to open Disk Management and do the
partitioning correctly. Failing to format makes the drive unable to store
data. Accessing the drive in Windows results in a drive is not accessible
error, and from a C:\ prompt, you will get the Invalid media type error.
Format the drive unless you are certain that the drive has a format
already.
Formatted capacity: if a newly formatted hard disk or RAID volume
appears to have less storage space within Windows, it is because harddisk manufacturers market the storage space in decimal measurements
such as 2 TB (2000 GB) and Windows reports it in binary such as
1,907,348 MB.
Data corruption: power issues, accidental shutdowns, corrupted
installation media and viruses, along with other problems, can result in
corrupted data. In most cases, you will see the following type of errors
while Windows is running, which can be fixed by using chkdsk or a third
party tool such as SpinRite:
o The following file is missing or corrupt
o The download location information is damaged
o Unable to load file
Read/write failure: can show up as an error such as Cannot read
from the source disk when trying to open or save a file. Read/write
failures can have many causes, including:
o Physical damage: The drive might make a noise or might not spin.
Replace drive.
o Damaged cables: Swap them with known good cables.
o Damaged host adapter on motherboard: Try a different host adapter
(such as a SATA port) or install a host adapter card.
o Overheated hard disk: The faster the disk spins (higher RPMs), the
more likely the drive will overheat. Install fans near the hard drive
and if drives are stacked on top of each other with limited airflow,
move the drives to other bays with good airflow.
o Overheated CPU or chipset: Overheated CPU, chipset or other
component can cause read/write failures. Check all cooling systems.
Bad sectors or clusters: run chkdsk regularly.
Blue screen: can be caused by a failing hard drive and file corruption.
It could also be because the OS does not have the correct driver for the
drive. Boot into Safe Mode and install the correct driver.
Constant LED activity: Indicates not enough RAM installed and data is
constantly moving between the hard disks page file and RAM.
Page 896 of 1229
Noise: A healthy disk generally makes a quiet, low-level noise when its
platters are accessed. Any loud, grinding or clicking noise indicates a
problem. Make a backup and replace the drive immediately.
Failure to boot: Boot failures can have several causes, including that
the hard drive is not a boot device, there is no active partition or the
boot files are missing. Other causes, and their symptoms and solutions
include:
o No detection at boot: SATA, SSD, PATA or SCSI drive-detection
problems include power, cabling, BIOS settings or drive failure. Check
this. If the LED is inactive or you suspect it might be faulty, listen to
the drive to hear if it spins. If it does not spin, it might be faulty.
o If the drive has power, check the following configuration:
CMOS boot order: Set hard disk as either first boot device or the
second after the optical drive.
CMOS settings are corrupt and system cannot find bootable
drive: Configure CMOS settings, make hard drive as first boot
device and restart system. Replace CMOS battery if the settings
continue to be corrupted.
Cables and connections: check for loose or damaged data cables
and incorrect drive-to-motherboard connection.
PATA drive: check master/slave/cable select jumper settings, the
position of master and slave drives on the cable and drive-tomotherboard connection.
SCSI drive: make sure the host adapter driver is working and ID
numbers and termination are set up correctly.
Motherboard jumper or CMOS setting: if the drive is connected
to a motherboard port, make sure it is not disabled by a jumper or
CMOS setting.
o If the hard drive is detected by POST but not by Windows,
check the following:
OS Not found: this error most probably means there is a
problem with the file system or OS loader code.
In Windows XP, boot in the recovery console and type C:. If an
invalid media type error is shown, it means the disk does not
have a valid file system structure or has not been formatted,
possibly because of a surface error or a virus. Use fixmbr or
fixboot tools to recover; otherwise reformat the disk.
In Windows XP/Vista/7, boot into the recovery command prompt
and type C:. If an Invalid drive specification error is shown, it
might mean that the MBR record is damaged or the active
partition is missing or corrupted, possibly by a virus. Use
diskpart to check the partition structure and the fixmbr or
fixboot commands in Windows XP and bootrec /fixboot and
bootec/fixmbr commands in Windows Vista/7 to repair the boot
sector and master boot record. Failing to format a drive makes
the drive unable to hold data. Accessing the drive in Windows
results in a drive is not accessible error.
Page 897 of 1229
Slow performance: if the system overuses the disk for paging, it will
slow down. The solution is to add more RAM instead of replacing the
disk. Other causes and solutions to a disks slow performance include:
o Fragmentation: causes the drive to work harder to retrieve file
pieces scattered throughout the disk. Use defrag to defragment the
drive
o Low disk capacity: caused by a drive that does not have enough
free space (at least 10 percent). System performance is affected
badly as the space is filled up. Use Disk Cleanup to remove files and
manually remove or move files and uninstall applications.
RAID disks not recognized: If you are using hardware RAID and the
configuration firmware tool does not recognise any disk, first check to
make sure it is powered and connected properly.
RAID not found: It could be that the controller drivers are not
installed, the existing array has stopped working and does not appear in
the RAID configuration tool because of faulty disks or controllers that
must be replaced or the power or data cables are disconnected. It could
also indicate the RAID function is disabled in BIOS or a conflict between
the motherboard built-in RAID function and the RAID adapter card or
external enclosure exists and the function in the motherboard BIOS
should be disabled.
RAID Stops Working: If one disk in RAID 0 fails, the array will stop
working and you will have to replace the disk, rebuild the array using
the vendors recommendation and restore the data from a backup. Other
RAID arrays (1, 5 and 10) have built-in redundancy, so if one disk fails,
the volume will be listed as degraded in the Configuration tool or
Missing, Failed or another error in Disk Management (if dynamic disks
are used for Software-RAID) but the data on the volume should still be
accessible. Figure 10.38 shows a boot message indicating a problem
with RAID (on the left) and the RAID configuration tool indicating the
volume is missing one disk (on the right).
Figure 10.38 Using a configuration tool to solve RAID failures

If a RAID 1, 5 or 10 array is unavailable, it is either because two or
more disks or controllers have failed. In the case of failed disks, you will
have to replace them, rebuild the array and recover the data from a
backup or try to use file recovery software.
Page 898 of 1229
If a controller has failed, then you should be able to recover the data on
the volume, though files might be corrupted if the failure interrupted the
write operation. Either install a new controller or install the disks into
another system.
Note
If the boot volume is negatively affected by a RAID failure,

Windows will not start. When hot swapping, be careful not to
accidentally remove a healthy disk from the array, which will cause
it to fail. A red LED normally indicates a disk failure. Always make
a backup before troubleshooting the array.
The process for managing a disk failure depends on the RAID vendor. All
controllers can generate an event in the OS System log and perhaps
alert the administrator with a message. If the array supports hot
swapping, then you can simply remove the faulty disk and insert a new
one and configure it using the RAID configuration tool (if using a
hardware-RAID controller) or Disk Management (if using dynamic disks
for software-RAID). Rebuilding affects performance as the controller
might have to write multiple gigabytes of data to the new disk.
Figure 10.39 shows Disk Management indicating a failed RAID 1 array as
a result of one disk failure.
Figure 10.39 Using Disk Management to solve a RAID 1 failure
10.6.10 External enclosures and file recovery software

One option for recovering data from a system that will not boot to a hard
drive is to take the drive out of that system, plug it into an SATA/PATA
external drive enclosure or docking station and connect that enclosure
to another computers USB port (essentially turning the internal PATA/SATA
drive into an external USB drive). Afterwards, you can use Disk
Management to mount the drive if Windows recognises it or use file
recovery software to analyse it.
Page 899 of 1229
If a file is corrupted, you might be able to use software to rebuild it or

recover some data from it. As you know, you can use the System
Protection feature to access a previous version of any data file that has
been corrupted by a bad application or accidentally overwritten. System
Protection falls in the category generically called file recovery software.
You can also get many third-party file recovery tools, such as Recuva, for
example, to get deleted data off a hard drive or RAID array. See Figure
10.40.
Figure 10.40 Using Recuva to recover files

Visit the following website to download this tool:
www.piriform.com/recuva
10.6.11 Troubleshooting flash media and optical drives

There is no way to repair a broken flash memory card. If a card fails you
should replace it, so this section will cover a few of the more common
problems with optical drives, discs and burning and how to fix them:
Installation issues: The following is a list of steps to troubleshoot

installation issues:
o If the BIOS does not recognise the drive, check its data and power
cables and configuration (master/slave and cable select for PATA,
port enabled in BIOS).
o Make sure Windows recognises the drive in (My) Computer and
Device Manager. Windows supports optical drives, so if the drive
cannot read from the disc, it is probably a hardware or disc issue.
Also, check the driver in Device Manager and update it if necessary.
o Remove the drive from Device Manager and allow the system to
redetect the drive.
o For stuck discs, insert an unbent paper clip into the eject hole on the
front of the powered optical drive just below the drive opening to
push on an internal release lever that will eject the disc.
o Blu-ray drives have very specific hardware and driver specifications
that must be met.
Page 900 of 1229
Failure to read disc: The following is a list of possible solutions or

troubleshooting recommendations for reading issues:
o Make sure the disc is compatible with the drive (see drive manual or
vendors website). Not all drives support all disc formats.
o Make sure you are using the correct media recommended by the
drive vendor.
o Try a different disc that you know works.
o Make sure the disc is not scratched, dirty or damaged. Use a damp
soft cloth or optical disc cleaning kit to clean the disc. Always wipe
from the centre of the disc to the edge and never use a circular
motion.
o Restart the system.
o You may need to install a software application for the particular disc
being used.
o If the drive still does not see a disc and if there are read/write
problems, try cleaning the drive. Most modern optical drives have
built-in cleaning mechanisms but you can use a commercial opticaldrive cleaning kit as well.
o Sometimes you need to record the media at a slower speed on older
drives because they cannot read the pits/lands created at faster
speeds.
o DVD-Video requires MPEG decoding hardware and software (codecs)
for playback. This comes with certain Windows versions while for
others install third-party software.
o A codec for Blu-ray media is needed. These codecs are not included
in all Windows versions and might be available from Blu-ray drive
vendors or by Blu-ray movie playback and creation programs.
o Many DVD problems are resolved by re-installing DirectX or installing
the latest version of DirectX.
o DVD and Blu-ray drives use specific region codes that are often
misconfigured and need to be set correctly.
o If you are able to read Blu-ray (BD) media, but cannot play back BD
movies, replace drivers for the BD drive and video card. Switch to a
different BD playback program.
o If you have attempted everything else, replace the drive with a
newer, faster model.
Burning issues: the following is a list of possible solutions or

troubleshooting recommendations for burning issues:
o To use features such as burning and additional software, you might
need to install drivers.
o If Windows does not support a particular recordable or writable
format, then install third-party software that does.
o Make sure you are using the write speed recommended for the type
of disc.
Page 901 of 1229
o Buffer underrun is the inability of the OS to keep the burner loaded

with data. The two most important factors that contribute to buffer
underrun are buffer size (make sure you buy drives with large
buffers) and multitasking (enables other programs to run while the
burner is running). The latest disc burners include buffer-underrun
protection in firmware that turns off the burning process if the buffer
runs out of data and automatically restarts it as soon as the buffer
refills.
Firmware Updates: If your drive does not read a particular type of
media, or if any other non-intermittent read/write problem occurs, check
the manufacturers website to see if it offers a firmware upgrade that
will allow the drive to read the media and will solve the read/write error.
10.6.12 Troubleshooting video issues

When troubleshooting a video problem, check simple solutions first, such as
cables and power. Common video issues and their solutions include:
No image: If nothing shows up onscreen, do the following:
o Make sure the video cable is not damaged or stretched.
o Make sure the monitors video cable is plugged into the correct on-board
or video card port (VGA/DVI/HDMI). Check for an on-board video setting
in the BIOS: If you install a new video card in a computer that
previously used on-board video, always check that the on-board video
setting is disabled in the BIOS. It can conflict with the new video card.
o Verify that the monitor is connected to the AC outlet and is powered on.
o Verify the monitor it is not in standby mode by pressing a key or
resetting its power.
o Check the brightness and contrast controls on the monitor.
o No image on an LCD monitor might indicate a failed backlight. In many
cases, replacing the backlight is costly and therefore replacing the
monitor is the best option.
o Try the monitor on a different computer.
o Try removing the video card and reseating it carefully.
o There may be a faulty or wrong driver; boot into safe mode and update
the driver from within the Device Manager.
Dim image: If the image is dim, do the following:
o Check the brightness and contrast controls on the monitor.
o Make sure a power saving mode is not dimming the image.
o CRT monitors gradually dim as they age. Recycle and replace them with
an LCD monitor
o LCD backlight might be failing. Replace backlight.
o Some lamps with projectors will dim as they age. Replace the lamp
(bulb).
Page 902 of 1229
Missing colour: check the video cable for breaks and the connectors for
bent pins. A bad cable might not support higher resolutions. Check the
monitor controls for the colour. If the colour adjustment has already
reached the maximum, the monitor will require an internal service by an
authorised repair centre.
Flickering image: caused by a loose cable, power issue or a mismatch
between a high resolution and a low refresh rate. Check the cable, power
cycle the device or increase the refresh rate to 72 Hz or higher to support
the needed resolution or lower the resolution. This is not a problem for LCD
monitors.
Video playback does not work: lower or disable the hardware
accelerator using the slider on the Troubleshoot tab in the Advanced
Properties and if this works, check for an updated display driver.
Distorted image on CRT: In the case that the resolution is set too high,
or to a resolution not supported by the monitor, you might get a distorted
image or no image at all. Check resolution settings in safe mode and use
the monitors onscreen picture display (OSD) controls to change the
geometry (image size and shape issues). See Figure 10.41.
Figure 10.41 Typical geometry errors in CRT monitors

Fuzzy or discoloured image: for big colour blotches or discolouration on
CRT monitors, use the degauss button to discharge static electricity and
release magnetic build-up, reset the power and move magnetic equipment
away from the monitor. You will hear the monitor make a loud tunng noise
when degaussing.
VGA Mode: In some cases, the system can go into 16 colour 640 480
VGA mode by default. With VGA mode, you will see fewer, but larger, items
onscreen, making the image look blocky or grainy. The most common
reason is due to an incompatible or corrupted driver. Reboot into safe mode
and roll back or delete the driver.
Page 903 of 1229
With more advanced video cards, you might need to re-install the driver
programs in Control Panel, so always check there first before you try
deleting a driver using Device Manager. Download the latest driver and
reinstall.
Bad Pixels: A pixel on an LCD monitor that never lights up (stays black) is
a dead pixel while a pixel that is stuck (constantly bright) on a specific
colour such as white is a stuck pixel. There are software programs such as
LCD Repair, UDPixel and Monitor Test that you can use to identify stuck
pixels and possible dead pixels and attempt to reactivate them. Always try
power cycling the device as well. If you cannot repair the stuck or dead
pixel, find out from the vendor if the warranty covers replacing it;
otherwise, the monitor will need to be replaced.
Artifacts: artifacts (image distortions) are simply drawing errors. For
example, you might see horizontal or vertical black lines or wide bars with
distorted colours on screen or a repeating pattern of small bars or
rectangles over the entire screen or wavy vertical lines equally spaced
across the screen. There are a few things you can do:
The most likely cause of artifacts is an overheating video card. Check

cooling.
For 3D graphics performance, make sure the video card is capable of
displaying the game, and that the latest and correct driver and version
of DirectX are installed. Read the FAQs for the graphics application
requirements and help.
If there are issues with frame rates, disable video effects or use a lower
resolution.
If you see artifacts or you notice incorrect colour patterns, or the display
just does not seem to look quite as good as it used to, try calibrating the
monitor by either resetting it with the on-screen display, or adjusting
the contrast, brightness, and colour level. Also try adjusting the colour
depth in Windows. If using a CRT and the artifacts still appear, consider
upgrading to an LCD.
BSOD
In some cases, a faulty driver or faulty video card can result in a serious
stop error in Windows. Restart the system into safe mode, and then use
Device Manager to install the correct driver.
High-end video cards are intensely used by gamers and designers. If the
temperature is high, it might cause the card to throttle back the GPU
speed, or the video card might stop working altogether, causing the current
application to close, the display to show a STOP error, or the display could
go blank. Also overheating can cause the system to shut down. Consider
additional cooling fans or a liquid cooling system if this happens more than
once or twice.
Page 904 of 1229
10.6.13
Troubleshooting laptop issues
This section explores troubleshooting common problems with laptops.

10.6.13.1 Laptop will not power on
Power issues on laptops are normally due to either the AC adapter or the
battery. Check the following:
Verify AC power by plugging in another electronic device such as a clock
or lamp into the wall outlet. If the other device receives power, the
outlet is good.
If the outlet is good, connect the AC adapter to the laptop and the other
end to the wall outlet and try to power on. If the LEDs on the DC jack,
and/or AC adapter, power button above the keyboard, and possibly
wireless LED do not light up, you might have a faulty AC adapter. If the
adapter fails, not only will the laptop not get power, but the battery will
not charge up. Swap it out with an identical known good AC adapter.
Swapping power adapters between two different laptop models is not
recommended, even if they look similar, with only one or two volts
separating them.
If the LED at the DC jack is not lit but the adapter is working, you might
need to replace the DC jack. Inspect the DC jack and make sure it is
soldered onto the motherboard. Make sure it is not loose or damaged.
If all the LEDs are on, then maybe it is a display issue instead of a
power issue.
A faulty peripheral device might keep the laptop from powering up.
Remove any peripherals such as USB or FireWire devices.
In rare cases, the power button might have been disconnected from the
motherboard and will need to be reconnected after removing the
keyboard and other components.
Another power adapter-related issue could be that the user is trying to
use it in another country. Use a power adapter suitable for that
countrys power.
10.6.13.2 Battery will not charge
If the battery does not charge up, it could be due to the battery failing or
the AC adapter not working.
Check if the battery is fully inserted into the battery compartment and
locked into place.
Batteries can be recharged or cycled by the laptop so many times
before failing. After several years, the battery will not hold a charge any
longer and fail or will lose charge quickly. The system will work with AC
power without any problem but will not work while on battery power.
The solution is to replace the battery with a known good battery.
Alternatively, remove the battery and run the laptop on AC only. If that
works, you know the AC adapter is good. If it does not, replace the AC
adapter.
Page 905 of 1229
10.6.13.3 Check whether standby or hibernate mode has failed

If the laptop is regularly placed into standby or hibernate mode, the laptop
could experience issues occasionally. In some cases, the user has to hold
down the power button for several seconds to reboot the system out of a
failed power down state.
This might be done with the battery removed. If either of these modes
fails, check the Event Viewer for any relevant information, and possibly
turn off hibernation/standby mode until the situation has been fixed. On
the other hand, sometimes laptops take a long time to come out of standby
mode because of a stuck lid switch. It looks like a power issue, but it is a
simple hardware fix.
10.6.13.4 Display issues
The LCD is lighted up by a backlight bulb or lamp. The backlight is driven
by a high-voltage inverter. A flex video cable connects the display to the
motherboard. See Figure 10.42.
Video cable
Inverter
Backlight
bulb
Figure 10.42 LCD screen components
No image: make sure the laptop is on, the cut-off switch or plastic pin
near the screen hinge that shuts off the display is not stuck and the
display has not been disabled by using a function key. Press the <Fn>
key and the other key to activate the screen a number of times until the
laptop display comes on. You can also plug in a second monitor and
view the display by toggling the display function key and configuring the
dual-monitor display settings from within the OS. If you cannot see a
display on either display, the video card or the motherboards video
capability has probably failed. If you can view the display on the second
monitor but not the laptops display, it is very likely the LCD screen is
disconnected or has failed and will need to be replaced.
Dim image: On traditional LCD displays, the problem might be due to a
failed inverter/ backlight or the power management settings in Windows
or CMOS Setup. If the problem is not with the power management
settings, then replace the backlight and/or inverter. LED displays do not
use inverters, but the backlight can fail, resulting in a dim image.
Reddish/pinkish hue to the screen or loss of colour: indicates the
possibility of a worn out backlight. Replace the backlight.
Page 906 of 1229
Flickering image: this is due to a problem with the inverter or a loose

connection within the laptop. The solution is to take it apart and reseat
the displays connectors. If this does not resolve the issue, then replace
the inverter.
Cannot display to external monitor: could be because the function
key is set to send video output to the primary display only and not to
the external monitor or incorrect dual-monitor display settings within
the OS. Also rule out problems between the laptop and external
monitor, such as the cable, and the external displays power, resolution
and power saving configuration. Try a different external monitor and
cable and look for updated drivers for the graphics adapter and laptop
chipset.
Damaged LCD screen: An LCD screen can be damaged in various
ways. For example, you might see a crack in the screen, or a part of the
screen does not display properly, or you might notice dark, irregular
lines that run across the display in all video modes. If any of these are
the case, the LCD will have to be replaced and an external monitor can
be used temporarily.
Note
When troubleshooting video, replacing the inverter/backlight is

cheaper than replacing the whole screen. Also, LCDs are best used
at the native resolution. Finally, when updating the video driver,
use the vendors or OEM driver instead of the retail driver.
10.6.13.5 Input problems

If none of the keys on the laptop work, there is a good chance that the
connector is disconnected. Check the manufacturers disassembly
procedures to locate and reconnect the connector.
If you are getting numbers when you are expecting to get letters, the
number lock (NumLock) function key is turned on.
If the keys are sticky, look for the obvious debris in the keys. Use
compressed air to clean them. If you need to use a cleaning solution,
disconnect the keyboard first. Make sure it is fully dry before you
reconnect it or you will damage it.
If the touchpad is having problems, use compressed air to clean the
touchpad sensors. Remember to be gentle when lifting off the keyboard
and make sure to follow the manufacturers instructions.
The touchpad driver might need to be reconfigured. Try the various
options in the Control Panel > Mouse applet. You can update the
driver to suit the user.
Note
The troubleshooting issue known as a ghost cursor can mean one

of two things. First, the display shows a trail of ghost cursors
behind the real cursor as you move the cursor. This might point to
a display that is getting old or an improperly configured refresh
rate. Second, the cursor moves erratically, whether you are
touching the touchpad or not. This probably means the touchpad
has been damaged in some way and needs to be replaced.
Page 907 of 1229
10.6.13.6 Troubleshooting connectivity issues

The primary issues you will come across are related to intermittent
connections or no connection at all.
If the wireless does not work at all, check along the front, back or side
edges of the laptop for a physical switch that turns the internal wireless
adapter or Bluetooth adapter on and off.
Try the special key combination for your laptop to turn the wireless or
Bluetooth adapter on or off. You usually press the <Fn>key in
combination with another key.
No wireless or intermittent connectivity often indicates interference with
the signal. Therefore, find what is causing the interference and remove
it.
The laptop might simply be out of range or, if the wireless works
intermittently, then right at the edge of the range. Physically move the
laptop closer to the wireless router or AP to ensure there are no out-ofrange issues. If this is not possible, you might be able to boost the
power output of the wireless access point, adjust the antenna position or
move the AP.
If the system has been worked on recently, it is possible that the
connections to the wireless card are loose. You can open the system to
verify that the wires are secured to the wireless card and the antenna
built-into the display is not disconnected.
It is also possible that the wireless card has failed. If so, you will need to
replace it. Alternatively, you can buy a USB wireless dongle that can be
used to connect to a wireless network.
If a user does not have any Bluetooth connectivity, you can follow the
same procedures you used for no wireless connectivity. Just remember
that you will need to pair Bluetooth devices and configure them to work
together.
Page 908 of 1229
Unit 11 Network Configuration and

Troubleshooting
Use Device Manager to change network adapter properties.

Configure TCP/IP and client settings on a Windows
client/desktop.
Configure secure wireless access point and client settings.
Understand the differences between a domain (server) and
workgroup (peer-to-peer) network models and join a
workgroup or domain.
Set up network shares and assign permissions to users and
groups.
Use Offline Files to cache networked files offline.
Assign NTFS permissions to users and groups and
understand their interaction with share permissions.
Use Windows Simple File Sharing and Homegroup features.
Use Remote Desktop and Remote Assistance to connect to
a remote computer over the network.
Set up different types of Internet and VPN connections
within Windows.
Configure Internet Options within the Internet Explorer web
browser.
Configure Windows Firewall and Firewall with Advanced
Security.
Use command line tools to test TCP/IP configuration.
Troubleshoot LAN, dial-up and wireless connections.

(G185eng) Module 5 Unit 1 (p.315 - 393)
Study
Notes

o Configuring Network Connections (p.333)
o Configuring Shared Resources (p.358)
o Configuring Internet Access (p.375)
o Troubleshooting Networks (p.393)
Notes
11.1 Network adapter properties

The network adapter, also called a network interface card (NIC), is
used by a computer to connect to another computer or to a connectivity
device such as a switch, router or wireless access point (WAP or AP) so that
data can be sent and received.
Page 909 of 1229
The adapter can connect to the network by using a cabled (wired)

connector or by using a connector with antennas to send radio waves over
the air (wireless). Other than the address information, the adapter should
be configured to match the capabilities of the connectivity device.
11.1.1 Network adapters for a cabled network

Almost all cabled network adapters/cards support some type of Ethernet.
The adapter you use must have connectors that match the type of cable
you use and the cable you use must match the connectivity device you are
using and the connectivity device must match the companys network
requirements. Most adapters use twisted pair copper cable with RJ-45
connectors while some large networks use very fast fibre optic adapters
and cables.
The adapter and switch must also use the same Ethernet parameters. The
main parameters that need to be considered are:
Signalling speed adapters support different speeds (bandwidths), the

most common being 1000+ Mbps (Gigabit Ethernet) over twisted pair
cabling, while older adapters support 100 Mbps (Fast Ethernet) or 10
Mbps (plain Ethernet). Most adapters are listed as 10/100 or
10/100/1000 Mbps cards, which mean they will detect the network
speed of 10 Mbps, 100 Mbps, or 1000 Mbps and automatically use that
speed. Every link in the networking chain must work at 100 Mbps
including the network adapter, cables, and central connectivity devices
such as SOHO router or switch. If any one of those links runs at less
than 100 Mbps, the entire connection would be brought down to 10
Mbps. The same holds true for gigabit connections.
Duplex mode this determines whether the network adapter can work
in half duplex or full duplex. All modern Fast and Gigabit Ethernet cards
can work in full-duplex mode and Gigabit Ethernet requires full duplex to
work.
Most cabled network adapters and switches will autonegotiate network

parameters. Autonegotiation enables the adapter and switch on either
end of the cable to automatically negotiate what speed and duplex mode to
use and adjust the speed and duplex mode automatically. Speed and
duplex can also be hardcoded, preventing negotiation.
The configuration must be consistent on both sides of the connection.
Either both sides must be configured to autonegotiate, or both sides must
be set with the same parameters. Otherwise a duplex mismatch error can
occur. To change these parameters yourself, open Device Manager, find
the required network adapter and right-click it and choose Properties. You
will be able to choose the appropriate parameters using the Advanced tab.
See Figure 11.1.
Page 910 of 1229
Figure 11.1 Network adapter properties in Device Manager

Find the parameter used for autonegotiation. In Figure 11.1, it is named
Auto Negotiation, but you might see it called AutoSense or something
similar. You can also find these properties by right-clicking the network
adapter in the Control Panel and choosing Properties. From the Properties
page, click the Configure button and then click the Advanced tab. If the
switch allows you to configure it, you might have to do the same
configuration for the switch port as well.
Note
These properties are not standard and will be different depending

on what type of network adapter and driver you are using.
Most of the other parameters on this tab can be left to their default setting.
On some occasions, you might have to go to this tab and enable/disable or
change a parameter to improve performance or troubleshoot a connectivity
problem.
11.1.2 Network adapters for a wireless network

Each computer that will connect to a wireless network needs a wireless
network adapter or wireless NIC (WNIC), which is similar to an
Ethernet network adapter, but instead of having a cable connector, it has
one or more radio antennas. The most important parameter on a wireless
network adapter is the 802.11 standard or wireless mode, which must be
supported by the AP or wireless router. Most adapters are configured to
support any standard available, although making a network work in
compatibility mode can reduce the performance of the whole network.
Page 911 of 1229
Figure 11.2 Wireless adapter properties settings

Other than the 802.11 standard, consider the following other parameters:
Roaming aggressiveness (tendency or decision) This setting

refers to how long the adapter waits to drop the current AP and connect
to another AP with a stronger signal.
Transmit power refers to the power at which the adapter sends its
signals out, which determines the radio coverage range. The optimal
setting is to set the transmit power at the lowest possible level that is
still compatible with your required signal quality and within the
countrys power output laws. Match the clients radio power level to the
AP to ensure that both of them can send and receive signals.
11.1.3 Wake-On-LAN (WOL)

WOL might be listed as Wake On Magic Packet, Power Management, Wake
On Pattern Match, Shutdown Wake-On-LAN or something similar. WOL is
used to wake up a sleeping, low powered or turned off computer from
another computer using a special pattern or a broadcast magic packet
(which essentially repeats the destination computers MAC address many
times). WOL can be configured in the network adapters Properties page,
as shown in Figure 11.3.
The general steps to set up WOL are as follows:
1. Enable the WOL feature in CMOS Setup. The BIOS must support WOL.
2. Open the network adapters Properties page from within Device
Manager.
Page 912 of 1229
3. On the Advanced or Power Management tab, select the appropriate

option(s). Using the adapter in Figure 11.3 as an example, WOL could
be enabled by selecting the Allow this device to wake the computer
checkbox. Optionally, if you wanted to tell adapter to ignore every other
type of packet but magic packets, select the Only allow a magic
packet to wake the computer checkbox.
Figure 11.3 Wake-on-LAN settings on the Power Management tab

On the remote computer, configure the network software to send magic
packets. The network software is often provided with systems and network
management suites or as standalone programs for both computers and
smartphones.
Note
In case that a computer being awakened is communicating via WiFi, a standard called Wake on Wireless LAN (WoWLAN) can be
used, so long as the wireless chipset supports this standard.
11.1.4 QoS (Quality of Service)

The current trend in networking is convergence, that is, moving away
from separate physical networks with each one carrying specific types of
traffic and towards a single common physical network infrastructure that
includes computer networking, telephony traffic and mobile device traffic.
Quality of Service (QoS) is the means of using tools and technologies to
assign different priorities to different types of traffic in order to guarantee a
certain level of performance demanded by users of the network. Although it
cannot make a network faster, is can enforce better use of the network.
Administrators control the types of traffic that receive higher priorities by
specifying protocols, ports, IP addresses, users, or other criteria.
Page 913 of 1229
QoS focuses on dealing with the following different types of problems that
can affect data on a network:
Low bandwidth QoS can improve network performance for an

application by raising its priority for assigned network bandwidth.
Latency the delay in how long it takes to send data packets from one
point to another across the network, measured in milliseconds (ms).
Latency can be impacted by factors such as how much bandwidth and
throughput is available and how busy the network is (e.g. congestion)
and how efficiently routers are handling data packets.
Jitter this is the variation in delay or the variation in the time it takes
between packets arriving at the receiving end. It can often be caused by
network congestion, route changes or configuration errors and can
seriously affect the quality of streaming traffic such as audio and video.
Error or corrupted data packets from noise or interference, and
dropped packets (which often cause delays).
Out-of-order packet delivery packets from a collection of related
packets may take different routes to the destination, each resulting in a
different delay. The result is that the packets arrive in a different order,
which can cause performance and quality issues in time sensitive
applications, such as VoIP.
Every device, including network adapters, switches and routers, along the
path from the sender to the destination that prioritised traffic must pass
through must support QoS, otherwise the traffic flow receives the standard
first-come, first-serve treatment from network devices.
To configure Windows to provide QoS for applications, you first verify that
the QoS Packet Scheduler for the adapters local network connection is
enabled (as shown in the dialog box on the left in Figure 11.4), which acts
as a traffic cop by allowing you to control the rate of flow and prioritisation
of traffic, and then you must enable QoS for the network adapter and set
the QoS level for applications. This can be done on the Advanced tab in
the Properties of the network adapter, as shown in the dialog box on the
right in Figure 11.4. Click Configure to access the adapters Properties
page.
Page 914 of 1229
Figure 11.4 Enabling QoS

The name for the QoS setting differs for each manufacturer. For example,
in Figure 11.4, it is called Priority & VLAN; however, it might be named
Priority, QoS Packet Tagging, or something similar. Click OK to enable
priority and then close all Windows.
Note
If a QoS option is not listed, the adapter does not support QoS
11.2 Creating network connections

One of the great strengths of computers is the ability to connect to a
network and share resources. The Network Connections Control Panel
applet in Windows XP is used to configure both cabled and wireless network
adapters and to set up new network connections. Windows Vista/7 include
the Network And Sharing Center applet, which also allows you to
configure and set up network adapters and connections and has other tools
to configure networking.
Although you will not need to assign IP addresses very often as DHCP
and/or IPv6 will do so for you, there will be times when you will have to
manually assign an IP address by typing in all of the information needed by
the client, server, printer, router or other device.
Page 915 of 1229
The process is different depending on what device you are configuring the
IP address for. Network printers usually have a menu-driven interface or a
web interface that you can use. Operating systems allow you to configure
the properties of the network adapter and routers can be configured via a
command line or web interface.
11.2.1 Cabled/wireless network adapter Windows

configuration
Configuring the network adapter is the same in Windows 7/Vista/XP.
However, the path to the adapter is a little bit different in these systems.
You can go through the following steps to access the network adapter on
each operating system:
On Windows 7:
1. Click Start and type Network and Sharing Center in the Search box.
Alternatively, click or right-click on the network icon in the notification
area and then click Open Network and Sharing Center, or open the
Control Panel and select the Network And Sharing Center from the
Network And Internet category (in Category view). Figure 11.5 shows
the Network and Sharing Center.
Figure 11.5 Network and Sharing Center

The Network and Sharing Center applet is split into two panes. On the left
pane, you will find shortcuts for settings for wireless networks, all network
adapters, network sharing, Homegroup, Internet Options and the Windows
Firewall. On the right pane, you have basic information about the current
network connection and links to several wizards that allow you to change
some network settings
2. On the left pane, click Change adapter settings. You will now see a
list of available network adapters on the system in the Network
Connections window (shown in Figure 11.6).
Page 916 of 1229
On Windows Vista:
1. Click Start and type Network and Sharing Center in the Start Search
text box.
2. Select Network And Sharing Center. Alternatively, you can open the
Control Panel and select the Network And Sharing Center from the
Network And Internet category.
3. On the left pane, click Manage Network Connections. You will now
see a list of available network adapters on the system.
On Windows XP:
1. Click Start > Control Panel.
2. In Category View, select Network And Internet Connections >
Network Connections. Otherwise, in Classic View, select Network
Connections. You will now see a list of available network adapters on
the system.
11.2.2 Network adapter properties

After the driver for a network adapter is installed, Windows creates the
Local Area Connection icon for it in the Network Connections window.
See Figure 11.6. If you have multiple network adapters or modems
installed, Windows will display a connection icon for each one. Local Area
Connection is for network adapter 1, Local Area Connection 2 is for network
adapter 2 and so on. A wireless adapter is called Wireless Network
Connection.
Figure 11.6 Network Connections

Each network adapter has three rows that describes it: the first row shows
the name of the adapter (Local Area Connection by default), the second
row shows the status of the adapter (disconnected, disabled, unidentified
network, network, network cable unplugged and so on), and the third row
shows the manufacturer and model name of the adapter. Also, each
adapter will have its own icon, coloured in either grey or blue. A grey icon
means that the network adapter is disconnected or disabled while a blue
icon means that the adapter is enabled and connected.
Page 917 of 1229
Note
If you have a network adapter that is enabled but not connected,

you will see a red X near it. Also, in the second row of its
description, it displays the text Network Cable Unplugged or some
other error message. In such scenarios, you need to check the
connection (cable or wireless) and ensure that the network cable is
plugged in correctly to both the computer and the other network
device or wall outlet or that the wireless connection is set up
properly.
Each connection has a shortcut (right-click) menu, as shown in Figure 11.6

where you can disable/enable the connection (network adapter), view the
status about the connection, diagnose, rename and delete the connection
and view its Properties, and where you can configure the appropriate client,
protocol or service:
Clients software that allows you to log onto and participate in a

particular type of network, such as Linux/UNIX or Windows. Client for
Microsoft Networks allows the computer to participate in Microsoft
Windows networks.
Protocols provides the addressing system (IP address, subnet mask,
etc) and delivery of data packets between systems so that they can
communicate. At least one network protocol must be enabled, with
TCP/IP being the most widely used and installed by default on Windows.
Services allows the system to provide network functions to other
systems. For example, the File and Printer Sharing for Microsoft
Networks service allows the computer to share files and printers with
other systems on the network.
1. After you have accessed the network adapter, you can change its
properties by right-clicking its connection and select Properties. The
Local Area Connection Properties dialog box for the network adapter
appears, as shown in Figure 11.7. This step is for Windows 7, but it is
the same for other Windows systems.
Page 918 of 1229
Figure 11.7 Local Area Connection Properties

As shown in Figure 11.7, the following clients, protocols and services are
enabled by default:
Client for Microsoft Networks the computer can access resources

on Microsoft networks. Installed as part of the OS installation, the Client
for Microsoft Networks rarely needs configuration.
QoS Packet Scheduler controls network traffic, including rate-offlow and traffic prioritisation.
File and Printer Sharing for Microsoft Networks enables the
computer to share files and printers.
Internet Protocol Version 6 (TCP/IPv6) this is where you can set
IPv6 address configuration information. Click Properties to configure the
IPv6 address, prefix, DNS Server address or DHCP settings.
Internet Protocol Version 4 (TCP/IPv4) this is where you can set
IPv4 address configuration information. Click Properties to configure the
IPv4 address, subnet mask, DNS Server address or DHCP settings.
Link-Layer Topology Discover Mapper I/O Driver allows the
computer to discover other computers and devices on the network
(network mapping and discovery).
Link-Layer Topology Discovery Responder allows other
computers and devices on the network to discover this computer
(network mapping and discovery).
You can click the Install button to add a protocol, network client, or
service that is not listed. You may be asked to insert the Windows disc.
Page 919 of 1229
11.2.3 Assigning static or dynamic IPv4 addresses in Windows

In the following exercise, you will learn how to assign IPv4 and DNS server
address parameters, or even to change an already-assigned address back
to DHCP. In the adapters Properties dialog box, from the General tab
(Windows XP) or Networking tab (Windows Vista/7), under Connection,
do the following to set up an IPv4 address configuration:
1. Select Internet Protocol Version 4 (TCP/IPv4) as shown back in
Figure 11.7 and click Properties. Alternatively double-click on
Internet Protocol Version 4 (TCP/IPv4) to open its Properties
dialog box.
The Internet Protocol Version 4 (TCP/IPv4) Properties dialog box will
open. In it, you can either configure the IP address, subnet mask, default
gateway and DNS server to be set automatically (if your SOHO
router/DHCP server is configured to assign these parameters automatically)
or set them yourself manually. By default, the dialog box options will be
configured to Obtain an IP address automatically and Obtain DNS
server address automatically, as shown on the left in Figure 11.8, which
means that the network adapter will attempt to get all of its IP address
parameters from a DHCP server. However, this exercise will show you how
to configure the adapter manually. When you configure a computer to
connect to a network, you must enter the IP address, the subnet mask, and
optionally the default gateway and DNS server address. (The last of these
is called configuring client-side DNS settings.)
2. Click the Use the following IP address radio button. This disables
DHCP and enables the other fields so that you can type in the required
IPv4 information. For example, you could enter the following:
IP address: a computers unique address on the network. For the IP

address, enter 192.168.1.1.
Subnet mask identifies the network ID. For the Subnet mask, enter
255.255.255.0.
Optional: Default gateway IP address or the LAN side of your router.
Remember that a computer can only communicate with other
networks if the default gateway address is manually or automatically
assigned.
Optional: DNS server tracks easy-to-remember DNS names for IP
addresses. A computer will not be able to resolve host names or web
addresses if it does not have a DNS Server address configured or
assigned by DHCP.
If you do have a router and DNS Server on your network, enter the routers
IP address in the Default gateway field and the DNS Servers IP address in
the Preferred DNS server field; otherwise, these two fields can be left
blank.
Page 920 of 1229
When you are finished, your dialog box should look like the one shown on
the right in Figure 11.8.
DHCP
Manual or Static
Figure 11.8 Internet Protocol Version 4 (TCP/IPv4) Properties

dialog box
Note
If the computer is set to get IP address and DNS address

information from a DHCP server as shown on the left in Figure
11.8, but the computer cannot contact a DHCP server, it will
randomly chooses an APIPA address in the form of 169.254.x.y
(where x.y is the computers identifier) and a 16-bit subnet mask
(255.255.0.0) and broadcasts it on the network segment (subnet).
If no other computer responds to the address, the system assigns
this address to itself.
If you have other computers connected to this one, try configuring their IP
addresses in the same way. Remember, the host part of the IP address
must be unique and go up a number once for each computer: .1, .2, .3
and so on. For example, the second computer could have the IP address of
192.168.1.2 and the same subnet mask of 255.255.255.0.
3. Click OK. Then, in the Local Area Connection Properties dialog box, click
OK. This will complete and bind the IPv4 configuration to the network
adapter.
Test your configuration. There are two basic ways of doing this, first with
the ipconfig command which displays information about your TCP/IP
address configuration, and second with the ping command to make sure
that the computers on the network can contact each other.
Page 921 of 1229
Open a command prompt and run the following command:

ipconfig
The results should look something like Figure 11.9. Notice the IPv4
Address field in the results and the IP address that is listed. This should be
the IP address you configured previously. If not, go back and check your
Internet Protocol Properties dialog box.
Figure 11.9 IPCONFIG output

Ping a computer on the same 192.168.1 network. If there are no other
computers, ping your own IP address. For example, type the following
command to make sure TCP/IP is installed and configured properly:
ping 192.168.1.1
The ping command simply sends packets to another computer and requests
that the second computer send packets back in reply. If the reply packets
are received, ping displays a message indicating how long it took to hear
from the other computer. If the reply packet is not received, ping displays
an error message indicating that the computer could not be reached.
Before you can ping another computer, the Windows Firewall on that other
computer must be disabled or a rule must be added to the firewall to allow
ping packets to pass through it. A positive ping would look similar to Figure
11.10, in which four reply packets are received by the pinging computer.
Page 922 of 1229
Figure 11.10 Successful PING output
11.2.4 Alternate Configuration

You can use Alternate Configuration when your laptop will be used on
more than one network, such as at home and at the office, where one of
those networks does not have a DHCP server (typically the home network)
and you do not want to use an APIPA configuration or change your IP
address every time you move between the two networks. When you are in
the office, the laptop uses a DHCP-allocated TCP/IP configuration and when
you are at home, the laptop automatically uses the alternative
configuration.
If you followed the previous steps to assign an IP address in Windows, you
might have noticed a subtle change if you select Obtain An IP Address
Automatically. Specifically, an additional tab called Alternate
Configuration appears. This tab disappears when you select Use The
Following IP Address. Select this tab and you can configure the alternate
configuration settings. Figure 11.11 shows this property page configured
with an alternate IP address, subnet mask, default gateway, and DNS
server. Normally, Automatic Private IP Address is selected.
Page 923 of 1229
Figure 11.11 Alternate Configuration

Note
By default, the Alternate Configuration is set to Automatic private

IP address. Therefore, if a system does not receive a response
from DHCP, it will assign itself an APIPA address.
11.2.5 Assigning IPv6 addresses in Windows

Configuring IPv6 is in some ways easier than configuring IPv4 and in other
ways more difficult. For example, IPv6 protocol is typically installed by
default but can be installed if the OS does not support it, but configuration
of a static IPv6 address can be trickier given the length and complexity of
an IPv6 address. In general, though, IPv6 is designed to be easier to work
with once you learn the basics.
In the following exercise, you will install and learn how to work with autoconfigured addresses, add static addresses and test connections.
1. In the Local Area Connection Properties dialog box, if TCP/IPv6 is
not listed, you can download it from the Internet and then select
Install and Protocol. Select the IPv6 protocol and install it. Once IPv6
is installed, your screen should look similar to Figure 11.12.
Page 924 of 1229
Figure 11.12 TCP/IPv6

2. Close this dialog box.
3. View the auto-assigned address. Windows automatically assigns an IPv6
address, similar to the way APIPA works. This address usually starts
with FE80. We will look at the new address by opening the command
prompt and typing ipconfig/all. The results should be similar to
Figure11.12s Link-local IPv6 Address entry. Be sure to locate your
primary network adapter.
4. Ping the local loopback address. Pinging the loopback address is the
best way to test whether a network adapter is working properly. This
can be done by running the following command at the command
prompt:
ping ::1
The results should look similar to Figure 11.13. If you do not get
replies, verify that IPv6 is installed. You can also try ping 6::1 if it
appears that IPv4 results are getting in the way.
Figure 11.13 Pinging the IPv6 loopback address
Page 925 of 1229
5. Ping another computer on the network that is also running IPv6. You
can run the ipconfig command on that other computer to find out what
its IPv6 address is. Then you can ping its IPv6 link-local address from
your computer. For example, ping the IPv6 address from the command
prompt as follows:
ping fe80::6c48:7529:9257:a2a2%11
6. The exact IP address will be different depending on what computer you
ping. Your results should look similar to Figure 11.14.
Figure 11.14 Pinging the IPv6 of another computer

7. Ping by host name. For example:
ping computer1
8. If you have a direct connection to the Internet and/or the IPv6
configuration is supported by the ISP and along the path to the
destination, you could attempt to ping the IPv6 destination host on the
Internet. Success and results will vary depending on your network and
security configuration and other factors.
a) For example, you could ping the domain name of google.com as
follows:
ping ipv6.google.com or ping -6 ipv6.google.com
b) Ping google by its IPv6 address as follows:
ping
2c0f:fb50:4002:801::1011
2c0f:fb50:4002:801::1011
or
ping
-6
ping
This is an example of how to ping a host on the Internet and the IPv6
address will most likely be different. If you cannot ping a hosts IPv6
address, you can simply look at your results from the output of the ping
domain name command to find out the hosts IP address.
Page 926 of 1229
9. Configure a global IPv6 address:

a) This can be done in the Local Area Connection Properties dialog box.
Just click Internet Protocol Version 6(TCP/IPv6) and select
Properties.
When you select Obtain an IPv6 address automatically, IPv6 autoconfiguration is enabled. A network connection automatically assigns a linklocal address to itself and its default gateway (router) can assign it more
addresses. The default gateway can specify that the network connection
must use DHCPv6 to obtain more IPv6 addresses, but it is not required by
default. When you select Use the following IPv6 address, IPv6 autoconfiguration is still enabled, but static IPv6 addresses are assigned in
addition to the auto-configured IPv6 addresses.
b) Click the Use the following IPv6 address radio button. This will
enable the IPv6 configuration fields. Enter a unique global IPv6
address, such as one that is provided by an ISP, for example:
2001:ab1:442e:1323::1
c) The address can be on any network of your choosing. If the number
is not valid, Windows will inform you when you attempt to go to the
next field.
d) Enter an address that is one higher for the second computer, for
example:
2001:ab1:442e:1323::2
Go up by one from there for each additional computer. For example,
2001:ab1:442e:1323::3
e) For the subnet prefix length, either click inside the box or tab through
or enter 64. That is the default length; if you tab through, it will be
entered automatically.
f) For
the
default
gateway
on
all
computers,
enter:
2001:ab1:442e:1323::9 for example, or leave it blank if no router is
on your network. This is just an example. If you are using a different
network, just make sure your gateway address is on the same
network but uses a different host interface part of the address (in this
case, the last octet). If you have specific network documentation with
a real IPv6 gateway address, use it.
g) For the preferred DNS server on all computers, enter the following
address for example:
2001:ab1:442e:1323::8
This is just an example. If you have specific network documentation
with a real IPv6 gateway address, use it. The DNS server could even
be on a different network; it all depends on the network
configuration.
Page 927 of 1229
h) Your configuration should look similar to Figure 11.15.
Figure 11.15 Global IPv6 address configuration example

i) Click OK for the IPv6 Properties dialog box.
j) Click Close for the Local Area Connection Properties dialog box. That
should bind the IPv6 information to the network adapter. Verify the
configuration in the command prompt with ipconfig /all
command, which shows all of the computers TCP/IP configuration
information. Your results should be similar to Figure 11.16.
Figure 11.16 Global IPv6 address information
Page 928 of 1229
k) The address you just added should show up in the IPv6 Address field.
This is usually just above the Link-local IPv6 Address field. Also check
for the IPv6 gateway and DNS server addresses.
l) Verify connectivity to another IPv6 host. For example, this can be
done by running the following command at the command prompt:
ping 6 2001:ab1:442e:1323::2
You should get replies. If not, check the configuration of both
computers.
m) Reset the GUI IPv6 Properties dialog box by selecting Obtain an
IPv6 address automatically radio button.
n) If you wish, run an ipconfig to find out your auto-assigned address
and another computers address. Try pinging those addresses as well.
o) Close all open windows.
11.2.6 Checking network status

You can look at the Network Status (or Network) icon in the notification
area to get a quick visual read on the current status of your network
connection (cabled or wireless), as shown in Figure 11.17.
Figure 11.17 Network icon showing successful network

connection
The network icon has different states you can use to see if there is a
connectivity problem. The Network Status icon shows that this computer is
successfully connected to the network and Internet, as illustrated by the
icon in Figure 11.17. However, the icon could also indicate any of the states
listed in Table 11.1:
Table 11.1 Network icon connection states
Icon
Red X
Warning
Globe
Meaning
A red X on the icon means no connectivity.
A yellow warning on the icon indicates a connectivity or
configuration issue (or indicates successful local
connectivity which has only computers). Sometimes
Windows takes a moment to resolve the problem
automatically, after which the warning disappears.
A globe indicates successful Internet connectivity or
connection to multiple networks. The Globe is available in
Windows Vista.
Page 929 of 1229
Pointing to or clicking the connection icon displays information about the

current network connection status. Right-clicking the icon displays a
shortcut menu with links to the Network and Sharing Center and
troubleshooting tools. If your network icon shows that there is connectivity,
you might find yourself wondering about some related status information:
How long has the connection been up and running?

How fast is the connection; that is, what is the theoretical speed
supported by your network adapter?
What are the addresses that the networks DHCP server or my ISP has
assigned to my computer?
Windows can give you this information and other details about your
network and Internet connection. One way to find this information is as
follows:
A wireless adapter will be used for this example, but the same steps can be
applied to a cabled network adapter:
1. Right-click on the network icon in the notification area and choose
Open Network and Sharing Center.
2. Click Change adapter settings. The Network Connections window
appears, listing the connections for all the network adapters installed on
your computer.
a) A cabled network adapter connection is usually called Local Area
Connection, so you would right-click on that and choose Status.
The Status dialog box appears for that connection.
b) A wireless network adapter connection is usually called Wireless
Network Connection, so you would right-click on that connection
and choose Status to open its Status dialog box.
c) A broadband network adapter connection is called Broadband
Connection, Mobile Broadband Connection or something similar,
so you would right-click on that connection and choose Status to
open its Status dialog box.
Figure 11.18 below shows the Status dialog box for a mobile broadband
connection, which shows the state of the Internet connection, how long the
connection has been running, the theoretical maximum speed, number of
bytes sent and received and some other information. If this was a wireless
adapter, it would also show the network's SSID name and the connection's
current signal strength.
Page 930 of 1229
Figure 11.18 Network connection status information

3. The broadband network adapter will be used in the next example, but
the same steps can be used for a network, virtualised and wireless
adapter. Click Details on the same Connection Status dialog box
shown in Figure 11.18. Windows displays the Network Connection
Details dialog box for your connection. See Figure 11.19. This dialog
box tells you, among other network parameters, your adapters MAC
address, IP address, Subnet Mask, and the DNS and DHCP Server
addresses.
Figure 11.19 Network Connection Details

4. Close all dialog boxes and all open Windows.
Page 931 of 1229
11.2.7 Configuring a wireless client

The primary difference between connecting to a wireless network or a
cabled network is that the wireless network does not use cables. You need
to ensure that an AP or wireless router is set up properly and functioning
within the network and configure the client to connect to it.
You can configure IP address parameters on the wireless network adapter
just as you would configure it on the cabled adapter. It is more common to
use DHCP, but you can statically assign them if desired. The wireless
adapter can either be configured using the vendor-supplied software that
comes with the adapter or within Windows.
Note
If Windows is controlling the adapter but instead, you want to use

the vendor-supplied software to configure the adapter, or vice
versa, under the adapters Properties, select (or deselect) Use
Windows to configure settings (on the Wireless Networks tab).
The Wireless Zero Configuration service (WLAN AutoConfig in
Vista/7) should also be running.
11.2.7.1 Configuring a client using Windows XP and Vista

Note
This exercise is for demonstration purposes only. You will

not be tested on it in the practical examination.
On Windows XP, open the Network Connections applet or Wireless

Network Setup Wizard. If the AP is set to broadcast the SSID, it should
be listed as an available network with bars showing its signal strength and
a lock icon indicating whether the network is secured with encryption.
Select the network from the list and click Connect and then enter the preshared key (or log on in the specified way using RADIUS authentication). If
the AP is not set to broadcast its SSID, hiding the wireless network, open
the wireless adapters Properties page and click on the Wireless
Networks tab. Click Add under Preferred networks. Enter the SSID, select
an authentication method and enter the key or other authentication
information.
On Windows Vista, choose Start > Connect To or right-click the network
status icon in the notification area and choose Connect to a network. A
list of wireless networks will be shown. Double-click the network name and
enter the pre-shared key and click Connect. If the wireless network is not
listed because the SSID broadcast is disabled, click Set up a connection or
network and enter all the appropriate information to connect.
11.2.7.2 Connecting to a non-hidden wireless network from a
Windows 7 client
1. In the notification area, click the wireless network icon to bring up a
window listing the available network connections. The list is split by
type of available network connections (dial-up and virtual private
network (VPN)) at the top, and wireless networks at the bottom that
Windows 7 has detected.
Page 932 of 1229
To refresh the list of available networks, click the Refresh icon located
at the upper-right side. Figure 11.20 shows a list of dial-up, VPN and
wireless connections.
Figure 11.20 Listing wireless networks

Note
If Windows 7 has not detected any connections and you know for a
fact that there should be at least one wireless network available in
your area, you should check whether your wireless network
adapter has the appropriate drivers installed and that it is enabled.
2. If you hover your mouse cursor over one of the available wireless
network icons, you will see more details about it, including: the network
name, signal strength, the type of wireless security used (if any), and
its SSID. See Figure 11.21.
Figure 11.21 Viewing wireless network information

Page 933 of 1229
3. Once you decide which network to connect to, click it and then click
Connect. See Figure 11.22.
4. After a few seconds, you will be asked to enter the security key. Enter
the network security key or, if you have connected to your own home
network, take it from the router. See Figure 11.22.
Figure 11.22 Connecting to a wireless network and entering the

security key
5. Type the security key, then click OK.
When you connect to the wireless network for the first time, make sure you
assign it the correct network location. If you are successful, the wireless
icon on your taskbar changes to indicate your connection status and how
powerful the wireless signal is. See Figure 11.23.
Figure 11.23 Wireless status icon

Note
If an incorrect password is entered, you will be asked to enter it in

again until it matches the password of the wireless AP or router
that you are connecting to. If everything is OK, the system will
connect to the selected network using the given security key.
11.2.7.3 Connecting to a hidden wireless network from a Windows

7 client
A hidden wireless network does not have its SSID broadcasted to the
network. For such a network, you need to know how to identify and
connect to it from wireless clients.
Page 934 of 1229
To get this identification and connection information, open your routers

configuration page and go to the Wireless configuration menu. Write down
the SSID and Security information. Depending on the type of security in
use, you will need to write down either of the following:
For WEP security, take note of the WEP Key.

For WPA-PSK, WPA2-PSK(AES) security, take note of the Preshared
Key.
Note
Hidden wireless networks are not undetectable - computers

configured to connect to them are constantly broadcasting the
SSID of these networks, even when they are not in range. As a
result, using such networks actually compromises the privacy of
the clients connected to them.
If security is not enabled on the wireless network, then you only need to
know its SSID.
Note

1. Open the Network and Sharing Center and then click Set Up a
Connection or Network.
2. The Set Up A Connection Or Network window opens. See Figure
11.24. From this window, can you set up for connections to the
Internet, set up a new network, manually connect to a wireless
network, set up a dial-up or VPN connection, and set up an Ad-hoc
wireless (computer-to-computer) network.
Figure 11.24 Set Up a Connection or Network
Page 935 of 1229
3. Select Manually connect to a wireless network, then click Next.

4. The Manually Connect To A Wireless Network wizard displays
several fields in which you need to supply information. See Figure
11.25.
Figure 11.25 Manually connect to a wireless network

5. In the Network name field, type the name of the wireless network you
want to connect to; this is the same SSID field from your routers
wireless configuration menus.
6. In the Security type field (the type of security that is used by your
wireless network), choose the appropriate option: WEP for WEP
security, WPA-Personal for WPA-PSK security, or WPA2-Personal for
WPA2-PSK (AES) security.
Note
WPA2-Enterprise, WPA-Enterprise, and 802.1x are specific only to

business networks not home networks.
7. In the Encryption type field, if the wireless network is using WPA2Personal (WPA2-PSK(AES)) security, select AES. Otherwise, leave the
default value Windows 7 provides for you.
8. In the Security Key field, depending on the type of security used,
make the following selection:
Select WEP for WEP security.

Select WPA-Personal for WPA-PSK security.
Select WPA2-Personal for WPA2-PSK(AES) security.
If no security is enabled on the wireless network, select No
authentication (Open).
Page 936 of 1229
For WEP, WPA Personal and WPA2 Personal, you will have to enter the
security key as follows:
For WEP security enter the WEP Key.

For WPA-PSK, WPA2-PSK(AES) security enter the Preshared Key.
See Figure 11.26.
Figure 11.26 Manually entering wireless network security

information
9. Do not forget to select Start this connection automatically, to
automatically connect the system to the wireless network every time
you log on, and Connect even if the network is not broadcasting,
to connect to the hidden network if its SSID is hidden.
10. Click Next. You will see a message indicating that you have
successfully added the wireless network to your computer.
11. If you want to review any of the settings, you can click Change
connection settings to bring up a window where you can change all
the settings.
Note
The same window can be opened at any time by going to Control

Panel > Network and Internet > Network and Sharing
Center > Manage Wireless Networks, and then double-clicking
the wireless network.
12. Click OK to close the network properties window, then click Close to
end the Manually Connect to a Wireless Network wizard. When
done, Windows 7 automatically connects to the hidden wireless
network.
Page 937 of 1229
When you connect to the hidden wireless network for the first time, make
sure you assign it the correct network location.
13. The wireless icon on your taskbar shows your connection status and
how powerful the wireless signal is.
11.2.7.4 Configuring a client using vendor-supplied wireless
software
If you do not want to use the Wireless tools within Windows, you can use
the software that comes with the wireless adapter to connect to the
wireless network. Figure 11.27 shows a screenshot of a wireless
configuration wizard. As you can see, this tool provides the option to select
the network name, network type (ad hoc and infrastructure), and security.
Figure 11.27 Vendor-supplied wireless utility
11.3 SOHO security

This section will just recap how to secure a SOHO wireless router device,
and refer to it simply as a router.
Change default usernames and passwords the first thing you

should do to secure the router is to change the default username and
administrator password (or set a complex password if the password is
blank by default), otherwise someone can simply download the user
manual for the router from the vendors website and gain access to
your router.
Change and disable the SSID always change the default SSID to
something unique before enabling wireless on the router. Network
names can include uppercase and lowercase letters and numbers. The
default SSID names and passwords are well known and widely available
online. In addition, after all wireless clients are connected to the
network, consider disabling SSID broadcast. The SSID name is included
in every data packet broadcasted in the wireless networks coverage
area. Data packets that lack the correct SSID name are rejected.
Page 938 of 1229
Though it does not provide security, disabling SSID broadcasting will

block out part of the SSID broadcast, making it impossible to see with
normal wireless locating software.
Use encryption Windows supports wireless networking protocols,
with WEP being the weakest type of encryption; WPA is stronger, and
WPA2 the strongest of the three and encryption methods such as AES
to ensure data is kept confidential. However, if needs be, it is better to
have WEP as opposed to nothing. If this is the case, use encryption
keys that are difficult to guess, and consider changing those keys often.
Enable MAC Filtering Only wireless adapters that have their MAC
addresses in the APs MAC address filter table will be allowed to
connect; no-one else can join the wireless network. Because MAC
filtering and a disabled SSID can be easily overcome using a network
sniffer program, it is important to also use strong encryption and
possibly consider other types of network access control (such as
802.1X) and external authentication methods (such as RADIUS).
Disable WPS Wi-Fi Protected Setup (WPS) was originally intended to
make secure connections between APs and clients easier for the user
through the use of a push button or password or code. However, WPS is
vulnerable to attacks that try to guess passwords and codes, which can
lead to intrusions on the network. Thus, it is best to disable WPS on the
router to help secure the network.
Assign Static IP addresses a SOHO router can be set to limit the
number of dynamic addresses it hands out. First, consider increasing
the scope of addresses that the router is configured to hand out to
clients. Second, try assigning static IP addresses to servers and
printers; essentially any hosts that share information or services.
Disable physical ports many routers come with the capability to
disable the physical ports on the switch part of the device. If you
disable unused physical ports, a rogue computer can be plugged into
the router physically but will not be able to access the network.
AP placement and radio power while encryption can protect the
network from intruders, you can also limit your risk by hiding your
network from outsiders altogether. When using an omni-directional
antenna, keep it near the center of your home or office, and away from
walls. Your AP might also enable you to adjust the radio power levels of
your antenna. Decrease the radio power until you can get reception at
the furthest point inside your home or office, but not outside.
Router firmware make sure that the routers firmware is up to date.
Enable the firewall always make sure the built-in firewall is enabled
and configured to allow only traffic that should be allowed to pass
through and block traffic that should not.
11.4 Workgroups and domains

There are two primary ways that users are authenticated in networks:
workgroups and domains.
Page 939 of 1229
The following sections describe them in more depth, but the distinguishing
points between the two are as follows:
Workgroups are typically for ten or fewer computers that share the
same network name. Users need an account on each computer to
access it.
In a domain, users have a single account that they can use to access
different domain computers and resources.
11.4.1 Workgroup
A peer-to-peer network, referred to as a workgroup in Windows, is one
in which every computer that participates in the workgroup can act as both
a client that asks for resources and a server that provides resources,
essentially making each computer equal or a peer. Each user is an
administrator in a sense and is responsible for configuring his or her
computer and sharing resources and deciding who should have access to
the shared files on the computer or the printer attached to it.
Each computer in the workgroup has a security account manager (SAM)
database that stores the usernames and passwords for all users that can
access the computer. Figure 11.28 shows a workgroup with two users and
a printer. Each computer includes a separate SAM. If Susan wants to log on
to her computer, she authenticates with a username and password
contained in the SAM on her computer. Her account on her own computer
will not allow her to log on to Danies computer, unless she has an account
stored on in the SAM on Danies computer. This means she would need two
usernames and two passwords: one to log on to her own computer and
another to log on to Danies computer.
Figure 11.28 A workgroup

When you log on to your computer, you are accessing a username and
database on that computer. The account you are giving access to is stored
on your computer, so how do you give someone from another computer
access to that shared resource? You have to give that other person a valid
username and password.
Page 940 of 1229
The UNC format computer_name\user_name is used to track logons. If

you log on to Computer A as Susan, it is said you are logged on to
ComputerA\Susan.
Figure 11.29 shows an account called Susan on Computer A. Assume there
is a shared folder called DevProjects on Computer A and Susan has
read/write permission.
Figure 11.29 Computer A\Susan and Computer B\Danie

Danie logs into Computer B and opens his Network menu option and sees
Computer A, but when he clicks on it he sees a network password prompt
(see Figure 11.30).
Figure 11.30 Prompt for entering username and password

The reason is that the user is logged on as ComputerB\Danie and he needs
to be logged on as ComputerA\Susan to access this folder successfully. So,
the user needs to know the password for ComputerA\Susan. This is not the
best way to protect usernames and passwords. You have three choices:
1. Make people log on to shares as just shown.
2. Create the same accounts (same username and same password) on all
the computers and give sharing permissions to all the users for all the
shares.
Page 941 of 1229
3. You can use one account on all computers. Everyone logs on with the
same account, and then all shares are by default assigned to the same
account.
A workgroup is easy to set up, works well for a smaller home or office
networks with a few users, and does not cost too much because there is
not a dedicated server. However, it is unreliable and difficult to organise
and manage since a user could switch off their computer while someone
else is accessing it at the same time. Also, resources and administration
are not handled from a central place, but instead, every user is responsible
for sharing, securing and backing up their own resources.
11.4.2 Domain
A server-based or client/server network is made up of one or more
servers that are placed in a central place where resources can be stored,
shared and managed by the network administrator and provided to clients.
Common network administration tasks such as network security, backups
and monitoring can all be done on the server for the entire network. Larger
networks that need more control use domains. Opposite to the
decentralised nature of workgroups, a domain has a central server that
stores accounts used for authentication and is where access to network
resources can be controlled.
To use a domain on a network of Windows computers, you must have a
much more powerful computer running a version of the Windows Server
OS. When the administrator creates a domain on Windows Server, he or
she takes that stand-alone server running just the Server OS and makes
it a domain controller (DC). The DC stores a database of network
information including user, computer and group objects in Active
Directory.
Active Directory is similar to the SAM in that it includes user accounts, but
it also has many more capabilities, including the ability to authenticate
users that attempt to log on to the domain and authenticate and authorise
access to resources. The administrator creates new user accounts in Active
Directory. These accounts are called domain accounts. Once a network is
set up as a domain, each computer on the network needs to join the
domain (which removes each computer from the workgroup).
The most important point about a domain is that it provides centralised
authentication through the Kerberos authentication and authorisation
protocol and that Active Directory is centralised, scalable in that it can
continuously grow and is a secure network model.
Figure 11.31 shows a DC configured in a domain. Users log on to the
domain using one accounts username and password (single-sign on or
SSO), and they can use this account to access any domain resources they
have been authorised to access. Therefore, users do not need a different
account even if they log on to a different computer in the same domain.
Page 942 of 1229
Figure 11.31 A workgroup

Note
Not all real-world networks are entirely peer-to-peer or entirely

client/server. Some are a mixture of both.
11.4.3 Joining a Workgroup or a Domain

A workgroup is the default network organisation for almost every new
installation of Windows. By default, all computers on the network are
assigned to a workgroup called WORKGROUP, but you can change this. If
changed, every computer must be configured with the same workgroup
name to belong to the workgroup.
You can use the following steps on a Windows 7 computer to join it to a
workgroup or a domain. You need to know the name of the workgroup or
domain you will be joining (and have an account that is authorised to join
the domain).
1. Click Start, right-click Computer and select Properties. Alternatively,
open the System applet by pressing the <Windows> + <Pause> key
combination or go to Start > Control Panel > System applet. You can
see your workgroup name as shown in Figure 11.32.
Page 943 of 1229
Figure 11.32 A workgroup name in System applet

2. Select Change settings to show the System Properties dialog box.
On the Computer Name tab, you can see the computer name and
domain or workgroup membership details. The network ID button
provides you with a wizard with which to join a domain or workgroup.
3. On the Computer Name tab, click Change to open the Computer
Name/Domain Changes dialog box. Your display will resemble Figure
11.33.
Figure 11.33 System Properties and Computer Name/Domain

Changes dialog
Page 944 of 1229
4. From here you can set the computers name and join a workgroup or
domain by entering its name.
a) If you want to join a different workgroup, enter the name of the
workgroup and click OK. After a moment, you will see a message
welcoming you to the workgroup. Click OK, and you will be asked to
restart the computer. After restarting, the computer will be a member
of the workgroup and can log in as you normally do with your
username and password.
b) If you want to join a domain, select Domain and enter the name of
the domain, such as aplus.cti.ac.za. Click OK. You will be asked to
enter the username and password of an account that has permission
to join the domain (the domain administrator). Enter the name and
password, and click OK. After a moment, you will be asked to restart
the computer. Click OK. After restarting, the computer will be a
member of the domain. When you log on to a computer that is a
member of a domain, Windows will ask you for a username instead of
showing you icons for all the users on the network (see Figure
11.34).You can log into the domain using the logon format of
domain_name\domain_user_name
(for example, aplus.cti.ac.za\sibulelek).
Note
The domain administrators username and password is needed to

join/disjoin the domain. In addition, to join the client to a domain,
the DNS Server address in the TCP/IP Properties dialog box must
point to the domains DNS Server, since Active Directory relies on
DNS for name resolution.
Figure 11.34 shows how to logon to a domain called MYDOMAIN as the

administrator and to enter its password.
Figure 11.34 Logging onto a domain

When using a domain, you do not log on to your computer. Instead, you
log on directly to the domain. All user accounts are stored on the DC. A lot
of domains have names that look like web addresses, like pearson.com,
pearson.local, or even just pearson.
Page 945 of 1229
If the domain pearson.local has a user account called Thandi, for example,
you would use pearson. local\Thandi to log on.You can log on to the local
computer
while
joined
to
a
domain
using
the
format
of
local_computer_name\local_user_name.
To remove a computer from a domain, join an existing workgroup, or
create a new workgroup, you select the workgroup option and type in the
name of the workgroup and click OK. If you are removing yourself from the
domain, you will be asked for administrative credentials so that it can
delete the account from Active Directory. If you do not specify
administrative credentials, it will still remove the computer from the
domain, but the computer account will still remain within Active Directory.
11.5 Browsing the network and mapping drives

One way that you can share data with other users is to create a share on a
computer. A share is simply a folder, file, drive or printer that has been
made available to other users on a network. Shares are accessed over a
network by using the Universal Naming Convention (UNC) format. A UNC
path is in the format of:
\\computer_name\path
(Where computer_name is the host name, FQDN or IP address of the
sharing computer and path is the folder and/or file to the resource)
Note
Users can enter the UNC path from the command prompt, the Run
line, or the Search box in Windows 7.
If a computer called PandoraSRV is sharing its C: drive as Sibulele, for

example, the complete name would look like this:
\\PandoraSRV\Sibulele
Double backslashes are used in front of the sharing computers name and a
single backslash is placed front of the shared resources name. A UNC
name can also point directly to a specific file or folder:
\\PandoraSRV\Sibulele\INSTALL-FILES\SETUP.EXE
In this example, INSTALL-FILES is a subdirectory in the shared folder
Sibulele (which may or may not be called Sibulele on the server), and
SETUP.EXE is a specific file.
Note
UNC path names are not case-sensitive. You can view a listing of
all the shares available on a system by running the net share
command at the command prompt.
Page 946 of 1229
If a computer is connected with a network, the UNC paths provide

connectivity, and a user with appropriate permissions can access the data.
11.5.1 My Network Places and Network

Windows enables you to access network resources by browsing the
network. Accessing shared resources depends on the operating system
version:
My Network Places
In Windows XP, users can access resources via My Network Places. This
contains a list of all computers, servers, printers and folders that have been
shared on the network with the logged on user. The logon ID determines
what users can see and use on the network. You can access My Network
Places on Windows XP with the following steps:
1. Click Start > My Computer.
2. In the left pane under Other Places, select My Network Places.
a) If the left pane is not showing, click the Tools drop-down menu
and select Folder Options.
b) On the General tab, select Show Common Tasks In Folders in
the Tasks section.
3. Click OK.
4. Click View Workgroup Computers.
This will show you all devices on your network, and you can double-click
any of these devices. You will be able to see any shared folders that you
have permissions to access.
Network
My Network Places is replaced with Network in Windows Vista/7. The
functionality is similar to My Network Places, although it looks a little
different. You can access network locations on these systems with the
following steps:
1. Click Start > Computer.
2. Select Network. Alternatively you can type Network in the Search box
on the Start menu and select Network.
Note
When you select Network, the choices on the menu ribbon change
to give you additional options. They include the Network And
Sharing Center, Add A Printer, and Add A Wireless Device
selections.
Figure 11.35 shows the network browser on a Windows 7 computer. If you

double-click any of these systems, you will see a listing of resources shared
by that system.
Page 947 of 1229
Figure 11.35 Browsing resources on a Windows network

Figure 11.36 shows the list of shared resources (a printer and a folder) on
a computer called Susan-PC, as a result of double-clicking the Susan-PC
computer in Figure 11.35 and entering a valid username and password for
that computer. You can double-click on the shared folder to see what is
inside it and by right-clicking on the shared printer and clicking Connect,
you will be able to use that printer.
Figure 11.36 Accessing shared resources on a Windows network
Page 948 of 1229
11.5.2 Mapping drives

While a UNC path will connect users to a share, it is often confusing to
users. Instead of requiring users to remember the UNC path, you can map
a drive letter to the path of the shared resource. Then you can open
Windows Explorer and use the drive letter to access the shared resource as
though it were a local drive.
Mapped drives can be created from Windows Explorer in any Windowsbased system. The following steps show how to map a drive on Windows 7.
1. Click Start > Computer to start Windows Explorer.
2. Select Map Network Drive from the Tools drop-down menu. If the
menu bar is not showing, you can click Organize > Layout, and select
Menu Bar to display it. Alternatively, you can click Map Network
Drive on the menu along the top. See Figure 11.37.
3. You can change the drive letter or leave it as is. Enter the UNC path in
the Folder text box in the format of \\ComputerName\ShareName.
See Figure 11.37 for an example.
Figure 11.37 Mapping a drive

4. Select Reconnect At Logon to ensure that the mapped drive appears
each time the user logs on.
5. Click Finish.
Figure 11.38 shows how a mapped drive appears in Windows Explorer after
it has been created.
Page 949 of 1229
Figure 11.38 A mapped drive

Note
You can also map a drive by right-clicking on the share and

selecting Map Network Drive.
To remove a mapped drive, right-click the mapped drive within Windows

Explorer or (My) Network (Places) and choose Disconnect or
Disconnect Network Drive.
11.6 File sharing and share permissions

A share can be configured with the following properties:
Share name and optional comment the share name is visible to

the network which users will use to connect to the share. You can share
the same folder many times with different share names and
permissions. The comment is an optional field that describes the share.
User limit you can limit how many users can connect to the share at
any one time.
Permissions you can choose which users and groups can access the
share through share permissions, which interact with NTFS permissions
to allow or block access.
All versions of Windows share drives and folders in basically the same way.
Right-click any drive or folder and choose Properties. Select the Sharing
tab (see Figure 11.39). In Windows Vista/7, click the Advanced Sharing
button. Select Share this folder, add something in the Comment or User
limit fields if you wish (they are not required), and click Permissions (see
Figure 11.40).
Page 950 of 1229
Figure 11.39 Sharing a folder
Figure 11.40 Share permissions

There are four levels of share permissions, described in the following list,
and the Full Control, Change and Read permission can be assigned the
Allow or Deny setting:
Full Control allows users or groups to do anything with subfolders

and files within the share, including assigning permissions to other users
and groups.
Change allows users or groups to read and modify files, but not set
permissions for others.
Page 951 of 1229
Read allows users or groups to connect to the resource, run

programs, and read files, but they cannot edit, delete or create files.
Deny this overrides all other allowed permissions the user receives as
an individual or member of a group.
Click the Add button in the Permissions dialog box shown in Figure 11.40
and add the users or groups you want to assign the appropriate permission
to the share.
11.6.1 Administrative shares

Every Windows OS automatically creates several shares called
administrative shares for hard drives, the %systemroot% folder (usually
C:\Windows) and a number of other folders, depending on the system.
Table 11.2 lists some common administrative shares available on Windows
systems.
Table 11.2 Common administrative shares
Share name
C$, D$, E$ and so on
Print$
Admin$
Resource
This is created for each hard drive (C, D, E and so
on) on a system.
Location of printer drivers.
Location of Windows folder.
These administrative shares give local administrators administrative access

to these resources, whether they log on locally or remotely. In contrast,
shares added manually are called local shares. Administrative shares end
in a dollar sign ($) and any share that ends in a dollar sign is hidden from
general browsing, although anyone that knows the share name can access
it as long as they have permissions to do so.
If you delete them in the normal way, Windows will re-create them
automatically every time you reboot. Although you can edit the registry to
remove them permanently, this is not recommended because it might
cause networking issues.
The UNC path for administrative shares is the same as other systems. For
example, if a computer is named after a user named Danie, the
administrator can connect to Danies C: drive with the UNC path:
\\Danie\C$.
Note
Any share can be hidden by simply adding a $ to the end of the

share name when enabling the share.
Page 952 of 1229
11.6.2 Shared folders

Windows comes with a tool called Shared Folders that you can use to
create and view all file shares and set permissions, as well as view and
manage open files and users connected to file shares on the computer. The
Computer Management console in the Administrative Tools has a
Shared Folders snap-in under System Tools. In that are three options:
Shares, Sessions and Open Files. Select Shares to see all of the shared
folders (see Figure 11.41).
Figure 11.41 Shared Folders
11.6.3 File sharing in Windows XP and Windows Vista

In Windows XP, there are different ways to share folders. You can use the
network setup wizard, simple file sharing or use standard network shares.
Network Setup Wizard use this control panel applet to configure

computer and workgroup names, Internet connection sharing and file
and printer sharing.
Simple file sharing this is enabled by default, but it can be disabled
by selecting Folder Options from the Tools menu in Windows
Explorer. Click the View tab and scroll down to Use Simple File
Sharing and select it. To share a file or folder with other local users on
the computer, simply drag it to the Shared Documents folder, usually
listed under the Control Panel item in the left pane of Windows
Explorer; this is known as a local share.
Standard network shares to share a folder for other users to
browse or map to, right-click the folder and select Sharing & Security.
Then, select the Share This Folder on the Network check box. At this
point, you can assign a share name. Folders can be shared by
configuring the Sharing tab of the folders Properties window and
permissions can be set for the folder. Simple file sharing must be
disabled to use standard network shares.
Page 953 of 1229
Simple file sharing is not enabled in Windows Vista by default. A

username and password is normally needed to access Shared Folders.
There are different ways of sharing folders in Windows Vista, such as by
using a wizard or doing it manually.
First, turn on file sharing by going to Control Panel > Network and
Internet > Network and Sharing Center. Under Sharing and
Discovery, make sure File sharing is turned on. Also, verify that
Network discovery is turned on.
Public Folder Sharing a Public folder is created as a default share and
any file or folder you place in the Public folder is automatically shared with
everyone who has a user account and password on your computer. You
must set the permission level to either grant access to everyone on the
network, or to no one. You can access the Public folder by clicking Start >
Documents and selecting Public under Favorite Links.
Password Protected Sharing When turned on, this protects shares by
asking remote users to enter a username and password to gain access to
the shares.
Sharing Wizard you can enable/disable the wizard by selecting or
deselecting Use Sharing Wizard on the View tab in the Folder Options
dialog box, which can be accessed from the Tools menu in Windows
Explorer. If you attempt to share a folder by right-clicking it and selecting
Share, a wizard appears asking you to select the users who should be
allowed to access the folder. After adding users to the list, you can
configure them with one of three permission levels:
Reader gives the user read-only permissions.

Contributor gives the contributor read and write permissions.
Co-owner enables the user to do anything.
Manual shares if you choose not to use the wizard, and want to share a
folder yourself, right-click on the folder and select Share; then click the
Advanced Sharing button where you can share the folder and assign
permissions to the appropriate users and groups.
Vista allows you to define a network connection as Public or Private
(Home or Work).
11.6.4 Windows 7 network settings and Homegroups

Windows 7 keeps the file sharing options of Windows Vista but also includes
Homegroups. You can enable or disable the Sharing wizard by simply
selecting or deselecting the Use Sharing Wizard (Recommended) option
on the View tab of the Folder Options dialog box within Windows
Explorer. See Figure 11.42.
Page 954 of 1229
Figure 11.42 Enabling/disabling the Sharing Wizard

To use the sharing wizard, simply right-click on the folder you want to
share and select Share with (as shown in Figure 11.43). From here you
can share with specific users or with your Homegroup.
Figure 11.43 Using the Sharing Wizard
11.6.4.1 Network and Sharing Center

Figure 11.44 shows the Network and Sharing Center in Windows 7 and the
numbered list after the figure briefly explains what each number in the
figure represents.
Page 955 of 1229
Figure 11.44 Navigating the Network and Sharing Center

1.
2.
3.
4.
5.
6.
Click
Click
Click
Click
Click
Click
to see what devices are on your network.

the X to start the network troubleshooter.
the icon to start your web browser.
the icon to manage names and locations.
the icon to change the network location.
to view the status and configure the properties of the adapter.
11.6.4.2 Network sharing settings

Windows 7 network sharing settings are defined by a different network
profile: one set of settings that apply to trusted network locations such as
home and work, and another that apply to untrusted public networks.
Windows 7 organises all your network sharing settings into one panel.
1. Open Network And Sharing Center.
2. Click Change advanced sharing settings. The Advanced Sharing
Settings window opens, which contains all the sharing settings,
displayed by the network location. See Figure 11.45.
Page 956 of 1229
Figure 11.45 Advanced Sharing Settings

3. From here can you set network sharing settings according to your
needs. Click the network profile for which you want to customise and
apply network sharing settings to. The entire list of settings for that
profile opens.
Network Discovery when turned on, your computer will be able

to find other devices on the same network and other devices will be
able to find your computer. It is best to turn on network discovery
for home and work networks, but turn it off for public networks.
File and printer sharing when turned on, you can share files and
printers with other computers, otherwise if turned off, you will not
be able to share anything. Turn this on for home or work networks
and off for public networks.
Public folder sharing when turned on, the C:\Users\Public\
folder is shared with all the computers on the network. Users from
the other computers can read the contents of the Public folder and
write files inside it and its subfolders. When turned off, this folder is
not shared with your network. Turn this off unless using this folder
for sharing something you find is very useful.
Media Streaming when turned on, you will be able to stream
video and other multimedia files using Windows Media Player on
your home network and the Internet. When turned off, no media
streaming is possible using Windows Media Player.
Page 957 of 1229
File sharing connections This shows the type of encryption used

for file sharing connections. Leave this set to 128-bit encryption,
unless you have problems with some older devices or computers
that cannot properly access your shared files and folders.
Password protected sharing This allows users to access your
shares only if they have a valid user account and password set on
your computer. Turn this off for home or work networks and turn
this on for public networks.
Homegroup connections This allows you to choose whether you
want Windows to automatically manage your connections when
joined to a Homegroup or request that Windows allow you to
manually type in a username and password when you connect to
other computers. This setting is available only for Home or Work
network profiles, and not for Public profiles.
11.6.4.3 Homegroups in Windows 7

HomeGroup is a feature introduced in Windows 7 that aims to make it
easier to share folders and printers on a home network. Each time you
connect your computer to a new network, Windows 7 asks you to set the
network location. If you select Home Network, it means you are in a
trusted network of computers, and Windows 7 allows you to use the
Homegroup feature. If a Homegroup already exists, you can join it. If you
select Work Network or Public Network, HomeGroup will not be available.
Note
Homegroups are supported only in Windows 7 and later Windows

operating systems. Also, the network type must be defined as
Home and IPv6 must be enabled.
Setting up a Homegroup basically requires three steps:

o Create a Homegroup on a Windows 7 computer and choose which
libraries to share.
o Other users running Windows 7 computers can join the Homegroup
and they can decide which libraries to share from their computers.
o All users can access resources shared on other computers.
To create a Homegroup:
1. Assuming that you are currently connected to a workgroup and are not
already joined to a Homegroup, click Start > Control Panel. If
necessary, change the view to Large Icons and select Homegroup.
2. Click the Create a Homegroup button. (Note: The network location
must be set to Home).
3. Select the resources that you want to share from your computer. See
Figure 11.46. Selecting any of these will share your library in that
category. You can also share printers configured on your computer.
Click Next.
Page 958 of 1229
Figure 11.46 Choose resources to share with Homegroup users

4. Windows will create the Homegroup and display an authentication
password. See Figure 11.47. You can share this password with other
users so that they can join your Homegroup. All Homegroup data is
encrypted between computers.
Figure 11.47 Homegroup password

5. Click Finish.
6. The Change Homegroup Settings page appears. See Figure 11.48.
You can use this page to change what is shared, view and change the
password, and leave the Homegroup.
Page 959 of 1229
Figure 11.48 Homegroup settings

You can access this configuration page later on from within the Control
Panel or via the shortcut menu for the Homegroup object within Windows
Explorer.
Note
In addition to your libraries, you can share folders within the

Homegroup. Use Windows Explorer to browse to the folder you
want to share. Right-click the folder and select Share With. Select
Homegroup (Read) to give other users read access. Select
Homegroup (Read/ Write) to give other uses the ability to read
and write to the folder.
To join a Homegroup:
If another user has created a Homegroup in your network, you can join it,
share your libraries, and access other users shared files.
1. Once you have created a Homegroup, go to another computer on the
network and open the HomeGroup Control Panel applet. If a
Homegroup exists, Windows will display Homegroup information and
ask you to join it. Click Join Now to join the Homegroup. See Figure
11.49.
Page 960 of 1229
Figure 11.49 Joining a Homegroup

2. Choose which libraries you want to share with everyone else on your
Homegroup and click Next.
3. Enter the same password of the Homegroup and click Next.
4. A page will appear indicating that you have joined the Homegroup. Click
Finish.
To access Homegroup computers:
You can access the files shared through a Homegroup by opening Windows
Explorer, as shown in Figure 11.50. To see what others are sharing, select
the corresponding computer name. You can then open those libraries to see
the shared folders.
Figure 11.50 Browsing Homegroup resources

Note
Sometimes, Homegroups develop problems, stopping other users

from joining. The Homegroup troubleshooter can sometimes
correct the problems. If this does not work, another fix that often
works is to leave the Homegroup on each of the systems and then
re-create it.
Page 961 of 1229
Sharing more libraries is easy, and you can even share individual folders.
Just right-click on the library or folder and select Share with. Refer back
to Figure 11.43. Windows Explorer also adds a Share with toolbar button.
11.7 Permissions and attributes

Permissions are rules that control which subject (process, program, user
or group) can access an object (drive, file, folder or other resource) and
the level of access the subject has to the object. Windows uses NTFS
permissions to protect its resources. Every object on an NTFS partition or
volume has a table or Access Control List (ACL) with a list of permissions
that specify which subject has access to that object and what each subject
can and cannot do to that object (that is, read, write, delete, do nothing,
etc.)
Note
NTFS permissions are so called because you can only set NTFS
permissions on NTFS drives and not on FAT drives.
You can access NTFS permissions for any file, folder or drive by rightclicking on it, selecting Properties, and clicking the Security tab. This
shows the ACL for that file or folder. Figure 11.51 shows the ACL for a
folder called Study Notes on an NTFS drive along with the subjects (users
and groups) and their standard permissions. To edit the permissions, click
the Edit button to open the dialog box shown on the right in Figure 11.51.
An entry in the ACL is known as an access control entry (ACE) and it
either allows or denies a subject access to the object. When a subject
wants to access an object with an ACL, the OS first checks the ACL for the
appropriate entry for that subject to decide whether the access request is
authorised.
Figure 11.51 Viewing NTFS permissions

Page 962 of 1229
Note
You can assign the Allow or Deny permission to a user or group.

Both NTFS permissions which control local access and Share
permissions which control share access can be used to protect the
share.
11.7.1 NTFS permission concepts

NTFS permissions provide granular control over the way files and folders
are used and are complicated. However, for this module, you only need to
know a few basic concepts of NTFS permissions:
Standard permissions top level basic permissions that you can

assign to users and groups.
Special permissions low-level permissions that you can assign to
users and groups.
Ownership permissions when you create a file or folder on an NTFS
drive, you become the owner of that file or folder and can do anything
you want with it, including changing its permissions to prevent anybody,
even administrators, from accessing it.
Take Ownership permission With this permission, the user can take
control of a file or folder. Administrator accounts have Take Ownership
permission for everything.
Change permission an account with this permission can give or take
away permissions for other accounts.
Folder permissions allow you to assign permissions to a folder and the
files and subfolders within that folder. You can set permissions for a
folder on the Security tab in its Properties dialog box. Table 11.3 lists
the standard permissions and their effect on a folder.
Table 11.3 Standard folder permissions
Permission
Read
Write
List Folder
Contents
Read & Execute
Modify
Allows the user or group to

read the files and subfolders inside the folder and the
folders ownership, permissions and attributes.
create new files and subfolders within the folder and
change the folders attributes and view its permissions
and ownership.
see what is inside the folder and in any subfolders. Use
this to limit the users ability to browse through the
tree of files and folders.
navigate through all files and subfolders and perform
the same actions allowed by the Read and List Folder
Contents permissions and run program files. Generally
speaking, this permission is assigned to application
folders on a network.
delete and rename the folder and perform the same
actions allowed by the Write and Read & Execute
permissions. Generally speaking, this permission is
assigned to data folders on a network.
Page 963 of 1229
Permission
Full Control

do anything to the folder and the sub-folders and files
within it. Generally speaking, you can assign this
permission for each user to access their own personal
storage area (home folder) on the network.
deny and take priority over any other permission.
Deny
File permissions allow you to control the access a user, group or

application has to files. You can set permissions for a file on the
Security tab of its Properties dialog box. Table 11.4 lists the standard
permissions for a file.
Table 11.4 Standard file permissions
Permission
Read
Write
Read & Execute
Modify
Full Control
Deny

read the file and its attributes, permissions and
ownership, but not change its contents.
overwrite the file, change its attributes, and view
permissions and ownership.
read the file and run a program file.
do anything to the file except change permissions and
take ownership. Generally speaking, Modify is assigned
to data resources on a network.
do anything to the file.
deny and take priority of any other permission.
11.7.2 Allow vs. Deny

In addition to granting the Allow permission, you can also explicitly block
access by assigning the Deny permission. If Deny is assigned to a user or
group, it takes priority and overrides allowed permissions, even when a
user or group has been given the Full Control permission.
11.7.3 Combining NTFS permissions

It can be difficult to determine exactly what a users or groups actual
permissions are on a file and folder when permissions can be inherited or
directly (explicitly) assigned, allowed or denied, applied to the user
individually or to the group the user is a member of (particularly when a
user is a member of multiple groups that have different permissions to the
same object) and so on.
The users or groups actual permissions are called effective permissions
and are calculated based on both explicit and inherited permissions.
Inherited permissions are permissions that files and subfolders receive
automatically from the parent folder. NTFS permissions are also
cumulative. This means that a user's effective permissions are the result
of combining permissions assigned to the user and to any groups the user
is a member of.
Page 964 of 1229
For instance, if you have Full Control on a folder and only Read permission
on a file in the folder, you get Full Control permission on the file.
You can determine what a users or groups effective permissions are by
opening the objects Properties dialog box, clicking on the Security tab,
clicking on the Advanced button to open the Advanced Security
Settings window and then clicking the Effective Permissions tab. See
Figure 11.52. From here, click on the Select button and enter the user or
groups name and click OK and then view the results under Effective
permissions in the Advanced Security Settings window.
Figure 11.52 Effective permissions
11.7.4 NTFS permission inheritance and propagation

By default, subfolders and files inherit NTFS permissions from their parent
folder. This is called Inheritance. Imagine that you create a folder called
Study Notes. Any files or subfolders you create inside that folder are
children, and any permissions you assign to the parent are automatically
inherited by the children. This is called permission propagation because
permissions from the parent flow into the children and apply to them as
well.
Figure 11.53 shows a parent folder called Study Notes with two child
folders, one called A+ and the other Network+. Similarly, the A+ folder
includes several files that are children of the A+ folder.
Page 965 of 1229
Figure 11.53 Inherited permissions

If you assign a group the Full Control permission to the A+ folder for
example, group members would automatically have access to all the files in
that folder through permission inheritance. However, they will not be able
to access the Network+ folder because the A+ and Network+ folders are on
the same level as children of the Study Notes folder.
Note
A child folder does not inherit permissions from another child

folder.
All versions of Windows have inheritance turned on by default, which is a

good idea for most of the time. However, there will be times when you
want to turn off inheritance. You can turn on and off inheritance by opening
the objects Properties dialog box, clicking on the Security tab, clicking
on the Advanced button to open the Advanced Security Settings page,
and in Windows Vista/7, clicking on the Change button. An option called
Include inheritable permissions determines whether the child object
inherits permissions or not. See Figure 54.
Figure 11.54 Inherited permissions
Page 966 of 1229
When selected, each child object will have permissions inherited from its
parent object. When cleared, the permissions applied on the parent object
will no longer be applied to its child objects and you can then choose
whether to copy existing permissions or remove them.
When you combine applying Deny versus Allowed with explicit versus
inherited permissions, the priority of permissions is as follows:
1.
2.
3.
4.
Explicit Deny
Explicit Allow
Inherited Deny
Inherited Allow
The best option when assigning permissions is to deny everyone permission

to every object at the beginning and then explicitly allow permissions to
one or more users and groups to provide them with access to one or more
objects they explicitly need to access. Apply the least privilege model
when assigning permissions, which states that you should give users and
groups only the minimum permissions they need to perform their job or
task and no more.
11.7.5 NTFS special permissions

NTFS file and folder permissions for the most part are a sufficient way to
secure objects on a network. However, where they do not provide the level
of granularity required, you can use special permissions. Click on the
Add, Edit or Remove buttons in Figure 11.54 to manage special
permissions. Figure 11.55 shows a screenshot of special permissions as a
result of selecting a permission entry and clicking the Edit button.
Figure 11.55 Special permissions
Page 967 of 1229
11.7.6 Effect on permissions when copying and moving files

You need to understand how the OS handles permissions when you move
or copy an object, such as a file or folder:
When you move (drag and drop) the object on the same NTFS
volume, the object keeps its permissions, unchanged.
When you move an object from one NTFS volume to another NTFS
volume, the object in the new location inherits the permissions from
that new location.
When you move an object from an NTFS volume to a FAT volume,
the object in the new location has no permissions at all.
When you copy an object on the same NTFS volume, the object in
the original location keeps its permissions, unchanged, while the copy of
the object in the new location inherits the permissions from that new
location.
When you copy an object from one NTFS volume to another NTFS
volume, the object in the original location keeps its permissions,
unchanged, while the copy of the object in the new location inherits the
permissions from that new location.
When you copy an object from an NTFS volume to a FAT volume,
the object in the original location keeps its permissions, unchanged,
while the copy of the object in the new location has no permissions at
all.
Note
There is only one situation that results in the directly assigned

NTFS permissions staying the same: when you move an object on
the same NTFS partition or volume.
11.7.7 Combining NTFS and Share permissions

There are two levels of permissions:
Share permissions can be accessed from the Sharing tab. Take note
of the following points about Share permissions:
o Shares are accessed only over a network and therefore can only
protect the share when it is accessed over the network.
o FAT volumes can only be protected by Share permissions.
o When a share is created, the Read permission is assigned by default.
The other two permissions available are Change (which allows users
to read and change files) and Full Control (which allows users to do
anything within the share). Only administrators should have Full
Control.
o Share permissions are cumulative. If a user is assigned Read and
Change permissions, the user has Change permissions, which
includes the Read permission and allows the user to both read and
perform actions associated with the Change permission. The
permissions do not cancel each other out. The exception is with the
Deny share permission, which overrides any Allow share permissions.
Page 968 of 1229
NTFS permissions can be accessed from the Security tab. NTFS

permission protect an object from unauthorised local access.
When you access a file within a share that is on an NTFS drive, both the
NTFS and the Share permissions apply. In this case, the permissions are
not cumulative. Combining NTFS and Share permissions is often described
as using the least restrictive and most restrictive permissions and works as
follows:
First, combine the NTFS permissions to identify the least

restrictive NTFS permission:
For example, if a user is given Read for being a member of one group
and assigned Full Control for being a member of another group, the two
permissions are combined and since Full Control includes Read, it is
appropriate to say the combined NTFS permissions are Full Control.
Next, combine the Share permissions to identify the least
restrictive Share permission:
For example, if a user is given Read for being a member of one group
and Change for being a member of another group, the two permissions
are combined and since Change includes Read, it is appropriate to say
that the combined Share permissions are Change.
Last, identify which is most restrictive between the two (or the
lower permission of the two):
Full Control from the combined NTFS permission or Change from the
combined Share permissions? Change is less than Full Control, and that
is the ultimate permission that will be applied.
Note
When you create a share, the Read permission is assigned to the

Everyone group by default. This means that unless you change
this, users will only be able to read the files within the share, no
matter what type of NTFS permissions they have. A user with Full
Control NTFS permissions and Read share permissions is granted
only Read permission when accessing files through the share.
11.7.8 File attributes

Recall that each file has attributes that determine how programs treat the
file. The read only attribute stops users from making changes to the file,
the hidden attribute hides the file from normal directory listings and the
system attribute marks the file important to the OS. You will not be able
to change attributes on a system file without first removing the system
attribute. You can change attributes in the objects Properties dialog box
and by using the attrib command.
Note
If you attempt to access, move or copy a file and receive an

Access Denied message, it could be because you do not have
sufficient share or NTFS permission on the file or an attribute is set
on the file.
Page 969 of 1229
11.8 Offline files

Offline Files is a feature that lets you to store a local, duplicate copy of
files and folders shared from a network file server on your laptop's hard
drive, so that you can work on them while you are disconnected from the
office network (offline). Then, the next time you connect to the office
network and are back online, anything you changed locally on your laptop
gets written back to the server through a process called synchronisation
and anything anyone else changed in those folders on the server while you
were disconnected gets written to your laptop. If both the local and
network versions have been changed while you were away, you need to
choose which version to keep.
11.8.1 Setting up Offline Files

Offline Files is enable by default on Windows Vista/7, but you can access
the offline files settings as follows:
1. Click Start and type offline files in the text box.
2. Select Offline Files in Windows Vista or Manage Offline Files in
Windows 7. See Figure 11.56.
You can disable offline files, force an immediate synchronisation of the files,
manage offline files using the Sync Center applet and view your offline files
from here.
Figure 11.56 Offline Files Settings

You can set up Offline Files on a shared folder by browsing the network and
by right-clicking on the share and selecting Always available offline from
the menu (see Figure 11.57). The sync will occur and you can then
disconnect.
Page 970 of 1229
Figure 11.57 Enabling offline files on a share

While synchronisation is usually done automatically, you can do it manually
by right-clicking on the folder that contains offline files and selecting Sync
> Sync selected offline files. Alternatively, you can schedule sync jobs
by opening the Sync Center applet in Control panel. See Figure 11.58.
Figure 11.58 Sync Center applet

When you want to open the files offline, in the Sync Center applet, click
Manage offline files to open the Offline Files dialog box shown back in
Figure 11.56. Click the View your offline files button and you are in.
On Windows XP, you can access the Offline Files settings as follows:
1. Open Windows Explorer.
2. Select Tools > Folder Options.
3. Click the Offline Folders tab.
11.8.2 Resolving offline file conflicts

An offline file conflict occurs when you edit a file offline and another user on
the network edits the same file online. Windows will skip syncing the file
and will mark it as a conflict, which you can resolve.
Page 971 of 1229
Open the Sync Center applet and click on the View sync conflicts link on
the left pane to list all the files that did not sync. To resolve the conflict,
right-click on the file and select View options to resolve. The options
include: keep the version that you edited offline, keep the version on the
server that someone else edited online while you were offline, or keep both
versions and rename the one that you edited. See Figure 11.59.
Figure 11.59 Resolving offline file conflicts

Note
Although Windows attempts to resolve conflicts, offline files have

been known to cause issues. Thus, it is recommended that you do
not to use offline files with network resources that other users
want available offline too.
11.9 Remote access

Windows includes remote desktop software that enables you to use your
computer to see and control the GUI of another computer from across the
network or over the Internet. The two remote access features available in
Windows XP/Vista/7 are Remote Desktop and Remote Assistance.
11.9.1 Remote desktop
Remote Desktop Connection (RDC) is a GUI-based program that
enables you to use your computer (called the client computer) to connect
to another computer (host computer), log onto that other computer and
see its desktop on your own computer. With RDP, you send the mouse
movements and keystrokes from your mouse and keyboard to another
computer and bring images of that other computers screen back to your
computer.
You can use Remote Desktop to connect to an office or home computer
over the Internet or over a pre-established VPN connection from a remote
location, or even take control of another computer over the office network.
This is often used by network administrators to manage servers located in
server rooms from a remote location.
Page 972 of 1229
To allow another computer to connect to your computer, in Windows 7, do

the following:
1. Click Start, right-click on Computer and choose Properties.
2. In the System window, click Remote settings in the left pane. If you
are asked for an administrator password or confirmation, type in the
password or provide confirmation.
3. Click on the Remote tab. By default, Remote Assistance is enabled but
Remote Desktop connections are not. See Figure 11.60. If enabled,
remote users can connect to your computer by computer name or by IP
address.
Figure 11.60 Remote desktop and remote assistance settings

In Windows 7/Vista, you can disable remote connections, enable
connections with any version of remote desktop and enable connections
running Remote Desktop with Network-level Authentication (NLA) for
security. You can also select users that are allowed to connect to your
computer. If your network is a workgroup, for the remote user to connect,
the remote computer must have an identical account (same username and
password) as the one you selected on your computer, and the remote user
must know the username/password for that account. If the network is a
domain, this is not an issue because the administration of accounts is
centralised.
Note
If you are an administrator on the computer, your current user

account will automatically be added to the list of remote users
when remote desktop is selected.
4. Click Allow connections from computers running any version of

Remote Desktop (less secure) and click OK.
Page 973 of 1229
To connect to another computer, do the following:

5. You can open Remote Desktop Connection tool in Windows by clicking
Start, typing mstsc, and pressing <Enter>. Alternatively, clicking
Start > All Programs > Accessories > Remote Desktop
Connection or from a command-line interface, type mstsc and
press<Enter>. You will see a window similar to Figure 11.61 after
clicking on the Options button.
Figure 11.61 Using remote desktop connection

Remote Desktop Connection has various tabs with options to configure
various settings:
General tab here you can set or delete credentials (username and
password), save all the current settings as a desktop icon, which makes
it faster to reconnect later.
Display tab use the options on this tab to specify the size (resolution)
of the other computers display.
Local Resources tab here you can set up local peripherals and addons so they behave as though they were connected to the computer you
are using. You can also set up key combinations that affect the local
computer or the remote computer.
Programs tab here you can set up a certain program to run
automatically as soon as you connect to the host computer.
Experience tab here you can tell Windows the speed of your
connection, so it can limit visual effects that slow down the connection.
This affects bitmap caching and video options.
Advanced tab here you can control whether Remote Desktop
Connection warns you if it cannot verify the identity of a computer, and
also whether to connect through a special gateway server (set up by the
network administrator).
Page 974 of 1229
6. On the General tab, type in the name or IP address of the remote

computer you want to access and click Connect, and if the other
computer is available and configured to accept remote desktop
connections, you will be asked to enter a valid username and password
for that computer or the domain you are on. Remember that to make
the connection, you need a username and password of an account on
the remote computer. For a domain, use the format
Computer_or_DomainName\User_name.
After you are connected, it works almost exactly as if you had just logged
in while sitting in front of your computer. See Figure 11.62. However, make
sure that you are authorised to connect to the remote computer before
trying. By default, the remote computers screen locks and can be unlocked
only with a username/password.
Figure 11.62 Using remote desktop connection

There are two ways to leave the remote desktop session. The first is to log
off, which permanently ends the session and closes all programs
associated with that session. The second is to disconnect by using the X in
the title bar at the top of the screen, which stops the connection but keeps
the session running on the other computer with the associated programs
running and the other computers resources still in use. This is so that the
user can connect later on and continue with that session.
The name of the Remote Desktop executable file in Windows is mstsc.exe.
You can also use the mstsc command in the Command Prompt or in the
Run prompt to make Remote Desktop connections. For example, if you
wanted to remotely control another system with the mstsc command in
full-screen mode, you can type:
mstsc.exe /v:computername /f
Page 975 of 1229
11.9.2 Remote assistance

Remote Assistance allows a technician to help other users repair
problems on their computer. With remote assistance, the user sends out a
request to you the helper, and you can use it to access that users
computer from a remote location. If the user trusts you and gives you
permission, you can take control of that users computer and show him or
her how to do specific tasks while the user sits back and watches you do it
on their screen. Remote Assistance even includes a chat window that can
be used to chat with the user.
There are two ways to get help using Remote Assistance. If both the helper
and the user are running Windows, you can use Easy Connect. Otherwise,
use an invitation file.
To get help using an invitation file:
1. To access Remote Assistance, type Troubleshooting in the Search box
in the Start menu and click Troubleshooting. This opens the
Troubleshooting applet.
2. Select Get Help from someone you trust (or Get help from a
friend). See Figure 11.63.
Figure 11.63 Getting remote assistance

3. You have two options: invite someone to help you or offer Remote
Assistance to someone. Choose the option depending on your needs.
4. The Invite someone to help you will be chosen for this example.
Select it.
Page 976 of 1229
There are two options to choose from if you want help from others:
You can create an invitation and invite your helper using an invitation
file or by sending the invitation via email.
Use Easy Connect. Easy Connect is the easiest method which just needs
you to create a password which can then be shared with your helper to
connect to your computer. The helper would use this password to
connect to your remote session. The great thing about Easy Connect is
that if you have used it before, you can just follow the generic steps
below and select your helpers technicians contact name. To invite
someone who is not on your contact list, click Invite someone to help
you.
5. You need to save your invitation file if you choose this invitation method
and send the invitation file to the helper along with the session
password. See Figure 11.64.
Figure 11.64 Remote assistance password

To offer help to someone:
Figure 11.65 Offering to help someone
Page 977 of 1229
6. Choosing Offer to help someone would need you to connect to their

remote session using the Easy Connect password or an invitation file.
With the invitation option, Windows Remote Assistance creates an
invitation file that the user can send and the associated password to the
helper (via email), which the helper can then use to connect to the
users computer.
Figure 11.66 Use an invitation file

7. Easy Connect is the easiest, as it just needs a password.
Figure 11.67 Enter a remote assistance password

8. Once connected, you get the remote session on your screen. You can
now choose to request control or chat and offer your help to the other
user.
Figure 11.68 Remote assistance connection

Page 978 of 1229
Note
Make sure that port 3389 is open on firewalls and routers between
both hosts on a network. Otherwise, RDP traffic will be blocked.
11.10 Internet connections

The first section below briefly explores the devices, protocols and cables
you will need to connect a SOHO network to the Internet.
Devices:
For a home network, you can connect a SOHO router to the Internet. The
Internet access hardware (typically a broadband router) is usually provided
by the ISP. The ISP connection plugs into the WAN connection of the SOHO
router, and the router provides connectivity to all internal wired clients
through its switch ports or wireless clients through its AP functionality.
Each wired client needs a NIC. Common NICs have RJ-45 connectors for
twisted-pair cable. A printer can be used as a wired client, but you can
have a wireless printer instead. Wireless clients need to have wireless
adapters that can communicate with the WAP.
Cables:
Wired clients need to be connected with cables. Unshielded twisted-pair
(UTP) cable with RJ-45 connectors is the most commonly used cable in
SOHOs. Three important points with the twisted-pair cable are as follows:
o If the devices support speeds of 1 Gbps or greater, you will need to use
at least CAT 5e cable.
o If the environment has too much interference, you might need to use
shielded twisted-pair (STP) cable.
o If the cables run through a plenum, you will need to ensure that you are
using plenum-safe cable.
Protocols
The Internet uses the Transmission Control Protocol/Internet Protocol
(TCP/IP) suite, so all internal devices need to support TCP/IP. Additionally,
the wireless router will typically have the following protocols running:
o Dynamic Host Configuration Protocol (DHCP) to dynamically
assign internal clients a TCP/IP configuration. This includes an IP
address, subnet mask, default gateway, and DNS server address.
o Network Address Translation (NAT) to translate public and private
IP addresses. This allows internal clients to have private addresses but
share the public IP address provided by the ISP.
o Wireless protocols wireless clients need to be running compatible
wireless protocols.
Page 979 of 1229
The SOHO router usually acts as a DHCP client and a DHCP server. The
WAN port connected to the ISP is configured as a DHCP client, and it
receives TCP/IP configuration from the ISP. This includes a public IP
address. As a DHCP server, the SOHO router provides internal clients with
private IP addresses. It will also provide these internal clients with the
address of the DNS server provided by the ISP.
Note
There are a number of other ways of connecting to the Internet

and other remote networks.
11.10.1 Virtual private networks

A virtual private network (VPN) allows you to connect to a private
network over the Internet or another public network in a secure manner.
After connecting to the Internet, you can connect to the private network.
Look at Figure 11.69 as an example. A user called Danie connects to the
ISP using Point-to-Point Protocol (PPP), and the ISP provides access to
the Internet. PPP was, and is still used in some places, to allow dial-up
users to connect to the Internet.
After connecting to the Internet, a VPN connection creates a tunnel to the
VPN server or to a firewall that forwards traffic to the VPN server. A tunnel
is used to describe the connection between two VPN endpoints (a VPN
server and client) because it can only be entered from either end.
Figure 11.69 VPN connection example

The V in VPN stands for virtual, which means that a VPN creates the
appearance of a local network connection when the connection is in fact
made over a public network. Because the remote user or VPN client (Danie
in Figure 11.69) is connected to the VPN server, he is allowed to log on to
the internal office network from his home laptop and he can access any
resources on the internal network as though he is using a computer that is
physically connected to that internal network.
Page 980 of 1229
In Figure 11.69, you can see that a firewall separates the internal network
from the Internet to block or allow certain traffic. The figure also shows a
file server and other users on the internal network. If users can access
these resources while connected inside the company, they can usually
access them through the VPN.
The P in VPN stands for private, which is the purpose of creating the
tunnel. The data that travels through the tunnel from one end to the other
is encrypted using encryption protocols.
Several types of VPN tunnelling protocols are in use. A tunnelling
protocol provides a secure path between insecure networks and is used as
a means to transport multiple, dissimilar network protocols using the same
transport mechanism. Two common protocols include:
Point to Point Tunnelling Protocol (PPTP) creates a secure tunnel
through the Internet back to the private network. The client takes on an IP
address of that private network, as if the computer were plugged into that
network.
Layer Two Tunnelling Protocol (L2TP) uses Internet Protocol
security (IPsec) to encrypt and authenticate IP packets in the tunnel.
You can use the following steps to create a VPN connection on a Windows 7
computer:
1.
2.
3.
4.
Click Start > Control Panel.

Select Network And Sharing Center.
Select Set Up A New Connection Or Network.
Select Connect To A Workplace and click Next. See Figure 11.70.
Figure 11.70 Creating a VPN connection
Page 981 of 1229
5. Select Use My Internet Connection (VPN). If a company is hosting a

remote access server with a modem, you can select Dial Directly.
However, this direct dial connection is not considered a VPN.
6. Enter the IP address of the VPN server. You can get this from the
companys network administrator that is hosting the VPN. Click Next.
7. Enter a username, password, and domain name (if required) that are
authorised to connect to the VPN server. Click Connect.
You can also connect and disconnect using the network status icon in the
notification area. Right-click the icon under Dial-up and VPN and click
Connect or Disconnect. See Figure 11.71. The figure shows the result of
connecting after already filling in the user credentials. The VPN connection
can also be managed in Network Connections in the Control Panel.
Figure 11.71 Connecting to a VPN server
11.10.2 Dial-up, DSL and Broadband connections

A dial-up connection requires a modem, a connection to a phone line, and a
ISP that supports a dial-up connection. To set up a dial-up connection, you
must configure Windows with the information provided by the ISP. The ISP
provides a dial-up telephone number(s), as well as your username and
initial password. In addition, the ISP will provide you with any special
configuration options you may need to enter in the software setup. The full
configuration of dial-up networking is beyond the scope of this module, but
you should at least know where to go to follow instructions from your ISP.
Note

1. Open the Network and Sharing Center.

2. Click on Set up a new connection or network. See Figure 11.72 (on
the left).
Page 982 of 1229
3. Choose Set up a dial-up connection on the next screen and then

enter the dial-up information your ISP has provided you, as shown in
Figure 11.72 (on the right).
Figure 11.72 Setting up a dial-up connection

You can rename the connection or leave it as Dial-up Connection.
4. Select the Allow Other People To Use This Connection check box or
leave it unchecked. If the box is left unchecked, only the account used
to create the connection will be able to use it.
5. Click Create and click Close.
6. At this point, you can click Connect To A Network from the Network
And Sharing Center and choose this dial-up connection and click
Connect. The Connect dialog box appears.
7. Click Dial. You will hear the modem dial the ISP and make the
connection.
Note
Dial-up has mostly been replaced with other connection methods

and should only be used if no other access method is available in
your area.
To view or change the configuration for the dial up connection:

8. In the Network and Sharing Center, click Manage network
connections and then right-click the dial up connection and choose
Properties. The connection Properties box opens.
9. Use the tabs on this window to configure TCP/IP, control the way
Windows tries to dial the ISP when the first try fails and change other
dialling features.
Note
The ISDN connection is configured in the same way you would

configure a dial up connection.
To set up DSL connection to the Internet, you need:
An Internet contract with a DSL provider or ISP. DSL providers often

place limits on how much data you can download per month.
Page 983 of 1229
A DSL router. Your DSL device can be Ethernet, DSL or both. You can
also plug a DSL modem into your network router.
Filter also called a micro-filters or splitter, it is a small, rectangular
box that has phone connections on both ends and is used to separate
split the voice and data signals sent through phone lines, ensuring that
neither signal interferes with the other.
Information from your ISP. For most installations, you can assume that
IP addressing information will automatically be provided by the ISPs
DHCP server. However, if static IP addressing is used, you will need to
find out from your ISP what the IP address for your DSL modem is, the
IP address of one or more of your ISPs DNS servers, the subnet mask
or prefix, the IP address of the default gateway and the protocol, such
as PPPoA or PPPoE that you must use to communicate over the
Internet.
The DSL routers setup disc. The device might be configured through a
web-based program, and in this case, make sure you have the manual
at hand. Read the manual for specific instructions. If you do not have
the setup disc, you should be able to download the software from the
manufacturers website.
Figure 11.73 shows the typical set up of ADSL. The computer is connected
to the routers RJ-45 port and the router in turn is connected to the ADSL
filter through its RJ-11 WAN port, which in turn is connected to the RJ-11
wall jack. A phone is also plugged into the filter.
Wall outlet
Power
ADSL filter/splitter
Computer
DSL router
Phone
Figure 11.73 ADSL cable setup

Many DSL routers come with a web-based program. Figure 11.74, Figure
11.75 and Figure 11.76 shows the Internet connection setup pages for a
particular ADSL router. Once you have plugged everything in and set
everything up, start the router, start your computers web browser and
enter the IP address that connects your computer to the DSL routers
configuration page. Read the routers manual for instructions on how to
connect to it, what its default username and password is and how to
navigate the program and configure it. Log in and then configure the router
using the information provided by your ISP. Many routers have wizards that
make it easy for you to set up an Internet connection.
Page 984 of 1229
Figure 11.74 Set protocol, username and password for DSL

Internet connection
Figure 11.75 Set static IP address information for DSL Internet

connection (not configured here)
Page 985 of 1229
Figure 11.76 Set dynamic IP address information for DSL Internet

connection
Change the default password to a more secure one. You can also change
LAN parameters, such as the routers LAN IP address (this should be
changed for security reasons), and disable and enable the DHCP server
function.
To set up a broadband connection within Windows 7:
1. Click Start > Control Panel.
2. Click on View Status and tasks under Network and Internet.
3. Click on Set up a new connection or network.
4. Click on Connect to the Internet.
5. Click Next. Take note of all the connections you can set up here, as
6. Click on Broadband (PPPoE).
Figure 11.77 Create a Broadband Connection
Page 986 of 1229
Note
A broadband connection that is not always up needs the username

and password to be authenticated at the ISP each time you make
the connection. The logon is managed by PPPoE, which is why the
connection is called a PPPoE connection.
7. In the User name box, type the username the ISP has provided to you.
8. Type in the password the ISP has given to you.
9. Tick the option: Remember this password.
10. Type a connection name, such as: ADSL connection.
11. Tick the option: Allow other people to use this connection (only if
you want other people to use this connection), otherwise leave it
unticked.
Figure 11.78 Entering username and password for DSL connection

12. Click Connect. If everything is correct, you should be connected. See
Figure 11.79 (on the left).
13. Back in the Network and Sharing Center, click on Change adapter
settings.
14. Right-click on Broadband Connection or the name assigned to the
connection and choose Disconnect or Connect (if not connected). A
connect Broadband Connection dialog box will appear as shown on the
right in Figure 11.79. Enter the username and password, click Save
this username and password for the following users and choose
Me only or Anyone who uses this computer.
Page 987 of 1229
Figure 11.79 Connect to a broadband connection (left) and

connection dialog box (right)
15.
Tip
Click Connect. That is it, you should be connected.

You can also create a shortcut on your desktop so it is easy to find
and connect through it.
Ending the ADSL connection:

16. When the ADSL connection is no longer needed, you can disconnect by
double-clicking on the connection icon or right-clicking on the
connection in the Network Connections window and choose
Disconnect.
Tip
The installation and setup of the cable modem is generally the

same as a DSL modem.
11.10.3 WWAN (Cellular)

Cellular is a way of accessing the Internet from computer and mobile
devices by using one of several different technologies, such as GSM, CDMA
or 4G. Cellular Internet connections are also known as wireless WAN
(WWAN) connections, as are WiMAX connections. You need a subscription
with a cellular or mobile provider and an adapter to connect to the
providers nearest available transmitter (base station) from a smartphone,
tablet or laptop. The adapter can be a USB device or can be fitted as an
internal mini-PCIe or PCIe WWAN card.
The main purpose of 4G is to enable mobile devices to send data at higher
speeds. However, Mbps speeds vary depending on the vendor, the country
you are in, the technology you use and whether you move while you send
data. Network congestion can also play a part.
Page 988 of 1229
11.10.3.1 Cellular configuration

There is no standard way of configuring a USB device to connect because
the device and software change based on the cellular provider you use.
Fortunately, cellphone companies have made it easy to install their
dongles.
All that is required in most cases is to insert the SIM card into the device,
plug the USB device (if USB) into the system and the setup program
automatically launches or otherwise launch it yourself from (My)
Computer. These devices almost always have all the required software
and drivers built into them, so there are no optical discs to worry about.
Once you have installed the software, launch the connection application.
Follow the instructions that came with the software. This initiates the
connection to the cellular network.
Figure 11.80 shows the Mobile Partner Manager in action. In order to
connect, plug the dongle into the system, start the application and click
Connect. You can also click on the Statistics tab to see upload and
download speeds and usage, as shown on the right.
Figure 11.80 Cellular Connection Manager

Note
The key point to remember about cellular Internet access is that it

is almost completely configured and controlled by the provider. A
technician has very little to do except make sure the device is
plugged in, recognised by the computer and properly installed. It is
best to contact and follow the providers instructions when setting
up the cellular device.
11.10.4 Internet Connection Sharing (ICS)

Once an Internet connection has been set up, it can be shared. To enable
ICS on your computer:
1. Click Start, type view network connections in the Search box and
choose View network connections from the program list.
Page 989 of 1229
2. Right-click the connection that you want to share, and then click
Properties. If you are asked for an administrator password or
confirmation, type in the password or provide confirmation.
3. Click the Sharing tab and then choose the Allow other network users
to connect through this computers Internet connection check box.
See Figure 11.81.
Figure 11.81 Internet Connection Sharing

Note
The Sharing tab will not be available if you have only one network
connection. You might also be able to choose Allow Other Network
Users to Control or Disable the Shared Internet Connection
(Optional). This lets other people on your network control the
shared Internet connection by enabling or disabling it. Optionally,
to allow other network users to use services running on your
network, click Settings, and then select the services you want to
allow.
When you enable ICS, your LAN connection gets a new static IP address
and configuration.
4. Before other users can start using your shared connection, they need to
configure their TCP/IP settings so that their IP address settings change
automatically. Once they have done this, the Internet connection should
be shared.
To test your network and Internet connection, see if you can share files
between computers and make sure each computer can reach a website.
Note
Do not use ICS on a network with domain controllers, DNS

servers, gateways and DHCP servers and do not use ICS on hosts
configured with static IP addresses.
Page 990 of 1229
11.11 Configuring the web browser

Web servers provide websites that users can access using the HTTP
protocol on the default port 80. Using web browser software, such as
Google Chrome, Internet Explorer (IE) or Mozilla Firefox, users can access
files, web pages and other content and click on links and be instantly
connected to any web server in the world. A plug-in (or plugin,
extension, or add-on/addon) is software that can be added to the web
browser or another application to add new features, such as new search
engines and virus scanners, or the ability to use a new file type such as a
new video format. Well-known browser plug-ins include the Adobe Flash
Player, and the Java plug-in, which can launch a user-activated Java applet
on a web page where it executes on a local Java virtual machine.
You can find:
Firefox at www.mozilla.org
Google Chrome at www.google.com/chrome
IE at windows.microsoft.com/en-us/internet-explorer/download-ie
Setting up a web browser requires almost no effort. By default, the web
browser will work automatically as long as the Internet connection is
working (or network connection is working if accessing a website on the
internal network), correct gateway and DNS addresses are configured, and
if you are getting an IP address from a DHCP server. All this should have
been done for you. This is not to say you cannot configure the web browser
according to your needs, but the default browser settings work almost
every time.
On most web browsers, you can set the default font size, configure proxy
settings, choose whether to display graphics and configure other settings.
Although all web browsers support these settings, where you go to make
these changes is different between browsers. If you are using Internet
Explorer that comes with Windows, you will find configuration tools in the
Internet Options Control Panel applet or under the Tools menu in Internet
Explorer (see Figure 11.82). Note that the applet is called Internet Options,
but the window it launches is called Internet Properties. If you launch it
within the browser, it is called Internet Options.
Figure 11.82 shows the Internet Properties applet in Windows 7. As you
can see, there are several tabs, and the General tab is selected by default.
Page 991 of 1229
Figure 11.82 Internet Properties

General Tab
This tab includes the following settings that you can change:
Home page: Change what URL IE opens when it is started. You can
even add multiple home pages, which open in separate tabs.
Browsing History: IE keep a copy of the website files you visit. You
can delete the data or use the settings page to change how much data
to keep.
Search: Use this to change the default search engine used.'
Tabs: Use this to change how tabs and pop-up windows are used.
Appearance: Use this to change some elements on webpages
Security tab
Unfortunately, many websites include malware. To reduce risks, IE uses
security zones with various levels of security:
Restricted Sites: this is the most restrictive zone that allows you to
visit a website but stops the site from running active content that might
damage your computer or steal your data.
Trusted Sites: this zone has relaxed security settings so that a website
can run more programs. You can add sites that you trust not to damage
your computer or information.
Local intranet: this zone can include websites that you access on an
internal network using non-HTTP or HTTP addresses without dots (like
http://success). The security settings for this zone are relaxed to allow
more content to run.
Page 992 of 1229
Internet: Any site not in the other zones is considered an Internet site
and it strikes a balance between security and usability by allowing some
active content to run while restricting some active content from running.
Figure 11.83 shows the Security tab.
Figure 11.83 Security tab

By default, you can use tools to automatically add sites to the zones and
you can manually add sites to the zones. To add a site to any zone, select
the zone, click the Sites button, and enter the address. Once you have
picked a zone to control, you can set the security level. The High security
level blocks more websites and disables some plug-ins, while Medium-high
and Medium allow less secure websites and features. From here you can
also enable/disable ActiveX, and various scripting (such as JavaScript)
within websites by accessing the Custom level button.
Note
Security zones provide a layer of protection, but it is important to

always have up-to-date antivirus software running on your system.
Privacy Tab
Here you can configure how cookies are used and control pop-ups through
a pop-up blocker. Cookies are small text files that a website can store on
your computer when you visit that site so that when you go back to that
site, it reads the cookie to identify you and your behaviour for the purpose
of enhancing your experience or changing the advertising based on your
activities. There is a slider that enables you to control what is blocked.
Page 993 of 1229
The highest setting blocks everything while the lowest setting blocks
nothing. Go here if you do not want websites tracking your browsing
history (though cookies can authenticate users and do other things too).
Content Tab
Here you can configure the following settings:
Parental Controls: Use this setting to limit Internet usage for specific
accounts.
Content Advisor: uses ratings to restrict content based on categories
such as gambling, language, etc. When enabled, the administrator can
enter a password to allow the content to be viewed.
Certificates: websites commonly use certificates to encrypt
connections, such as online transactions. Administrators use this area to
view and change the certificates.
AutoComplete: this remembers information you have typed in
previously and can retrieve it to automatically fill in different forms or
addresses for you.
Feeds and Web Slices: You can use this to control the schedule for
Really Simple Syndication (RSS) feeds or sites using web slices. Not all
sites use these features.
Connections Tab
The Connections tab enables you to set up your connection to the Internet,
via broadband or dial-up, connect to a VPN, configure a proxy server
connection, or adjust some LAN settings. Many companies use a proxy
server to filter Internet access, and when you are on their network, you
need to set your proxy settings within the web browser (and any other
Internet software you want to use).
A proxy server is software that acts as a middleman when you request
information from Internet web servers. Applications that want to access
Internet resources send requests to the proxy server instead of trying to
access the Internet directly, which both protects client computers and
enables the network administrator to monitor and restrict Internet access
and the websites users are visiting. It also caches (stores) website
information so that users can get web data quicker. It can also be used to
cache FTP and secure information. By default this is not configured. Each
application must therefore be configured to use the proxy server.
If you click the LAN settings button, you can configure connection scripts
and a proxy server as well. Figure 11.84 shows IE configured to use a
proxy server. As you can see, the IP address of the proxy server is
192.168.1.1 and uses port 80, which is used by web servers. By default,
these settings apply to all HTTP, HTTPS and FTP traffic, but you can click
Advanced and configure different proxy servers for different protocols.
Page 994 of 1229
Figure 11.84 Setting Proxy parameters in the web browser

Note
Although it is not a requirement, proxy servers often use port 8080

instead of port 80 to listen for HTTP requests. The Bypass Proxy
Server for Local Addresses option is selected if the company has
internal web servers. It allows computers to connect to internal
web servers directly, without going through the proxy server.
Programs Tab
The Programs tab includes the following sections:
Default web browser: Here you can set IE to be the default web
browser.
Manage add-ons: Add-ons such as extra toolbars and extensions can
sometimes slow the browser down, and you can use this area to enable
or disable them.
HTML editing: You can set the default tool used to edit Hypertext
Markup Language (HTML) files from this page if desired.
Internet programs: This link brings you to Default Programs, which
you can use to configure the program Windows will use to open a
particular type of file, based on its extension.
Advanced Tab
This tab lists advanced options that you can turn on and off, such as
disable certain types of content, enable a script debugger, enable or disable
passive FTP, and allow or block active content from running. The available
options include accessibility, browsing, international and security settings.
From here, you can control how IE checks website certificates and use a
Reset button to restore all of the IE settings to their original settings.
Page 995 of 1229
Resetting the browser also removes or disables any toolbars or add-ons

and enables you to save or delete your personal settings before resetting
IE.
11.11.1 Configuring other browsers

You control the settings for Mozilla Firefox and Google Chrome just as you
do in Internet Explorer, though you will not find an applet in Control Panel.
In Google Chrome, you can click on the Chrome menu button in the
upper-right corner of the browser and select Settings. In Mozilla Firefox,
click on the Firefox menu button in the upper-left corner (or upper-right
corner for the newer version) and click on Options. This section will give
you an idea of how to configure these two browsers by showing you how to
access their proxy settings, which is a common task for network
administrators.
In Mozilla Firefox, click on the Firefox button in the upper-left corner and
click on Options. Then, click on the Advanced tab and under the
Network tab, click on Settings. Firefoxs controls are laid out like IE,
though you will not find everything in the same place. See Figure 11.85.
Figure 11.85 Firefox proxy settings

Google Chromes controls look more like a web page. See Figure 11.86. It
uses Windows proxy settings to connect to the network. Click the wrench
button on the browser toolbar. Select Settings, then click Show
advanced settings and in the Network area, click Change proxy
settings. This will open the Internet Properties dialog shown back in
Figure 11.84 where you can change your proxy settings.
Page 996 of 1229
Figure 11.86 Google Chrome settings
11.12 Windows Firewall

While a hardware firewall like a router does a lot to protect you from
malware and other attacks on the Internet, you should also use a software
firewall, such as a packet filtering firewall built into Windows XP and later
operating systems called Windows Firewall for protection. Windows
Firewall is a host-based personal firewall that can be accessed via the
Control Panel. In each OS, the overall goal of Windows Firewall is the
same: to control traffic and help protect the system from malicious traffic.
Windows Firewall supports port blocking, security logging and more.
Configuring Windows Firewall involves turning it on or off and choosing
which programs and services to let through, known as exceptions. If you
want to play a computer game that needs an Internet connection, for
example, it would need to be on the list of exceptions for your firewall.
Fortunately, most programs you install add themselves to the list
automatically, otherwise Windows Firewall will usually ask you the first time
you run it if you want to add the application as an exception.
Most firewalls start with an implicit deny policy by default, which means it
will completely block all packets and packet filters specify what packets can
pass through. Of course, you want to allow some packets to pass through,
so exceptions can be created. Exceptions are identified as rules and stored
in the firewalls ACL.
Page 997 of 1229
11.12.1 Configuring Windows Firewall on Windows XP

You can start Windows Firewall on Windows XP from the Control Panel.
Change the Control Panel view to Classic View, and double-click Windows
Firewall. It has three tabs that you can use to enable/disable the firewall,
create firewall exceptions and allow network access to a specific program,
add a rule based on port numbers, enable or disable the firewall for each
network adapter installed on the system, and enable logging and view
firewall logs to verify what traffic is blocked.
Note
By default, the Windows Firewall blocks ICMP traffic, including ping

commands. Ping is useful for troubleshooting, and you might want
to either disable the firewall when testing and enable it again
afterwards, or create a rule to allow ICMP traffic to pass through.
11.12.2 Configuring Windows Firewall in Vista/7

You can access Windows Firewall by opening the Windows
Firewall applet in Control Panel or by typing windows firewall
in the Search box and clicking on Windows Firewall in the
program list. To turn Windows Firewall off on a Windows
computer (which is not a best practice), complete the following
exercise:
1. Choose Start > Control Panel. Control Panel appears.
2. Click System and Security. The System and Security window appears.
3. Click Windows Firewall. See Figure 11.87. The Windows Firewall
window appears. The left pane includes several links to modify the
settings and the centre pane provides information about its current
configuration.
Figure 11.87 Windows Firewall in Windows 7
Page 998 of 1229
4. Click Turn Windows Firewall On or Off.

5. Choose Turn off Windows Firewall (not recommended) for each
network location you use. Figure 11.88 shows where to simply turn on
and turn off Windows Firewall.
Figure 11.88 Turning Windows Firewall on or off

Note
If you suspect that malware has infected the computer and

connecting it to external systems, you can select Block All
Incoming Connections, Including Those In The List Of Allowed
Programs. This will stop all traffic.
11.12.2.1 Home vs. Work vs. Public network settings

Windows 7/Vista separates networks into ones that you can trust (like the
one in your SOHO network) from networks that you do not trust (like a
public Wi-Fi hotspot at the airport). To do this, Windows Firewall includes
three network types: Domain, Private and Public.
A Domain network is controlled by a domain controller (DC) on a

Windows Active Directory network. In most cases, the DC tells your
computer what it can and cannot share. You do not usually need to do
anything when your computer joins a domain network.
A Private network allows you to share resources, discover other
devices on the network, and allow other devices to discover your
computer safely. Seeing other devices on your network and allowing
other users to see your computer is done through network discovery.
A Public network stops your computer from sharing anything and
disables network discovery.
Page 999 of 1229
11.12.2.2 Network locations

When you connect your computer to a new network for the first time,
Windows will ask you to choose a network location: Home, Work or
Public. See Figure 11.89. A network location allows you to separate a
network that you trust from one that you do not.
Figure 11.89 Choosing a Network location

The network locations or types are:
Home choose this location for when you are at home or when you
trust the people and hosts on your SOHO network. Network discovery is
turned on for home networks and users can see each other and share
resources and can create and join Homegroups.
Work choose this location for your office or SOHO network. Network
discovery is on by default, but you cannot create or join a Homegroup.
Public choose this location for when directly connected to the
Internet and in public places, such as hotspots. HomeGroup is not
available on public networks and network discovery is turned off.
Domain this location is for Windows domain networks and is
controlled by the network administrator and cannot be chosen or
changed by domain users.
Note
Notice that there is no Domain location shown in Figure 11.89. This

is because if your computer is on a domain, you will not see this
dialog box. When your computer joins a domain, Windows
automatically sets your network location to Domain.
Page 1000 of 1229
When you choose a network profile, Windows configures Windows Firewall

to block or unblock network discovery and sharing services. When running
on a Private (Home or Work) network, Windows enables Network Discovery
and File and Printer Sharing as exceptions. When running on a Public
network, Windows disables these exceptions. If you connect to networks in
different locations, choosing a network location can help ensure that your
computer is always set to an appropriate security level.
Figure 11.90 shows you where you can see what network you are
connected to. In Windows, the Set Network Location dialog box appears
every time you connect to a new network. Windows includes three different
firewall settings: one for Domains, one for Private networks (Home or
Work), and one for Public networks. You can change the network by
clicking the link and selecting a different network.
Figure 11.90 Network location

If you click on Change advanced sharing settings on the left in the
Network and Sharing Center in Figure 11.90, the Advanced sharing
settings page will appear, as shown in Figure 11.91. From here you can
turn network discovery and various sharing services and security
parameters on or off.
Page 1001 of 1229
Figure 11.91 Network Discovery and File and Printer Sharing

settings
11.12.2.3 Allowed programs and features

The Windows Firewall page includes a link called Allow A Program Or
Feature Through Windows Firewall. You can use this to enable or
disable traffic by using predefined rules or by creating a new rule for
specific programs or features. For example, if you want to enable Remote
Desktop, you can click the link and select Remote Desktop, as shown in
Figure 11.92.
Figure 11.92 Allowing programs through Windows 7 firewall

Notice that you can allow programs and features for Home/Work and
Public. As shown, Remote Desktop is enabled as long as the computer is
connected to a Home or Work network location, but not for a Public
network location.
Page 1002 of 1229
Windows Firewall has several predefined rules, but you can click Allow
Another Program and select another program. You cannot add rules
based on ports from this page, but you can do so by using Windows
Firewall With Advanced Security.
11.12.2.4 Windows Firewall with Advanced Security
When configuring the firewall, you typically specify rules that control which
packets are allowed or not allowed to enter the network. A default rule that
you typically set first states Drop all packets or Accept all packets, and
then you build a list of exceptions to that default rule. Windows Vista/7
include the Windows Firewall With Advanced Security applet. You can
create incoming rules for traffic coming into the computer and outgoing
rules for traffic going out. The rules can be based on direction (inbound
rules for traffic coming into the computer and outbound rules for traffic
going out), IP addresses, network IDs, ports, protocol IDs or applications.
You can also create rules for Home/Work network locations as Private, rules
for the Public network location, and Domain rules.
To start this tool, open Administrative Tools in the Control Panel and
double-click Windows Firewall With Advanced Security. It can also be
started by entering wf.msc from the command prompt or in the Search
box.
Figure 11.93 shows this tool open to the Inbound Rules section with the
predefined rule for Remote Desktop open. This is the same Remote
Desktop rule shown in Figure 11.92, but Windows Firewall allows you only
to enable or disable it. With Advanced Security, you can view all of the
properties, although many of the properties cannot be changed in a
predefined rule.
Figure 11.93 Windows Firewall with Advanced Security
Page 1003 of 1229
Note
Block stops traffic from passing through unless a specific rule

allows it. Allow enables traffic to pass through unless a specific
rule blocks it. Blocking all connections stops inbound
connections no matter what rule is set up.
A rule always has at least the following variables:

The name of the program
Group: to help organise all the rules
The associated network profile (All, Domain, Public, Private)
Enabled/disabled status
Remote and local address
Remote and local port number
The Actions pane on the right in Figure 11.93 includes the New Rule link.
Clicking this with Inbound Rules selected opens the New Inbound Rule
Wizard, where you can configure rules for incoming traffic. If you select
Outbound Rules and click New Rule, it opens the New Outbound Rule
Wizard, where you can configure rules for outgoing traffic.
Tip
You can add, remove and change any rule as you wish. It quickly
gets difficult, so unless you need to set up a lot of your own rules
and are experienced at doing so, stick to the standard Windows
Firewall applet.
11.13 Troubleshooting networks

This part of the unit focuses on some areas of network troubleshooting. To
start off, it helps to take a methodical approach when it comes to
troubleshooting network components and testing network connectivity:
Cabling/media check for incorrect cable insertion, damaged

cables/connectors, poor quality cabling, and interference from other
devices or power cabling.
Network adapters make sure the adapter is recognised by the OS and
supports the product, speed and configuration of the network.
Switch check for damage or misconfiguration or a faulty port. When
multiple users cannot connect, look for problems with the switch or
other connectivity device such as an AP.
Software protocols and services make sure these are installed and
configured correctly.
Routing between networks if one client cannot connect, make sure its
default gateway is configured to point to the router; if multiple users
cannot connect, check the configuration of the router. Also verify that
the firewall is not blocking traffic passing between the networks.
Name resolution check the DNS configuration on the client if it cannot
connect, or the server if many users cannot connect.
Security check log on (password), authentication and permissions.
Page 1004 of 1229
You can start from the bottom or top (where problems occur more often).
11.13.1 Network command prompt tools

You can often troubleshoot connectivity issues from the command prompt
and quickly identify the problem, but you must know which tool to use for
which problem.
The command prompt is easier to learn through experience. That is, do not
just read about it, do it. Practice running each of the commands covered in
this section to see the results. It is natural and helpful to make errors. If
everything works perfectly the first time, you probably will not remember it
as easily.
11.13.1.1 Ipconfig
You can use the ipconfig (short for IP configuration) command to see the
TCP/IP configuration of a Windows system. When you use it without any
switches, it shows basic information such as the name, IP address, subnet
mask and default gateway (router) for all network adapters that have
TCP/IP bound to them. However, you can also use ipconfig with switches to
show more detailed information. Figure 11.94 shows the output of running
the ipconfig /all command.
Figure 11.94 Ipconfig /all

Table 11.5 shows some of the common switches used with the ipconfig
command, along with what they are used for.
Page 1005 of 1229
Table 11.5 Ipconfig switches

Switch
ipconfig /?
ipconfig /all
ipconfig /release
adaptername
ipconfig /renew
adaptername
ipconfig /release6
ipconfig /renew6
ipconfig /displaydns
ipconfig /flushdns
Tip
Usage
View help on the ipconfig command along with all
its switches.
View full TCP/IP configuration information. This
identifies the host name, MAC address, DNS server
address, DHCP server address (if it is a DHCP
client) and more.
Release the IPv4 address information for a specific
network adapter from the DHCP server. For
example, use ipconfig /release Local Area
Connection. Use ipconfig /release to release IP
address information for all adapters.
Renew the IPv4 address information with the DHCP
server. For example, ipconfig /renew Local Area
Connection. Use ipconfig /renew to renew IP
address information for all adapters.
Release the IPv6 address. Use this on DHCP clients
to remove all IPv6 assigned settings.
Renew the IPv6 address. Use this on DHCP clients
to renew IPv6 DHCP assigned settings.
Displays the contents of the host cache (sometimes
called the DNS resolver cache). These cached
entries come from the hosts file and from recent
responses from DNS.
Removes all the cached entries from DNS
responses. However, this command does not
remove entries from the hosts file. If you flush the
DNS cache and then immediately display the cache,
you will see entries that originate from the hosts
file.
If a client cannot reach a DHCP server, DHCP clients assign

themselves an APIPA address. If you want to get a new IP address
from DHCP, use ipconfig /release and then ipconfig /renew.
Use ipconfig to check that the system is configured correctly. You can
answer the following questions with ipconfig and proceed from there to
troubleshoot the issue:
Is the adapter configured with a static IP address when it should be

configured with a dynamic address and are its other parameters such as
subnet mask, default gateway and DNS server address correct?
Is the adapter configured with DHCP or APIPA (in the range
169.254.x.y)? APIPA indicates that the DHCP client attempted to
contact the DHCP server and did not receive a response from it.
Does the computer have the correct address from the DHCP server? A
static/reservation is a reserved address in which the computer always
Page 1006 of 1229
gets the same address while a dynamic one is assigned from a pool and
can change.
If your answer to
whether the issue
DHCP client and
configuration from
DHCP servers.
any of these questions is a negative one, investigate

lies with the configuration or connection between the
DHCP server, or whether the client has received
the wrong DHCP server on a network with multiple
Many Unix/Linux systems support the ifconfig command. The ifconfig

command has more capabilities than ipconfig, and technicians use it to
configure the network interface card.
11.13.1.2 Ping
Ping is used to check connectivity between two devices on the same
network and on remote networks. It basically answers the question: Can I
connect to another host and is that host responding? Ping works by using
Internet Control Message Protocol (ICMP) status packets to find out
whether the other host is connected to the network and can respond. A
successful ping request on a Windows system requires that four ICMP echo
request packets be sent out to a remote host and expects to receive four
ICMP echo reply packets back in return and the ping is a success. The basic
syntax is as follows:
ping target
(Where target is the IP address or name of a destination host).
For example, if the IP address of your default gateway is 192.168.1.1, you
can use the following command to check connectivity:
ping 192.168.1.1
Or to ping the IPv6 address of another system:
ping fe80::5549:3176:540a:3e09%10
If you instead want to check connectivity with a server called filesrv on
your network, you can use the following command:
ping filesrv
Figure 11.95 shows an example of a ping in action with an explanation of
the results given afterwards.
Page 1007 of 1229
Figure 11.95 Ping in action

The first command (ping cnet.com) pings the website by its name and the
second command (ping 64.30.224.118) pings the website by its IP address.
The first ping resolves the name to an IP address (in the first line that says
pinging [64.30.224.118]) and shows that it identified the address
64.30.224.118 for the website. This also verifies that it was able to query
DNS to get the IP address from the name of the web server. Both
commands sent four pings to the server and successfully received four
replies, indicating that the website is reachable. Figure 11.95 also shows
the approximate round-trip time in milliseconds (1000 msec equals one
sec). This gives you an indication of the response time of the remote
computer.
Although ping is most often used on its own, it does have switches that can
help you troubleshoot systems. Table 11.6 shows common switches used
with the ping command. The help for ping shows switches listed with a
dash (-), but you can also use the forward slash. This is the same for many
other command prompt commands.
Table 11.6 ping switches
Switch Usage and example
-?
View help on the ping command. For example, ping -?
-t
Continuously send a stream of ping requests until stopped with
the <Ctrl> + <C> keys. For example, ping 192.168.1.1 t.
Linux systems constantly ping a system until the <Ctrl> + <C>
keys are pressed. For example, if you think a problem might be
related to a loose connection in a cable, you might want to
wiggle the cable around to see whether the symptoms change.
-l nn
Modify the buffer size with a lowercase L and a number. For
example, ping 192.168.1.1 -l 16. This example changes the
buffer size to 16 bytes.
Page 1008 of 1229
Switch Usage and example

-4
Force ping to use IPv4. For
resolves the name to an IPv4
IPv4 address.
-6
Force ping to use IPv6. For
resolves the name to an IPv6
IPv6 address.
example, ping srv1 -4. This first

address and then pings it with the
example, ping srv1 -6. This first
address and then pings it with the
Troubleshooting with ping:

Although you cannot use ping to isolate all problems, you can use it help
identify where a problem lies. When troubleshooting with ping, follow these
steps to verify a computers configuration and test router connections:
Step 1: Use the command ping 127.0.0.1 to ping the IP address of your
systems local loopback. If you can ping the loopback address, you know
that the TCP/IP protocol suite is installed correctly and is functioning, but if
you cannot, TCP/IP might need to be reloaded or reconfigured or there
might be a problem with the network adapter or another service is
interfering with IP.
Note
127.0.0.0 - 127.255.255.255 is reserved for loopback testing.

Although convention states that you use 127.0.0.1, you can use
any address in the 127.X.X.X range, except for the network ID
itself (127.0.0.0) and the broadcast address (127.255.255.255).
You can also ping the localhost (for example, ping localhost),
which is the default hostname for the local system that will
automatically be resolved to the loopback address. In IPv6, use
the command ping ::1 to test the loopback address.
You should see a response similar to that shown in Figure 11.96.
Figure 11.96 Pinging loopback address
Page 1009 of 1229
This command will still work even if the network adapter is disabled or
unplugged from the network. Notice the output also shows the TTL of 128.
Step 2: Ping the assigned IP address of your local network adapter. If the
ping is successful, you know that your network adapter is functioning and
has TCP/IP correctly installed, but if you cannot ping the local network
adapter, TCP/IP might not be correctly bound to the network adapter, the
adapters drivers are not installed properly, the IP configuration is incorrect
or not configured properly. If the problem is not with the configuration,
there might be a hardware problem.
Also check for duplicate IP addresses. Windows displays a notification if it
finds a conflict with another host using the same IP address on the network
and disables IP. This is not good, so make sure that they are both using
unique IP addresses.
Figure 11.97 IP address conflict network error message

Step 3: Ping the IP address of a known good default gateway (router) on
your local network to see if you can communicate with a local host on the
local network. If you can ping the router on your local network, you have
network connectivity. If you cannot ping the router, check that the default
gateway parameter on your computer is configured properly and you are
connected to the network correctly (cable connection, etc), and check
whether the router is configured to respond to pings and running.
Alternatively, you can ping another computer if a router is not available.
Step 4: If you can ping the default gateway, you can verify remote
connectivity by pinging the IP address of a remote host to verify that you
can communicate through a router.
If ping is successful, you will receive four Reply from messages. Using
these steps, you can confirm network connectivity on both a local network
and remote network. The whole process requires running ping with the IP
addresses along the path to the target. If you are an optimistic person, you
can skip straight to step 4, but you might have to go back to step 1 if step
4 fails.
Page 1010 of 1229
Note
You can ping the DNS name of the remote host (for example, ping
www.comptia.org, ping srv1if your network uses a DNS server or
the name and IP address of the remote host is configured in your
hosts file. On a Windows network, you can also ping the Network
Basic Input/Output System (NetBIOS) computer name. If you can
ping by IP address and not by name, then it suggests that there is
a name resolution problem.
Not all ping results are that successful. If you cannot reach a system, you
will see errors listed four times instead of four Reply from messages. This
does not necessarily mean that the other system is not running. Many
firewalls including Windows Firewall block ICMP ping requests, so a
system can be working but be configured so that it does not respond to
pings. You can disable the firewall for testing and enable it again.
To use ping effectively, you must understand the error messages that will
show as a result of a failed ping command:
Destination Host Unreachable means the local computer does not
have a route to the destination host or the remote router reports that it
does not know how to reach that IP address. Check the TCP/IP
configuration if the other host is on the same network or check the TCP/IP
configuration and router if the host is on another network.
Request Timed Out essentially indicates that the other host is not
available or cannot send a reply back to your computer. Assuming that the
network connectivity on your computer and the physical cabling and
infrastructure (switches) are working correctly, this typically indicates that
the destination host is not connected to the network, is powered off, or not
correctly configured.
Figure 11.98 Request timed out error message
Page 1011 of 1229
Unknown Host or Ping Request Could Not Find Host indicates that
the requested hostname cannot be resolved to its IP address. Check that
the name is entered correctly and that the DNS server can resolve it. Other
commands, such as nslookup or dig in Linux, can help in this process.
TTL Expired in Transit the packet exceeded the number of hops
specified to reach the destination host. The Time To Live (TTL) counts each
hop (router) along the way to the destination. Each time it counts one hop,
the hop is subtracted from the TTL. If the TTL reaches 0, it has expired,
and you get this message. You can increase the TTL using the -i switch.
Note
When troubleshooting connectivity issues, ping and ipconfig are

two of the most commonly used tools. You can often identify a
problem by first checking the TCP/IP configuration with ipconfig
and then checking connectivity with ping.
11.13.1.3 Tracert
Tracert traces the route or path between two hosts. It does this by using
ICMP echo packets to report information at every step of the journey to the
target destination, including the IP address of every router it passes
through and, in some cases, the name of the router. This information can
help identify where network bottlenecks or breakdowns might be. Each of
the common operating systems provides a tracert tool, but the name of the
command and the output vary slightly on each. For example, in
UNIX/Linux, the command is traceroute.
The basic command syntax for tracert is:
tracert target
(Where target is the IP address or the domain name/FQDN of a
destination host or website).
For example, if you want to identify all the routers between you and a
website named pearson.com, you could use the following command:
tracert pearson.com
Page 1012 of 1229
The following is an example of a successful tracert command to the website

pearson.com:
C:\Users\brendong>tracert pearson.com
Tracing route to pearson.com [159.182.16.52]
over a maximum of 30 hops:
1
<1 ms
<1 ms
<1 ms .172.16.11.1
2
41 ms
17 ms
22 ms 209.203.8.161
3
8 ms
10 ms
11 ms 209.203.8.241
4
10 ms
11 ms
9 ms 41.193.32.153
5
57 ms
26 ms
8 ms 41.193.32.202
6
229 ms
179 ms
221 ms 196.41.24.121
7
177 ms
204 ms
220 ms 195.50.120.13
8
236 ms
253 ms
270 ms vl-3608-ve232.csw2.london1.level3.net [4.69.166.30]
9
181 ms
183 ms
197 ms ae-22-52.car2.london1.level3.net
[4.69.139.99]
10
279 ms
232 ms
193 ms savvis [4.68.127.34]
11
296 ms
305 ms
263 ms cr1-te-0-0-5-0.uk1.savvis.net
[204.70.206.61]
12
270 ms
249 ms
260 ms cr2-tengig-0-15-00.newyork.savvis.net [204.70.196.118]
13
295 ms
250 ms
253 ms 204.70.206.50
14
261 ms
249 ms
258 ms das12-v3020.nj2.savvis.net
[64.15.236.110]
Trace complete.
The tracert output includes several columns of information. The first
column represents the hop number, which represents the number of steps
in the path the packet takes to cross the network. The next three columns
indicate the round-trip time, in milliseconds, that a packet took from the
sender to the router and back in its attempt to reach the destination. The
last column is the hostname and the IP address of the responding host.
Page 1013 of 1229
Of course, not all attempts are successful. The following output indicates
that it tracert did not get to the remote host:
C:\>tracert 216.119.103.72
Tracing route to comptia.org [216.119.103.72]
over a maximum of 30 hops:
1
27 ms
28
2
55 ms
13
[24.67.224.7]
3
27 ms
27
[204.209.214.19]
4
28 ms
41
[66.163.76.65]
5
28 ms
41
[66.163.68.2]
6
41 ms
55
[24.7.70.37]
7
54 ms
42
[192.205.32.249]
8
*
*
9
*
*
10
*
*
ms
ms
14 ms 24.67.179.1
14 ms rd1ht-ge3-0.ok.shawcable.net
ms
28 ms
rc1wh-atm0-2-1.shawcable.net
ms
27 ms
rc1wt-pos2-0.wa.shawcable.net
ms
27 ms
rc2wt-pos1-0.wa.shawcable.net
ms
41 ms
c1-pos6-3.sttlwa1.home.net
ms
27 ms
home-gw.st6wa.ip.att.net
*
*
*
Request timed out.

Request timed out.
Request timed out.
In this example, the request gets to hop 7, at which point it fails. This
failure indicates that the problem lies on the far side of the host in step 7 or
on the near side of the host in step 8. In other words, the host at step 7 is
functioning but might not make the next hop. You can isolate the problem
to just one or two hosts.
Note
In some cases, the router might be configured to not return ICMP

traffic like that generated by ping or traceroute. If this is the case,
the ping or traceroute will fail just as if the router did not exist or
was not operating. Also, the firewall might be configured to block
this ping and tracert traffic to prevent network snooping.
You probably are not going to be troubleshooting Internet problems very

soon. However, if you were, tracert might be one of the tools you would
use to identify Internet router problems.
Table 11.7 lists some switches and examples.
Page 1014 of 1229
Table 11.7 Common tracert switches

Switch Usage and examples
-d
Do not resolve addresses to hostnames. Only IP addresses are
listed. For example, tracert www.cti.ac.za-d
-4
Use only IPv4 in the trace. For example, tracert www.cti.ac.za -4
-6
Use only IPv6 in the trace. For example, tracert www.cti.ac.za -6
Note
Tracert checks connectivity just as ping does but is much more

useful if you have multiple routers in the network. Use tracert to
identify the router that is giving problems.
11.13.1.4 Nslookup
You can use nslookup (short for name server lookup) to troubleshoot
name resolution problems with DNS. Nslookup queries DNS and can verify
that records exist in DNS to resolve host names to IP addresses. Use it to
determine whether a system can map a hostname to an IP address by
querying DNS. The basic command is as follows:
nslookup hostname DNSServer Option
(where hostname is the hostname or IP address to be resolved, DNSServer
is the DNS Server to use and can be left out to use the default DNS Server
and Option is an nslookup subcommand).
Nslookup is a shell command, which means that if you only type nslookup
and press <Enter>, you will start the shell in interactive mode and see a
prompt of >. You can then enter commands specific to nslookup from this
prompt. Table 11.8 list some command switches and instructions when
working in interactive mode.
Table 11.8 nslookup command switches and instructions in
interactive mode
Switch/instruction
Help or ?
<Ctrl> + <C>
set type =xx
exit
Usage and examples

To get help and view subcommands
Use to interrupt interactive commands at any time.
By default, host name (A) records are returned. Use
this command to set the query type (e.g. A, AAAA,
ANY, CNAME, MX, NS, PTR, SOA or SRV) for
different records to be returned. For example, use
set type-mx to return the mail server records for
the domain.
Run this command to exit the program.
Instead of using interactive mode, you can also execute nslookup requests
directly at the command prompt in non-interactive mode. For example,
suppose you have problems reaching the comptia.org website.
Page 1015 of 1229
You might want to determine whether DNS can resolve the name to an IP
address. You can use the following command:
C:\>nslookup comptia.org
Server: nsc1.ht.ok.shawcable.net
Address: 64.59.168.13
Non-authoritative answer:
Name:
comptia.org
Address: 208.252.142.2
The first two lines show the hostname and IP address of the DNS server
against
which
the
resolution
was
performed,
that
is,
nsc1.ht.ok.shawcable.net along with its IP address (64.59.168.13). The last
two lines show that the DNS server can resolve the website comptia.org to
the IP address of 208.252.142.2.
11.13.1.5 Nbtstat
You can use nbtstat (short for NetBIOS over TCP/IP statistics) to view
protocol statistics and information for Network Basic Input/Output System
(NetBIOS) over TCP/IP connections. Nbtstat is commonly used to
troubleshoot NetBIOS name resolution problems for older Windows NT and
9x clients. A Windows Internet Name System (WINS) server primarily
resolves NetBIOS names to an IP address. When a WINS client starts, it
contacts the WINS server and registers its name and IP address. Then,
when other clients query the WINS server with the name, the server
responds with the corresponding IP address. Clients can also use
broadcasts to resolve NetBIOS names.
Note
WINS is used to resolve NetBIOS names, which are used only on

internal Windows networks. Some internal networks use only
hostnames and hostnames are resolved by DNS, which is used on
the Internet and on internal networks.
Nbtstat calls up the name table. For example, you could find out what
services are running, what the computers name is and the network it is a
part of typing out the following command (see Figure 11.99):
nbtstat n
Figure 11.99 nbtstat n output

Page 1016 of 1229
Susan-PC in Figure 11.99 is the computer name and Workgroup is the

network name. The numbers in the brackets <> are services. To name a
few: <00> is the workstation service and it allows this computer to redirect
out to other systems to view shared resources, while <20> is the server
service and it allows this computer to share resources with other systems.
Nbtstat is one of the few commands that use case-sensitive switches. That
is, nbtstat -r is different from nbtstat -R. Table 11.9 lists some common
switches used with nbtstat, with some examples.
Table 11.9 common nbtstat command switches
Switch
nbtstat a (name)
nbtstat A (IP address)
nbtstat c (cache)
nbtstat n (names)
nbtstat r (resolved)
nbtstat R (reload)
Usage and example

Lists the remote computers NETBIOS name
table given its name.
Lists the remote computers NETBIOS name
table given its IP address.
Lists known name entries in the cache.
List local registered NETBIOS names.
Lists all the names resolved by broadcast and
via WINS.
Purges and reloads the remote cache name
table from the lmhosts file (if it exists).
11.13.1.6 HOSTS and LMHOSTS files

For small networks, the HOSTS file can still be the easiest way to provide
name resolution for the networks TCP/IP systems. The file can co-exist
with DNS and because the file is always checked before DNS is used, you
can use it to override DNS if you want to. If you do use the file, you have
to manually add each entry and each system that performs resolution must
have a copy of the file.
You can find the HOSTS file in the the following folder:
%systemroot%\system32\drivers\etc
Figure 11.100 shows a HOSTS file open with Notepad with some entries
added to the bottom of the file. As you can see, the IP address of the host
is listed with the corresponding hostname/FQDN. You can use a tab space
to separate the name and IP address. The # lines indicate a comment that
is not read by the OS.
Page 1017 of 1229
Figure 11.100 Hosts file

The HOSTS file can be used to troubleshoot name resolution services or to
isolate problems with DNS. Simply add the IP address mapping to the file
and if you can ping the host by its host name, which reads the HOSTS file
before DNS, it suggests that there is a problem with the DNS Server.
The LAN Manager HOSTS (LMHOSTS) file is similar to the HOSTS file
except that it contains a list of NetBIOS names and their associated IP
addresses for name resolution on a WINS network. Windows stores a
sample of the file in the same location as the HOSTS file, but it has a .sam
extension. If you need to use it, make a copy of the file and remove its file
extension.
11.13.1.7 Netstat
Netstat, short for network statistics, can be used to view status
information about current TCP/IP network connections and about the traffic
created by TCP/IP protocols. It allows you to quickly view both legitimate
and malicious network activity and identify what traffic is generating that
activity. Table 11.10 lists some common switches used with netstat.
Table 11.10 Common netstat command switches
Switch
netstat ?
netstat a
netstat b
netstart e
Usage
Get help on netstat.
Lists all active connections and ports actively listening
for incoming network connections.
Lists programs involved in creating each connection or
listening port. You can combine this with the -a switch
(netstat -b -a).
Shows Ethernet statistics, including bytes sent and
received, dropped packets and errors.
Page 1018 of 1229
Switch
netstat
protocol
netstat r
Usage
p Shows connections the specified protocol (e.g. TCP or
UDP)
Shows the routing table. A system uses a routing table
to determine routing information for TCP/IP traffic.
netstat s
Shows statistics for protocols. This will list statistics for
TCP, UDP and IP statistics for both IPv4 and IPv6.
netstat interval
Specifies how long to wait before re-displaying
statistics in seconds (interval). For example, enter
netstat 10 (to wait for 10 seconds). Press <Ctrl> +
<C> to stop.
Figure 11.101 shows an example of the output of the netstat a command.
Figure 11.101 netstat a output

As you can see, the output includes four columns, which show the active
protocol (TCP or UDP), the local address of the local system and the port it
is using, the foreign address of the remote system, and the ports state
(established, listening, closed or waiting). The TCP connections show the
local and foreign destination addresses and the connections current state.
UDP does not list status of a state because it is a connectionless protocol
and does not establish connections (or states).
11.13.1.8 Arp
You can use the arp command to view MAC and IP address mappings. Each
time a computer needs to know the MAC address of another computer from
a known IP address, it uses ARP to broadcast the IP address onto the
network, essentially asking Who has this IP address, please respond with
your MAC address?
Page 1019 of 1229
All computers will get the broadcast, but only the computer with that IP
address will respond with its MAC address and the computer that asked the
question will store the resolved IP-to-MAC address mapping in an area of
memory called the ARP cache for a short period of time, which brings us
to the arp command.
You can view the contents of the ARP cache with the arp -a command as
follows:
C:\>arp -a
Interface: 192.168.1.111 --- 0xa
Internet Address
Physical Address
192.168.1.1
68-7f-74-ae-8b-de
192.168.1.107
00-90-a9-82-4b-5f
. . .
Type
dynamic
dynamic
This Interface line shows the IP address of the network adapter. If a

computer has more than one interface, ARP will list the mappings for each
one. For clarity, the ouput is shortened but you can see that it lists the
Internet (IP) address, the physical address and the type of storage. If the
result is from an ARP query, it is listed as dynamic and stays in cache for
just a few minutes. If the mapping was added manually or by the OS, it will
be listed as static.
11.13.1.9 Net commands
The net command has multiple uses. The following are some of the
commands that you should know, but do take note that there are many
more and you can see the entire list with the net /? command. To get help
on a specific command, use the /? switch with the net command.
net use device_name \\computer_name\share_name
device_name: connect to a resource or configure device to disconnect.

There are two kinds of device names: disk drives (D: through Z:) and
printers (LPT1: through LPT3:). Type an asterisk (*) instead of a
specific device name to assign the next available device name.
\\computer_name\share_name: Specifies the name of the server and

the shared resource.
net use device_name /delete use this to delete a connection.
Not only can you map a drive to shared folder on a remote computer from
within Windows Explorer, but also from the command prompt by using the
net use command. The basic syntax is as follows:
net use drive_letter UNC_Path
Page 1020 of 1229
For example, imagine that your network includes a server called FileSRV1
and that this server is sharing a folder named Data. The UNC path is
\\filesrv1\data.
One way you could connect to this share from a Windows 7 is by entering
\\filesrv1\data in the Search box. However, you can also map the share to
a drive so that it is accessible in Windows Explorer. You could do so with
the following command:
net use v: \\filesrv1\data
This command maps the V: drive letter to the share and the mapped drive
can be viewed in Windows Explorer. When a share is mapped this way,
users can access the data just as if it were a folder on their system. If you
want to delete the mapping, you can use the following command:
net use v: /delete
This does not delete the share on the server. It deletes only the mapping
so that it is no longer visible in Windows Explorer. Table 11.11 lists some
other common net commands you might find useful.
Table 11.11 Common net commands
Command
net view
net print
net share
net start service
net stop service
Usage
Shows a list of computers and network devices on the
network. These are often listed in the Network area of
Windows Explorer.
Displays information about a specified print queue,
about all print queues hosted by a specified print
server, displays information about a specified print job,
or controls a specified print job.
Lists all resources shared on the local system.
Starts or stops the specified service.
11.13.2 Troubleshooting network problems

This section provides a short summary of actions you can take to resolve
some common on-the-job networking problems.
11.13.2.1 Remember the lights
Network adapters and the ports on switches and routers have LEDs that
provide a quick indication of connectivity and activity. The number and
meaning of the LEDs depends on the vendor, so it is best to read the
devices user manual to learn the function of the LED. To summarise,
possible indicators include:
No light indicates no connection, either because the cable is faulty or

because one of the devices (cable, switch or adapter) is faulty or off.
Activity light a flashing activity light indicates data activity.
Page 1021 of 1229
Different coloured light (duplex mode) some devices show one colour
(such as green) when running in full-duplex mode and another colour
(such as orange) when running in half-duplex mode.
Different coloured light (speed) some devices show one colour for one
speed and another colour for a different speed.
If you see different-coloured lights for any connection, verify that both
devices support the same faster duplex mode and speed. You should also
verify that autosense or autonegotiation is enabled. If this is not enabled or
not a feature of the device, you might need to manually configure the
faster duplex mode and speed.
11.13.2.2 Troubleshooting cable links
A typical cabled network involves running solid-core UTP cable from the
wall network outlets in work or office areas to a patch panel. A patch
panel, or distribution frame, is simply a box or a wall mounted unit with
a row of female UTP or STP (RJ-45) ports, or fibre ports, in the front and
permanent connections on the back, to which the cables coming from the
different work areas are terminated. Patch panels use punchdown blocks.
The wires from the cables are attached to the punchdown block using a
punchdown tool. Each punchdown block has a number of insulation
displacement connectors (IDCs), which are metal tabs into which the
wires from the cables are fixed and terminated. A patch cable is used to
connect a port on the patch panel to a port on a switch for network
connectivity.
In the work areas, a stranded-core patch cable is used to connect the
network adapter for each computer to the wall network port, or to a switch
(which itself is connected to a wall port).
Tip
It is best and much easier to test cable installations and

termination and correct errors just after making all the connections
and while the cable run is accessible than doing it after setting up
end user systems.
11.13.2.3 Cable installation tools

Although there are many tools for installing and maintaining data cables,
some typical tools include:
Cable cutter/snips use this to make a clean cut on the end of the
network cable.
Wire strippers use this to cleanly strip off the outer jacket of a cable.
Punch down a tool with blades that you can use to punch down or fix
individual wires from the cable into the IDC connectors of a punchdown
block.
Crimper use this to attach connectors to the ends of cables.
Page 1022 of 1229
11.13.2.4 Cable testing tools

The basic cable testing tools that you can use are as follows:
Multimeter use this to perform a continuity check by touching one

probe on one end of the cable and the other probe on the other end. If
the multimeter beeps, it indicates that there is a continuous connection
and the cable is good. If it does not beep, the cable has a break and
should be replaced.
Wiremap tester use this to check if an RJ-45 plug has been wired
correctly.
Tone generator and a tone locator (probe) use this to trace
cables by sending an electrical signal along a cable at a particular
frequency. The tone locator then makes a sound when it distinguishes
that frequency.
Loopback plug use this to test a port to see if data can be sent and
received properly.
11.13.2.5 Troubleshooting cables

In short, you can troubleshoot cabled links as follows:
Use ping to test the cable. If you can ping another known working
system, the problem is not the cable.
If you cannot ping anything, make sure the cable is properly connected
and is working. Swap the cable for a known good one. Also try plugging
the cable into a different network socket and switch port or wall jack.
By swapping suspect components with known good components, you
should be able to resolve the cable problem.
If several users have a problem, check the switch.
You can use cable testing tools, such as a multimeter, wire map tester,
and tone generator and probe to test cables and a loopback plug to test
the port to determine if the problem is with the cable or the port. If the
problem is with the cable, simply swap it out with a known good one.
If the problem is with structured cabling running within the walls and
through the ceiling ducts, then use cabling testing tools to find the
problem, especially if the problem is intermittent and comes and goes.
You might need to install a new permanent link or there might be a
problem with termination or interference.
11.13.2.6 Common network symptoms

In summary, the following list shows common symptoms and the likely
causes and actions to take:
No connectivity: indicates a network adapter or connection problem.

Check link lights, cables and connections.
Page 1023 of 1229
Run ipconfig /all and ping commands to see if TCP/IP works; use the
network troubleshooter by right-clicking the Network icon in the
notification area and select Troubleshoot Problems (in Vista it is
Diagnose and Repair); check for the latest drivers for the network
adapter; try rebooting the computer; find out from the user if any
programs were recently installed or updated: sometimes malware or
software updates can cause connectivity issues; power down the
network equipment (SOHO routers, cable modems and so on) and
disconnect the network and power cables and wait for a few seconds,
thereafter reboot the network equipment and see if it solves the
problem.
APIPA address: indicates that the DHCP client is getting an address

starting with 169.254 because it cannot reach a DHCP server. APIPA
addresses are always assigned internally, so the real problem could be
that the computer is not getting connectivity to the network. Check this.
Also, consider an ipconfig/release and /renew. Finally, if these do not
work, check the DHCP server to make sure it is functional.
Local connectivity: indicates the client can communicate with systems

on the same local subnet but not on any other subnet. Ensure that the
default gateway is configured correctly and that the router is
functioning.
Limited and intermittent connectivity: indicates that the client can

connect to some devices or networks but not to all of them. If the
problem is limited connectivity, attempt pinging the local host, router or
another system. If that fails, then the user only has local connectivity.
Run ipconfig/ all to check IP settings. If pinging the router did work, try
pinging a website by domain name. If that fails, then the DNS server
address is probably not configured properly. Check it with an
ipconfig/all and modify in the IP Properties dialog box if necessary. Run
an ipconfig/release and /renew if you suspect a problem getting an
address from a DHCP server. Intermittent connectivity could also be
caused by a faulty cable or the router needs to be reset.
IP conflict: If Windows detects an IP conflict between two hosts using

the same IP address, it assigns itself an IP address of 0.0.0.0, allowing
the first host that has the duplicated address to function. Additionally,
you will see error messages indicating a conflict. The solution is to
identify the conflicting devices and change one of the IP addresses.
Alternatively, consider using DHCP for the client computers.
Slow transfer speeds: upgrade dialup to faster DSL, cable or fibrebased services. Slow transfer speeds could also be caused by an
incompatibility between Ethernet settings on network adapters,
switches and router. It could also be caused by network devices, patch
cables and network adapters - the newer and faster the devices and
cables, the better the transfer speed.
Page 1024 of 1229
A busy, congested and malware-infected network can also slow down

the network. Check the router as well. See what types of traffic are
passing through it. Update everything, clear all cache and power cycle
all equipment.
11.13.2.7 Troubleshooting wireless connections
When troubleshooting wireless connectivity, verify that the switches or
buttons on laptops or other wireless devices are enabled for wireless
connectivity. If it is turned off, wireless connectivity will not work. Also
check that the wireless connection is configured correctly. This includes
checking the following:
SSID: Remember the SSID is case-sensitive.

Standard: Make sure the standards match or that compatibility mode is
enabled.
Security type such as WPA or WPA 2: For example, if the WAP is
using WPA2, all devices must use WPA2.
Passphrase or security key: This is also case-sensitive.
If users cannot find the wireless network, they need to connect using
Windows or the wireless adapters software, although there are third-party
Wireless locator programs, such as inSSIDer, that will identify all wireless
networks in the area and display the SSID, signal strength, distance and
channel used. If an SSID does not show up in Windows or in third-party
software, you should enter the SSID manually.
Some of the common symptoms of wireless connection problems and their
likely solutions are as follows:
No connectivity when initially setting up a device: check the

basics, such as the SSID, security type and passphrase. Check to see
whether other wireless devices are working, and if so, you know that
the AP is working and the problem lies with the device.
No connectivity for a device that was connected: if a wireless
device previously worked but is not working now, it could be a problem
with the AP or device. To verify that it is working, check to see whether
other wireless devices can connect to the AP. If the AP is working, you
can usually just reset the wireless connection by restarting the Windows
system.
Low RF signal: the further away the wireless client is from the AP or
wireless router, the weaker the signal will be. Many APs allow you to
adjust the RF power level. You can lower it so that it is harder for
unauthorised outsiders to connect but lowering it too much might cause
problems for users within the network. The solution is simple: turn the
power level back up on the AP. If that does not solve the problem,
reposition the AP. If the RF signal is low but you cannot reposition the
AP, a wireless repeater can help to extend the range of a wireless
network so that the same network can reach a further distance.
Page 1025 of 1229
Slow wireless transfer speeds: devices and APs connect using the
fastest speed they can achieve without errors. On one hand, a device
that is not working in compatibility mode will not be able to
communicate with older devices, but on the other hand, if an older
device joins a network that works in compatibility mode, it will drop the
speed of the whole network to the earlier standard it supports. Last, if
there is attenuation or interference from any source, devices and APs
will use slower speeds.
Intermittent connectivity: occasionally, problems can cause a device
to periodically disconnect from the AP. The device might also be too far
away from the AP and will need to be moved closer. The problem can
also be due to interference from other radio sources broadcasting on
the same frequency, so changing the channel might help, or
electromagenetic sources such as motors and microwave ovens, or
other sources that are blocking the signal. Repositioning the AP or
device might help. When repositioning the AP, it is best to place it high
up in the centre of the area it serves. Last, you might want to check the
radio power level on the AP and consider increasing it.
Latency issues although speed is important for time-sensitive traffic
such as VoIP, low network latency is even more important. The higher
the latency or the more delay there is in the time it takes for frames to
travel from the source to the destination and back to the source in
milliseconds (called the round-trip time), the more reliability problems
will there be, especially for wireless connections.
Note
If a connectivity problem cannot be solved by other means, try

updating the firmware or drivers of wireless devices.
Infrared connectivity: infrared requires line of sight, so make sure

nothing is blocking the signal. Also, make sure the photoreceptors are
clean.
Page 1026 of 1229
Unit 12 Printer Configuration and

Troubleshooting
Install a printer on a Windows system.

Troubleshoot basic print problems.

(G185eng) Module 4, Unit 4 (p.299 - 312)
Study
Notes

o Troubleshooting Printers (p.312)
Study
Notes
Skills
12.1 Windows printing

To Windows, a printer is a program that controls one or more physical
printers. Although the physical printer is called a print device, many
technicians continue to use the term printer for most purposes. Print
drivers and the spooler in Windows are built into the software printer. This
arrangement gives Windows flexibility. For example, one printer can
support multiple print devices, enabling a system to act as a print server.
Windows applications that support printing are typically What You See Is
What You Get (WYSIWYG), which means that the printout is supposed to
match what you see onscreen. To achieve this, several components are
needed:
Print driver software specifically written for a particular print device

that enables the print devices specific features and allows applications
to communicate with the printer.
Printer language(s) the translator that determines how accurate the
output will be.
Printer technology determines the quality, speed and cost of the
output.
Page 1027 of 1229
12.1.1 Print process

The basic process of printing from a Windows XP computer to a print device
is as follows:
When a user requests a printout from a Windows application, the
application is responsible for generating its own output, such as
formatting the pages properly and adding page numbers. The
user working in the application clicks print, selects one of the
printers installed on the computer and configures applicationspecific settings such as what pages to print.
The application calls the Graphics Device Interface
(GDI.exe). GDI is an API that draws and formats the page and
then sends the almost-ready-to-print page to the printer as a
bitmap image. Because Windows, rather than the printer, does
most of the work of building the page, a GDI printer needs less
firmware and memory, but Windows performance can suffer
when printing a lot of complicated pages. Most low-end printers
are GDI printers. GDI makes a call to the locally-installed print
driver associated with the printer selected, enabling the user to
configure printer-related settings, such as which paper tray to
use.
GDI and the printer driver translate the applications print
commands into a Print Command Language (PCL) the printer can
understand, creating what is known as a print job.
The print job is stored as a file in the printers spooler folder
(%SystemRoot%\System32\Spool\Printers\), and operated by the
spooler service (%SystemRoot%\System32\spoolsv.exe). Spool files
are those the OS uses to communicate to the printer to give it instructions
on how to print the document. There are two types of spool file formats
(EMF and RAW) and the difference between them is in how the printer
processes them:
EMF (Enhanced Metafile) with EMF, the printed document is

converted into a small, efficient, metafile that also contains instructions
for the printout, including the colour, font, characters and spacing. The
EMF file is written to the disk much more quickly, freeing up resources
and helping the application on the computer return control over to the
user much faster. EMF is not printer-specific and must be supported by
the printer.
RAW this file differs depending on the printer. The entire process of
preparing the print job is done on the computer. Formatting is done at
the spooling stage and the printer just sees the print instructions as
plain text and prints the job. RAW causes fewer technical problems than
EMF, making it a useful troubleshooting tool, but it has lower print
quality and, depending on the situation, takes longer to print.
Page 1028 of 1229
The print processor converts the spooled file into a format that
can be sent to the print device.
The print monitor sends the print job to the print device and
provides status information.
Most print devices have RAM and processors, enabling print jobs
to be sent more quickly and reliably. In this final printing phase,
the print device receives the print job from the print spooler and
prints the job. The printer can report any problems by sending a
status message back to the print monitor to inform the user.
The exact process that takes place depends on the type of printer the print
job is being sent to. A print router or redirector service on the local
computer sends print jobs down separate paths depending on whether the
printer is a network or local printer. No matter whether it is a local or
network printer, drivers for the print device must be installed on the local
computer.
12.1.2 Print command languages

For your printer to work properly, you need to install the right driver for the
device. In addition, you need to make sure that your computer is
communicating with the device in the language that it understands. Each
printer has its own printer command language, which is a page
description language (PDL), that both the OS and printer use for
communicating and for building a page (its layout and contents) before it
prints. The PDL handles both characters and images and has commands
that treat the entire document as a single image. Software must use the
proper language when communicating with a printer so that the print
device can print the output onto paper (typically as dots). Some of the
more common printer languages are as follows:
American Standard Code for Information Interchange (ASCII)

has various control codes for transferring data, some of which can be
used to control printers.
PostScript an independent language developed by Adobe Systems
that defines the page as a single raster image, making PostScript files
portable across many platforms. PostScript is capable of high-resolution
graphics and scalable fonts.
Printer Command Language (PCL) a printer language developed
by Hewlett-Packard (HP) that competes with PostScript. The latest
version supports scalable fonts and additional line drawing commands.
PCL uses a series of commands to define the characters on the page.
Those commands must be supported by each individual printer model,
making PCL files less portable than PostScript files.
Page 1029 of 1229
Graphics Device Interface (GDI) a part of Windows that handles

representing and sending graphical objects to output devices such as
printers and monitors. The GDI uses the computers CPU and RAM
rather than the printer to process a print job and then sends the
completed job to the printer. This affects performance when printing a
lot of complicated pages.
XML Paper Specification (XPS) is an upgrade subsystem to GDI that
is used on Windows Vista/7 and it supports enhanced colour
management and page layout options. XPS formats and stores the print
job as an XPS file and will print directly to an XPS-compatible print
device or will use the GDI path for older applications and print drivers.
XPS not only affects printing, but also document viewing.
Figure 12.1 show the print architecture in Windows Vista/7. Display and
print functions are handled by the Windows Presentation Foundation
(WPF).
Figure 12.1 Windows print path architecture

Note
Generally, PostScript and PCL are used with high-end printers and
GDI and XPS with low-end printers.
You can also spool a job as plain text using the print devices default font,
margins, orientation options and so on.
12.1.3 Fonts
A computer font is a file containing a set of printable and displayable
letters, numbers, symbols and other characters of a certain design
(typeface). Popular typefaces include Times Roman and Courier. The
typeface represents one aspect of a font. A font also includes qualities such
as size (in points [pt]), spacing, pitch (number of characters that fit in a
horizontal inch), styles (bold and italic) and so on. For example, Times
Roman is a typeface that defines the shape of each character. Within Times
Roman, however, there are many fonts to choose from, different sizes,
styles and so on.
Page 1030 of 1229
12.1.3.1 Bitmap and vector graphics

Windows supports the following categories of fonts:
Raster (bitmap) font: An older font technology that Windows includes

for backward compatibility. In a raster font, each character consists of a
bitmap image (arrangement of dots) that is displayed on screen or
printed on paper.
Outline (vector) font: All characters are simply a series of lines
between two points. Windows renders outline fonts by using line and
curve commands, which means that it can make them bigger or smaller
to any size without distorting them, and can rotate them. For this
reason, vector fonts are called scalable fonts as they can be scaled to
any size. Windows supports different types of outline fonts, such a
TrueType fonts, OpenType fonts (an extension of TrueType) and Type 1
fonts (which are created by Adobe Systems for use with PostScript
printers and devices).
Figure 12.2 Bitmap and TrueType fonts
12.1.4 Colour printing

A colour model is a system for creating a full range of colours from a
small set of primary colours. This model is used to provide an accurate
translation between the colour on-screen and the print output. Figure 12.3
shows two different colour models.
Figure 12.3 RGB and CMYK colour models
Page 1031 of 1229
12.2 Installing local printers

12.2.1 Required permissions
On Windows, regular users can install the printer without any special
permissions, provided that the print driver is available. If the print driver is
not available, the user will need administrative permissions to install the
driver. Also, administrative permissions are needed to install applications,
so regular users will not be able to install applications that come with the
printer unless they are given the permission to do so.
12.2.2 Print drivers

When manufacturers make printers, they also write print drivers for
different operating systems. Print drivers enable the OS to communicate
with a printer and are used to control and configure printers and the print
features of multi-function devices. When you install a printer, you must
install a driver that is compatible with the OS.
Device drivers for printers can be installed in the following ways:
Use the Add Printer option in the Devices and Printers folder in
Control Panel on a Windows 7 computer. You can install and configure
printers in the Printers and Faxes folder in Windows XP and in the
Printers folder in Windows Vista.
Install from a manufacturer-disc (supplied with a newly-purchased
printer).
Install from a manufacturer-downloadable file.
Generally, drivers provided by the manufacturer offer more configuration

options and programs for cleaning and maintenance than those available in
the Windows OS. Check for updated drivers, which might fix problems and
add features. Also, if you upgrade to a new OS version, you will need new
drivers.
Some driver installations use printer emulation. Printer emulation means
using a substitute driver for a printer rather than using a driver that is
written exclusively for that printer. You will encounter printer emulation in
two scenarios:
Scenario 1: Some new printers do not come with their own drivers.
They instead use a well-known printer driver and run on that driver.
Scenario 2: When you do not have the correct driver, you can keep
well-known drivers at hand which you know will work and allow you to
print to almost any printer. You may need to set the printer into an
emulation mode to handle a driver other than the one specifically
written for it.
Page 1032 of 1229
12.2.2.1 Installing a local print device

Installing a printer on Windows should be easy. Just make sure you have
the correct driver or file in case Windows does not have the driver for the
printer. This section will show you some ways of installing a print driver.
12.2.2.2 Installing a USB printer
This exercise shows you the steps necessary to connect a local printer to a
computer and verify that it works.
Note

1.
2.
3.
4.
5.
6.
Turn the computer on and log on as the local administrator.

Unpack the printer.
Place the printer near the computer.
Make sure all packing equipment has been removed from the printer.
Find the printers USB and power cable.
Find the installation kit, which should include a driver disc, installation
manual and any other equipment that came with the printer.
7. Read the installation manual completely before proceeding.
Note
The connectors at each end of the USB cable will be different. Also,
you might need to install the drivers and other software before
connecting the printer to the computer.
8. Following the instructions that came with the printer, open the printer
and find the print head(s).
9. Find the print cartridge(s) that came with the printer.
10. Install the cartridge(s) in the printer.
Note
11.
12.
13.
There is no standard way of installing print cartridges. Read the

instructions to find out how to do this.
Close the printer.

Attach the power cable to the printer and plug the other end into the
wall outlet or surge protector.
Turn the printer on.
Note
The printer should go through a self-check routine and align the

print heads at this point or it may do this after installation. There
can be a special alignment process, depending on the make and
model of the printer. Check the printers documentation for details.
14. Attach one end of the USB cable to the printers USB port and the
other end to the computers USB port.
Windows automatically finds a PnP printer by default (assuming the printer
is turned on and connected to the computer).
Page 1033 of 1229
15. The Found New Hardware Wizard should start up. Windows should
locate the driver files and install the printer. If it does not, complete
Open Device Manager and expand Other Devices.

Right-click the print device and select Update Driver Software.
Click Browse my computer for driver software.
Click Browse and find the folder that has the print driver.
Note
You can also use the printers setup software to install the driver.
Otherwise you can install the driver on a Windows 7 computer as follows:

1. Click Start and choose Devices and Printers.
Note
You can also click the Start menu, choose Control Panel and
then Devices and Printers or type Devices and Printers in the
Search box and choose Devices and Printers before pressing
<Enter>.
2. In the upper-left corner of the Devices and Printers screen, click Add
a printer.
Note
You can also right-click in a blank area of the Devices and

Printers window and choose Add a printer.
Here you can choose the port for a local printer or add a network, wireless
or Bluetooth printer.
3. Choose Add a local printer and then click Next.
4. On the Choose a Printer Port screen, use the drop-down box to choose
the appropriate port, such as USB001 if the local printer will connect to
the computer using a USB cable. If you are using an older standard
printer cable, choose LPT1: (Printer Port).
5. Click Next.
Choose the manufacturer and model of the printer. If you have an
installation disc provided by the manufacturer, click Have Disk and
browse the installation disc for the driver.
Page 1034 of 1229
Figure 12.4 Choosing the manufacturer and model during the

printer installation process
Note
Remember you can use Windows Update button to download a

driver from the Internet.
6. On the Install the printer driver screen, in the Manufacturer window,

scroll down and select the manufacturer of the printer (e.g. HP, Canon,
etc.).
7. On the Printers screen, scroll down and select the specific model of
printer you have.
Note
In most cases, your computer manufacturer and model will be

included in these lists.
8. Click Next.
9. On the Type a printer name screen, give the printer a name. Use a
name that clearly identifies the printer.
10. Click Next.
11. On the Printer Sharing screen, choose the Do not share this printer
radio button.
12. Click Next.
13. On the successful screen, if you want this printer to be the default
printer, select the Set as the default printer check box, click the
Print a test page button and then the Finished button. The printer
will be installed into the Devices and Printers folder and will be
available to all Windows applications. Figure 12.5 shows a printer set
as the default printer, shown by the green tick. Figure 12.5 also shows
the printers right-click menu.
Page 1035 of 1229
Figure 12.5 Default printers shortcut menu

Note
A computer can have many printers installed. Of these, one printer

is set to be the default printer which is the one Windows prints to
unless another one is chosen in the application.
Test the printer:

14. When the Print a Test Page window appears, click Yes.
Note
After you click Print Test Page, a message box will appear asking if
the test page printed properly. The page should print after a few
seconds.
15. When the test page prints, take a look at it. If you do not have a
physical printer, you will not be able to print a test page on paper. You
can however print a test page to a file and open the file using a text
editor. A typical Windows test page looks like the one shown in Figure
12.6. The test page displays the time the job was sent to the printer,
computer and various printer information including the printers name,
model and the drivers name, file and version.
Figure 12.6 Windows test print page
Page 1036 of 1229
On a colour printer, the Windows logo will be shown in red, green, blue and
yellow. This logo features shading. If you see streaks, lines or other print
quality problems in either the logo or text printing, or if the printer does
not print, you need to troubleshoot the printer to solve the problem. It
could be a problem with the printer, the driver, computer or connection
between the printer and computer. With many laser printers, you can print
a self-test page by pressing a button or a combination of buttons on the
printer itself. The self-test page lists the firmware revision used by the
printer, the number of pages printed and the amount of installed memory.
16. Click Close to close the wizard.
17. Once the wizard closes, open the application the user will normally
print from, such as a word processing application.
18. Open each application, create a small document with text inserted and
then print it.
19. When you have successfully printed from each application, close it.
20. When the test is completed, close all open applications.
Make sure that the user has plenty of paper and extra print cartridges. You
will have successfully completed installing a printer when you have printed
a test page from the Add Printer wizard and from each application.
12.2.2.3 Installing print drivers using the Add Printer wizard
You can use the Add Printer wizard if Windows has a suitable driver and if
you do not want to use the enhanced features that come with the
manufacturer-driver. Although the steps are similar to the previous
exercise, the situation is different. Besides, there is more than one way to
install print drivers. To install using the Add Printer wizard, follow these
steps:
1. Click Start, type Devices and Printers in the Search box, then
choose the Devices and Printers option from the program list and
press <Enter>.
2. Right-click the target printer.
3. Click Printer properties.
4. Click on the Advanced tab.
5. Click on the New Driver button.
6. Click Next to launch the Add Printer Driver wizard.
7. On the Printer Driver Selection screen, in the Manufacturer window,
scroll down and choose the manufacturer of the printer.
8. In the Printers window, scroll down and choose the specific model of
the printer.
9. Click the Have Disk button.
10. Insert the driver disc into the optical drive.
11. In the Install from Disk dialog box, use the drop-down box to select
the drive letter of the optical drive.
Note
Instead of using the drop-down box to choose a drive letter, you

can click the Browse button and use the Locate File dialog box to
browse to the correct drive.
Page 1037 of 1229
12. Click OK.

13. Click Next.
14. When the Completing the Add Printer Driver wizard screen appears,
click Finish.
15. Click OK to close the Printer Properties dialog box. The drivers
should install at this point of the process.
Test the driver installation:
16. On the Devices and Printers screen, right-click the printer and
choose Printer properties.
17. On the General tab, click Print Test Page. After you click Print Test
Page, a message box will appear asking if the test page printed
properly. The page should print after a few seconds.
Figure 12.7 Test page message box

18.
19.
20.
21.
22.
When the test page prints, click Close.

Click OK to close the Printer Properties dialog box.
Open the applications the user will use to print.
Create a test document in each one and print it.
When finished, close all applications.
Note
With some printers, you will need to use their installation software
to do the setup rather than using the Add Printer Wizard. Read the
instructions that come with your printer because the necessary
steps for your printer might be different from the steps in this
exercise.
12.2.2.4 Installing a driver to print to a file

An existing printer that is by default configured to print to paper can also
be configured to print to a file by choosing the Print to file option from the
applications Print dialog box. In Windows, the default file extension when
you print to file is .prn. You can print to a file when you do not have a print
device and want to print your document later, when you want to send your
document to a printing company and when you want to send your
document to someone who has the same printer, but does not have the
program you used to create the document.
Page 1038 of 1229
However, printing to a file is primarily designed for parallel port (LPT1)

printers and it might or might not work on newer USB printers. Also, the
computer that will print from the file must have the same driver installed as
the computer where the files were created.
To install a driver and configure it to output to a file, complete the following
steps:
1.
2.
3.
4.
From the Start menu, open Devices and Printers.

Click Add a printer.
Choose Add a local printer.
From the Use an existing port drop-down list, choose FILE: (Print to
File) and then click Next.
Figure 12.8 Print to file

5. Choose a printer such as HP DeskJet 9800 and click Next.
6. Set a name or leave as is and click Next. The driver files will be
installed.
7. Choose Do not share this printer and then click Next.
8. Click Finish.
When you print using the printer from an application, the output will be to a
file. You will be asked for an output file name. You must specify the full
path where you want to save the file and include the name of the file in
that path. For example: C:\Users\Sibulele\Documents\Test. See
Figure 12.9.
Page 1039 of 1229
Figure 12.9 Naming the print output file
12.3 Configuring printers

You can configure printers in different ways.
Menu-driven display screen on the printer (common on laser printers)
Printers web interface (if it is a network printer), accessed from your
web browser.
Within Windows, through the printers properties and preferences
pages.
If the printer will be used in the same way for most of the time, it is useful
to configure the device with the most commonly used parameters. The
parameters for the printer are configured through the printers properties
page, which can be opened in the following ways:
Right-click the printer in Devices and Printers in Control Panel and

choose Printer Properties to set default parameters that will be used
for all print jobs.
Open the Print dialog box in an application and click the Properties
button to change parameters for the current print job.
If the printer uses a Windows-driver, the properties sheet will have some or
all of the following tabs:
General has the Print Test Page button and the Printing
Preferences button, which opens the Printer Preferences menu.
Sharing enables or disables printer sharing over the network.
Remember to Turn on file and printer sharing.
Note
The Sharing tab also has an Additional Drivers button. When set,
this allows remote users to connect to the printer with other
versions of Windows. If this feature is not configured, users
running other versions of Windows must download and install the
appropriate driver for their version of Windows before they can
connect to the printer.
Page 1040 of 1229
Ports lists printer ports and paths to network printers including IP

addresses. You can configure ports from here.
Advanced schedule the availability of the printer, choose spooling
methods, printer priority, print defaults (such as quality, paper type,
orientation, and so on), printer driver, print processor and separator
page.
Security enables you to choose which users can print and manage
print jobs and documents through permissions.
Device Settings choose the default paper tray, font substitutions,
page protection, font cartridges and printer memory.
Color management choose the default colour profile.
About/Version Information lists the driver version and/or driver
files the printer uses.
As you can see in Figure 12.10, these options can appear in various
menus, depending on the printer and OS in use.
Page 1041 of 1229
Figure 12.10 Properties pages for a typical laser printer

Go through the various print options on each tab and familiarise yourself
with your printer. The changes you make on these tabs are automatically
saved as the default when you click OK or Apply and close the dialog box.
Note
Some laser printers show the amount of memory installed to the

OS. This information is shown in the Properties page. However, not
all laser printers do this. To find the installed memory size, use the
printers own print test option.
The Printer Preferences button on the General tab opens the

preferences menu for the printer. The preferences menu differs from
printer to printer, but typically includes options such as:
Inkjet printers paper type, paper size, paper layout, print mode,
utilities (head cleaning, alignment, ink levels) and watermarking.
Laser printers layout, page order, resolution, font substitutions,
printer features, pages per sheet and watermarking.
Page 1042 of 1229
Figure 12.11 Preferences pages for a typical ink jet printer

Go through the various preference options to familiarise yourself with your
printer. To save changes, click Apply and then click OK. Some printers
offer the option to save your changes under different names.
12.3.1 Print Management console

You can use Print Management console to manage multiple shared printers.
It is not common to manage multiple printers on a desktop computer, so
you are unlikely to use Print Management on these computers. However, it
is useful on print servers. Using this console, you manage all printers on
your network and update and distribute the drivers for printers. When a
computer connects to the print server, it automatically receives the
updated driver. You can access the Print Management console on Windows
by clicking Start, typing Print Management in the Search box and
pressing <Enter>. Alternatively, you can access it through the Control
Panel by clicking System And Security, Administrative Tools and
double-clicking Print Management.
Figure 12.12 Print Management console showing drivers for

installed printers
Page 1043 of 1229
12.3.2 Managing printers using a web browser

Another way of configuring network-compatible printers is to connect to
them using a web browser. If you know the IP address of the printer, you
can type it into a browsers address bar and press <Enter> to open the
printers web interface. If you do not know the IP address, print a test
page. The address is usually listed on the printout; otherwise read the
manual. Figure 12.13 shows the web interface for a specific printer.
Figure 12.13 Printer web administration page

The printer in Figure 12.13 has a problem and needs attention. It has a
Tools tab where you will find tools that you can use to troubleshoot and
resolve the problem. It also includes parameters for configuring the printer.
12.3.3 Managing print jobs in the print queue

When you click the Print button in an application, the document does not
go to the printer right away by default; instead it goes to a holding area
called a print spooler. The print spooler is a service that formats print jobs
in the language that has instructions that instruct the printer exactly what
to do so that the document that is printed looks like the document you
created and sent to the printer.
Each document you print becomes a print job that has to wait its turn in
line if other documents are already printing or waiting to be printed. This
line is called the print queue. Most of this activity takes place in the
background. So the printer will by default handle all print jobs in the print
queue one after the other.
To manage print jobs, you use the print queue by either double-clicking the
printer in the Devices and Printers window and choosing See whats
printing or right-clicking on the printer and choosing See whats printing
from the shortcut menu.
Page 1044 of 1229
Figure 12.14 shows you a print job called Test Page listed in the print
queue. The job went to the printer properly; you can tell because it says
Printing under the Status column. Any other message would mean that the
job was either spooled, queued, stopped or has failed. These jobs can be
paused, restarted or cancelled if they are not printing properly.
You can do all of this by right-clicking the job or by making a selection from
the Document menu, all from the See whats printing window. Keep in
mind that larger documents take longer to spool before they start printing.
In addition, all documents can be paused or cancelled or the entire printer
can be taken offline from the Printer menu. Use these options to
troubleshoot problems with print jobs, such as when a job will not print and
needs to be restarted.
Figure 12.14 Print queue

If a document is already printing or waiting to be printed, you will see a
printer icon in the notification area of the desktop. When the printer icon
goes away, it means the print queue is empty because all your jobs have
gone to the printer for printing.
Figure 12.15 Document was sent to the printer message

Once the printer receives some or the entire print job, its hardware takes
over and processes the image and prints the output.
12.3.4 Working with the print spooler

The print spooler, like many other system services, starts up automatically
when the computer starts. Not only can you have problems in which print
jobs or printers stop working but the Print Spooler service can fail. If this
happens, you will need to start the print spooler service or restart it when it
occasionally locks up and stops sending print jobs to the printer.
Page 1045 of 1229
You can start and restart the service and do other actions by completing
1. From the Start menu, right-click on Computer and choose Manage to
open the Computer Management console.
2. Click Services and Application in the left pane to expand the list.
3. Click Services in the left pane. A list of all system services running on
the computer will be shown in the middle pane.
Note
You can also open the Services console by typing services in the
Start menus Search box and choosing Services from the
program list that appears and by running services.msc in the Run
dialog box.
4. Scroll down to Print Spooler and make sure the status column for this
service is listed as Started and the Startup Type column is set as
Automatic.
5. To start or restart the service, right-click on it and choose Start or
Restart from the shortcut menu.
6. To make changes to the Print Spooler service, double-click the service
name to open its Properties page. From here you can set the Startup
type to Automatic or Manual and start, stop, pause and resume the
service. Once you have made the change, click Apply to apply the
changes and then click OK to close the Properties page.
Figure 12.16 shows the Print Spooler service, its Properties page (left) and
shortcut menu (right).
Figure 12.16 Print Spooler service

7. Close the console when finished.
Note
Some inkjet printers use their own print spooler or other print
service. If not configured to start automatically, you must make
this change. Check the printers documentation to find the name of
the service.
Page 1046 of 1229
You can also adjust the Print Spooler service in the command prompt.
Note
In Windows, you need to run these commands as an administrator.
The two ways to do this are as follows:

1. Click Start > All Programs > Accessories; then right-click Command
Prompt and choose Run as Administrator. Click Continue.
2. Click Start and type cmd in the Search box and instead of pressing
<Enter>, press <Ctrl> + <Shift> + <Enter>. Click Continue.
3. When the command prompt is open, you can start the Print Spooler
service by typing:
net start spooler
4. Press <Enter>. Typing net stop spooler stops the service.
All spooling options are set through the Advanced tab of the printers
Properties page. The possible options are shown in Figure 12.17.
Figure 12.17 Spooling options

Clicking Print directly to the printer turns off spooling and can be used for
troubleshooting issues with prints jobs in the print queue. By default you
can find the spool folder in C:\Windows\System32\Spool\Printers.
You can take a look at the spooled files in this folder, which are temporarily
stored on the hard drive, waiting to be printed. Spooled files (print jobs)
have a .spl extension and you might also find .shd (status information)
files in the directory too.
Page 1047 of 1229
If you cannot delete a print job or the print queue has stalled, stop the
Print Spooler service and delete the spooled file from this directory and
start the service again.
Note
If your computer or print server handles a large number of print

jobs or large print jobs, make sure this folder is on a hard drive
and has plenty of disk space.
Clicking on the Print Processor button on the Advanced tab enables you
to choose the spool file format (EMF or RAW).
12.3.5 XML Paper Specification (XPS)

XPS is a type of electronic document format that provides improved colour
and graphics support and is comparable to a non-editing Portable
Document Format (PDF) file format. XPS is shown as the Microsoft XPS
Document Writer in Start > Control Panel > Devices and Printers. A
document created within any application in Windows can be saved as an
.xps file and later viewed on any computer that supports XPS. If you
choose XPS Document Writer as the printer in your application, the
applications print function will create the XPS document file that can be
sent to other people and printed from any computer that supports XPS.
12.3.6 Choosing a separator page

A separator page is an extra page that prints before a print job that helps
identify that print job. You can add a separator page by clicking the
Separator Page button on the Advanced tab of the printers
Properties page as shown in Figure 12.18. From here, click the Browse
button, which leads you to the C:\Windows\System32 folder by default.
Initially, four separator pages are listed at the bottom of this folder; the
most common ones are the pcl.sep and pscript.sep files. However, some
companies use custom separator pages. Click one of the separator page
files and then click Open. Click OK. The separator page will be added to
the print jobs to be printed.
Page 1048 of 1229
Figure 12.18 Creating a separator page
12.3.7 Printer priority

You can set the priority of the printer from the Advanced tab of a printers
Properties page, as shown on the left in Figure 12.18. The priority of a
printer can be configured from 1 to 99; 99 being the highest. Setting a
priority can be useful when giving management personnel a higher priority
(99) than company staff (60) so that their print jobs are printed first. It can
also be useful when there are two or more print devices that work together
as one to create a printer pool. Each printer in the pool can be given a
different priority.
12.3.8 Printer pooling

Printer pooling uses multiple identical print devices that work together as
single software printer to complete print jobs as quickly as possible. The
print devices share the print load and the first available print device that
receives the print job will print it. All printer devices must be the same
model and type. Printer pooling can be configured from the Ports tab or
the printers Properties page. Normally a printer will be shown next to the
port (and IP address) it connects to. To add a second installed printer to
the pool, click Enable printer pooling and then choose the other printer
listed.
Page 1049 of 1229
Figure 12.19 Printer pooling

Note
Remote printers can be connected to and controlled from the Ports

tab. You can do this by adding a port and then enter the IP
address of the printer to be controlled or the name of the
computer that the remote printer connects to.
12.3.9 Calibration
What you see on screen might not match what the printer prints out.
Calibration matches the printed output of the printer to what you see on
screen. It involves aligning the printing mechanism to the paper and
checking colour output. You might need to calibrate colour laser, inkjet and
multifunction printers before using them. Most printers calibrate
automatically, although if the output is not what you expected it to be, you
can usually use the printers driver to perform a calibration (go to Printing
Preferences in Windows). In some cases, you can run calibration tests by
choosing an option on the printers onscreen menu.
Note
You can also calibrate your monitor when the colours displayed on
its screen are not accurate. By calibrating your monitor, you can
adjust the setting to match the output of your printer.
12.3.10 Printer sharing and managing print permissions

There are different ways of sharing a printer on a network:
Use the OS to share a printer (local or network).

Use a stand-alone hardware print server.
Configure a network server as a print server.
Page 1050 of 1229
Use a network attached storage (NAS) device that supports print

sharing.
In addition to sharing a printer by placing it on the network, you can also

share local printers attached to your networked computer. You must share
a printer on a networked computer so that other network users can send
print jobs to it through your computer.
First, printer sharing in general must be enabled. To enable Printer Sharing
in Windows, do the following:
1. Click Start > Control Panel > Network and Internet > Network
and Sharing Center.
2. Click the Change advanced sharing settings link on the left.
3. Click the down arrow for your network type (usually Home or Work).
4. Choose Turn on File and Printer Sharing. You only need to enable
this once in general. This setting will apply to all printers you want to
share. But keep this setting in mind in case you cannot share a printer.
Next, the individual printer needs to be shared. This can be done on the
Sharing tab of the printers Properties page:
5. Click Start and select Devices and Printers.
6. Find the printer in the Printers and Faxes section. Right-click the
printer and choose Printer Properties.
7. Click the Sharing tab.
8. Select the Share this Printer check box, as shown in Figure 12.20.
Figure 12.20 Sharing a printer
Page 1051 of 1229
9. If desired, assign the printer a share name. Note that the share name
does not need to be the same as the printer name. This name will be
displayed to network users and can be used to connect to the printer
from across the network. If clients other than Windows require access,
click Additional Drivers to install drivers for the operating systems
you need to support.
Note
It is best to select Render Print Jobs On Client Computers, as

shown in Figure 12.20. The computer that is sending the print job
will use its processing power to format the print job.
10. Click Apply and then OK. The printer should show up as shared with a
shared icon within the Devices and Printers window, as shown in
Figure 12.21.
Figure 12.21 Shared printer

At this point, users can use the UNC format from their computers to
connect to and install the printer. The format is:
\\computer_name\share_name
OR
\\IP_address\share_name
For example, if your computer is named Win-computer and your shared
printer is named OfficePrinter, remote users can connect to your printer by
typing \\Win-computer\OfficePrinter in the run dialog box on their
computers.
Page 1052 of 1229
Permissions can be set for a printer on the Security tab of the printers
Properties page. Refer to Figure 12.10, which shows the Security tab on
the left. Here you can add users and groups and assign the appropriate
permission including:
Print users can use the printer to print jobs.

Manage Printers users can print documents, change printer settings,
change sharing status, pause and restart the printer, change spooler
settings and so on.
Manage documents users can control the print queue.
Deny overrides all the other permissions.
Regular users normally are assigned the Print permission, whereas

administrators get all permissions (Manage Printers).
12.3.11 Installing a network printer

There is no single procedure for installing a network printer, so for this
exercise a list of generic steps will be given. Most of the installation is done
using the printers configuration buttons and display screen. If you have a
network printer, make sure its manual and any installation discs are handy.
Note

1. Turn on the print device.

2. Find the Ethernet network cable.
3. Connect one end of the cable to the printers network card and the
other end to an Ethernet port on the network switch or a network wall
jack.
4. Once the power-on and self-test are finished on the printer, locate the
control buttons.
5. Find the printers display window.
6. Click Menu.
7. Click Configure Device Menu.
8. When the menu appears, use the down-arrow to navigate to Configure
Device and select it.
9. When the Configure Device menu appears, use the down-arrow to
navigate to Manual and select it.
10. When the hostname appears, use the letter and number buttons on
the printer to input the printers hostname or computer name (or if it
is available, you can enter the static IP address).
11. Click Next.
12. When either the Secure Web or Web Options menu item appears, use
the down arrow to navigate to HTTP and select it.
13. Click Next.
14. When the IP Address field appears, use the number keys to input the
printers IP address.
15. Click Next.
Page 1053 of 1229
16. When the Subnet Mask field appears, use the number keys to input the
subnet mask.
17. Click Next.
18. When the Default Gateway IP Address field appears, use the number
keys to input the gateways IP address.
19. Click Next.
20. When the Time-Out field appears, use the number keys to set the TCP
connection time-out in seconds.
21. Click Next.
22. Click Save.
23. Click Online.
24. Click Exit.
Confirming the configuration settings on a network printer:
25.
26.
27.
28.
Click
Click
Click
Click
Note
Menu.
Information Menu.
Network Cfg.
Print.
After you click Print, the network-configuration page will print with
all the network information you configured on the printer, including
its IP address.
When trying to install a network printer in Windows, the Add Printer wizard
scans for available printers on your local network. You can use the following
steps to add a networked printer on a Windows 7 computer:
1. Click Start and select Devices and Printers.
2. Click Add A Printer.
3. Click Add a Network, Wireless Or Bluetooth Printer.
Figure 12.22 Add a network, wireless or Bluetooth printer

4. Windows will search the network looking for the printer. Quite often the
printer you are looking for will appear in the search list.
Page 1054 of 1229
Figure 12.23 Searching for network printers

5. When you see the printer, select it and click Next.
6. Windows will attempt to automatically locate the driver. If it cannot
locate it, you will be asked to choose it by first choosing the
manufacturer and then the printer model. Otherwise you can use the
disc that came with the printer.
7. Choose the printer, click Next, print a test page and then click Finish.
If you click the option The printer that I want isnt listed as shown in
Figure 12.23, you will be taken to a page where you can choose how you
want to locate the printer, as shown in Figure 12.24. From this page you
can either ask Windows to browse for a printer or connect to the printer
using its UNC or web address, or add the printer using its IP address or
hostname (computer name).
Figure 12.24 connecting to a network printer
Page 1055 of 1229
12.3.12 Uninstalling printers

To uninstall a printer:
1. Safely remove the print device from the computers port and turn it off.
2. Click Start > Devices and Printers.
3. Choose the printer and select Remove device. Another installed printer
will automatically become the default printer.
Note
You can also right-click the printer and choose Remove device
from the shortcut menu.
4. If you installed printer software, you can uninstall it by clicking Start >
Control Panel > Uninstall a program.
5. Select the printer software and click Uninstall. Follow the prompts to
remove the software.
12.4 Troubleshooting printers and print devices

Before you start to work on a printer that is giving problems, you will need
some tools. You can use the standard computer technical tools in a toolkit,
as well as some printer-specific devices. Here are some that will come in
handy:
Various cleaning solutions, such as denatured alcohol.

An extension magnet for extracting loose screws from confined spaces
and cleaning up iron-based toner.
An optical disc or USB flash drive with test patterns for checking print
quality.
Screwdrivers.
If you understand how different printers work, you can often identify
printer problems and resolve them without too much difficulty. Still, it is
good to have a list of common symptoms, causes and solutions, similar to
the following:
Printer will not print: If you click Print but nothing happens, check
the obvious things first. Ensure that it is plugged in, turned on, properly
connected and is loaded with paper. Some printers have an
online/offline selection, and when it is offline, Windows treats it as
though it is turned off. It could be placed in an offline state by accident,
or because it is waiting for a user to print or because it received
corrupted print data. Setting it back to online allows everything to work
normally. If everything is plugged in and ready to go, check the
appropriate printer applet in Windows. Print a test page using the
printer control panel within Windows. If you do not see the printer, you
will need to reinstall it using the Add Printer Wizard.
Page 1056 of 1229
Cannot install printer: make sure the user account has the
permission to install the print driver, the driver is for the correct version
(32-bit/64-bit) and edition of Windows and the print spooler service is
started. In Windows XP, a user needs to be in the Power Users or
Administrators group to install a printer, and if not, they will be unable
to install a printer. Regular users can install printers on Windows 7.
Driver installations are normally done by an administrator on a network,
but security policies can be configured to allow normal users to install
signed drivers.
Access denied: By default, the Everyone group is assigned Allow Print

permission so that anyone can print. However, administrators can
change this. If you are seeing this error when accessing the printer over
a network, it indicates that the user might not have permission to use
the printer. Go to the host computer and check the Security tab of the
Printer Properties dialog box. Make sure your user account is allowed to
use the printer.
No connectivity local printer: The computer might give an error,

such as Not Available, indicating the printer cannot be contacted.
Ensure that the printer is turned on and is online and data cables are
connected. Sometimes reseating the cables by disconnecting and
reconnecting them will resolve the problem.
No connectivity network printer: If all users are having the same

problem, ensure that the printer is on, connected and configured
correctly. If only one user is having the problem, ensure that the user is
sending the print job to the correct printer and the driver is installed.
You might need to reinstall the printer for that users computer.
Note
A common problem with a network printer occurs if it is getting an

IP address from DHCP instead of having a static IP address. When
it is turned off and back on, it will receive a different IP address
and users will not be able to connect to it anymore.
Error codes or messages: Many printers give error codes or

messages. They can be numbers that are not easy to understand and
therefore you need to look them up in a printer manual, or they can be
messages, such as Out of paper. Many inkjet printers have a display
that shows the error, and if you touch it for information, it shows
graphics demonstrating how to resolve the problem. Use the manual or
the manufacturers website to find the meaning of the error.
Page 1057 of 1229
Figure 12.25 Error on printer control panel
Crashes on power-up: Both laser printers and computers require

more power during their initial power-up (the POST on a computer and
the warm-up on a laser printer) than once they are running. Some
manufacturers recommend a reverse powerup, that is, turn on the laser
printer first and allow it to finish its warm-up before turning on the
computer. This avoids having two devices drawing their peak loads at
the same time.
Garbled or misaligned characters on paper: This most likely points

to a corrupted or wrong print driver. If necessary, update the driver to
the latest version, which often fixes most software print problems. This
might also be due to a cable issue. Reseating the cable will ensure that
you do not have a loose connection. Check the printer type to verify
that you have not installed the wrong type of driver for that printer. If
the print job has many pages with few characters or garbage, clear the
print queue, cycle the power (leaving the printer off for 30 seconds to
clear its memory) and try printing again. If the problem continues,
update the driver and make sure you are using the correct printer
language and not asking the printer to do something it cannot do. Also
try changing the spool type from EMF to RAW or disable spooling.
Printing is slow: make sure the printer has enough hardware

resources such as memory to print high-resolution graphic jobs or jobs
containing multiple pages.
Problems printing from applications: If problems continuously occur

when printing from a specific application, see if the vendors
troubleshooting website contains a driver update that will fix the
problem. Also, print a test page. If the test page prints successfully, the
problem is with the applications print function. Try printing a different
file with the same application. If this works, the problem is with the file.
Print options set in a software application such as Word override those
set by default in Windows or through the devices control panel.
Page 1058 of 1229
Backed-up print queue: If the printer or the print spooler service has
been paused, print jobs will stay in the queue and will not be printed.
Restart the print spooler service, which might be locked up. Print
spoolers can easily overflow or become corrupt due to too many print
jobs, a lack of disk space or other factors. The print queue window
shows all of the pending print jobs and enables you to delete, start or
pause jobs. Usually just delete the affected print job(s) and try again. If
you have problems with the print spooler, you can get around them by
changing your print spool settings in the Properties of the printer. You
can choose the Print directly to the printer radio button to try
sending the print job directly to the printer. If that does not work, try
restarting the print spooler service. Another possible cause for a stalled
print job is that the printer is simply waiting for the correct paper. You
can also cycle the printer to fix installed jobs.
Strange sizes or characters: A print job that comes out a strange

size usually points to a user mistake in setting up the print job. Check
the Page Setup page in the application. If you know the page is set up
correctly, recheck the print drivers. If necessary, uninstall and reinstall
the printer drivers. If the problem continues, you might have a serious
problem with the printers print engine, but that comes up as a likely
answer only when you continually get the same strangely sized
printouts using a variety of applications. If the characters in a document
are different from what you expect or strange characters appear on the
printout, check that the font chosen within the application is available
on the computer/printer.
You can install fonts on a computer by opening the Fonts applet in Control
Panel, as shown on the left in Figure 12.26. Opening a font icon shows a
preview of the font at different sizes, as shown on the right in Figure 12.26.
If the font is not shown here, use the File menu to locate and install it.
Font files are found in the C:\Windows\Fonts directory, but some fonts
may be installed in another directory.
Page 1059 of 1229
Figure 12.26 Fonts applet and font preview
Paper jam: The first solution is to clear the jam by using the
manufacturers jam removal procedure while also making sure the
paper path is free of dirt. To avoid damaging components, do not use
force. Repeating paper jams can be due to using unsuitable or incorrect
paper or paper that is incorrectly loaded in the tray. In addition, it could
also mean a faulty static eliminator strip on a laser printer that has
failed to remove the charge from the paper, causing the paper to stick
to the drum or curl before it enters the fuser unit. It is also possible that
the pickup and separator rollers on a laser printer are worn and more
than one sheet of paper is being picked up. Some printers report a
paper jam when the rollers are unable to pick up the paper. Replacing
the rollers with a maintenance kit might resolve the problem.
Paper not feeding: Make sure the paper is loaded properly. Check the
rollers or tractor feed to ensure that they are working. In some cases,
rollers can become dirty and work inconsistently. Cleaning them
resolves the problem.
Creased paper: Printers often crease the paper as it is fed through the
paper path, but it should not be noticeable unless a heavier paper is
used. A solution is to send the paper through the feeder rather than
through the paper tray or use a different paper type.
Blank pages: If you see this on a laser printer, it could indicate that
the toner is empty or the toner cartridge has been installed without
removing the sealing tape. If the printer does have toner and nothing
prints, print a diagnostic print page from the control panel. Lastly, it is
possible that the charging process is not occurring due to a problem
with the high-voltage power supply, the primary charge (transfer)
roller, or the corona wire. Check the printers maintenance guide to see
how to focus on the bad part and replace it.
Page 1060 of 1229
Faded or faint print: Indicates the user has chosen low toner or
draft output, the laser printer is low on toner or the drum is worn out
or damaged, or the inkjet printer is low on ink. Replacing the toner, ink
cartridge, or ink ribbon should eliminate this problem. On impact
printers, this problem occurs if the ink ribbon stops moving.
Skewed/wavy/wrinkled output: For a laser printer, make sure

paper is inserted correctly and media guides are well-positioned (not to
tight or too loose). For an inkjet printer, wavy and wrinkled output or
output that smears or is blurry is probably a problem with the paper.
Black stripes or whole page black: Indicates primary charge roller is

dirty or damaged or high voltage power supply is not working.
Streaks or persistent marks on a laser printer: Streaks, vertical or

horizontal lines and other marks on the same place on the printout are
most likely the result of dirty feed rollers or dirty or a damaged imaging
drum. Clean the rollers/drum or replace the drum. Persistent marks on
an inkjet printer indicate a dirty feed roller.
Streaks on an inkjet printer: On inkjet printers, this can be caused

by dirty or misaligned print heads. Use the software tools to clean and
align them.
Ghost images: Ghosting or dark shadow images can occur on laser

printers after printing a dark image. Try printing a series of different
images to see if the problem resolves itself or print a blank page
between images. Ghosting can also be caused by a drum that is not
adequately cleaned or adequately charged. You might need to replace
the worn-out drum or toner cartridge.
Vertical lines on page for laser printer: You can see this on laser
printers if the toner gets clogged. Remove the cartridge and shake it or
replace the cartridge. It can also occur if the drum is damaged or dirty.
On inkjet printers, this can occur if the print heads are dirty or
misaligned and need to be cleaned and aligned, or a blocked ink nozzle.
Colour prints in wrong print colour or inconsistent colour output:

If the ink cartridges or colour toner cartridges are inserted in the wrong
place, you will see some strange results. The solution is to put them
into the correct place and make sure they have enough ink or toner, but
it might take time for the colours to return to normal. You can also run
the printer calibration program and print a test page to verify the
problem. Some inkjet printers recycle the ink, so you will still have a
mixture of the wrong ink. If the document does not print in colour,
check that colour printing is selected within Windows.
Missing colour: replace the cartridge and clean the contacts between
the printer and cartridge.
Page 1061 of 1229
Print head jam: the inkjet printer will most likely display a message or
flash its LED if its print head jams. Try turning the printer off and
unplug it before turning it back on again.
Clogged or dirty inkjet nozzles: The ink inside the nozzles can dry
out on an inkjet printer when not used for a short time, blocking any ink
from exiting. If the printer is telling Windows that it is printing and
feeding paper through, but either nothing is coming out or only certain
colours are printing, it is almost certainly dried ink clogging the nozzles.
All inkjet inks are water-based, and water works better than alcohol to
clean them up. On older inkjets, you usually have to press buttons on
the printer to start a maintenance program. On more modern inkjets,
you can access the head-cleaning maintenance program from Windows.
Low memory errors: When a raster image is created, it is stored in

the printer memory. If the image is larger than the available memory,
you will receive a memory error. The best solution is to add memory to
the printer if it supports additional memory.
Toner specks on paper: might indicate loose toner inside the printer.
Clean the printer using an approved toner vacuum.
Toner not fused to the paper: The fuser assembly fuses the toner to
the paper. Replace the fuser to resolve the problem. A dirty fuser on a
laser printer will leave a light dust of toner all over the paper. Have the
printer cleaned. If the printout is smudged, the fuser is not properly
fusing the toner to the paper. If the toner will not fuse to the paper, try
using a lighter-weight paper. You might also need to replace the fuser.
Faint printing (gap too wide) or smudging (too narrow) on a dot

matrix printer This is most likely because the platen gap is incorrectly
adjusted or
platen is dirty and must be
cleaned
with
denatured/isopropyl alcohol. The platen adjusts the gap between the
paper and print head so that different types of paper can be used. Some
printers adjust the gap automatically.
One of the most important tests you can do on any printer is called a
diagnostic print page or an engine test page. You do this by either holding
down the On Line button as the printer is started or using the printers
maintenance software.
Page 1062 of 1229
Unit 13 Computer and Network Security

Explain the importance of security and user education.

Identify the fundamental security principles, concepts and
technologies.
Troubleshoot common security issues with the appropriate
tools and best practices.
Compare and contrast common security threats and apply
and use common prevention methods.
Secure computers and data against common threats.
Use the appropriate data destruction/disposal method.

(G185eng) Module 3 Unit 4 and 5 (p. 225-260)
Notes

o Viruses and Malware (p. 239)
o Workstation and Data Security (p.258)
Notes
Study
13.1 Security fundamentals

Security or IT security involves the practice of controlling access to
resources such as data, files, programs, computers, mobile devices and
networks. You must consider and implement security from the entrance of
your building to the most hidden confidential file on your system. Security
is always balanced against accessibility, that is, there is no point in
making a resource so secure that no one can access it. However, the
resource should be secured to the point that only authorised users can
access it.
When it comes to securing information, the main properties, known as the
CIA triad, that are at the core of all security practices and that need to be
considered include:
Confidentiality (C) means that information should be kept secret

and known only to authorised people.
Integrity (I) means that information is stored and transferred in an
authorised way and has not been changed in an unauthorised way.
Availability (A) means that information must be available to only
those people who are authorised to access and use it whenever they
need to.
Page 1063 of 1229
Another security triad AAA, short for authentication, authorisation

(access control) and accounting (auditing), describes different ways of
controlling who is allowed to access a resource (authentication), what they
can and cannot do with that resource (authorisation) and what actions they
performed while accessing the resource (accounting).
Note
It is important to realise that using only one authentication and

authorisation mechanism is not a very effective security measure.
The more authentication and authorisation mechanisms you have,
the more secure your resources will be.
13.2 Access control

Access control refers to controlling access to a resource by placing one or
more barriers around that resource so that only authorised users can
access it. This involves physical barriers such as locked doors and
surveillance. When it comes to securing data, make sure users go through
a mandatory logon and authenticate to be able to use the OS and any
data stored on the system, that NTFS permissions are set up through the
access control list (ACL) of each resource, that drive and file/folder
encryption is used where needed and both host-based and network-based
firewalls are configured to protect individual hosts and the entire network.
Note
It is important to place multiple barriers around resources to

ensure they are properly secured. Ideally, a minimum of three
physical barriers should be used.
Page 1064 of 1229
13.2.1 Implicit deny and least privilege

Companies usually implement access controls based on the principle of
implicit deny, which is used in IT systems and networks of all sizes.
This principle simply means denying access to a resource unless it is
specifically allowed, or put another way, unless something like network
traffic is explicitly allowed, it is denied.
The idea behind another principle called least privilege that goes hand in
hand with implicit deny is that a user should only be given the rights and
permissions necessary to do their work and no more. This stops regular
users from accidentally or intentionally causing problems such as deleting
files and protects resources in case a trustworthy employee becomes a
disgruntled employee and seeks to do harm. Regular users rarely need
administrative privileges, and membership in any type of administrative
group should be limited.
13.2.2 Encryption
Cryptography is the study and practice of secret writing, with the aim of
hiding information from everyone except for the intended user.
Cryptography involves encryption and decryption. Encryption scrambles
plain text that can be read by anyone into cyphertext to make it unreadable
(essentially locking the data). Decryption allows the user with the right
key to unscramble the cyphertext back into the plain text to make it
readable again (unlocking the data).
Figure 13.1 Encryption

A key is a complex string of numbers created by an algorithm. A cipher is
the algorithm or the precise set of step-by-step instructions or code that
tells programs how to scramble and unscramble data. The algorithm is
designed to ensure that the key used is unique and unpredictable.
Note
The size or length of a key is measured in bits and is one factor

that determines how difficult it is to decrypt the cyphertext. Longer
keys with more bits are generally much stronger and harder to
crack. For example, a 128-bit key created by one cipher is
considered stronger than a 40-bit key using the same cipher. In
addition to the length, the randomness of the key and the
algorithm used to create it determines its strength.
Page 1065 of 1229
The algorithm used in a program is a mathematical function with the

instructions written in programming code. Figure 13.2 shows a portion of a
real encryption algorithm called DES (Data Encryption Standard). The
figure only shows a small portion of the entire algorithm. The remainder of
the algorithm can easily fill seven pages. The reason that algorithms are so
complex is to ensure that they cannot be easily broken. However, even
though the algorithm in this figure looks complex, cryptographers, people
who study and develop cryptography, discovered flaws in it a long time ago
and therefore, it is no longer considered secure.
Get a 64-bit key from the user. (Every 8th bit is considered a
parity bit. For a
key to have correct parity, each byte should
contain an odd number of '1' bits.)
Calculate the key schedule.
Perform the following permutation on the 64-bit key. (The parity
bits are discarded, reducing the key to 56 bits. Bit 1 of the
permuted block is bit 57 of the original key, bit 2 is bit 49, and
so on with bit 56 being bit 4 of the original key.)
Permuted Choice 1 (PC-1)
57 49 41 33 25 17 9
1 58 50 42 34 26 18
10 2 59 51 43 35 27
19 11 3 60 52 44 36
63 55 47 39 31 23 15
7 62 54 46 38 30 22
14 6 61 53 45 37 29
21 13 5 28 20 12 4
Figure 13.2 DES encryption algorithm

The primary goals of encryption on computer networks is confidentiality
(or privacy) so that secret data is kept secret, and authentication so
that, for example, both the sender and recipient of an encrypted message
are who they claim to be and can trust each other.
The two primary times when encryption methods are applied are as
follows:
Whenever data is at rest or stored on media: this includes data

stored on hard drives, optical media and USB flash drives. You can
encrypt individual files and folders with the NTFS Encrypting File System
(EFS). Similarly, you can encrypt entire volumes with BitLocker Drive
Encryption.
Whenever data is transferred over a network or in motion: this
includes using network protocols such as SSH, SSL and TLS to encrypt
data in motion. Encryption is also used to encrypt data on wireless
networks.
Page 1066 of 1229
13.2.2.1 Types of encryption

The three types of encryption that are used in IT systems are as follows:
Hash functions
Symmetric (or secret key)
Asymmetric (or public key)
These types are shown in Figure 13.3; the next few sections explain each
type in more detail.
Hash Function
Plaintext
Hash Function
Cyphertext
Symmetric encryption
Plaintext
Key A
Cyphertext
Key A
Plaintext
Asymmetric encryption
Plaintext
Key A
Cyphertext
Key B
Plaintext
Figure 13.3 Encryption types

Note
Often two or more of these types of encryption are used together

to secure a product or technology.
A hash algorithm is used to encrypt data, but not to decrypt it. It works by
adding or padding some extra data to a message and then encrypting the
message, and using a finite number of bytes from the encrypted portion of
the message as the fingerprint of the data. Hashes are used to prove that
the data received is the same data sent and that nothing has changed it
(ensuring data integrity). Every time a hash algorithm is applied to the
same data, you will get the exact same result, but if the data has been
changed, even by one letter or a single space, the hash will change.
Figure 13.4 shows two examples of what a hash looks like. A hash
calculator (of which there are some available online) was used to compute
two different text strings. The text strings are exactly the same in both
calculators except that the word hash was capitalised in the second
calculator. Notice that the hashes are completely different, even though the
sentences are essentially the same.
Page 1067 of 1229
Figure 13.4 Examples of hashing

Note
Hashes are also used for confidentiality, such as to store

passwords securely.
There are encryption algorithms that only generate one key and others that
generate two keys. The key made by a symmetric encryption algorithm
is called a symmetric or secret key. This simply means that the same key
is used to encrypt data and decrypt data (or two keys can be used but the
one is easy to determine from the other one). For example, if you create a
key specifying that the letter A should be replaced by G, the letter B by I,
the letter C by S, and so on, any message you encrypt using that key can
be decrypted by anyone else that has that key. Sometimes you will see this
secret key referred to as a private key.
Page 1068 of 1229
Sharing the secret key with others has always been the weakest part of
symmetric key encryption. If you are using a system that relies solely on
secret keys, you have to make sure that they are stored and shared in a
safe and secure way. You would not want someone to intercept the key
during its sharing process and using it to access your data.
Symmetric encryption is used for encrypting data for storage and data sent
over a network, such as with the Kerberos authentication protocol.
Examples of symmetric encryption include 3DES (Triple Data Encryption
Standard), AES (Advanced Encryption Standard), RC (Rivest Cipher), IDEA
(International data encryption algorithm), Blowfish/Twofish and CAST
(Carlisle Adams and Stafford Tavares). WEP and WPA used in wireless
networks use symmetric encryption. The main advantage for using
symmetric encryption is that it is faster than asymmetric encryption.
Some encryption algorithms generate two keys, and they are called
asymmetric encryption with asymmetric keys or Public Key Cryptography
(PKC). What this means is that two keys are generated; one key is kept by
the user and the other key is shared with anyone the user wants to share it
with. The keys are different but are mathematically tied to each other,
although knowledge of one key does not easily allow someone to determine
the other key.
These keys are also known as public/private keys. The public key is
freely available to anyone or to whoever you want it to be available to,
whereas the private key is always secured and never sent over the
network. The way the system primarily works is that data encrypted with
the public key can only be decrypted with the private key, or in the case of
a digital signature, data encrypted with the private key can only be
decrypted by using the public key. Figure 13.5 illustrates the asymmetric
encryption process.
Figure 13.5 Asymmetric encryption
Page 1069 of 1229
Public key cryptography is used for digital signatures and certificates

(providing authentication) and symmetric key exchange. Examples of
asymmetric encryption standards include Diffie-Hellman, RSA (Rivest,
Shamir and Adleman), El Gamal and ECC (Elliptic Curve Cryptography).
Asymmetric encryption is more complex and takes a computer longer to
process than with symmetric encryption and is only used for small amounts
of data.
13.2.3 Public Key Infrastructure (PKI)

PKI is framework, based on public key cryptography, that involves
hardware, software, standards, policies and people, that when combined,
enables users and systems to securely exchange data and verifies the
identity of users and systems to ensure they are indeed who they claim to
be. PKI is used in a variety of environments and for a range of purposes,
including Web and authentication security, confidentiality and email
security.
The PKI infrastructure consists of special servers and software:
Digital certificate an encrypted document that proves that a certificate
holder like a computer, user, website or company is who it claims to be
and not something it is not. The certificate contains information about
the certificate holder and associates the credentials of that holder to a
public key, which is embedded into the certificate. The certificate can be
used to verify that a public key belongs to a holder, which holds the
corresponding private key. A certificate is issued and digitally signed by
a CA.
Certificate authority (CA) a trusted person or body that runs
certificate servers that verify the identity of certificate holders and
hands out signed digital certificates for authenticity. Without a CA,
certificates cannot be issued, which contain the encryption keys that a
certificate holder uses to encrypt and decrypt data.
Desktop computers and servers Frequently need to have a special
application or PKI client for the user to be able to encrypt and decrypt
data.
LDAP or X.500 Directories Databases that collect and distribute keys
internally.
This, in a nutshell, is a PKI system. PKI systems vary from vendor to
vendor on how they are set up and operated.
13.3 Authentication
Authentication commonly occurs when the user claims an identity with a
username and proves that identity with a password. However, there are
other possible ways, known as authentication factors, of authenticating.
The three authentication factors are: something you know (a knowledge
factor), something you have (an ownership factor) and something you
are (an inherent factor).
Page 1070 of 1229
13.3.1 Something you know

The username is not typically kept a secret, although it is not good to hand
it out. The password however is top secret and should only be known to the
user that needs it. Although using a password is the most common way of
authenticating, it is also the weakest compared to the other factors when
used on its own. Ideally, you should create a strong password so that it
cannot be easily guessed or captured by someone else who wants to gain
access to your system. This is common knowledge among IT professionals,
but many regular users do not realise how important it is to use a strong
password or even how to create one.
Figure 13.6 Windows 7 logon screen
13.3.1.1 Software authentication: proper passwords

The main problems with passwords is that users make errors when creating
or changing them and also use weak passwords or share them
inadvertently or intentionally and so on. Another concern is password
management: A user might have to remember many different logons for
different services and result in using the same password for each one to
make it easier for them to remember. Many companies establish rules in a
password policy that users must follow when they create and change a
password and enforce the rules through local policies or domain policies.
This policy helps to educate users on how to create a strong password.
To make passwords more difficult to guess or obtain, it should meet the
following rules:
The longer the password, the stronger it is. A password should be at

least 8 characters long, with a good password being between 8-14
characters long for regular users. Administrators should have longer
passwords. Please note that some operating systems require long
passwords by default.
Page 1071 of 1229
The password should be a combination of numbers (1-9), uppercase (AZ) letters, lowercase (a-z) letters and special characters (!@#$%^&*?).
Do not use obvious phrases, such as birthdays, job titles, usernames,
dictionary words, and other names that are common and can be
guessed.
Do not use the default password.
Do not write down passwords anywhere or share them with anyone. If a
password must be written down, then make sure that the password is
stored and handled securely.
Do not send passwords electronically using emails or other kinds of
electronic communication.
Choose a password that is easy to remember but difficult to guess or
compromise.
Set expiry dates for passwords to be reset, forcing users to change them
on a regular basis. A common practice is to get users to change their
passwords every 6090 days and administrators every 30 days.
Set password history requirements so that users do not re-use the same
password when required to change it.
Implement automatic account lockout after several unsuccessful log on
attempts, so that if an incorrect password is entered several times, the
system should lock the account out for a certain period of time, before
unlocking it again.
Use different passwords for different services and networks, that is, do
not use work passwords for personal websites you visit and other
services you use outside of work.
Note
Any or all of these rules can be a part of a password policy and

these should apply to all passwords, including passwords used for
operating systems, network devices, authentication systems and
applications (where applicable).
To help you create a strong password, consider using a passphrase. There

are multiple ways you can do this, and Figure 13.7 gives you an example.
Page 1072 of 1229
Figure 13.7 Example for creating a password

You can set an account so that it requires a password in the User Account
applet or (in Professional editions of Windows) and enforce password length
and complexity through the Local Security Policy tool from the
Administrative Tools group within Control Panel. You can also start the
Local Security Policy by entering secpol.msc from a command prompt or in
the Start menus Search box. When you set up a password policy within
this tool, it applies to all accounts on the local system.
Figure 13.8 shows the Local Security Policy open with Account Policies
expanded and the Password Policy selected. The settings require users to
change their passwords at least every 42 days and use a complex password
at least 12 characters long. The last 24 passwords are remembered for the
account and the user must wait at least one day before changing the
password again.
Page 1073 of 1229
Figure 13.8 Using Local Security Policy to require a strong

password
Note
Administrators commonly configure domain policies that apply to

all computers and users in the domain. If the computer is joined to
the domain, domain policies take precedence over the policy set on
the local computer.
In a Windows domain, SSO allows the user to log on once and access
multiple resources without logging on again for that session. This is often
one of the reasons why a company creates a domain instead of a
workgroup, that is, to support SSO. SSO also helps network administrators
better control who can gain access to the network.
13.3.2 Something you have

All of the methods in something you have are physical tokens that you
can hold in your hand. A token in this context is a physical device that
authorised users carry around with them and can use to authenticate to
access something. Often a token serves dual purposes. For example, a user
can wear an ID badge when walking around secure areas of the building
and then use the badge to log on. The badge often includes the users
picture, their personal details and magnetic strips of encoded data. If ID
badges are used, anyone without a badge should be challenged, especially
if visitor badges are required for entry. ID Badges also need to be managed
and stored securely.
Figure 13.9 ID badge
Page 1074 of 1229
In many cases, an ID badge is also used as a smart card. A smart card is

about the same size as a credit card and contains a chip with information
about the users identity and access privileges and some encrypted
information to help keep it secure. The card can be used to gain access to
resources, including buildings and computers. Smart card readers are
connected to a computer or part of the keyboard. When the user wants to
log on, he/she simply inserts the card into the reader and enters a PIN or
password to authenticate. A PIN or password is used with the card to avoid
the risk of the card getting lost, misplaced or stolen by someone else, for
the purpose for gaining access as that user.
Note
When using more than one factor of authentication to prove your

identity, it is called multifactor authentication. Multifactor
authentication provides the best authentication as one factor relies
on the others for authentication to occur. Note that multifactor
means more than one factor; it does not mean using one item
within the same factor (i.e. using both a username and a password
is not multifactor authentication because a username and
password are both in the something you know factor, but a
password and a smart card is multifactor authentication).
Manufacturers have developed key fobs and smart cards that use Radio
Frequency Identification (RFID) to transmit authentication information
wirelessly (contact-less). The reader is connected to a computer and
validates against a security system.
A key fob is a small device, containing a chip, that the user can use to gain
access to a secure area or to log onto a computer or network. Also called a
security or hardware token, a key fob displays a randomly generated
number that can be used for authentication. The number usually changes
every 60 seconds or so and is synchronised with an authentication server.
RSA SecureID is a popular key fob and it is sometimes just called RSA
token. RSA stands for Rivest, Shamir and Adleman and when a user
attempts to access a protected resource, he or she is asked to enter a
unique number or token code as shown in Figure 13.10. This authentication
is based on two factors: something you know (a password or PIN) and
something you have (the authenticator). The authenticator is typically a
key fob and the software token is the RSA authentication software that
provides the security engine used to verify authentication requests.
Figure 13.10 RSA SecureID key fob generator
Page 1075 of 1229
Disadvantages with something you have are loss and theft and the chance
that the device can be faked, not to mention the cost of buying and
maintaining the equipment.
13.3.3 Something you are

The something you are authentication factor is proven with a biometric
recognition system. It works by scanning a unique human body part to
prove the identity of the user. The categories include:
Physical this includes the pattern of the users fingerprint, or retina or

iris of the eye, or face. Fingerprints can be used for authentication or
identification. When used for authentication, the user enters their
username to claim an identity and then their fingerprint to prove that
identity. This method is less susceptible to errors. With retinal scans
which are the most accurate, an infrared light is used to scan the users
eye.
Behavioural this is not used as often, but it is possible to identify
users based on their actions. This includes the users voice, their
signature, or the speed and pressure as they type (keystroke dynamics).
Figure 13.11 Fingerprint biometrics

During the first (enrolment) part of biometric authentication, an image of
the body part is taken by the biometric reader and converted into binary
values. This is then stored as a template in a database on the
authentication server. Each time the body part is scanned, it is compared to
the template stored in the database, and if the values match to an
acceptable level, access is allowed.
The main problems with biometrics is that users find it intrusive and
threatening to their privacy; there are setup and maintenance costs and
there is the chance that the technology can be hacked.
13.4 Accounting
Accounting is the practice of logging actions by tracking what happened to
a resource and when it happened.
Page 1076 of 1229
Suspicious behaviour and unauthorised access to accounts and resources

can be tracked and discovered through various accounting techniques,
including:
Logging security events automatically into the systems logs, such as

the Security log in Event Viewer.
Monitoring physical access using surveillance such as closed-circuit
televisions (CCTVs) and security guards.
Reporting security breaches to the relevant person through incident
reporting. An incident report is a record of the details of a security
incident. This might be done automatically by auditing software, such as
software that automatically sends an email to the administrator or to a
relevant person informing him or her of the incident, or by setting a
clear policy for users to follow that defines what an incident is and what
to report, who to report it to and how quickly to report it.
13.5 Malware
Malicious software, or malware, is a general term that refers to any
program or code that is designed to do some malicious task on a system or
network that you do not want done. Malicious programmers write malware
for different reasons, such as to play jokes on people, to infect systems for
personal gain, to generate business for a company, to gather information
about users to steal their identity or to access their bank accounts, to
remotely take control over their computer or to make their computer
unbootable or unusable. This section explores different kinds of malware.
Figure 13.12 Malware
13.5.1 Virus
A virus is a program that makes a copy of itself, often by attaching to an
executable host file that can be spread to infect other computers, or as
code stored in the computers boot sector, for the purpose of carrying out
the malicious action its program code or payload tells it to. For example,
the virus could simply display annoying messages or install spyware, or do
more harmful actions such as delete important system files.
Page 1077 of 1229
However, the virus can only activate and spread when the user runs the
virus-infected program by loading it into memory. This action requires
tricking the user into opening the infected file or email attachment. Table
13.1 briefly describes some of the different types of viruses, but do note
there are many more. Viruses are classified by the different ways they can
affect the computer (the vector).
Table 13.1 Virus types
Virus
Boot sector
Program
Macro
Polymorphic
(modification)
Stealth
Multipartite
Description
This virus infects the boot sector code, partition table and
sometimes the file system. When the computer boots, the
virus loads into memory.
This virus attaches to a programs executable file and
when the .exe file is run, the virus runs.
A macro is programming that automates certain tasks
within any application that has a built-in macro language,
such as Word and Excel. This virus uses macros to
replicate and spread.
Antivirus software uses a definition file that contains the
signatures of known viruses to detect them. A
polymorphic or metamorphic virus constantly morphs, or
changes, its signature, making it harder for anti-virus
software to detect it.
This virus avoids detection by intercepting anti-virus
software commands and passing the anti-virus software a
clean but false version of the file it is seeking, or it may
jump from file to file, avoiding the anti-virus scanner
altogether.
This virus attempts multiple kinds of infections at the
same time. For example, it can infect both the boot sector
and executable files.
Viruses can infect files stored on discs, drives, network shares and other
items and can spread in many ways, including through USB drives, email
attachments and applications.
13.5.2 Worms
A worm is a program that is similar in function and behaviour to a virus
but actively sends a copy of itself from computer to computer across the
network without needing the user to execute it. A worm can cause many
problems, among them:
Using up all the networks bandwidth as it copies itself from computer to
computer
Crashing the OS or application
Installing a backdoor application that allows an attacker to bypass
normal authentication methods to gain access to the targeted system
Exploiting flaws in program code like buffer overflows, where a buffer
cannot hold all the data sent to it
Page 1078 of 1229
Deleting files and relaying information
Note
The primary difference between a virus and a worm is that a worm

makes copies of itself and spreads itself automatically without any
user activity, while a virus attaches itself to a host file that must
be activated by the user in one way or another.
13.5.3 Trojan Horse

A Trojan horse (or simply Trojan) is malicious code that hides itself in a
program that looks useful or fun but is actually something else. When the
program is launched, the code of the Trojan runs and performs some
malicious action in a hidden way. Trojans can perform many actions, from
deleting files to turning an infected computer into a server and then
opening TCP or UDP ports so a remote user can control the infected
computer. It can also capture keystrokes entered into a web form,
passwords, files, credit card information and more. Games, programs, web
pages and scripts are all ways in which Trojan horses can be activated.
Often Trojans install a separate virus on the users system so that when the
user decides to uninstall the original software later on, the virus remains.
Trojan horses do not replicate.
Figure 13.13 Trojan detected by anti-virus software

Note
It is common for free pirated software to actually be a Trojan

horse. Users think they are getting software for free, and that
might be true, but they are often also getting a Trojan horse with
that software.
13.5.4 Rogueware
Rogueware (also called rogue antivirus, scareware or ransomware) is
a form of Trojan horse that is written to look and act like legitimate
software, in order to trick users into downloading and installing it. A
common example of rogueware is a program called Security Essentials,
which is designed to look like the legitimate Microsoft Security Essentials
program but is in fact rogueware.
Page 1079 of 1229
Another example is websites that trick users into downloading and installing
free anti-virus software, which is in fact rogue anti-virus that contains
malicious code.
13.5.5 Rootkits
In a security context, a rootkit is malware that is installed and hidden
mainly to compromise a system and get escalated privileges, such as root
or administrative access. A rootkit is usually installed on a computer by first
getting user-level access and once installed, enables the attacker to gain
root or privileged access to the computer. Root or privileged access could
also allow the attacker to compromise other systems on the network.
Not all rootkits are malicious, but many are and they hide their malicious
activities. Attackers may be able to access your information and monitor
your actions, change and hide files and processes to avoid detection,
change registry keys, create a backdoor entry into your computer to steal
information without you knowing about it, reconfigure your settings or
install additional malware from a remote location. Rootkits can even strike
firmware so that not even shutting down the system or re-formatting the
drive removes them.
Note
Many rootkits like other malware run in the background and hide
themselves. Therefore, you can usually easily spot them by looking
for memory processes, monitoring outbound traffic and checking
for newly installed programs that you did not install.
Figure 13.14 Rootkit detected by anti-virus software

A kernel rootkit modifies the OS kernel to hide itself and controls what a
user and anti-virus software can view, making it very difficult to detect and
remove. Rootkits can also use encryption to protect traffic going out of the
system and piggyback on commonly used ports to communicate without
interrupting other applications that use that port.
Page 1080 of 1229
Rootkits can even replace netstat with a modified version that does not
show the ports used by the rootkit.
Antivirus software sometimes indicates that it can detect and remove
rootkits. This might be true for some rootkits, but for well-written rootkits,
it requires extraordinary measures to remove them. For example, one
rootkit infects the disks master boot record and write-protects it. Even if
you try to reformat the disk, the virus protects the MBR and the rootkit
remains.
13.5.6 Grayware
Grayware (or greyware) is a general term that is sometimes used to
classify programs or files that behave in an annoying or undesirable way,
and yet do not directly do harm to systems and data. However, they do
negatively affect the performance of your computer and involve significant
security risks. Spyware, adware, pop-ups, joke programs and remote
access tools are just some examples of grayware.
13.5.6.1 Spyware
Spyware is software that is either downloaded unwittingly from a website
or installed as part of third-party software that secretly monitors and
collects information about your activity or browsing habits and reports it to
someone else, without your permission and knowledge. That someone else
could be an attacker or online company. Spyware can capture your
keystrokes
(known
as
keyloggers),
screenshots,
authentication
credentials, web form data, Internet usage habits and other types of
information and can use your computers resources to run distributed
computing applications and your Internet connection and email address list
to spread itself to other computers.
Another popular spyware method is to spawn pop-up browser windows
disguised as Windows system warnings that when clicked, trigger a flood of
other browser windows, or may even start a file download.
Note
Spyware often changes your web browser settings. When your web
browsers default home page has been changed, a particular
website comes up every time you perform a search, unusual addons or toolbar helpers install automatically, too many pop-up
windows appear, unusual network activity occurs, the firewall and
anti-virus programs turn off automatically, new programs, icons
and favourites appear, and the Java console appears randomly,
then suspect it could be due to spyware.
13.5.6.2 Adware
Adware is advertising-supported software or a browser plug-in that
observes your activity and displays targeted advertisements.
Page 1081 of 1229
Adware companies can also install tracking software on your computer,

which keeps in contact with an online company through your Internet
connection to report what your general surfing habits are and which
websites you visit.
Although the company might state that it will not collect sensitive or
identifying data from your computer, the fact remains that you have
software on your computer that is sending information about you and your
activities to someone else. Adware is legitimate only when you are
informed up front that you will receive ads and to gather information about
you. Adware must inform you that it is adware.
13.5.6.3 Pop-ups
Pop-ups are those irritating and unwanted windows that appear
automatically in your web browser when you visit a website. Some popup
windows do not look like browser windows at all in that they do not have a
menu bar, button bar or address bar, while others are very similar to the
pop-up alerts you get from the Windows OS. They might even have buttons
similar to the Windows close X button that when clicked, causes even more
pop-up windows to appear. Some even pop up behind the active browser
window and wait there in the background for you to click on them.
The main point you need to know when dealing with pop-ups is how to
close them without actually clicking on them. Two ways you can do this is
by right-clicking the browser windows icon on the taskbar and selecting
Close or Close window, and the window should go away or by pressing
<Alt> + <Tab> to bring the browser window from the back to the
forefront and then pressing <ALT> + <F4> to close it.
13.5.7 Phishing and pharming

Phishing is the act of tricking the user electronically or telephonically into
giving out their private information such as usernames, passwords or other
security information by pretending to be a trustworthy source. The
communication could be emails, instant messaging, social networking sites,
short message service (SMS) and pop-ups.
A classic example is when a phisher sends you an email that is supposed to
come from your local bank or credit card company asking you to send them
your username and password for verification or to click on a link to a
website that looks like a real website with official-looking logos and other
identifying information, but is in fact a malicious site that is designed to
lure you into entering your personal information. The phisher can then use
that information to gain access to your bank account.
Note
If you want to check an account, type the address into the web
browser so that you know you are going to the actual website.
Page 1082 of 1229
Another common phishing technique is to pretend to be a vendor (such as

an online retailer or domain registrar) and send the target email
confirmations of orders that they supposedly placed. There is also the case
of sending you an SMS notifying you to claim a prize you have won by
sending the phisher your address, phone number and bank account number
so that your winnings can be deposited into your account. Instead, your
bank account is emptied.
Another related attack called pharming corrupts or poisons the DNS name
resolution process to redirect legitimate website traffic to a malicious
website. Pharming does not necessarily trick you into clicking on a link , but
instead redirects you to a malicious website, even if you correctly entered
the intended website.
13.5.8 Botnets
A botnet, short for robot network, is a group of computers that work
together as zombies or bots (robots) for a bot herder. The bot herder or
master/handler is one or more command and control servers that the
attacker uses to send out commands to all the zombies in the botnet or
zombie army, directing them to do whatever it programmes them to do.
Usually this means downloading and installing additional malware but it
could direct the zombies to send spam to others, start attacks to deny
services such as Denial of Service (DoS), or participate in other malicious
activities. Botnets are huge. It is not uncommon for a botnet to include
tens of thousands of zombie computers on the Internet. Several botnets
have included more than a million computers.
User computers often join a botnet after becoming infected with malware.
If antivirus software does not detect the infection, users will not know.
However, one sign of a botnet infection is unusual network activity when a
user is not accessing the Internet.
Note
A system is usually compromised by a virus or other malicious

code that gives the attacker access.
13.5.9 Spam
Spam is email that you do not want or have not asked for. While spam is
not malware itself, it is often used to deliver malware via an email
attachment or embedded script or to trick you into clicking a link to a
malicious website that attempts to steal your private information or to get
you to download malware, such as a driveby download that automatically
downloads and installs itself on your computer without your knowledge.
Spam is also notorious for phishing attacks.
Page 1083 of 1229
Although email programs automatically move any emails suspected as

spam into the Junk Mail or Spam folder (as shown in Figure 13.15), you
can add a suspected spam senders email to the junk mail sender list so
that the email program automatically moves all of that senders email to
the junk mail folder.
There are also spam filters and filtering software that you can use to block
spam at your mail server (gateway) and at your computer. You can set
most email programs to block email from specific people or to specific
people and block by subject line or keywords. However, do take note that
these filters can block both genuine emails and spam emails, so take
precautions. Many users use a third-party anti-spam program instead of
using filters in their email program.
Figure 13.15 Spam folder in Yahoo Mail
13.5.10 Virus hoaxes and alerts

Just as the author of a virus enjoys seeing it cause harm, the person who
starts a hoax enjoys seeing it spread panic, especially when it is sent
across the Internet where it can cause panic among millions of users. A
virus hoax is a prank message, usually sent out via mass emails, warning
the recipients of a virus threat that does not exist. It can lead to any
number of things, such as getting recipients to perform steps that cause
damage to their systems, while under the impression that they are
removing the virus, or even cause recipients to forward the hoax on to
everyone they know and spread panic. The best measure against this is to
educate users not to panic and to contact the IT department, which will
then do research and verify whether it is a hoax, or indeed a virus.
Page 1084 of 1229
A virus alert or alerting service is provided by an anti-virus vendor, as part

of their anti-virus software suite that provides users with up to date
information and warnings of potential virus threats. You should check the
vendors website for a list of known virus threats and for instructions on
how to use their software.
13.6 Symptoms of a malware infection

When malware infects a computer, it can show various symptoms. You
need to become a computer doctor and understand what each symptom
means. Many of the common symptoms of an infection are as follows:
Slow performance if you are not running too many applications,

then malware activity often uses CPU and RAM resources, slowing down
the system, and causing random disk or network activity.
Spontaneous shutdown or restart Malware can interfere with the
OS and cause the system to shut down or restart itself. At other times,
it can stop and show a stop error.
System locks up or crashes the system might stop responding to
keyboard or mouse input or crash frequently.
File modification Malware can rename system files, delete files, hide
files completely or change permissions without any user interaction. If
you are authorised to access a file or folder but see an Access Denied
message when accessing it, it could be that malware has changed the
permissions.
Files with double extensions Files with double extensions such as
.jpg.exe are not normal. Malware sometimes overwrites existing files
and adds an extra extension. For example, the Sunrise.jpg.vbs file in
Figure 13.16 is a malicious Visual Basic script. If the user mistakenly
clicks on the file thinking that the .vbs file is a .jpg image file, the
malicious script will run.
Figure 13.16 Beware of files with double extensions
Will not perform familiar tasks an application might stop running

or no longer start. In some cases, a user might no longer be able to
access a familiar website.
Page 1085 of 1229
Unusual error messages appear Although it is normal for the OS to

report error messages, it might also be that malware itself is trying to
trick you into clicking a link. If malware is trying to install software on
its own, UAC will block it with an Access Denied error.
New icons appear or old icons (and applications) disappear.
Applications or Windows tools stop working.
Security alerts You might receive unusual security alerts, which are
most likely false. One of the primary symptoms is a report from
antivirus or antispyware software of the infection. It is common for
antivirus software to show a pop-up window indicating an infection. You
might also see errors in the Event Viewer.
Random pop-up ads The malware is often trying to get you to click
a link that points you to a malicious website. Pop-ups appear without
opening the web browser.
Cannot access hardware malware can interfere with access to some
disk drives, printers or other hardware.
Windows Update fails Malware sometimes changes the system
settings to prevent you from updating your system. Criminals are aware
of the value of keeping a system up to date and have sometimes
included code in malware to block updates. If you find that the
Automatic Updates settings have changed or that you cannot get
updates, the system might be infected.
Browser redirection or modifications When you try to access a
known website, the system takes you to a different website. A malware
infection might have overwritten your HOSTS file. The HOSTS file
overrules any DNS settings and can redirect your browser to whatever
site the malware adds to the file. Most browser redirections point you to
phishing scams or websites full of free downloads that are malware.
Some malware resets the home page, adds additional toolbars, changes
the search provider, modifies the proxy settings and/or installs
unauthorised add-ins.
Internet connectivity issues Often, malware will change the web
browser proxy server settings so that the browser does not access the
Internet through the networks proxy server, but instead tries to access
the Internet through other paths. This can bypass the security controls
in place on the proxy server, or it might block Internet access for the
system until the settings are restored. If you lose all Internet
connectivity, either the malware is stopping you or removing the
malware negatively affected your connection. In this case, you might
need to reconfigure your Internet connection: reinstall network adapter
drivers, reboot your router, and so on.
Antivirus software issues Malware often tries to disable antivirus
software so that the malware can run without any obstacles. It can also
prevent the software from being installed or updated.
Firewall disabled Malware can turn off the firewall automatically.
Unusual network activity Some malware tries to infect other
systems over the network. If the computer has joined a botnet, it will
check in with the botnet herder for instructions and might start attacks
on others.
Page 1086 of 1229
Software crashes repeatedly if software, especially programs that

use browser plug-ins, start crashing repeatedly, suspect a malware
infection.
Any activity not initiated by you any suspicious activity that you
have not initiated could indicate a malware infection.
Note
This is not an all-inclusive list. The key to recognising malware

infections is recognising any unusual or suspicious activity. If you
detect anything out of the ordinary, update your anti-virus
program and run a virus scan.
13.7 Malware research, tools, prevention and recovery

You can visit the following websites that are dedicated to investigating the
various new attacks against computers and networks:
www.cert.org
www.sans.org (check out the Top 20 critical security controls)
www.schneier.com
www.grc.com
You can also visit the website of the anti-virus vendor (as shown in Figure
13.17) and look to their malware encyclopaedias for information about the
type, symptoms, purpose and removal of malware.
Figure 13.17 Symantec Security Response portal website
Page 1087 of 1229
Here is a long list of steps that can be taken to reduce the risk of virus
infections:
Back up regularly so that you can recover any data that is lost due to
an infection.
Test and apply OS and application security patches and updates. You
can protect your system against malware by keeping it up to date.
Microsoft releases patches and updates on the second Tuesday of every
month (commonly called Patch Tuesday). Updates are useful only
when they are applied. If the update is not applied, the system remains
vulnerable. Malware authors enjoy finding un-patched systems, as the
authors are often able to install malware onto a system without being
detected.
Never give out private information except to authorised users.
Do not allow users to bring and install their own programs. If necessary,
remove or disable removable drives. Windows also allows the
administrator to determine who can run and install programs and
download files. Use these rights effectively.
Install and run anti-virus software that can scan automatically. Keep the
scanner up to date with the latest signatures or definitions (its
identifying fingerprint), since viruses with new signatures come out all
the time.
Perform scans on removable media such as USB drives before using
them.
Figure 13.18 Scan drives before using them
Do not log on with administrative privileges except where necessary.

Limit administrative privileges to a few, selected accounts and keep the
passwords for these accounts secure.
Do not install unknown programs, at least not without researching the
program first. Careful reading of the softwares license agreement
before you install a program is a good idea, but realistically, it does
little to protect your system.
Avoid clicking on links in unknown emails.
Avoid visiting websites with an unpatched web browser and one that is
set with low security settings and with no anti-virus software.
If you visit a website that asks you to install a third-party application or
plug-in that you have never heard of, do not install it. Well-known and
reputable plug-ins, such as Adobes Shockwave or Flash, are generally
safe, but be suspicious of any others.
Page 1088 of 1229
Do not click anywhere inside of a pop-up browser window, even if it

looks just like a Windows alert window or command-line prompt, it is
probably fake and the Close button is likely a hyperlink.
Avoid executing files from unknown communications or sources, such as
email attachments, file sharing sites, websites (generally), chat, MMS
and instant messaging attachments, AutoRun USB drives and optical
discs and so on.
Ensure that system and program files are secured. A virus can only
infect other program files if it has write permissions on it.
Avoid opening unusual documents or files.
Educate users about malware and how to prevent them from infecting
their computers.
Audit system events and review logs for unusual activity on a regular
basis.
Disconnect an infected system from a network to stop the infection from
spreading.
Establish a procedure for recovering from an infection to minimise the
spread and effect of the virus.
Keep up to date with the latest security developments and threats and
strategies or zero-day vulnerabilities.
Companies should have policies and procedures in place and train and
educate users on what to do when they encounter malware. Companies
can use network operating systems and features such as GPOs and
other software and take disciplinary procedures to enforce compliance
with policies.
As a computer technician, you should educate users about malware and
what actions to take to prevent and recover from infections. The more
you teach users, the more aware they will be of potential threats.
13.7.1 Digital security

Digital security refers to the technical methods used to protect systems.
Antivirus and antispyware software are two primary digital security
methods, but there are additional methods.
13.7.2 Antivirus and antispyware software

The only way to protect your system from getting malware is to disconnect
it from the Internet and keep it offline and never install any potentially
infected software on it. Since this unlikely to happen, you need to run antimalware or anti-virus (A-V) software for protection.
Running up-to-date A-V program is the best step you can take to protect
your system against malware. A-V programs help to detect and prevent
infections.
Page 1089 of 1229
They do this by being both a sword, working to actively seek-and-destroy

by scanning files, drives and the boot sector for malware and provide you
with options to remove or disable it, and as a shield that passively monitors
your computers activity, checking for malware only when certain events
occur, such as when a program executes or a file is downloaded. A-V
programs can detect multiple types of malware, including viruses, worms,
Trojans, adware, spyware and spam.
Note
Install and run an A-V program on your system before connecting

it to the Internet. Attackers are constantly scanning the Internet
looking for unprotected systems.
13.7.2.1 A-V definitions and updates

A-V programs combat different types of malware in different ways. They
can for example, detect boot sector viruses simply by comparing the
systems boot sector to a standard boot sector. If they detect a virus, A-V
uses a backup copy to replace the infected boot sector. Executable viruses
are a little more difficult to find because they can be on any file. To detect
executable viruses, A-V uses a library of signatures.
A-V programs combine the following two approaches when scanning for
malware:
Signature-based This type of scan compares files, macros, emails

and other data to its definition file of known virus signatures. A
signature, also known as a definition or signature definition, is code
or byte pattern that identifies each malicious program. Malware might
be a specific size, have specific names, or have other signatures that can
identify them. The definition file is simply a list of signatures your A-V
program can recognize.
Heuristic (analysis) Rather than matching files to signatures, this
type of scanning approach looks for any suspicious behaviour that is not
a normal pattern of behaviour for the OS and applications installed on
the system. Heuristic scanning is beneficial when trying to catch new
viruses and for virus definitions that are not yet available.
Keep your A-V program updated. Criminals are constantly creating new
malware and even different versions of old malware on a daily basis. If the
definition file does not include the signature of a new virus, the A-V
program will not detect it. Vendors recommend updating them daily.
Fortunately many AV programs automatically check for updates several
times a day and will download the updates when they are available, or will
at least have update settings that you can configure. Further, you should
periodically update the core anti-malware programming called the engine
to use the latest refinements the developers have included.
Figure 13.19 shows the updated process for a free A-V program called
Malwarebytes.
Page 1090 of 1229
Figure 13.19 Keep A-V software up to date
13.7.2.2 A-V actions

When the A-V program detects malware, it attempts to isolate it as quickly
as possible. It freezes the action of the malware and displays an alert,
usually in the form of a pop-up dialog box indicating an infection or a
notification in the notification area on the taskbar. For example, Figure
13.20 shows an alert from Windows Defender. The alert usually provides a
recommendation, such as blocking the activity, but you can choose another
action.
Figure 13.20 Windows Defender

The most common actions are as follows:
Clean clean or disinfect the item.
Quarantine prevent the quarantined item from running and block
any attempt to open it. Quarantining often moves the item to a special
location. Quarantined items cannot cause damage to the system, but
users can later restore the item if they determine that it is safe to do
so. See Figure 13.21.
Remove deletes the item from the system. In some cases, the item
cannot be deleted immediately. Instead, the A-V program quarantines it
and the item is removed during the next restart cycle.
Page 1091 of 1229
Figure 13.21 Quarantined items in Malwarebytes A-V software

In many cases, the A-V program allows you to configure automatic actions,
that is, the program automatically takes the action without notifying you.
13.7.2.3 A-V protection
Most A-V programs provides protection on different levels, including:
Real-time protection the program constantly monitors any files that

you download or open (on-access) and system activity, looking for any
suspicious actions.
Scheduled scans a scheduled scan runs at a specific time without
user interaction. If you cannot schedule the A-V program, you might be
able to use Task Scheduler to schedule it.
On-demand scans if you or a user suspects malicious activity is
occurring, you can run a scan yourself immediately to check the system
and customise it to either run a full scan that checks the entire system
or customise it to scan the drives, files etc., of your choosing. Figure
13.22 shows the options in Malwarebytes.
Automatically update definitions in some cases, the program will
periodically check for updates, such as once or twice a day, and
download updates only when there are changes. In other cases, it will
check based on a schedule you have configured, such as once a day.
Page 1092 of 1229
Figure 13.22 Malwarebytes A-V scanner

Note
The A-V program requires an Internet connection to connect to the

A-V vendors website to download updates.
13.7.2.4 A-V vendors

Many vendors offer A-V programs that you can buy or download for free.
Some examples include:
Symantec (www.symantec.com)
Microsoft Security Essentials (www.windows.microsoft.com)
McAfee (www.mcafee.com)
Trend Micro (www.trendmicro.com)
Malwarebytes (www.malwarebytes.org)
Kaspersky (www.kaspersky.co.za)
Avira (www.avira.com)
Page 1093 of 1229
Figure 13.23 Avira A-V suite

Some vendors offer A-V programs as part of personal security suites
that protect a single host or network security suites that protect an
entire network and can be managed from a central place. Also, some of the
products have a good reputation for detecting malware while others do not,
so do research before choosing a product. There is no requirement to get
any specific version for any specific OS. However, you should consider it a
security requirement to have A-V programs running on all of your systems.
Microsoft systems recognise most A-V programs, but not all of them. If you
install an A-V program that Windows does not recognise, then it will show
notifications indicating that the system is unprotected. However, you can
let Windows know that you do have an A-V program installed and tell it to
stop the notifications.
Figure 13.24 shows the Action Center applet in Windows 7, which replaces
Security Center applet in earlier versions. If you installed a legitimate A-V
program and Action Center indicates that your system does not have any
A-V programs, you can click Turn Off Messages About Virus Protection.
The display will change to Currently Not Monitored For Virus
protection.
Page 1094 of 1229
Figure 13.24 Action Center indicating Windows did not find A-V
software
Note
Be careful with free A-V software. Criminals have been known to

post positive reviews of their rogue A-V software on other
websites. Therefore, just because someone posts a positive review
on the Internet does not necessarily mean the software is valid.
Trust reputable sources.
13.7.2.5 Starting A-V programs

For A-V to be useful, it must be running. Most A-V programs automatically
start when the system starts, but malware can change these settings.
When this is the case, you can use the System Configuration (msconfig)
tool to verify that the A-V program is set to start automatically (on the
Startup tab).
In other cases, the service running the A-V program might be disabled. You
can click the Services tab of the System Configuration tool and see whether
any of the services are disabled. You can also view the running services
from the Services applet in Control Panel.
13.7.2.6 Antispyware
Antispyware is software that specifically looks for spyware. Windows
Defender is a antispyware tool included with Windows Vista/7 and is
available as a free download for Windows XP. See Figure 13.25. It attempts
to prevent, remove or quarantine spyware.
Page 1095 of 1229
Figure 13.25 Windows Defender

Many A-V programs include antispyware capabilities. You can have
separate anti-virus and antispyware programs running, but they can
interfere with each other. Because of this, anti-virus vendors often
recommend that you do not run separate programs.
13.7.3 Remove malware

A-V programs cannot remove every single virus out there, so you may
need to remove them yourself. To help you do so, A-V vendors often have
instructions on how to remove all the elements of the virus. Some
companies have a policy of completely re-imaging the infected system
instead of trying to clean it while in some extreme cases, you need to
completely re-format the disk and re-install the OS. However, there are
steps you can take to clean and remove some malware.
Note
When the standard steps for removing malware do not work, the
best source for additional information is A-V websites.
13.7.3.1 Delete temporary files

Malware often stores a hidden copy of itself within a temporary file on your
hard drive so that if the original is discovered and deleted, it later restores
itself. You can configure your web browser settings to delete these
temporary files. For example, in IE 9, you can complete the following steps:
a. Start IE, click Tools and select Internet Options.
Page 1096 of 1229
b. Select the General tab and click the Delete button.

c. On the Delete Browsing History dialog box, ensure that Temporary
Internet Files is selected and click Delete. See Figure 13.26. When
the file deletion completes, click OK.
Figure 13.26 Delete browsing history

You can also use Disk Cleanup in Windows to delete temporary files in the
properties of the drive within Windows Explorer.
13.7.3.2 Use safe mode
Sometimes the A-V program will not remove malware in the normal way,
but when you run it in Safe Mode with minimal services and drivers, it
removes the malware. Other times you might need to delete a file, but you
can only do so from within safe mode.
Tip
If you cannot delete a file and the system reports that it is in use,
you can usually delete it from within safe mode. There are other
tools that you can also use. For example, you might be able to use
the del (delete) command with the /f switch to delete a file, or you
might use a third-party tool.
Because Safe Mode starts with a minimal set of drivers and services, the
malware usually will not be started and cannot protect itself.
Page 1097 of 1229
Tip
If you need to update definitions for your A-V program, you will
need to select Safe Mode With Networking.
13.7.3.3 Use preinstallation environments

In cases where you cannot remove all malware, you try using a
preinstallation environment (PE). Windows PE is used during the installation
of Windows and during some Windows recovery operations. A
preinstallation environment with antivirus tools is often referred to as an
offline scanning kit.
You can boot into any alternative OS such as Linux and then run A-V
programs to remove malware. This is often effective when removing
malware that is embedded into the boot sector or the master boot record.
Alternative operating systems can be a pre-installation environment or a
bootable OS from a CD/DVD or flash drive.
You have several options for creating the bootable optical disc or flash
drive. First, some A-V programs come in a bootable version. Finally, you
can download a copy of Linux that offers a live CD option such as Ubuntu.
You can then boot to the CD and install a complete working copy of the OS
into RAM, never accessing the hard drive, to give you full Internet-ready
access to many online anti-malware sites.
13.7.3.4 Use Recovery Console and Windows RE
In some cases, you might need to use the Recovery Console on Windows
XP or Windows RE on Windows Vista/7. This is especially useful if the
malware has modified the disk. You can use commands such as fixboot to
repair an infected boot sector or fixmbr to repair a damaged master boot
record from the Recovery Console. Similarly, you can use the bootrec
/fixboot and bootrec /fixmbr commands from the Windows RE.
13.7.3.5 System Restore
In some cases, you can remove malware by using System Restore to
restore your system to a previous state before the malware infected your
system.
13.7.3.6 Removing rootkits and trojans
Certain up-to-date A-V software suites can help to detect and remove some
Trojans and rootkits, although they may be ineffective against well-written
Trojans and rootkits. The most reliable and safest way to remove a rootkit
and Trojan from an infected system is to re-partition and re-format drives
before re-installing the OS, or by installing a previously captured OS image.
Thereafter, data can be restored from the backup as long as the backup
was made before the malware was installed.
Page 1098 of 1229
Note
To protect systems on networks from Trojans and rootkits, it is a

good practice to configure the firewall to block outgoing traffic.
This makes it more difficult for the backdoor application to send
data back to the attacker.
13.7.3.7 Disable Autorun

The terms Autorun and AutoPlay are often used interchangeably, but there
is a distinction between the two. AutoPlay is a feature that automatically
appears when you insert an optical disc or flash drive and depending on the
content on the media, Windows lets you choose which program to use to
work with that content. See Figure 13.27. Using AutoPlay for all media and
devices is the default setting. You can choose to enable or disable AutoPlay
for all media and devices and enable very specific actions that Windows will
perform when the media is inserted or found. If a DVD or Blu-ray movie is
detected for example, you can tell AutoPlay to play the disc by using your
favorite media player program.
Figure 13.27 AutoPlay

Autorun is a feature that automatically starts programs or enhanced
content when you insert the disc or other media into the computer. Autorun
enables the OS to detect and read a special file called autorun.inf
immediately after the media is inserted and whatever program is listed in
autorun.inf runs automatically. Autorun is built into the media types that
use it and you cannot change it.
While Autorun is useful, criminals exploited it. They could add malware to
the media and add or modify the Autorun.inf file so that when the media
was inserted into the system, AutoRun would automatically install the
malware on the system. Before it was disabled on USB flash drives in
Windows, malware was often spread from system to system with the help
of AutoRun.
Page 1099 of 1229
There are two primary ways that you can protect systems.
Ensure that all systems have up-to-date A-V running.
Ensure that AutoPlay is not configured to automatically run programs
from USB drives or from any other media.
o On Windows XP, you can access AutoPlay settings from Windows
Explorer. Right-click an optical disc drive, select Properties, and click
the AutoPlay tab.
o On Windows Vista/7, you can access the AutoPlay applet in Control
Panel from a list view.
13.7.3.8 Best practices for removing malware
There are several best practices for removing malware from systems:
Identify malware symptoms.

Quarantine or isolate an infected system from other systems (i.e.
disconnect it from the network and Internet). This is as simple as
unplugging the network cable or disabling the network adapter.
Disable system restore. While removing malware, you might make
changes that would normally be captured by system restore. By
disabling system restore, you ensure that a user cannot accidentally
reinfect the system by applying a restore point.
Remediate (restore) the infected system. Ensure that the A-V program
is up to date. If you do not want to connect the infected system to the
network or the Internet, get a copy of the definition files from an
uninfected system. Next, use tools to scan and remove the malware.
Schedule scans and updates. After cleaning the system, ensure that the
A-V program automatically downloads updates and scans the system for
malware.
Enable system restore and create a restore point, bringing the system
back to normal and providing a clean restore point.
Educate the user. Users often do not understand the risks about
malware and can easily fall prey to common criminal tactics. You can
help prevent a re-occurrence of many problems with just a little
education.
13.8 Social engineering

Social engineering is the means of using a messaging system, a
telephone conversation, human interaction, a fake website or malicious
email to trick people into performing an action or to reveal confidential
information or to do something they would not normally do. Table 13.2
discusses common types of social engineering attacks, as well as attacks
that are closely related to social engineering.
Page 1100 of 1229
13.2 Social engineering and other attacks

Attack
Description and prevention
Impersonation This means to gather information or commit fraud by
pretending to be someone else, usually using a
telephone. Examples include; intimidating the target by
using technical language that the target does not
understand, pretending to be a senior manager or a
bank employee, being friendly to the target and gaining
their trust, or by making the situation seem urgent by
asking the target for a password so that the
impersonator can test a program or solve a problem. To
avoid this, never give passwords out to anybody; if you
feel uncomfortable giving information out, ask the
person for their name and phone number and call them
back. Additionally, report unusual calls to the relevant
department.
Dumpster
The practice of looking through rubbish bins in search
Diving
for useful sensitive information. This can be prevented
by:
Educating users and implementing disposal policies.
Getting users to not throw away sensitive information
in rubbish bins, but rather destroy or shred paperbased materials.
Destroying information on storage media before
recycling it.
Shoulder
The practice of looking over someones shoulders to
Surfing
view what they are typing on the screen or to watch
what they type on the keyboard. A simple protection
against shoulder surfing is to use a privacy filter. A
privacy filter is a framed sheet or film that fits over the
front of the monitor that reduces the viewing angle,
making it impossible for shoulder surfers to see the
contents on the screen except for the person sitting
directly in front of it. Block the view of others by placing
barriers around you.
Page 1101 of 1229
Attack
Tailgating or
piggybacking
Phishing
Description and prevention

The practice of gaining unauthorised access to a
restricted area or checkpoint. Methods include:
Piggybacking or tagging along with an authorised
person to gain entry to a restricted area, usually with
that persons permission.
Tailgating or tagging along with an authorised person
without that persons permission.
Prevention techniques include:
Implement policies and educate users.
Use surveillance.
Have security guards.
Use revolving doors or mantraps that only allow one
person to enter the area at a time.
The act of getting sensitive information from users by
pretending to be someone trustworthy via an electronic
communication. Phishing attacks rely on a mix of
technical deceit and social engineering practices. It
usually consists of sending out an official-looking email
to users that points them to a website containing a form
asking for personal information. The email might appear
to be from a legitimate company and it might contain a
request for help or a threat of some action if the user
does not comply with the instructions provided. The
website is, of course, fake, and the confidential
information the users supply goes right to the attacker.
Prevention techniques for phishing include:
Educate users.
Implement firewalls, multi-factor authentication, A-V
software, web browser security enhancements, and
email and website communication security such as
encryption.
13.9 Workstation security

Securing a workstation involves the following steps:
Configure user rights assignment, account and audit policies in the local
security policy, found in Administrative Tools. You can, for example,
configure the right to load and unload drivers, access the computer
from the network, log on locally, shutdown the system, back up files
and take ownership of files and other objects. Group policies can be
configured and applied to the entire domain.
Page 1102 of 1229
Figure 13.28 User Rights Assignment local security policies
Grant system privileges and rights over NTFS folders and files.
Restrict user permissions by configuring users as administrators or
standard users and using UAC to help prevent malware from taking
action on your workstation without you knowing about it.
Change default usernames for accounts to make them more difficult for
malware or a hacker to use. For example, you can change the name of
the Administrator account to admin2pc. If others try to log on by using
Administrator, error messages will indicate that either the username or
the password is wrong. No matter how many times they try to guess
the password, they will never succeed.
Disable the guest account. Similarly, you can change the name of Guest
to guest2pc, making it more difficult to use this account.
Run A-V, Anti-spyware, Firewall and Windows Update and keep the
software updated.
Disable Autorun.
Use a privacy filter.
Educate users to lock their desktop or enable a password-protected
screensaver when leaving their workstation unattended, such as when
they go to lunch. This requires users to log in after locking their desktop
or after the screen saver starts and prevents someone else from
performing actions as though they were the user (a lunchtime
attack). You can lock the Desktop by pressing <Windows> + <L> or
using the Lock Computer icon on the Start menu (or place the icon on
the Start menu by configuring its Properties). On Windows 7, you can
enable the screen saver by right-clicking the desktop, selecting
Personalize, and then clicking Screen Saver. Figure 13.29 shows the
Screen Saver Settings page. After choosing a screen saver, select the
On resume, display logon screen check box.
Page 1103 of 1229
Figure 13.29 Enabling password-protection with screen saver

Note
Windows includes several built-in screen savers, and you can find
more online. However, many screen savers available online are
infected with malware.
13.10 Data security

Without data, a computer would serve no purpose. With data, there is the
risk of it being lost, captured or destroyed in some way or another. This
could mean that days, months or years of work are gone forever. To
protect data, you should consider encrypting confidential data, sanitising
hard drives that you no longer use and physically securing documents that
contain confidential information.
13.10.1 BitLocker Drive Encryption

BitLocker Drive Encryption protects a drive by allowing you to encrypt
the entire drive or volume. It is included in the Ultimate and Enterprise
editions of Windows Vista/7. The beauty of BitLocker is that if a hard drive
is stolen, all of the data on the drive is safe.
Page 1104 of 1229
There are some requirements for using BitLocker:
A Trusted Platform Module (TPM) chip on the motherboard that

actually stores the encrypted keys. It often needs to be enabled in
CMOS Setup. If BitLocker fails because of tampering or moving the
drive to another system (rather than the drive being stolen), you need
to have a properly created and accessible recovery key or recovery
password. The key or password is generally created when you enable
BitLocker and should be kept somewhere safe or written down and
stored securely and separately from the encrypted drive.
OR
If a TPM is not available, BitLocker can be used with a PIN that must be
entered when the computer starts.
OR
An external USB drive that includes a startup key and is inserted when
the computer is started. The BIOS must support booting to USB for this
option to work.
And
A hard drive with two NTFS volumes that preferably was created during
the OS installation: One volume for the OS that will be encrypted and
the other an active volume that remains unencrypted so that the
computer can boot. If a second volume needs to be created, the
BitLocker Drive Preparation Tool can be of assistance and can be
downloaded from Windows Update.
To enable BitLocker, double-click the BitLocker Drive Encryption icon in the

Control Panel (Classic view), or select Security in Control Panel (Home
view) and then click Protect your computer by encrypting data on
your disk. See Figure 13.30.
Page 1105 of 1229
Figure 13.30 Bitlocker Drive Encryption in Control Panel
13.10.2 Encrypting files and folders with EFS

Encrypting File System (EFS) is an NTFS component that you can use to
encrypt files and folders on a Windows system. EFS uses certificates in the
encryption and decryption process. When the user encrypts a file, the OS
automatically creates a certificate, which includes encryption keys. The
certificate is accessible only to the user and when that user accesses the
file, the OS retrieves the certificate to decrypt and open it. When the user
saves a file that was originally encrypted, the OS automatically encrypts it
again.
Follow these steps to encrypt a file or folder in Windows 7:
1. Find the file or folder, right-click it, and select Properties.
2. At the bottom of the General tab, click the Advanced button. This
brings up the Advanced Attributes window.
3. Select Encrypt Contents to Secure Data.
4. Click OK.
5. Click OK again. On the Confirm Attribute Changes dialog box, for a
folder, ensure that Apply Changes To This Folder, Subfolders And
Files is selected and click OK. This ensures that all folders within the
folder will also be encrypted.
The encrypted file or folder appears in green within Windows Explorer. Any
new files you create in this folder and any files that you copy or move into
it will also be encrypted. To unencrypt the file or folder and return it to
normal, simply deselect the check box.
Page 1106 of 1229
Tip
If a file needs to be decrypted and the original user (owner of the

key or certificate) is not available, an EFS recovery agent will need
to be used. In many cases, the default recovery agent is the builtin Administrator account.
If you select compression instead of encryption, the folder will be colourcoded blue. Encrypted items are green while compressed items are blue.
Remember that you cannot compress and encrypt a file or folder at the
same time.
13.10.3 Encrypting Offline Files

The Offline Files feature enables you to encrypt offline files. The steps to
enable offline file encryption functionality on different operating systems
include:
On Windows XP, open the Folder Options Control Panel applet, click
the Offline Files tab and click Encrypt Offline Files To Secure Data.
On Windows Vista, open the Offline Files Control Panel applet, click
the Encryption tab and click Encrypt.
On Windows 7, start the Sync Center from the Control Panel and click
Manage Offline Files. Click the Encryption tab and click Encrypt.
See Figure 13.31.
Figure 13.31 Enabling offline files encryption
13.10.4 Hard drive sanitation

Hard drives that store confidential data can be a security threat. When a
hard drive, CD and DVD or other media reaches the end of its life, it should
be destroyed, recycled, donated or thrown away properly.
Page 1107 of 1229
The primary goal of hard drive sanitation is to ensure that the hard drive
is fully erased and that any residue or left-over data that could be valuable
to someone else is permanently erased. In some cases, you can use
software tools to sanitise or clean a hard drive. Software tools can
overwrite the drive to remove all remnants of the data (a process called
remnant removal). Otherwise, hardware tools can be used to physically
destroy the drive, or encryption can be used to make the data unreadable.
13.10.4.1 Deleting files
Any file you delete in Windows is moved to the Recycle Bin temporarily so
that it can be restored if needed. However, even when a file is deleted from
the Recycle Bin or the Recycle Bin is emptied, the file is not fully erased
from the disk. That is because the file system uses a table to identify the
location of the file and when the file is deleted, only its entry in the table is
deleted. You can find many undelete tools that will locate deleted files and
add them back to the file system table. If you have data that you do not
want anyone else to access, you need to do more than just delete it. That
is, there are tools available that will completely remove files.
13.10.4.2 Low level vs. standard formatting
Manufacturers perform a low-level format at the factory to define the
positions of the tracks and sectors on the disks platters. Low-level
formatting involves writing zeros onto the disk and can be used to erase
the disk. A zero-fill program sanitises the disk by filling every sector with
zeros. There are zero-fill or low-level format programs available from hard
drive vendors that you can use to fully erase all data on the drive, resetting
it to its factory condition.
Figure 13.32 shows the Western Digital Data Lifeguard Diagnostic Utility,
which enables you to fully erase the disk.
Figure 13.32 Using vendors utility to fully erase a hard disk
Page 1108 of 1229
After a low-level format is done at the factory, users can perform a

standard or high-level format to prepare the disk with a file system for
storage. A standard format is not an effective method of sanitising a drive.
Just as there are undelete tools that can undelete files, there are also
unformat tools that can unformat standard-formatted drives.
13.10.4.3 Overwrite and drive wipe tools
When data is written to a magnetic hard drive, it is written as magnetised
fields. When a file is deleted and overwritten, sometimes the magnetism of
the original data or data remnants remains. This enables specialised
forensics tools to locate and recover that data.
You can get software tools that will overwrite deleted files to remove all
data remnants. Some of these tools write a pattern of 1s and 0s (such as
1001 1100) in the first pass, then write a complement of that pattern (
such as 0110 0011) in a second pass, and finally write random bits in the
last pass.
Note
Deleting a file does not truly erase it. Overwriting a file multiple
times with different bit patterns is a secure method of deleting a
file.
Figure 13.33 Active KillDisk data wiping tool
13.10.4.4 Physical or magnetic destruction

Although the software methods sanitising media can be effective, they are
susceptible to problems or errors.
Page 1109 of 1229
For example, a software bug might prevent data from being completely
deleted or the user running the program might make a mistake. To avoid
these risks, companies often choose to physically or magnetically destroy
the media using one of the following effective methods:
Shredder this is commonly used to destroy paper and special

shredders or machinery can also be used to destroy media such as
optical discs and magnetic disks.
Degaussing tool applies a strong magnetic field to scramble the data
on the drive. Degaussing is an effective method of sanitizing damaged
magnetic hard drives and tapes, but do not use it on a drive that you
want to use again because it both erases data but also destroys the
drive. Also degaussing has no effect on non-magnetic media, such as
CDs and DVDs. There are two types of degaussing tools:
o Permanent magnet creates a strong magnetic field.
o Electromagnetic sends electricity through a coil to generate a
strong magnetic field.
Drilling, grinding and hammering Drilling several holes through
the platters or grinding can make the disk unusable but is not
appropriate as it will leave fragments that could be analysed using
special tools. Remember that hard drives pack more data into smaller
spaces.
13.10.4.5 Drive encryption

You can also encrypt the entire drive so that any remnants cannot be read
without right encryption key.
13.10.5 Securing physical documents

Printed documents can often include confidential information and should
never be left unsecured or out in the open. Many companies implement a
clean desk policy that instructs users not to leave any confidential files
and documents on their desks for someone else to see or steal when they
leave their desks unattended. If users are not going to be at their desks for
an extended period of time, such as the end of the day, they must make
sure that confidential files and documents and other physical resources are
stored securely.
Users often throw away papers that have valuable information, and a
criminal can just look through the rubbish to get to that data (dumpster
diving). A simple way of preventing this is by shredding documents instead
of throwing them away.
Passwords should not be written down and definitely not be left on a desk
or taped to a monitor where they can be seen. If they are written down,
they should be stored somewhere safe. A password policy should instruct
users on best practice when choosing and maintaining passwords and the
procedure for lost passwords, including resetting them.
Page 1110 of 1229
Password managers are also available that can be used to store passwords
for multiple accounts.
Anything that shows on the computer screen can be protected using a
privacy filter. Also, users should lock their computers whenever they leave
their workstation.
13.11 User education

Effective user training is an important part of security and might be done
formally in workshops, one-on-one gatherings or via online training
sessions, books and newsletters and informally by an educated technician
sharing his or her knowledge with users, technical staff and management.
To share your knowledge, you first need to ensure that you have it.
Security-conscious technicians understand the following:
Different authentication and encryption methods.

The importance of strong passwords and password management.
The importance of least privilege and how groups are often used in its
implementation.
The importance of recognizing malware and other security threats and
how to report them and the actions to take to prevent them.
The various methods used by attackers, including social engineering
attacks.
The importance of running up-to-date A-V software on up-to-date
systems.
The importance of sanitising a hard disk to fully erase confidential data.
Page 1111 of 1229
Unit 14 Mobile Devices

Describe the features of smartphones and tablets running

iOS, Android and Windows.
Configure Wi-Fi, cellular, IR and Bluetooth data access as
well as email settings on a mobile device.
Identify options for securing mobile devices against misuse
and theft.

(G185eng) Module 5 Unit 5 (p. 394-411)
Study
Notes

o Mobile Devices (p.411)
Study
Notes
Skills
14.1 Mobile device hardware

A mobile device is a hand-held computer that has a display, circuitry and
battery. Modern mobile devices fall into two major categories or classes,
smartphones and tablets. These have features and capabilities that overlap,
but the difference is in how they are used and their size.
A smartphone is a mini handheld computer with phone capabilities. You can
use a smartphone to make phone calls, surf the Web, send and receive email,
take pictures with built-in digital cameras and play music and movies among
other tasks. Smartphones often include other personal digital assistant
(PDA) features, such as contact lists, calendar and appointment lists and
note-taking capabilities. Examples of smartphone series or generations include
Apple iPhone, Samsung Galaxy S and Nokia Lumia.
A tablet can be thought of as a mini portable computer that tends to be bigger
than a smartphone with a bigger screen but smaller than a laptop. Tablets are
designed to provide a better multimedia experience than smartphones and
allow you to perform most tasks that you would use a laptop for. Examples of
tablet series include Apple iPad, Samsung Galaxy Tab and Core Advance,
Microsoft Surface Pro, Google Nexus, Sony Xperia, Asus Transformer and
Lenova Yoga.
Figure 14.1 shows a comparison of a smartphone (left) and tablet (right).
Page 1112 of 1229
Figure 14.1 Smartphone and Tablet

A phablet is a hybrid class of mobile device designed to be both a smartphone
and tablet. Because its size tends to be larger than a smartphone but smaller
than a tablet, it makes it an ideal device to carry around and use as a phone.
Examples include HTC One Max, LG G Flex and Samsung Galaxy Note.
14.1.1 Mobile device components

A mobile device has the same basic components as a computer and laptop,
doing the same basic tasks, but they are manufactured differently to support
the devices smaller size and its need to manage power to increase its battery
life. Mobile devices have the following components:
CPU mobile devices use a system on a chip (SoC), which is a chipset that
might feature one or more or all of these features: processor cores, GPU
cores, Northbridge, Southbridge, system memory and possibly radios for
4G, Bluetooth and Wi-Fi, packaged into one unit. Most companies design
their SoCs around the ARM (Advanced RISC Machine) instruction set and
core architecture or an improvement of that architecture, although there
are other architectures. ARM is a RISC (reduced instruction set computer or
computing) CPU architecture. It uses fewer transistors than the typical
computers CPU, which means that it processes larger operations in smaller
simple chunks and has a more efficient multi-core design that allows the
processor to save power by stopping the cores until it receives instructions
to do something.
Although two SoCs from different companies can both appear to use the
same CPU, the difference lies in the chipset and the components they use.
Both 32-bit and 64-bit architectures are in use and modern mobile CPU
frequency is measured in GHz.
Figure 14.2 shows a SoC diagram for a mobile device.
Page 1113 of 1229
Figure 14.2 Mobile Device SoC diagram
System memory mobile devices use some low power variant of DDR
SDRAM, which is measured in GB.
Storage mobile devices use solid-state (flash memory) drives for GB

storage, which provides excellent speed when booting or rebooting the
device and running applications. Solid-state drives are lighter, use less
power, and as a result, have a rechargeable battery that is smaller, with
the overall weight of the device being less than that of a typical laptop.
They also have ports for removable storage and support cloud storage for
backups and syncing of data across devices.
Display mobile devices use a variety of display types. Most tablets use
some type of LCD panel, with the less expensive ones using twisted
nematic (TN) panel and the better ones using an In-Plane Switching (IPS)
panel or Plane-to-Line Switching (PLS) for richer colours and better viewing
angles. Smartphones use OLED screens.
Note
Mobile device screen sizes vary and are commonly quoted as the
diagonal size in inches. This is the length of the screen from the upper
corner to the opposite lower corner and includes only the viewable
area. Smartphone screen sizes range from 3 inches to over 5 inches,
while some smartphones have larger screens. Tablet screen sizes tend
to range from 7 inches to 10 inches.
Page 1114 of 1229
Touch interface most modern mobile devices have capacitive

touchscreens that you can operate without using a mouse and keyboard.
You simply interact with the device using your fingers or other gestures.
Remember that capacitive touchscreens use electrical current in your body
to determine the movement of your fingers across the screen and measure
the difference between the charge in your body and the charge on the
screen. This is different to resistive touchscreens, which older mobile
devices used. These older touchscreens responded to pressure applied to
the screen. Although you could use your fingers, a stylus worked best.
Cameras most mobile devices have front and/or back-facing cameras,

measured in MP resolutions.
Buttons and switches mobile devices have various buttons and switches
to operate the device, such as to switch it on and off and to control the
volume.
Peripherals every mobile device enables you to attach some kind of

peripheral or external storage device. But every device offers different
expansion capabilities, so it is hard to generalise about them.
Apple devices such as iPad and iPhone do not have much expansion
capability when compared to other mobile devices. They have a dock
connector that you can use to charge the battery and connect to various
peripheral devices. A dock connector-to-USB cable can be used to connect
the device to a USB bus such as a computer. All current devices enable you
to mirror the screen to a multimedia device such as a projector.
Android devices come with a variety of connection and expansion
capabilities, including microSD slots for adding tiny flash memory storage
cards and usually a micro-USB (or even full-sized USB port) for charging
the battery and connectivity to other devices such as computers and
speakers.
If you do not want to use the touchscreen keyboard, there are options for
connecting an external keyboard. The same applies to headphones,
speakers and monitors. Two common options are Bluetooth and Wi-Fi,
while some tablets include a micro-HDMI port.
14.1.2 Sensors
Mobile devices can tell which way the device is being held and change the
screen accordingly. Both accelerometers and gyroscopes sensors can be used
to determine the movement and orientation of the device:
Page 1115 of 1229
It is the accelerometer that detects the acceleration (speed and direction) of

the device when you move it and its rotation, and automatically adjusts the
screen from portrait to landscape or vice versa, according to the position you
are holding it in. It does this using the X-axis (left to right), the Y-axis (up and
down) and the Z-axis (back to front). The devices camera, for instance, relies
on the accelerometer to tell it whether you are taking a picture in portrait or
landscape view.
The gyroscope measures orientation and complements the movement
detected by the accelerometer to maintain a high level of accuracy when
detecting the devices orientation. The gyroscope with the accelerometer
allows the device to sense motion on different axes (left, right, up, down,
forward, backward and roll, pitch and yaw). Consider using the device to play a
game that involves flying a plane as an example. Tilting the device forward
would have the effect of pushing the planes nose down, and tilting it
backwards effectively eases the planes nose up.
Consider another app called Star Walk as another example. See Figure 14.3.
This app shows information about satellites, planets, stars and constellations in
space when you hold the device up with its back pointing towards the sky.
When you move the device in any direction, the display automatically changes
to show the names of everything in space in the direction.
Figure 14.3 Star walk app
14.1.3 Screen calibration

For a touch-screen to properly interpret your touch and react accordingly, it
must be calibrated correctly. If it is un-calibrated, you will find that touching
directly on an item onscreen causes nothing to happen, but touching
somewhere close to that item selects it, or that a movement that normally
results in an expected reaction causes an unexpected reaction. This is not
common with many current devices that use capacitive touchscreens but has
been an issue with devices using resistive touchscreens in the past.
Page 1116 of 1229
Many devices have a built-in calibration app that generally asks you to touch
the screen in various ways, which results in the app re-learning how to react to
your touch. You can also download apps for this. Many Android devices have a
screen calibration app called G-Sensor Calibration, as shown in Figure 14.4. To
use the app, lay the device down on a flat surface and run it. You can tell if the
surface is level by the horizontal and vertical levelling bubbles on the display.
Then press the Calibrate button to reset the G-sensor. Follow the directions for
the device to start and use the calibration app.
Figure 14.4 G-sensor calibration
14.1.4 Using mobile devices

Mobile devices use two primary technologies, multi-touch and touch flow, that
provide you with the ability to use specific gestures to control the touchscreen.
Multi-touch senses when you touch the screens surface at two or more
places at the same time, so that you can, for example, enlarge pictures with
two fingers and then reduce them again with the reverse movement. Touch
flow, or TouchFLO, recognises your finger moving across the screen, such as
when dragging an item up and down or left or right.
Some common gestures include:
Tap quickly touch and release one finger to select an item or run an app.
Double Tap use two quick taps to perform an action. It will often allow
you to zoom in or zoom out on an item or run an app.
Flick flick the screen to scroll up or down or to pan from side to side. To
do this, place your finger on the screen and quickly swipe it in the desired
direction. This is sometimes called fling.
Press and Hold press and hold without removing your finger to perform
an action. Different items react differently to press and hold. This is
sometimes called press or long press, or touch and hold.
Page 1117 of 1229
Drag use this to move some items. Select the item with your finger and
then drag your finger across the screen to move it. This is sometimes called
pan, swipe, scroll or slide.
Pinch this is commonly done by touching the screen with two fingers at
the same time and dragging them closer together, as if you were pinching
the screen. It will often zoom in closer. Pinch is sometimes called pinch
close.
Spread this is similar to pinch but is done by spreading two fingers apart.
It will often zoom out. Spread is sometimes called pinch open or stretch.
14.1.5 Upgrading and servicing options

When comparing a tablet to a laptop, one of the biggest differences is that,
with some exceptions, there are no field-serviceable or field-replaceable units
(FRUs) in tablets as there are in laptops. You can easily replace their batteries
and buy battery packs, but for the most part, upgrades are not possible
without replacing the device. Some mobile devices, such as smartphones, can
have upgraded memory cards and batteries, but these are usually not
serviceable in the field.
If a repair, upgrade or replacement is necessary, most companies use the
warranty and send the product back to the manufacturer for repair, instead of
trying to do the work in-house. Hence, if something breaks, contact the
manufacturer.
Table 14.1 summarises some of the differences between tablets and laptops
that are important to know.
Table 14.1 Differences between tablets and laptops
Repair
Hard drive
Tablet
Rarely
upgradeable
No FRUs
SSD drives
Interface
Touch interface
Upgrade
Laptop
Memory
and
hard
drives
easily
upgradeable
Components can be replaced
Mostly SATA, although some have SSD
drives
Most have a built-in keyboard and
touchpad, while some hybrids are touchbased
All this hardware is designed to run mobile operating systems.
14.2 Mobile operating systems and applications

A mobile OS operates a mobile device. Modern mobile operating systems
combine the features of a computer OS with other features, such as a
touchscreen, GPS navigation, camera, speech and voice recognition, near field
communication (NFC) and mobile networking communication such as Wi-Fi and
cellular.
Page 1118 of 1229
The OS for the mobile device is installed at the factory. The primary mobile
operating systems are:
Apples iOS runs on all Apple devices. Visit www.apple.com.

Googles Android runs on non-Apple devices. Visit www.android.com.
There are other mobile operating systems in use, such as Microsoft Windows
Phone, Windows 8/8.1, Blackberry, Firefox OS, Ubuntu Phone (see Figure
14.5) and Tizen.
Figure 14.5 Ubuntu Phone

Note
There are tablets that can run both Android and Windows together at
the same time, enabling you to switch between the two operating
systems without restarting the device. Data can even be synchronised
between the two.
Google, Apple and Microsoft offer a one-stop online store for almost everything
their customers want for their mobile computing and communication needs,
but the way they offer their products is slightly different. Although they all
provide a website where users can download apps for their respective
operating systems, Apple and Microsoft keep their apps under tighter control
while Google prefers to let developers determine what apps are available to
customers. While Apple manufactures its own devices along with its partners,
Google and Microsoft let a wide variety of device manufacturers produce the
hardware on which their OS runs.
14.2.1 Source code classification

In the early days of personal computing, software was either free or for sale.
Nothing has changed since then, except the terms open source and closed
source are used today. The term source in these categories refers to the
programming code or source code used to create software.
Page 1119 of 1229
It is important to understand the difference between open source and closed

source:
Open source this is source code that is freely available to anyone to

modify, improve, and at times, freely distribute it. Open source software is
typically developed as a community effort by many contributors. Android is
open source software that is based on the Linux OS and uses the Linux
kernel.
Closed source also known as proprietary or vendor-specific software,

this source code is not freely available to the public and cannot be modified
without express permission and licensing. Instead, the code is protected
and controlled by the company that developed it, and it is often seen and
protected as a trade secret or intellectual property. Both Apple iOS and
Microsoft Windows are closed source operating systems, but their licenses
are different.
14.2.2 Open source: Android

Android runs mostly on smartphones and tablets. It is an open source OS and
Google releases the free and open source code for it under the Apache Licence.
This allows developers to modify the code and freely create apps for it. This
also means that hardware vendors can run Android as their base OS and
customise the OS to suit their devices. So, for example, the vendor Samsung
can run a customised version of the Android OS on its devices that is
somewhat different from the version that the vendor ASUS has customised to
run on its devices. Some companies prefer to use Android for this very reason.
Google leads the Open Handset Alliance (OHA), which is a group of
companies that work together to develop open standards for mobile devices
and the Android OS. Google also commissioned the Android Open-Source
Project (AOSP) to maintain and develop improvements for Android. There is
no obligation to pay Google, the OHA, or AOSP for Android. However, it is
important to note that Android devices do come with proprietary software that
cannot be modified.
The Android OS is always under on-going development and is released in
versions, with each new version improving on the previous version, and each
one having minimum hardware requirements. Google releases major updates
of each version every few months or so and each one has a name, such as Ice
Cream Sandwich (version 4.0.x), Jelly Bean (version 4.1.x, 4.2.x. and 4.3.x)
and KitKat (version 4.4). Figure 14.6 shows a smartphone using Android
version 4.4 (KitKat). The figure also shows the devices homescreen, which is
the primary navigation and information point, much like a PCs desktop.
Page 1120 of 1229
Figure 14.6 Android home screen for KitKat

Note
You know when you are working with the Android OS and related
applications when you see the little robot, usually in green, present.
Android apps run in a sandbox, which is an isolated area on the system that
does not have access to the rest of the systems resources, unless the user
explicitly grants access when the app is installed. This lessens the impact of
vulnerabilities and bugs in apps.
14.2.3 Closed source: iOS

Apple manufactures the iPhone smartphone and iPad tablet, and only Apple
hardware can run its closed source iOS operating system. iOS is based on Mac
OS X (used on Mac computers and laptops), which itself is based on Unix. If
you want to use the Mac OS X OS, you have to buy an Apple Mac, and if you
want to use iOS, you have to buy an Apple mobile device. Apart from the
power and volume button, Apple devices have a Home key, which returns the
user to the Home Screen Desktop. iOS features a SpringBoard, which is the
app that manages the Home Screen, where icons and apps are managed and
launched
Like Android, iOS comes in various versions such as iOS 6 and iOS 7, with each
new version improving on the previous version. Apple provides major updates
to iOS once a year through the iTunes app or using an over the air software
update distribution method. Figure 14.7 shows the Home Screen for iOS 7.
Page 1121 of 1229
Figure 14.7 iOS 7 Home Screen

You can control the interface with your touches, with a stylus and with other
gestures. For example, shaking the device is often used to undo an action.
You can point to icons to open apps, swipe or flick from left-to-right to access
the keyboard and search or flick right-to-left to see more icons. iOS also
features a multitasking bar at the bottom where you can view open apps. This
can be opened by double clicking the Home key.
Note
Do not confuse Apples iOS with Ciscos Internetwork Operating

System (IOS). They are two completely different operating systems.
Cisco IOS runs on networking devices.
14.2.4 Closed source: Windows

The Windows Phone OS is used on smartphones and it features a Metro
interface with the home screen called the Start screen. The Start screen is
made up of live tiles, which are links to apps, features, functions and other
items such as web pages and contacts. Figure 14.8 shows the Start screen for
Windows Phone 8.
Page 1122 of 1229
Figure 14.8 Windows Phone 8 Start screen

Additionally, most Windows Vista/7 desktop versions can run on tablets, except
for the Starter editions. Similarly, Windows 8/8.1 can run on both tablets and
on computers/laptops. Microsoft licenses the Windows OS to hardware
developers for them to design their hardware around the OS and to include the
OS license as part of the price. Windows 8/8.1 is in a different category in that
it can run on desktop computers/laptops and on tablets, developed by
Microsoft, called Surface and Surface Pro.
Note
When comparing the different OS vendors, remember that Apple does

not license iOS to just any hardware vendor, Android is free for
everyone and Microsoft licenses the OS to hardware vendors.
14.2.5 Application sources and development

Applications or apps are what make mobile devices useful and fun and what
enable you to perform specific tasks. When you buy a mobile device, it comes
with a certain number of important apps pre-installed, apps for checking email,
surfing the Web, taking pictures and so on. Different apps have different
features. For example, an ebook (also spelled e-book, eBook or e-Book) reader
will display a book-like interface that might require swiping the screen to flip
through the books pages, a note-taking app in contrast might open a virtual
keyboard for typing, while a racing game will turn the mobile device into a
steering wheel, which relies on the accelerometer to provide accurate turning.
Figure 14.9 shows the CPU-Z app for an Android mobile device.
Page 1123 of 1229
Figure 14.9 CPU-Z app

App developers create an app for specific mobile platforms and sometimes for
specific devices. So an app written for an Android smartphone, for example,
will not work on an iOS smartphone unless the code for that app is rewritten
for iOS, but an App written for an iOS smartphone can usually run on an iOS
tablet, because both devices use iOS. However, this depends on whether the
app was written for a specific hardware device or for any Apple device.
Apps are almost exclusively available online. Users can connect to the online
store with the device, make the purchase (if the app is for sale), and the app is
immediately downloaded and installed. For Android, iOS and Windows, the
primary app sources are:
Apple App Store Apple devices include links directly to the Apple App
Store or apps can be downloaded at the iTunes App Store at
itunes.apple.com. Because Apps for Apple devices are primarily
downloaded through the App Store and are not easily available through
other sources, the apps are less likely to be malware.
Note
People have discovered that it is possible to modify iOS running on an

Apple device to allow the user greater control over the device through
Jailbreaking. Jailbreaking gives the user root privileges to the entire
OS and file system and all its commands and features.
Page 1124 of 1229
Google Play Most Android apps (both free and paid-for) can be
downloaded from Google Play, at play.google.com/store. Alternatively,
you can download and install the apps APK file from either a third-party
site, the developers site, from the vendors online stores (which customise
the apps to work with their devices), or through an open source market for
Android apps (this provides no guarantee that the app will work on all
Android devices). Figure 14.10 shows the Google Play Store accessed from
a web browser.
Figure 14.10 Google Play online store
Windows Store and Windows Phone Marketplace: Windows apps are

available through the Windows Store www.windowsstore.com/ and the
Windows Phone marketplace www.windowsphone.com/marketplace.
You can use links, apps and browsers from within mobile devices to connect to
the respective stores. Alternatively, if the device is connected to the
computers USB port, you can browse apps on the website while working on
the computer and download directly from the website to your mobile device,
passing through your computer. iOS Apps can also be downloaded from a Mac
or PC through an iTunes application.
14.3 Mobile networking

Mobile devices have the ability to connect wirelessly to a computer, remote
printer, and outside network using one or more network technologies. Many
mobile devices include cellular or Wi-Fi technology (or both) to connect to the
Internet, while infrared and Bluetooth are other connectivity methods
available.
Page 1125 of 1229
14.3.1 Wireless
If your mobile device supports Wi-Fi (which almost all mobile devices do), and
a wireless network is within range, you can configure your device to connect to
the wireless network and communicate with RF signals. Most mobile devices
have an embedded wireless antenna to connect to a wireless network. When
connected, you can access the same resources as other devices on the wireless
network, including using that network to access the Internet, download email
and so on.
The wireless configuration for a mobile device works similarly to the
configuration on a computer or laptop, with a wireless standard, SSID,
passphrase or passcode, and security type. The general steps are as follows:
1. In general, first enable Wi-Fi and then allow the mobile device to search for
wireless networks before connecting. See Figure 14.11.
Figure 14.11 Browsing available Wi-Fi networks

2. Then you need to access the devices Wi-Fi settings and let the device scan
for wireless networks automatically or add one manually.
3. If adding a network manually, you need to enter the SSID of the AP.
4. Select the same security used by the wireless network. If a wireless
network uses an encryption protocol, and the mobile device is not
compatible, you should search for an update to the OS to make it
compatible with that encryption protocol.
5. Then enter the passcode for the network. If the code is correct, then the
wireless adapter in the mobile device usually gets an IP address from DHCP
that allows it to communicate with the network.
Almost all types of devices display the universal wireless icon when connected
to a wireless network, as shown in Figure 14.12. This icon is typically found on
the status bar at the top of the screen and lets you know when you are
connected and how strong the signal is.
Page 1126 of 1229
Figure 14.12 Wireless icon

After connecting to a network successfully, all mobile devices like all other
wireless clients store network access information automatically, creating a
profile of that network based on the SSID. If the SSID changes later on, your
mobile device will fail to connect until the profile is re-configured or deleted
and you re-connect.
Some mobile devices can also perform Wi-Fi tethering. This means they
become a Wi-Fi hotpot, sharing their Internet connections with other Wi-Fi
capable devices. Some mobile devices also support USB tethering. This
means that when the device is connected to a computer via USB, the computer
(Windows or Mac) can share the mobile devices network and the mobile
device can in turn access the Internet using the computers Internet
connection (known as Internet pass-through).
14.3.1.1 Troubleshooting Wi-Fi
When troubleshooting wireless connections on a mobile device, always check
the following:
Device supports the wireless standard.

Device is within range.
The correct SSID is entered (if manually connecting).
The device supports the same encryption used by the wireless network.
Wi-Fi tethering or Internet pass-through is not conflicting with the wireless
connection.
If you still have trouble, you can try the following additional tasks:
Power cycle the mobile device and Wi-Fi.

Remove the particular wireless network by selecting Forget Network and
then attempt to connect to it again.
Access the advanced settings and check if there is a proxy configuration, if
a static IP is used, or if there is a Wi-Fi sleep policy turned on.
If all of these methods fail, a hard reset can bring the device back to factory
settings. Always back up all data and settings before performing a hard reset.
And if the mobile device still cannot connect to any of several known good
wireless networks, take the device into an authorised service centre.
14.3.2 Cellular
Many mobile devices can connect to a cellular network. Most of the world uses
technologies based on GSM while some parts of the world use CDMA.
Page 1127 of 1229
There are many cellular communication standards, which can be categorised as

applying to the first analogue-only (1G), digital second (2G), third (3G), or
fourth (4G) generation of wireless telecommunications. The industry is
currently at 3G and 4G. Newer generations offer improvements over previous
generation, improvements such as in speed and support for carrying more
types of streaming traffic. To be characterised as a G technology, a standard
must conform to the specifications published by the International
Telecommunications Union (ITU). As a reminder, the generations are shown in
Table 14.2:
Table 14.2 Comparing 2G to 4G generations
Note
OFDM in Table 14.2 stands for orthogonal frequency division

multiplexing, an extremely efficient multiplexing scheme that allows
for multiple signals to be sent over the media at a time. Additionally,
data rates are given as peak or maximum rates and the end user will
typically experience much lower data rates.
4G networks are available in restricted geographical locations, provide ultrabroadband Internet access to mobile devices, and are designed to carry IPbased voice, data and multimedia HD streaming traffic at fast speeds. The ITU
has taken ownership of 4G, adding it into a specification known as IMTAdvanced. This specification calls for 4G technologies to deliver download
speeds of 1 Gbps when not moving and 100 Mbps when moving. Even though
LTE and WiMAX are marketed and labelled as 4G, that is only partially true
because although they use the extremely efficient OFDM multiplexing scheme,
they fall well short of the actual speed requirement. WiMAX in reality tops at
around 40 Mbps and LTE ranges between 4 Mbps and 30 Mbps (download
speeds).
Page 1128 of 1229
LTE-A (Advanced) or WiMAX Release 2 (WiMAX 2) are newer 4G standards

which will offer true 4G Gbps speeds of up to 1 Gbps. LTE-A is a packet-based
radio service with voice services. WiMAX 2 is an IEEE 802.16m standard that
can be thought of as Wi-Fi with metropolitan range.
If your mobile device includes cellular access, a subscription or contract is
required to use these cellular data services and a Micro-SIM, Mini-SIM or
Nano-SIM card for the device. Once you have a contract, the cellular provider
will give you Internet access anywhere that you have cellular access. Plans
often limit how much data you can download in a month (a bandwidth cap),
with 2 GB, 3 GB, 5 GB and 10 GB limits common. If you go over the limit, you
are charged more.
You can typically identify the data link in use by looking at the 2G, 3G, or 4G
indicator on the status bar at the top of the screen. See Figure 14.13.
Figure 14.13 4G data link indicator
14.3.3 Bluetooth
Bluetooth is a type of wireless protocol supported by many mobile devices for
sharing data over short distances. Bluetooth devices include mouses,
keyboards, speakers, monitors, headphones and printers, to name a few. Most
mobile devices have Bluetooth discovery disabled by default to conserve
battery life.
Pairing or linking a Bluetooth device with a mobile device is simple. You turn
on Bluetooth on the mobile device (if disabled) and power on the Bluetooth
device. Return to the mobile device to select to pair with the Bluetooth device
and then enter the appropriate PIN code, as shown in Figure 14.14. Not all
Bluetooth pairings require a PIN code, but there is always some kind of pairing
action to do on both devices to pair them. Keyboards and mouses normally
have a small switch to enable discovery mode. Always test the connectivity
between a mobile device and a newly added Bluetooth accessory. If you have
added a keyboard, for example, open up a note-taking app and start typing to
make sure it works.
Page 1129 of 1229
Figure 14.14 Prompting for Bluetooth PIN

If you need to manage Bluetooth in Windows, use the applet in Control Panel
and the icon in the notification area to do so.
14.3.3.1 Troubleshooting Bluetooth
If you have trouble pairing a Bluetooth device, and connecting or reconnecting
to Bluetooth devices or PANs, try some of the following methods:
Make sure the mobile device supports Bluetooth.

Verify that your devices are fully charged.
Make sure the devices have been made discoverable.
Check if you are within range for the class of Bluetooth.
Check for conflicting Wi-Fi frequencies. Consider changing the channel used
by the Wi-Fi network.
Check that the computer is configured to allow connections and that the
Bluetooth radio is turned on and the Bluetooth Support Service is running.
To configure Bluetooth settings, click on the Bluetooth icon
in the
notification area and select Open Settings.
Try using a known good Bluetooth device with the mobile device to make
sure that the mobile devices Bluetooth is functional.
Remove or forget the particular Bluetooth device; then turn off Bluetooth
in general, restart the mobile device, and attempt to reconnect.
14.3.4 Infrared
Infrared (IR) is a line-of-sight wireless technology that involves IR devices,
such as mobile devices and computers, connecting and transferring data using
LEDs. You need to go into the device settings to enable IR. Make sure that
nothing is blocking the IR line of sight signal between the IR devices.
Page 1130 of 1229
14.3.5 NFC
Near field communication (NFC) is a set of standards for very short-range
wireless radio communication for mobile devices that have an NFC chip. NFC is
built upon RFID and allows devices to communicate simply by touching them
together or bringing them very close to each other, usually no more than a few
centimetres apart. Current and anticipated applications include contactless
transactions, data exchange and simplified setup of communications like Wi-Fi.
Figure 14.15 NFC applications

There are payment wallets, such as Google Wallet, that work on NFC
technology. NFC might also be used for advertising. For example, if you see a
poster for something that you like, you can hold up your smartphone to the
NFC chip built into the poster and receive more information about the posters
advert.
14.3.6 Email configuration

Mobile devices have browsers and apps that provide you with the ability to
send, receive and manage your email while on the go. As long as you have a
connection to the Internet via a wireless or cellular network, you should be
able to access your email. Connecting to email services is simple and works in
a similar way to email client applications on computers and laptops.
Page 1131 of 1229
Figure 14.16 Add email account
14.3.6.1 Email configuration settings

The following section explores what you will need to set up email, in general:
Server address ISPs and other organisations manage mail servers for their
customers. Similarly, many companies manage mail servers internally for their
employees. To use these servers, you need to have an account on the server
and know the full server name. You will need the following information to
complete the set up:
The FQDN of the POP server or IMAP server and port setting. This server
receives your emails and sends them to you, so it is sometimes called
incoming. The well-known port numbers for incoming emails are:
POP3 port 110

IMAP port 143
The FQDN of the SMTP server and port setting. This server sends your
emails to the recipients mail server, so it is sometimes called outgoing.
Companies will often use the same server name as the POP3 server. However,
SOHO users might have to use their ISPs SMTP server. The port number for
SMTP is 25 or 587 (for authenticated SMTP).
The security type used (if any). This will encrypt all traffic between the
mobile device and the mail server. Many mail servers require secure
connections, and they use SSL or TLS to create secure connections, so you will
need to know which of these is in use. If you are prompted to enter the SSL
port number or the secure port number, use the following:
SMTPS (SMTP over SSL\TLS) port 465 or 587

POP3S (POP3 over SSL\TLS) port 995
IMAPS (IMAP over SSL\TLS) port 993
Page 1132 of 1229
As an example, Figure 14.17 shows the settings pages to add a new IMAP
email account on an iPad.
Figure 14.17 Configuring an email account on an iPad

As an example, the steps to configure an IMAP account would be:
1. Add Mail Account.
2. Select Email Provider or type of account you have (e.g. Exchange, Gmail,
Yahoo, AOL, or Other)
3. Move on to New Account screen and enter the appropriate information
Name: Name as it will appear in the From: field on outgoing emails

Address: Full email address
Password: Email address password
Description: Optional description of email account that will be visible
only to you
4. Move on to the Incoming Mail Server section, select IMAP or POP and enter
the appropriate information:
Host Name: Full server name or FQDN of the IMAP or POP server
Username: Full email address
Page 1133 of 1229
5. Move on to the Outgoing Mail Server section and enter the appropriate
information:
Host Name: Full server name or FQDN of the SMTP server

Username: Full email address
6. Save and switch on SSL by selecting the account, selecting SMTP and in the
Incoming Settings section, enter the appropriate information:
Use SSL: ON
Authentication: Password
Delete from server: Never
Server Port: 993
7. Save and exit. Test email account.

14.3.6.2 Webmail
Mobile devices can access webmail through a mobile web browser or app. For
example, Android devices come with a Gmail app built in, allowing a user to
access Gmail directly without having to use the browser. Apple iOS devices
allow connectivity to Gmail, Yahoo and a number of other mail providers as
well.
All you really have to do to set it up is choose the type of provider you use,
enter a username (the email address) and password (on Apple devices an
Apple ID is also required), and you will then have access to webmail. If you
want to connect to a Gmail account, you can usually simply enter the email
address and password to connect. Most email apps have the name of the Gmail
server, but if you are asked to add it, use the details in Table 14.3 if using
gmail.com.
Table 14.3 Secure mail servers for the gmail.com webmail service
Service
Gmail
Direction and Protocol

Outbound on SMTP with SSL or TLS
Inbound on IMAP with SSL
Inbound on POP with SSL
Server Name
smtp.gmail.com
imap.gmail.com
pop.gmail.com
14.3.6.3 Exchange
Microsoft Exchange is a server application that many companies use to
manage email and mailboxes. If your company is using Microsoft Exchange
and it has been configured so that it is accessible via the Internet, you will
need the following information to connect:
Email address of your account

User name and password of the account
Name of the Microsoft Exchange server
Page 1134 of 1229
If you connect to a Microsoft Exchange mail server, that server name often
takes care of both downloading and uploading of email. You might need to
know the domain that the Exchange server is a member of. Secure email
sessions require the use of SSL or TLS, typically on port 443.
14.3.6.4 Troubleshooting email connections
You can try some of the following methods when troubleshooting email
problems:
Make sure the mobile device is connected to the Internet and there is
adequate reception.
Verify that the username, password and server names are typed in
correctly. Remember that the username is often the email address itself.
Check the port numbers.
Double-check whether SSL or TLS security is required. For non-standard
port numbers and security configurations, check with your network
administrator or the network provider. You can also search online for this
information, if made available.
14.4 Data synchronisation

Synchronisation (or in short sync) refers to storing the same data in two
separate places. For example, if you add videos to a tablet, you can
synchronise it with a computer so that the same videos are on the computer.
Since many users are not tied to any specific location or device, the challenge
is to keep everything synced so that the user can access the same data from
each platform he or she is using (PC, tablet, smartphone, etc).
Synchronising is also a form of backup. If you lose data or lose the mobile
device that stores the data, you still have a copy of the data stored somewhere
else. You can restore the data onto the original device or another device from
the synchronised data.
14.4.1 Sync connection methods

The most common connection method is to use a USB cable from the device to
the computer. Aside from charging an Android device by connecting it to an AC
outlet, a computers USB port can also charge it. The best way to charge an
Apple device is by plugging its AC adapter into the AC outlet, although it can
be charged, slowly, via a computers high powered USB port when in sleep
mode.
After you connect the mobile device, you can initiate the synchronization
process with the appropriate application. Instead of connecting using a USB
cable, you might be able to connect using one of the following methods:
Page 1135 of 1229
Wireless or cellular synchronising through the Internet to the cloud.

You will first need to connect to the Internet and then you can synchronise.
You can also set up many devices to automatically synchronise with Wi-Fi at
different times without any interaction.
Bluetooth You need to ensure that the devices are paired before the
synchronization will work.
IR Some devices can use IR to connect to a PC and synchronise.
14.4.2 Sync apps

Mobile devices commonly have specific sync apps and you can download free
ones from the manufacturers website. You need administrative rights to install
the app on most systems; otherwise, the installation will fail.
Apple devices sync through the Apple iTunes application installed on a Mac or
PC, a free program that you download from Apple. Apple iTunes will run on just
about any Mac OS X machine and Windows. However, there are requirements
for installing the iTunes app on a PC. iTunes is available as a free download
from the Apple website.
For Windows devices, you can use the Windows Mobile Device Center
(previously called ActiveSync).
Android devices do not have a central app like Apple does. Rather, they sync
some data over the Internet primarily through Googles Gmail email and
calendar/contact manager services. Contacts, calendars and email (through
Gmail) are all that sync by default. For every other type of data, you treat the
Android device like a flash drive by dragging and dropping files into the
appropriate folder on the device.
Figure 14.18 Data and synchronisation on Android

Note
As a security measure, you are often required to authorise a

computer with a mobile device by entering a username and password
associated only with you. This helps prevent someone from accessing
your data through a synchronization program on their computer.
Page 1136 of 1229
14.4.3 Sync In, Sync Out

One of the major differences between Apple and Android devices is in the
direction of syncing or copying data. With Apple, you can sync files to the
Apple device, but you cannot then take that Apple device after syncing and
connect it to another computer and copy those files, especially media files,
from it to another computer.
Android devices, in contrast, happily share like a flash drive. You can drag and
drop from an Android device to any computer.
14.5 Mobile Security

As computing devices, mobile devices are susceptible to damage, loss, theft
and malware and you therefore need to take active steps to back up data and
secure the device properly. Fortunately, mobile devices have tools to help
protect them and the data stored on them. These tools are available on many
smartphones and tablets.
Note
Criminals have many tools to beat or override many security

settings. None of the security methods described in this section are
completely reliable, but by using a variety of tools, you can increase
the security.
14.5.1 Physical damage

For physical damage, the first step you must take is to get a protective cover
or sleeve for the mobile device. You can get covers that help protect your
screen from scratches, impacts and small amounts of water. You can even get
waterproof cases, but as a best practice, do not place mobile devices near
liquids. In addition, do not place heavy objects on the device.
14.5.2 Screen locks

A passcode lock is like a password-protected screen saver in that it locks the
device when it is not in use for a period of time and will only unlock to allow
you to start using the device when the correct passcode (or sequence of
characters) is entered. This is one of several screen locks. Locking the device
makes it inaccessible to everyone except experienced hackers.
The screen lock can be a pattern that is drawn on the display (motion lock), a
PIN (passcode) or a password. A strong password will usually be the strongest
form of screen lock. Of course, when you set a weak passcode on the device or
attach a sticky note with the passcode to the device, it defeats the purpose.
You can also select how long the device will wait after inactivity to lock
(timeout). Generally this is set to a few minutes, but in a confidential
environment you might set this to Immediate.
Page 1137 of 1229
Also, it is best to set passwords with asterisks (*) so that they arent visible to
other people (shoulder surfers) looking over your shoulder to find out your
password. Finally, some devices allow you to encrypt the contents of the hard
drive.
14.5.3 Failed logon attempt restrictions

In addition to using a screen lock, many devices include failed logon
restrictions. If a person fails to enter the correct passcode after a certain
number of attempts, the device locks temporarily and the person has to wait a
certain amount of time before trying again. If the person fails to enter the
correct passcode too many times, the timeout increases on most devices. After
a certain number of attempts, the device either needs to be connected to the
computer it was last synced to or has to be restored to factory condition with a
hard reset (which can wipe the data).
Figure 14.19 shows the Passcode Lock screen on an iPad. The Erase Data
option can be turned on so that all data on the iPad is erased when the user
enters the wrong passcode too many times.
Figure 14.19 Enabling the Passcode Lock and Erase Data as a failed
logon restriction
Some devices have a setting where the device will be erased after a certain
number of incorrect password attempts. There are also third-party apps
available for most mobile devices that can wipe the data after a certain
number of attempts. Some apps configure the device to automatically take a
picture after a set number of failed attempts and email that picture to the
owner of the device.
Page 1138 of 1229
14.5.4 Remote wipe

If you lose a device or it is stolen, you can use a feature called remote wipe
to send an instruction signal to that device to wipe it clean or erase all data.
While it will not get the device back to you, it will ensure that any sensitive
data on the device cannot be used by someone else.
Figure 14.20 Remote Wipe message

Note
Remote Wipe must be enabled before the device is lost or stolen. If it

is lost, you can then send the remote wipe signal to the device. Many
mobile devices send a confirmation email when the remote wipe
signal has been received and has erased the data on the device.
Many messaging systems, such as Exchange Server, have a Remote Wipe

feature, which allows email, calendar and contact information to be deleted
from mobile devices.
14.5.5 Locator applications

Many apps are available to identify the location of a lost or stolen device. They
use the devices GPS and can pinpoint its location. These are useful if the
device is lost or stolen.
There are apps, such as the one shown in Figure 14.21, that have the following
features:
Play Sound if you cannot find the device and you know it is hidden
somewhere nearby, such as in your room, you can use this feature to send
a signal to the device to play a sound so that you can find it to switch the
sound off.
Send Message if you lose your device and someone else finds it, you can
use this feature to send a message to the device with your contact
information to let the person that finds your device know that you have lost
it and you would like it returned to you.
Remote Lock this is similar to the passcode lock except that you can send
the signal remotely. After it is set, no one else will be able to access the
device unless they know the passcode.
Page 1139 of 1229
Remote Wipe this feature sends the remote wipe signal to remove all
data from the device.
Email When Found this feature will send an email to you that verifies any
signal you send to the device was received by that device.
Figure 14.21 Using iCloud and locator app to find an iPad and
available options
14.5.6 Remote backup applications

You should also have a backup plan in place as well so that data on the mobile
device is backed up to a secure location regularly, just in case the device is
lost, stolen or damaged.
There are different ways of doing backups, including:
Backing up to a computer via a USB connection.

Backing up to external storage.
Remote backup to a cloud provider over the Internet, provided that the
Internet bandwidth is sufficient to store gigabytes of data. This option can
both allow the cloud provider to keep a secure copy of your data, and
allows files to be shared and synchronised between multiple devices. Some
popular providers include Apples iCloud, Dropbox, Google Drive and
Microsofts SkyDrive. Some devices have apps built-in, as shown in Figure
14.22, while you can also download third-party apps.
Page 1140 of 1229
Figure 14.22 Backup option on Android smartphone
14.5.7 Anti-virus software

Malware affects mobile devices just like with laptops and computers. One of
the safest steps you can take to protect mobile devices against malware
infections is to buy apps from the official stores only. Major anti-virus vendors
make anti-virus programs for mobile devices that provide the same real-time
protection that the products do for computers. The same guidelines apply for
these mobile devices: keep them up-to-date by setting the device to check for
updates whenever connected to the Internet.
14.5.8 OS patching/updates
Security patches and OS updates are available on an on-going basis for mobile
operating systems. As a best practice, you should always ensure that your
device is up to date and the way to do this depends on the device you use.
Examples include using a built-in update app to connecting the device to a
computer via USB and downloading the update and installing it on the mobile
device, passing through the computer.
Page 1141 of 1229
Figure 14.23 Updating software on Android device

Tip
Before applying a patch or doing an update, it is always a good idea

to synchronise the device. This will save all your apps, data and
settings, and if something goes wrong during the update, you can
fully restore the device.
14.5.9 GPS, geolocation and geotracking

Almost all mobile devices include a map tool that also includes positioning
software that accesses the Global Positioning System (GPS) network of
space-based satellites to determine the exact location of the device. The device
has a GPS receiver and together with the GPS, use triangulation to calculate
the devices exact location. For example, if you use the Google Earth map app,
you can use the GPS to zoom in and out on your location. Those mobile
devices that do not have a GPS receiver use cell tower triangulation or Location
Services that use Wi-Fi locations to determine the approximate location of the
device.
Geolocation information collected by mobile devices can be used in various
ways, some welcome and some unwelcome. For example, you might consider
it a blessing to be able to locate a friend using real-time geolocation
information from the friends device. On the other hand, you might consider it
a curse when someone else can locate your friend in the same way.
Page 1142 of 1229
Geotracking is the practice of recording the location of a mobile device over

time and tracking its movements. This is done by companies and governments.
This tracked information is periodically sent to a central location or might go to
other locations as well, such as social networking sites when updates are
posted by default. Privacy issues aside, geotracking is being done, so if you do
not want your location known, simply disable the GPS setting.
Figure 14.24 Geotracker app
14.6 Mobile device resets

A reset can fix some problems with mobile devices. There are two types of
resets:
Soft reset this is usually performed by powering the device off and then
powering it back on again. Just like rebooting a computer, this can fix
temporary problems quickly and easily.
Hard reset this can sometimes fix more advanced problems. A hard
reset may remove all data and apps and return the device to its original
factory condition. Do not perform a hard reset without backing up all the
data and settings you require first.
Page 1143 of 1229
Unit 15 - Virtualisation
Explain what virtualisation is and the different reasons for

deploying virtual machines.
Describe the requirements for running virtualisation
software.
Install and configure a virtual machine.
Set up Windows 8.1 on a virtual machine and explore the
OS.

Study
Notes

o Virtualisation (p.178)
Study
Notes
Skills
15.1 Virtualisation basics

Traditionally, computers can have multiple operating systems installed on
them with only one OS running at a time. This has changed with
virtualisation. The idea behind virtualisation is to run special software
called a hypervisor or virtual machine manager (VMM) on a physical
computer called the host to create one or more software-based computers
called virtual machines (VMs). Each VM or guest contains its own
software representation of the hosts physical hardware, called virtual
hardware that includes virtual CPU, memory, hard disk and network
interface card. This virtual hardware allows the VM to run a standard OS
called the guest OS.
Consider Figure 15.1 as an example. There is one host running the
Windows 8 host OS. Four VMs are installed on the host, each of which is
running its own guest OS (Windows 7, Windows Server, Linux and Linux
Server, respectively).
Page 1144 of 1229
Figure 15.1 Running four VMs on one physical host

Each guest OS in Figure 15.1 appears to the host and network as a
separate physical computer, with its own virtual hardware, applications,
data and network addresses. The technician or user can run separate
applications within each guest, add more virtual hard disks and optical
drives to each one, change their network adapter, shut down or reboot
them, all without affecting each other and the host.
Tip
A powered-off VM comprises one or more files that list and

describe the virtual hardware and the data it contains.
It is also possible to isolate each VM from any other, but in Figure 15.1,
each VM is connected to the other and to the host to create what is known
as a virtual network so that they can all share data and access the
Internet through the hosts network adapter. The Windows Server and
Linux Server VMs are virtual servers for the virtual network, providing
the same services and resources as a physical server would for a physical
network.
If enterprise virtualisation software were run on the host in Figure 15.1,
software-based virtual switches and virtual routers could be configured
and added to the virtual network, so that they would perform the same
function of hardware-based network switches and routers.
Tip
There are many layers of virtualisation, including processor

virtualisation, memory virtualisation, storage virtualisation,
application virtualisation and network virtualisation.
15.1.1 Hypervisor
The hypervisor or virtual machine manager (VMM) is an extra layer of
software, installed either on top of the host OS or directly on the physical
hardware, that provides a platform to create and run one or more VMs on
the host computer and manages the flow of input and output calls made
between each guest and the physical hardware (CPU, memory, storage) in
a fair and timely manner.
Page 1145 of 1229
The hypervisor can partition the systems resources and isolate the guest
operating systems so that each has access only to its own resources, and
possibly access to shared resources such as files on the host OS, but
cannot affect any resource used by another guest OS.
The hypervisor only gives each guest a portion of the system resources of
the physical host for which it is assigned. For example, a host may have 64
GB of RAM installed, but a guest, which is configured with 4 GB, may
believe that it only has 4 GB installed. A guest may be writing files to a 100
GB virtual hard drive, but actually be working with a portion of a file
system on a much larger storage area network. Processing and network
resources work similarly: a guest may have two virtual CPUs and access to
a single NIC, but the physical host will have many more of both.
There are two types of hypervisors:
Type 1 (bare-metal or native) this hypervisor runs directly on the

physical hardware (bare-metal) without an OS beneath it. Then multiple
guest operating systems can run as VMs on top of the hypervisor. A
Type 1 hypervisor is much faster and more efficient than a Type 2
hypervisor because it runs independently and communicates directly
with the hardware and can deliver superior performance as compared to
a Type 2 hypervisor, which has to go through the OS to access
hardware.
Type 1 virtualisation is primarily used for server virtualisation to run
virtual servers and by web-hosting companies and by companies that
offer cloud-computing solutions. With this hypervisor, you must make
sure that the hardware is capable of running the hypervisor software
you want to use, according to its base system requirements, and that
there are more than enough resources for the type and number of guest
operating systems and their applications and data. Figure 15.2
illustrates a Type 1 hypervisor architecture.
Figure 15.2 Type 1 virtualisation architecture
Page 1146 of 1229
Examples of Type 1 hypervisors include:

o VMware VMWare offers various enterprise-level hypervisors: ESX
Server, ESXi Server and vSphere. You can find more information by
visiting:
www.vmware.com/products/esxi-and-esx/overview
o Microsoft Hyper-V Hyper-V, previously known as Windows
Server Virtualisation, is a native hypervisor that comes as a standalone hypervisor called Hyper-V Server or as an installable role in
certain Windows Server OS editions. You can find more information
about
Hyper-V
by
visiting
Microsofts
technet
website:
technet.microsoft.com.
o Citrix XenServer this is an open source native virtualisation
hypervisor software. You can find more information by visiting:
www.citrix.com/products/
o Linux KVM KVM stands for Kernel-based Virtual Machine and it is
a full virtualisation solution that turns the Linux kernel into a
hypervisor. You can find more information by visiting: www.linuxkvm.org
Type 2 (hosted) this hypervisor runs as a program within (or on top

of) the hosts OS, which in turn runs on the physical hardware. The host
OS can be almost any common OS, such as Windows, Linux or Mac OS
X. Using a Type 2 hypervisor, you create a virtual hardware
environment for each VM and then specify how much memory to
allocate to each one, create virtual disk drives by using space on the
computers physical drives and provide access to peripheral devices.
You then install a guest OS on each VM and install virtualised
applications inside the guest OS. The host OS then shares access to the
computers hardware with the hypervisor and each guest OS.
Type 2 virtualisation enables desktop users to run an instance of one or
more other operating systems on a single computer, without the
complications of dual booting. In this practice, often called desktop
virtualisation, a user can run applications that are not compatible with
his or her host OS. You must make sure the hypervisor software can
run on the host hardware and that it supports the host OS and that you
have enough resources on the host to run each guest OS and their
applications and data along with the host OS. Figure 15.3 illustrates a
Type 2 hypervisor architecture.
Page 1147 of 1229
Figure 15.3 Type 2 virtualisation architecture

Examples of Type 2 hypervisors include:
o VMware: VMware has several proprietary virtualisation solutions,
including Fusion, Fusion Professional and Workstation, but the
VMware Player Plus is free. Figure 15.4 shows a screenshot of the
VMWare Workstation VMM, with a couple of VMs running. It runs
on just about any 32-bit or 64-bit guest OS. You can download it
from:
my.vmware.com/web/vmware/free#desktop_end_user_computing
/vmware_player/6_0.
Figure 15.4 VMware Workstation
Page 1148 of 1229
o VirtualBox: Oracle has published VirtualBox as an open source

virtualisation tool that runs on just about any 32-bit or 64-bit OS. It
is available as a free download at
www.virtualbox.org/wiki/Downloads
o Parallels Desktop: A popular hypervisor for MAC OS X. It is
available for download at: www.parallels.com/products/desktop/
o Windows Virtual PC: This runs on Windows only, supports various
guest operating systems and is available as a free download by
searching the following website:
www.microsoft.com/en-za/download/.
o Microsoft Hyper-V: This is the desktop version of the product that
is an installable feature in the 64-bit Windows 8/8.1 Pro edition.
Figure 15.5 shows a screenshot of the Hyper-V Manager (on the left)
and the VM settings page for a VM (on the right).
Figure 15.5 Hyper-V Manager and VM settings
15.1.2 System and resource requirements

A hypervisor on a host will run as many VMs as its CPU, RAM and hard disk
will allow. Before choosing to use virtualisation software, consider the
following:
OS the hypervisor might only support certain types of guest operating

systems, including older and newer versions. Like every OS, each guest
is subject to system requirements and this depends on what guest
operating systems and applications are running. If you are running a
64-bit hypervisor, you should be able to install 32-bit guest operating
systems (provided that the hypervisor supports them). However, you
will not be able to run 64-bit guest operating systems on a 32-bit
hypervisor. Each guest must also be provided with drivers for the virtual
hardware components if the hypervisor does not provide them.
Page 1149 of 1229
CPU some hypervisors require a CPU with virtualisation support

enabled and performance will degrade if virtualisation is not supported
by hardware, while some CPUs might not come with this feature and
sometimes the feature needs to be enabled in the BIOS. SMP, multicore and Hyper-Threading can improve performance greatly when
running multiple VMs.
RAM Each guest OS requires enough RAM to run over and above the
RAM required by the host OS. For example, if running four VMs with 2
GB each, you will need at least 8 GB beyond what the host is using. The
amount of RAM needed depends on how many VMs you run and what
you use each one for.
Disk The VMs are stored as one or more image files on the disk. How
the VMs are used determines how much space is needed. As you install
applications on the VM or add data to it, the more space will be needed.
Space will also be needed for any snapshots taken. A snapshot is a set
of files that record the state of the VM at a given point in time that you
can repeatedly go back to in the event of a failure. Additionally, most
hypervisors support dynamically expanding disks that start out small
and automatically grow as additional storage space is needed.
Peripherals and adapters Most hypervisors allow guest VMs to use the
hosts sound, network and other adapters and input and output devices,
printers and USB peripherals.
15.2 Virtual networking

A virtual network allows a VM to connect to services on other VMs inside
the host and to services outside of the host. As with other resources, the
hypervisor manages network traffic coming in and going out of each VM
and the host. Virtual networking is achieved by software and services that
allow the sharing of storage, bandwidth, applications and other network
resources.
A physical host usually has only one NIC, but if there are multiple VMs
running on that host, each one has its own virtual NIC that needs to access
the network. There are several ways that the hypervisor can provide
network access, including:
Bridging: By creating a bridge from the virtual NIC in each VM to the

physical NIC in the host computer, the hypervisor provides each VM
with full network access, including its own MAC address.
NAT (Network Address Translation): Some hypervisors can

implement a NAT solution, creating a separate, private IP network for
the VMs. The hypervisor then functions as a NAT router, enabling the
VM to share an IP address with other VMs to access the physical
network through the hosts network adapter.
Page 1150 of 1229
Virtual switching: A virtual switch connects VMs to both a virtual

internal network created inside the host and to the physical external
network outside the host and controls the flow of data between them.
The hypervisor manages the virtual switch and usually provides an
interface with which to configure the connectivity between the virtual
NICs and the virtual switch.
The virtual NIC inside the VM can be configured in exactly the same way as
a real NIC can be configured on a physical host, that is, protocols and
services can be bound to it and it can be assigned an IP address. If there
are multiple virtual NICs in the configuration, the VM will need a unique IP
address for each one.
15.3 Purpose of virtualisation

There are several reasons why virtualisation is used, including:
Consolidation, costs and utilisation: Instead of running separate

high-end physical hosts, which cost a lot and use a lot of electricity, you
can combine them into one or more powerful hosts running many VMs,
saving on hardware and operational costs and electricity needed to run
hardware and provide cooling. In addition, the hardware can be used
more efficiently by putting more load on the computer, since most
computers are not fully utilised.
Learning: By installing new operating systems and applications in a

VM, you can learn how they work and what their features are without
causing any real damage.
Testing: New operating systems and applications can be installed on a

VM even when they are in the early beta stage. If the software has
bugs, causing random problems, only the VM is affected. The host
remains unaffected. You can also run software written for one OS on
another (for example, Windows software on Linux or a Mac) without
having to reboot the host to use it.
Legacy applications: If an application will not run in a newer OS, you

can install it on a VM within an older OS. For example, Windows XP
Mode lets you run legacy applications that are not compatible with
Windows 7.
Fault tolerance, high availability and load balancing: Each of these

depends on the hypervisors ability to efficiently manage the VMs.
System duplication and recovery: Once installed, a VM and its

virtual hard disks are just files that can be frozen, woken up, copied,
backed up and moved between hosts.
Page 1151 of 1229
Application virtualisation: Hypervisors and Remote Desktop Services,

in their own ways, both virtualise entire operating systems, but it is also
possible to virtualise individual applications through services such as
RemoteApp, which enables clients to run server-hosted applications
within individual windows. Virtual desktops run on servers in the data
centre (computer room, floor or building) and are accessed through thin
clients, or other devices, many of which are more reliable and less
expensive than PCs and use less electricity.
Security: Many security professionals use VMs for security testing. For
example, when a new virus is discovered, it can be released in an
isolated VM without infecting the host system.
15.4 Virtualisation security

The security of virtualisation depends heavily on the individual security of
each of its components, including the hypervisor, host computer, host OS,
guest operating system(s), applications and storage. You must secure all of
these components and maintain their security based on sound security
practices, such as restricting access to administrative consoles, keeping
software and A-V definitions up to date and so on.
Generally speaking, you should have the same security controls in place for
virtualisation of operating systems as for the standard computer operating
systems running directly on hardware, and this should also apply to
applications running on guest operating systems and shares created.
15.4.1 Guest OS security recommendations
Do not install guest OS images in environments where they can be

infected with malware. Many hypervisors allow guest operating systems
to share files, folders, the copy/paste buffer and other resources with
each other and with the host computer through guest tools. If the
guest OS is infected by malware, it might spread to the other guest
operating systems connected to it and to the host computer through the
guest tools. Make sure that shares are secured. There are solutions that
allow security applications such as Antivirus software to run through the
host computer or hypervisor.
Make sure that each guest OS is isolated from the host OS and from
other guest operating systems as much as possible.
Test and install the latest patches on each guest OS and use features
that automatically download updates.
Back up virtual disk drives for each guest OS on a regular basis using
the same backup policies used in non-virtualised environments.
Disconnect any unused virtual hardware for each guest OS; this is
particularly important for virtual drives and NICs.
Use separate authentication solutions (i.e. different credentials) for each
guest OS.
Page 1152 of 1229
Make sure that virtual devices for each guest OS are mapped to the
appropriate physical devices on the host computer, for example,
between virtual and physical network adapters.
Make sure that management procedures for developing, testing and
deploying guest OS images are being followed and are tightly monitored.
Virtual system management software can be used to detect rogue VMs
that are installed and running.
15.4.2 Host OS security recommendations
Secure the host using all of the practices and technologies covered
throughout this module.
Because the host represents a single point of failure, a redundant
host with the exact duplicated guest OS configuration can be kept on the
sidelines and deployed when the production server fails. Make sure that
the redundant server is kept up to date.
15.4.3 Hypervisor security recommendations
Install patches to the hypervisor as the vendor releases them.

Restrict access to the hypervisors management system.
Disconnect unused hardware from the host computer.
Because hypervisor services, such as a file sharing, can possibly provide
a means for attacking the system, it is best to disable these kinds of
services, unless they are needed, in which case they should then be
secured.
Some hypervisors have introspection capabilities that allow them to
monitor the security of each guest OS that is running.
Many hypervisors include self-integrity monitoring capabilities and logs
that allow you to monitor the hypervisor itself for any signs that it has
been compromised. Use these tools.
An improperly configured virtual environment can lead to what is known
as VM escaping, which is an exploit in which the attacker runs malware
on a VM that allows the guest OS to break out and interact directly with
the hypervisor. This allows the attacker to compromise it, thus gaining
full access to the host OS and all other VMs running on the host.
Note
The theory examination will not examine you on the rest of

this unit. However, the practical examination will examine
you on virtualisation and using VirtualBox. Therefore, read
the content and complete the practical tasks on a computer.
15.5 Working with virtualisation

To install an OS in a VM, you must first install the hypervisor software and
then set up a VM. The virtualisation software that will be used in this
module is called Oracle VM VirtualBox. VirtualBox is a free, open source,
cross-platform
Page 1153 of 1229
Type 2 software-based hypervisor for creating, managing and running VMs

on many 32-bit or 64-bit desktop and server hosts, which could be running
Windows, Linux, Mac or Solaris.
Figure 15.6 VirtualBox on Mac OS X

The lecturer will make the resources for this unit and the lab book available
to you. Alternatively, should you wish to download a copy of VirtualBox,
you can do so from the one of the following websites:
www.virtualbox.org
www.oracle.com
Note
VirtualBox version 4.3.6 will be used for this module.
15.5.1 VirtualBox installation

The first part of the exercise will show how to install VirtualBox (version
4.3.6) on a Windows 7 host. If you have installed software before, the
installation should be straightforward. On each host platform, VirtualBox
uses the installation method that is more common and easy to use.
1. On a Windows 7 computer, double-click on the VirtualBox installation
file. It should be something like VirtualBox-4.X.X-X-Win.exe. Wait for
the Oracle VM VirtualBox 4.X.X Setup dialog box to appear.
2. Click Next. The Custom Setup dialog box will appear and show the
VirtualBox features that will be installed as well as the installation
directory. See Figure 15.7.
3. Leave the default options and click Next.
Page 1154 of 1229
Figure 15.7 VirtualBox Custom Setup

4. The next dialog will allow you to create a desktop and quick launch bar
shortcut for the program and choose to register file associations. Leave
the default options and click Next.
5. The next dialog will warn you about temporarily disconnecting the
computer from the network because the setup program will install the
VirtualBox Networking features. Click Yes and then click Install to
install the program.
6. The installation process will begin and VirtualBox will copy the files to
the hard drive. During the installation, you will be asked to install
device software and/or drivers so be sure to click Install for each
dialog box that appears. See Figure 15.8.
Figure 15.8 VirtualBox device software installation

7. Once the installation process is finished, click Finish to exit the setup
wizard and start VirtualBox. Alternatively, you can click Start > All
Programs > Oracle VM VirtualBox and then click Oracle VM
VirtualBox to launch the program. When you start VirtualBox for the
first time, a window like the one shown in Figure 15.9 will appear. This
window is called the VirtualBox Manager.
Page 1155 of 1229
15.5.2 Exploring the VirtualBox Manager

1. Open the VirtualBox Manager.
Figure 15.9 VirtualBox Manager

On the left of the VirtualBox Manager is an empty pane that will later list
the VM that will be created. Above this pane is a row of buttons that are
used to create new VMs and work on existing ones. The pane on the right
currently displays a welcome message, but will later display the properties
of the currently selected VM after it is created.
At the top of the window are some menus that can be used to manage the
VirtualBox Manager and various VirtualBox components. Figure 15.10
shows the three menus of the VirtualBox Manager.
Figure 15.10 VirtualBox Manager menus
Page 1156 of 1229
The File menu has the following options:

o Virtual Media Manager: VirtualBox keeps track of all the hard disk
and CD/DVD images used by VMs. This manager can be used to
copy a hard disk image file, remove an image from the registry (and
optionally delete the image file when doing so) and release an
image, that is, detach it from a VM if it is currently attached to one.
Hard disk, optical disk and floppy disk images are referred to as
known media and come from all media currently attached to VMs.
The known media is conveniently grouped under three tabs for the
three possible formats. As you can see in the screenshot in Figure
15.11, for each image, the Virtual Media Manager shows you the full
path of the image file (if created) and other information, such as
which VM the image is currently attached to, if any (in this case the
name of the VM is Windows 8.1).
Figure 15.11 Virtual Media Manager

o Import and export appliance: a virtual appliance is a VM image
that can be downloaded from the Internet and configured and used
without having to create a VM and install the guest OS and any
software applications on it. You can import an appliance into VirtualBox,
but only if it conforms to the cross-platform industry-standard Open
Virtualization Format (OVF) and has a .ovf or .ova file extension,
including those from other virtualisation products. A wizard will guide
you through the process of selecting and presenting the VM based on
the OVF file, with options to change VM settings for it before importing
it. Appliances can also be exported from VirtualBox.
o Preferences: Although VirtualBox will run perfectly well with its default
preferences, it does provide the ability to modify a number of
preference settings for the entire VirtualBox environment. See Figure
15.12.
Page 1157 of 1229
Here the following can be configured:

General: By default, VirtualBox stores the machine folder
(containing virtual hard disk image files and VM configuration files)
in the current users home directory, but the location of this and the
location of the library containing authentication credentials for
remote desktop clients can be changed here.
Input: This is where keyboard shortcuts to various VirtualBox
Manager and VM components can be changed. This includes the
important Host Key, which is the key that determines whether the
mouse pointer is in the focus of the VM or the Host.
Update: Set various update settings here.
Language: Choose a language for the interface here.
Display: Configure the screen resolution and its screen size (width
and height) here, or leave it at automatic.
Network: Configure static and DHCP address details of network
adapters for specific networking modes here.
Extensions: Extension packs can be viewed, added and removed
here. Extension packs extend the functionality of VirtualBox by
providing it with features such as a virtual USB 2.0 controller and
PXE boot for virtual network cards. They can be downloaded from
www.virtualbox.org.
Proxy: VirtualBox can be configured as an HTTP proxy server.
Figure 15.12 VirtualBox Preferences

o Exit: option exits the program.
The following actions can be performed from the Machine menu:

Create new VMs or delete existing VMs.
View the location of the VMs definition file.
Manage VM settings.
Create VM groups and ungroup VMs. VMs can be grouped into one or
more groups and the same general operations that can be performed
on individual VMs can be applied to groups.
o Perform operations including Start, Pause, Reset, Close (Save state,
Send Shutdown, Poweroff), Discard Saved State.
o Refresh the state of a VM.
o
o
o
o
Page 1158 of 1229
o Sort VMs in alphabetical order.

o Clone VMs. A clone is a copy of an existing VM. The VM must be off
to clone it. This option starts a wizard for creating a full or a linked
copy of an existing VM:
Full clone: This option creates an exact copy of a VM, but the
clone is not linked to the original VM. Any changes made to the
clone are entirely separate or independent from the original VM.
Linked clone: This option creates a copy (snapshot) of an
original VM, except the clones virtual disk points to the virtual
disk of the original VM (the two VMs are attached to the same set
of storage and changes are made to both). This is useful for
deploying several identical VMs, but when one VM is removed, the
other is removed as well.
o Show log: The VM log files are stored in a subfolder called Logs.
Sometimes when there is a problem, it is useful to look at the logs to
determine the cause. For convenience, the VirtualBox main window
can show the logs for each VM in a window.
From the Help menu, you can find help, connect to the VirtualBox
website using a browser, check for updates and view information about
the VirtualBox version.
15.5.3 Creating a VM
1. To create a VM, click on the New button at the top of the window (or
press <Ctrl> + <N>). A wizard will appear to guide you through the
creation process.
2. Click Next to skip the Welcome screen.
3. The Name and Operating System screen will appear and ask you to
give the VM a name and choose the guest OS type and version that will
be installed on it later on. The supported operating systems are
grouped. If the OS is not listed, choose Other. Your selection will
determine what VM Settings VirtualBox will enable and disable for the
guest OS. Choose the following options for this exercise:
Name set any name. In practice, however, you should give the VM
an informative and useful name that would distinguish it from any
other VMs you create. This name will later be shown in the VM list in
the left of the VirtualBox Manager.
Type: Microsoft Windows
Version: Windows 8.1 (64-bit)
See Figure 15.13.
Page 1159 of 1229
Figure 15.13 Name and Operating System

Tip
You can run a 64-bit guest OS on a 32-bit host OS, but only if the
host has a 64-bit CPU and hardware virtualisation is enabled for
the particular VM.
4. Click Next.
5. At the Memory size screen, you can set the amount of RAM to be
allocated to the VM every time it is started. See Figure 15.14.
Figure 15.14 Memory size

Tip
Be careful, the amount of RAM you allocate will be taken away

from the host computers RAM when the VM is started and
presented to the guest OS as virtual RAM.
6. Assign 2 GB to this VM by typing 2048 in the MB box, but be sure that

the host has at least 3 GB of RAM for this exercise.
7. Click Next.
Page 1160 of 1229
8. Next, specify a virtual hard disk for the VM. See Figure 15.15. The host
computer sees the VM as a large file on its system, but the VM sees it as
a real hard disk connected to it. When a guest OS reads from or writes
to the virtual hard disk, VirtualBox redirects the request to the image file
on the host. Like a physical disk, a virtual disk has a size (capacity),
which must be specified when the image file is created. This file can be
copied to another host and used on it. Here you have the following
options:
Click on the Create a virtual hard drive now to create a new,
empty virtual hard drive.
Pick an existing disk image file. The drop-down list contains all disk
images that VirtualBox currently remembers, including those that are
currently or have been attached to the VM (or have been in the past).
Alternatively, click on the small folder button next to the drop-down
list to bring up a standard file dialog box, where you can choose the
disk image file on the host hard drive.
Figure 15.15 Hard drive

9. Most probably, if you are using VirtualBox for the first time, you will
want to create a new disk image. Therefore, click Create a virtual hard
drive now and click Create to create an empty drive.
10. This brings up the Create Virtual Hard Drive window (as shown in
Figure 15.16). VirtualBox supports many variants of disk image files,
some of which include:
VirtualBox Disk Image (VDI) this file is normally used by
VirtualBox as the default container format for guest hard disks. In
particular, this format will be used when you create a new VM with
a new disk.
Virtual Machine Disk (VMDK) this open source container
format is used by many other hypervisors, in particular VMware.
Virtual Hard Disk (VHD) this format is used by Microsoft
hypervisors.
Parallels Hard Disk (HDD) this format is used by Parallels
hypervisors.
Page 1161 of 1229
Figure 15.16 Hard drive file type

11. Click Next to accept the default VDI format. VirtualBox supports two
types of image files:
Dynamically allocated the disk image file will initially start out
small and then grow automatically as the disk fills up with data (up to
the specified size). Although this is the recommended choice because
disk space on the host is not used until needed, it can result in slower
performance if the disk needs to be enlarged frequently.
Fixed-size the disk image file is created to the specified size and
will not change. This takes longer to create but tends to result in
improved disk write performance.
12. Accept the default dynamically allocated and continue to the next
screen.
13. At the next screen you can choose a name for your virtual disk file and
set the size of the virtual hard disk, as shown in Figure 15.17. The disk
needs to be large enough to hold the contents of the guest OS as well
as its future applications and any data it will store. Since the space will
expand dynamically, enter 40 GB for this exercise.
Page 1162 of 1229
Figure 15.17 File location and size

14.
Click Create to create the virtual hard disk and to create your VM.
Your newly created VM will appear in the VM list in the left pane of the
VirtualBox Manager, identified by the name that you initially gave to the
VM. Figure 15.18 shows the newly created VM called Windows 8.1 on the
left and its default properties on the right.
Figure 15.18 The newly created VM
15.5.4 VM settings
With the VM selected, click the Settings button to open the Settings
window. See Figure 15.19. This is where you can configure hardware and
input and output settings for the VM. Categories like System, Display and
Network are listed on the left.
Page 1163 of 1229
Clicking on each category will display tabs and settings for that category on
the right. Go through and explore the different settings under each
category and tab. Do not make any changes yet.
Figure 15.19 VM Settings (General - Basic tab)

The next section will discuss all of the VM settings in more detail.
15.5.4.1 General category
Here you configure essential hardware. There are three tabs: Basic,
Advanced and Description.
Basic tab: The following can be configured on this tab:

o VM name: VirtualBox saves the VMs configuration files under this
name and if changed, VirtualBox will rename the files to the
changed name. Internally, VirtualBox uses unique identifiers
(UUIDs) to identify VMs.
o OS type and version: The guest OS that is or will be installed.
Advanced tab: The following can be configured on this tab:

o Snapshot folder: VirtualBox saves snapshot data together with
VirtualBox configuration data, but you can specify any other folder for
the VM.
o Shared clipboard: choose whether the guest and host should access
each others cut and paste clipboards, enabling easy copying and
pasting of data between them. This is disabled by default. You can
allow copying and pasting to operate in both directions by selecting
Bidirectional, or in one direction only by selecting Host to guest or
Guest to host. Clipboard sharing requires that Guest Additions
(extra drivers and software programs) be installed.
o Drag n Drop: this allows dragging and dropping of files between the
host and guest.
o Removable media (remember runtime changes): as the VM is
started and restarted, VirtualBox will remember what media is
mounted on the VM.
Page 1164 of 1229
o Mini toolbar: When running a VM in a window, VirtualBox displays a

small toolbar at the top of the window that provides key functionality,
such as mounting a virtual CD image. In full screen or seamless
mode, this menu is not available, but you can enable the mini
toolbar, which provides the same functionality as the VMs menu bar.
See Figure 15.20.
Figure 15.20 VM Settings (General Advanced tab)
Description tab: this is where an optional description for the VM can

be entered, such as how it is configured or what software it is running.
To insert a line break into the description text field, press <Shift> +
<Enter>.
15.5.4.2 System category

Under System, you can configure various settings that are related to the
basic hardware presented to the VM. There are three tabs: Motherboard,
Processor and Acceleration.
Motherboard tab: here you can configure virtual hardware that would
normally be on the motherboard of a real computer. See Figure 15.21.
Figure 15.21 VM Settings (System Motherboard tab)
Page 1165 of 1229
o Base memory: here you can allocate the amount of memory to take
away from the host and give to the VM when it is running.
o Boot order: like a physical computers BIOS, you can choose the
order in which the guest OS will attempt to boot from the various
virtual boot devices, including CD/DVD drive, virtual hard drive,
network or none of these. In fact, when initially installing an OS from
an optical disc, you will want to boot from the CD/DVD, so make this
the first boot device as shown back in Figure 15.21, but once the
installation is complete, you will want to change the boot order to
boot to the virtual hard disk first. If you select Network, the VM will
attempt to boot from a network via the PXE mechanism and this
needs to be configured on the command line.
o Chipset: you can select the chipset that will be used by the VM. The
choices include:
PIIX3: The original and older chipset option that tends to work
well for many older and newer guest operating systems. Use this
for this exercise.
ICH9: This can be used for some modern guest operating
systems such as Mac OS X. This option should only be used if you
run into something wrong with PIIX3.
o Pointing Device: This has three options:
PS/2: the default virtual mouse for older guests.
USB Tablet: When a USB tablet is connected, VirtualBox reports
it to the VM and communicates mouse events to the VM through
the tablet, without having to capture the mouse in the guest.
USB Multi-Touch Tablet: suited to touch-based guest operating
systems.
o Enable I/O APIC: If you are going to use a 64-bit OS or anticipate
using more than one virtual CPU in the guest OS, enable this feature.
Advanced Programmable Interrupt Controllers (APIC) allows the
guest OS to use more than 16 IRQs and therefore avoid IRQ sharing
for improved reliability.
o Enable EFI: Extensible Firmware Interface (EFI) replaces the legacy
BIOS and may be useful for testing and developing EFI applications.
All modern operating systems can make use of EFI. If the guest does
not support EFI, do not enable this option.
o Hardware clock in UTC time: If enabled, VirtualBox will report the
system time in UTC format to the guest instead of local (host) time.
This affects how the virtual real-time clock (RTC) operates.
Page 1166 of 1229
Processor tab: the following can be configured on this tab (as shown in
Figure 15.22):
o Processor(s): set how many virtual CPU cores the guest OS should
see. VirtualBox supports SMP and it can present many virtual CPU
cores to each VM. You should not assign more virtual CPU cores than
the physical CPU has available (real cores, no Hyper-Threads).
o CPU execution cap: set the amount of host CPU time the guest CPU
can use. The default setting is 100% meaning that there is no
limitation. Limiting the execution time of the virtual CPUs may cause
guest timing problems.
o Enable PAE/NX: this determines whether the PAE (Physical Address
Extension) and NX (Never Execute) capabilities of the host CPU can
be used by the VM. If enabled PAE allows a 32-bit CPU to address
more than 4 GB RAM and is a prerequisite for NX, which helps the
CPU protect against malware. Some operating systems, such as
Ubuntu Server and Windows 8/8.1, require PAE and cannot run in a
VM without it, so make sure it is enabled.
Figure 15.22 VM Settings (System Processor tab)
Acceleration tab: this shows options that are directly related to

hardware virtualisation that the host CPU may support. In most cases,
VirtualBox by default will have picked sensible defaults depending on the
OS that you selected when creating the VM. In certain situations,
however, you may want to change these preconfigured defaults:
o Enable VT-x/AMD-V: VirtualBox supports both Intels VT-x and
AMDs AMD-V hardware virtualisation. Enabling this makes it easier
for the VirtualBox hypervisor to present virtual hardware to a VM. If
you are going to run any 64-bit guest OS and assign more than one
CPU to the guest, make sure this is enabled. Also hardware
virtualisation must be enabled in the BIOS before the hypervisor can
use this.
Page 1167 of 1229
o Enable Nested Paging: this can improve performance but only if

the processor supports it. When enabled, some memory paging tasks
required by the guest are offloaded from the hypervisor to the
processor. This option is greyed out if the system does not support
nested paging.
Note
Windows activation is sensitive to hardware changes, so any

hardware changes made to a Windows guest might trigger a
request for another activation.
15.5.4.3 Display category

Here you can configure various display/video settings. There are three
tabs: Video, Remote Display and Video Capture.
Video tab: this tab has the following options (as shown in Figure
15.23):
o Video memory size: you can set the size of video memory in MB
that will be taken away from the hosts video memory by the virtual
graphics card and made available to the guest. Depending on how
much video memory is available, higher resolutions and colour
depths may be available.
o Monitor count: here you can tell VirtualBox to display multiple
virtual monitors (windows) running side by side for a particular VM,
but only if the guest OS supports it. Otherwise, the VM can use
multiple physical monitors if it is running in full screen and seamless
mode, but you will need at least as many physical monitors as you
have virtual monitors configured. You can configure the relationship
between guest and host monitors using the view menu by pressing
<Right Ctrl > + <Home> when in full screen or seamless mode.
Note
Right <Ctrl> is the host key by default.
o Enable 3D acceleration: If a VM has Guest Additions installed,

VirtualBox will additionally be running a hardware 3D driver so that
applications inside the guest can support accelerated 3D graphics
through OpenGL or Direct3D, but only if the host OS can make use of
accelerated 3D hardware.
o Enable 2D video acceleration: With Guest Additions installed and
this feature enabled, VirtualBox will attempt to use the hosts 2D
video acceleration hardware for performing stretching and colour
conversion for applications running inside the guest, but only if the
host OS can make use of 2D video acceleration.
Page 1168 of 1229
Figure 15.23 VM Settings (Display Video tab)
Remote display: if the VirtualBox Remote Display Extension (VRDE) is

installed, you can configure the VM to be a VRDP server. The server will
allow you to connect to it from a remote computer using any standard
RDP viewer, such as mstsc.exe that comes with Windows or rdesktop for
Linux. The following options are available on this tab (as shown in Figure
15.24):
o Enable Server: select this to enable the feature, but the extension
pack must first be installed.
o Server Port: port 3389 is used by default, but this will need to be
changed if you want to run more than one VRDP server, since each
guest has to have a separate port numbers. Ports 5000 through 5050
are typically not used and can be used as a range. You can use a
dash between two port numbers to specify a range and the VRDP
server will bind to one port from the specified list.
o Authentication: you can determine if and how RDP clients should
authenticate to connect. Options are null (for no authentication),
external (which uses an authentication library within VirtualBox to
authenticate against the user credentials in the host system) or
guest (which is still in a testing stage at the time of this writing; but
performs authentication against the guest operating systems user
credentials when Guest Additions is installed).
o Extended Features (Allow Multiple Connections): this allows
multiple clients to connect to the VRDP server at the same time. All
connected clients see the same screen output and share a mouse and
keyboard focus. This is similar to several users using the same
computer at the same time, taking turns at the keyboard.
Page 1169 of 1229
Figure 15.24 VM Settings (Display Remote Display tab)
Video Capture: here you can record the entire VM session from start to
finish or a part of it to a .webm file that can be played by a range of
video
playing
applications.
This
functionality
can
also
be
enabled/disabled while the VM is running. You can set the frame size,
frames per second, where to store the capture videos and quality.
15.5.4.4 Storage category

Under Storage, you can choose to connect, disconnect, add and remove
virtual hard disks and CD/DVD ISO images and drives to the VM. You can
also choose where to store them. VirtualBox presents virtual storage
controllers to a VM to connect it to the rest of the system. Under each
controller, the virtual hard disks or CD/DVD drives attached to the
controller are shown. VirtualBox can emulate the four most common types
of hard disk controllers used in computers: IDE, SATA (AHCI), SCSI and
SAS.
If you created a virtual hard disk when creating a VM and depending on the
guest OS type that was chosen, you will normally see a typical layout of
storage devices in a new VM as follows:
IDE controller a virtual CD/DVD drive is attached to this controller

(to the secondary master port of the IDE controller by default).
SATA controller virtual hard disks are attached to this. Initially you
will normally have one virtual hard disk, but you can add more disks,
with each one represented by a disk image file.
Figure 15.25 shows the Storage category, with a SATA controller created
when the new VM was created. The name Windows 8.1.vdi is the same
name set for the disk when a new VM was created.
Page 1170 of 1229
Figure 15.25 VM Settings (Storage category)

You can modify these media attachments as you want to. The following
options are available:
To add another virtual hard disk or CD/DVD drive, select the storage
controller (IDE or SATA) you want it to use and then click on the Add
Hard Disk button below the tree. You can then select either Add
CD/DVD device or Add Hard Disk.
Alternatively, right-click on the storage controller and select a menu
item there.
On the right side of the window, you can then set the following:
Choose a device slot the virtual disk should be connected to. IDE
controllers have four slots called primary master, primary slave,
secondary master and secondary slave. SATA controllers on the other
hand have up to 30 slots to which virtual devices can be attached. See
Figure 15.26.
Figure 15.26 VM Settings (Storage category SATA controller

options)
Page 1171 of 1229
Select the image file to use. For virtual hard disks, a button with a dropdown list appears on the right, giving the option of either selecting a
virtual hard disk file using a standard file dialog box or to create a new
hard disk (image file), which will bring up the Create new hard disk
wizard. Refer to Figure 15.26.
For virtual optical drives, you can Choose a virtual CD/DVD disk file
as shown in Figure 15.27. Most commonly, you will select this option
when installing an OS from an ISO file.
If you select Host Drive from the list, then the VM will connect to the
hosts physical optical drive and the guest OS will be able to read from
and write to that drive. You would select this option when installing
Windows from an installation disc. See Figure 15.27.
Figure 15.27 VM Settings (Storage category IDE controller

options)
To burn optical discs using the hosts optical drive, select the Host
Drive option and then enable the Passthrough option that becomes
available.
If you select Remove disk from virtual drive in Figure 15.27, an

empty CD/DVD drive will be presented to the guest. You can remove an
attachment by selecting it and clicking on the Remove icon at the
bottom (or right-clicking on it and selecting the Remove menu item).
Removable media can be changed while the guest is running, from the
Devices menu of the VM window.
15.5.4.5 Audio category

The Audio category determines whether a sound card will be presented to
the VM and whether the audio output should be heard on the host. If you
enable audio for the VM, you can choose between an Intel AC97 controller,
an Intel HD Audio controller7 or a SoundBlaster 16 emulated card. With
any of these options, you can select what audio driver VirtualBox will use
on the host.
Page 1172 of 1229
15.5.4.6 Network category

The Network category allows you to configure how VirtualBox presents
virtual network adapters to the VM and how they work. See Figure 15.28.
Figure 15.28 VM Settings (Network category)

As you can see in Figure 15.28, VirtualBox provides tabs for separate
adapters. On each tab, you can enable/disable the adapter, choose a
networking mode and possibly a name for that network mode (if required),
choose an adapter type that will be presented to the VM, allow or deny
promiscuous mode, generate a MAC address, and set up port forwarding.
VirtualBox can virtualise the following types of adapters:
AMD PCNet PCI II (Am79C970A) The default which is supported

some operating systems and its driver will be installed by those
operating systems.
AMD PCNet FAST III (Am79C973) The default adapter.
Intel PRO/1000 MT Desktop (82540EM) Use this for Windows
Vista and later Windows versions. Windows will automatically install its
driver.
Intel PRO/1000 T Server (82543GC) This card is recognized by
Windows XP guests without additional driver installation.
Intel PRO/1000 MT Server (82545EM) This is a good choice for
many Windows desktop and server systems. Windows will automatically
install its driver.
Paravirtualized network adapter (virtio-net) This is a special
adapter that requires the installation of the driver within the guest.
When a VM is first created, VirtualBox by default enables one virtual

network adapter and selects the Network Address Translation (NAT) mode
for it, but there are other network modes as shown in Figure 15.29.
Page 1173 of 1229
Figure 15.29 VM Settings (Network modes)

Each adapter can be configured to work in one of the following modes:
Not attached: The guest identifies a network adapter, but no

connection as if no cable was plugged into the adapter. This is useful
to inform a guest OS that no network connection is available to enforce
a reconfiguration for troubleshooting.
NAT: This is the default mode and is the easiest way of accessing the
Internet from the VM to do chores such as checking email, downloading
files, web browsing and so on. A VM with NAT enabled functions like a
real computer that connects to the Internet through a router. The
router is the VirtualBox networking engine, which gives the VM a private
IP address and maps traffic from and to the VM in a hidden way. The
VM is invisible and cannot be reached from hosts on the Internet.
Usually, no configuration is required on the host network and guest.
Bridged adapter: In this mode, the virtual adapter bridges or shares

the hosts cabled or wireless network adapter and uses a driver on the
host to intercept data from the physical network and inject data into it,
to create a new network interface in software. If the host gets a local IP
from DHCP, then the VM is capable of doing the same, and if it is set
manually, the VM can also be set manually. This makes it appear to the
host and physical network as if the guest is physically connected to the
hosts interface using a network cable (a separate device on the
network in other words).
Page 1174 of 1229
Internal network: This creates a kind of software-based network

between VMs. When selecting this option, you must configure each VM
with the same internal network name in VM settings much like you
would with a workgroup network, so that all of them can communicate.
Figure 15.30 shows an example of an internal network name. Only VMs
can communicate; the host, LAN and Internet will not be able to access
the VMs.
Figure 15.30 VM Settings (Network Internal network mode)
Host-only Adapter: in this mode, the VMs can communicate with each
other and with the host to create a private, virtual network, but they
will not be able to communicate with LAN or Internet hosts. A virtual
network interface (similar to a loopback interface) is created on the
host, providing connectivity among VMs and the host.
Generic driver: This is rarely used, but can be used to install a

separately-written virtual network driver in VirtualBox.
15.5.4.7 Serial category

Under Serial, you can configure virtual serial (COM) ports for the VM, to set
up a primitive network over a null-modem cable, in case Ethernet is not
available, or for programmers that need to do kernel debugging, since
kernel-debugging software usually interacts with developers over a serial
port.
15.5.4.8 USB category
When you insert a USB device into the hosts USB port, if configured,
VirtualBox can allow VMs to access the device directly. To do this,
VirtualBox presents the guest OS with a virtual USB controller. As soon as
the guest starts using the USB device, it will appear as unavailable on the
host. In addition, VirtualBox allows guests to connect to remote USB
devices through the VirtualBox Remote Desktop Extension (VRDE).
Page 1175 of 1229
On this tab, you first have to enable the USB controller and optionally
enable the USB 2.0 (EHCI) controller for the guest. After enabling these
options, you then must determine which USB devices will be available to
the guest. For this, you must create filters by specifying certain properties
of the USB device.
Figure 15.31 VM Settings (USB)

Note
The USB 2.0 EHCI controller comes with the VirtualBox extension
package, which must be downloaded from the VirtualBox website
and installed separately.
As shown in Figure 15.31, you can set USB filters with fields set to empty
strings or for USB devices already attached to the host. Clicking on the +
USB button to the right of the USB Filter window creates a new filter, as
shown on the left in Figure 15.32 (behind the shortcut menu). You can give
the filter a name so that you can identify it and specify filter criteria. Rightclick on the new filter and choose Edit Filter to set criteria for it, as shown
on the right in Figure 15.32.
Figure 15.32 VM Settings (USB filter)
Page 1176 of 1229
The following criteria are available:
Vendor and product ID: each vendor of USB products has a

worldwide unique vendor ID and each line of product is given a product
ID. Both numbers are commonly written in hexadecimal (e.g.
046d:c016 stands for Logitech as the vendor and the M-UV69a Optical
Wheel Mouse product). Alternatively, you can also enter the name of
the Manufacturer and Product.
Serial number: use the serial number with the product ID and vendor
ID to further help the VM identify the device. This is useful when you
have two identical devices of the same brand and product line and the
VM needs to filter them out correctly.
Remote: This setting specifies whether the device will be local only, or
remote only (over VRDP), or either.
Tip
The more criteria you enter about the device, the more precisely it
will be selected and captured by the VM.
On a Windows host, you will need to unplug and reconnect a USB device to
use it after creating a filter. You can de-activate filters without deleting
them by clicking in the checkbox next to the filter name.
VirtualBox implements both a USB monitor, which allows it to capture
devices when plugged into the host and a USB device driver to claim USB
devices for a particular VM. You do not have to re-plug devices for
VirtualBox to claim them. On Windows, you can see all USB devices that
are attached to the host in the Device Manager.
Note
Be careful, if you activate and allow the guest to connect to a USB

drive that the host is currently using, the drive will be
disconnected from the host without a proper shutdown. This can
cause data loss.
15.5.4.9 Shared folders

Shared folders is a feature that allows files and folders stored on the host
to show up as network shares on the guest. It uses a special driver in the
Guest Additions to communicate with the host. To share a host folder with
a VM, you must specify the path of that folder and choose a share name for
it that the guest can use to access it. Hence, first create a shared folder on
the host in the normal way, and then within the guest OS, use Windows
Explorer to connect to it. Shared folders can be set up for a particular VM in
several ways:
In the window of a running VM, you can select Shared folders from
the Devices menu, or click on the folder icon on the status bar in the
bottom right corner.
If a VM is not currently running, you can configure shared folders here
in VM Settings. See Figure 15.33.
Page 1177 of 1229
Figure 15.33 VM Settings (Shared Folders)

You can choose to make the shared folder read-only or to auto-mount
(which automatically mounts the folder as soon as a user logs into the
guest OS).
15.6 Running a VM
Either one of the following methods can be used to start a VM:
Double-click the VM entry in the list within the VirtualBox Manager.

Select the VM entry and press the Start button at the top of VirtualBox
Manager.
Navigate to the VirtualBox VMs folder in the users home directory, find
the subdirectory of the VM you want to start and double-click on the
machine settings file (with a .vbox file extension).
Tip
If any information dialog boxes pop up after starting the VM, you
can ignore them after reading them by clicking Do not show this
message again and then clicking OK to close each box. If you are
prevented from running or accessing the guest OS for some
reason, then ask the lecturer for assistance.
Page 1178 of 1229
15.6.1 Starting a new VM for the first time

When you start the VM for the first time, a First Start Wizard will appear
and ask you to select an installation medium. Since the VM created is
empty, it would otherwise behave just like a real computer with no OS
installed, that is, it will do nothing and display an error message indicating
that no bootable OS was found. For this reason, the wizard helps you
select a medium to install an OS from.
If you have OS installation disc, insert it into the hosts optical drive and
then from the wizards installation media drop-down list, select Host
drive with the correct drive letter. See Figure 15.34. This allows the VM
to access the media inserted into the host drive and enables you to
continue with the installation.
With a downloaded ISO image file, you would normally burn the file to
an empty disc and proceed from there. But you can alternatively mount
the ISO file directly by configuring the Storage Settings within the VM.
VirtualBox will then present the file as an optical drive to the VM, much
as it does with a virtual hard disk image. For this, the wizards dropdown list contains a list of installation media that were previously used
with VirtualBox. If your medium is not listed, select the small folder icon
next to the drop-down list (shown in Figure 15.34) to bring up a
standard file dialog box. From there, you can navigate to and select the
image file on the hosts hard disk.
Figure 15.34 Select installation media for a new VM

In both cases, after making the choice in the wizard, you will be able to
install the guest OS.
Page 1179 of 1229
Tip
If the Select Start-up disk dialog box doesnt appear when starting
a VM, possibly because the VM already has a guest OS or the host
drive has not been selected for it, then you can press <F12>
quickly at the VMs boot screen to access the boot menu. From
there, you can choose the media to boot from.
15.6.2 Capturing and releasing keyboard and mouse

If a clicked the mouse information dialog box appears after clicking inside
the VM window, read the information and then select Do not show this
message again and click Capture.
Figure 15.35 Mouse information dialog box

You activate the VM simply by clicking inside it or clicking on the title bar.
The VM will then own the mouse and/or keyboard so that you can use
them. To return ownership of the mouse and keyboard to the host,
VirtualBox reserves a special key called the host key on the keyboard. By
default, this is the right control (Right Ctrl) key. You can change the
default host key in File > Preferences > Input. In any case, you can
determine whether the key is on or off by looking at the following icon in
the status bar at the bottom right of the running VM window.
To type within the VM, click on its window title bar first and the VM will own
the keyboard. To release keyboard ownership, press the Host key. Note
that while the VM owns the keyboard, some key sequences like <Alt> +
<Tab> will go to the guest instead of the host. After you press the host
key to re-enable the host keyboard, all key presses will go through the host
again.
Page 1180 of 1229
The VM owns the mouse only after you have clicked inside the VM window.
The host mouse pointer will disappear, and your mouse will drive the
guests pointer instead. To release ownership of the mouse, press the Host
key.
For convenience, VirtualBox can make keyboard and mouse operations
between the guest and host more seamless through Mouse Integration
(MI). With MI, it is no longer necessary to click inside the VM to use the
mouse within it and press the host key to release it for use on the host.
Instead, the focus will switch automatically between the guest and host as
the pointer travels in and out of the VM window. MI can be disabled by
right-clicking on the mouse icon at the bottom right of the running VM
window and then choosing Disable Mouse Integration.
15.6.3 Typing special characters

Some key combinations are reserved for host operating systems only. For
example, you will not be able to enter <Ctrl> + <Alt> + <Delete> to
reboot the guest OS, because this key combination is usually hardwired
into the host OS and will therefore reboot the host, not the guest. If
instead you want to send these key combinations to the guest OS, you
can:
Use the item in the Machine menu of the running VM, for example,
there you will find Insert Ctrl+Alt+Delete. See Figure 15.35.
Figure 15.36 VM Machine menu
Press special key combinations with the Host key, which VirtualBox will
translate for the VM. For example, <Host > + <Del> will send
<Ctrl>+<Alt>+<Del> to the guest (to reboot it).
Page 1181 of 1229
For <Alt> + <Tab> (to switch between open windows) and some other
keyboard combinations, you can configure whether the host or guest will
be affected by these combinations by configuring the settings in File >
Preferences > Input > Auto-capture keyboard.
15.6.4 Changing removable media

You can select and change removable media (such as CD/DVD and USB
devices) while the VM is running by selecting the media item from the
Devices menu. See Figure 15.37. Here you can select what VirtualBox
presents to the VM as a CD or DVD. The settings are the same as would be
available for the VM Settings dialog box, but since that dialog box is
disabled while the VM is running, this extra menu saves you from having to
shut down the VM, set the host drive and then start it up again every time
you want to change media.
Figure 15.37 VM Devices menu
15.7 Installing Windows 8.1 on a VM

Windows 8.1 can be operated with a keyboard and mouse on a computer or
with touch on a mobile device. This module will cover using a mouse and
keyboard, but should you want to use Windows 8.1 on a touch-based
device, there are plenty of articles online that you can read by performing a
Google search.
Windows 8 can be updated to Windows 8.1 for free; but for any other
version,
you
can
buy
and
download
Windows
8.1
from
www.microsoftstore.com. Even though this exercise covers the Windows
8.1 clean installation, do take note that the Windows 8 installation is almost
identical. One big difference between Windows 8/8.1 and previous Windows
versions is that Windows 8/8.1 is designed for connectivity to the Internet,
although it can be used offline, with some of features disabled in that case.
Page 1182 of 1229
Before installing Windows

configuration is set:
8.1
in
VM,
make
sure
the
following
Host virtualisation: Enabled in BIOS

OS Type and Version: Microsoft Windows 8.1
Base memory: 2 GB
Boot order: CD/DVD first, then hard drive second
Chipset: PIIX3
Processor: Enable PAE/NX
Acceleration: Enable VT-x/AMD-V and Nested Paging
Video Memory: 128 MB
Storage: Virtual hard disk (40 GB)
Adapter 1: Enabled
Network mode: Internal network (network name: intnet)
Adapter type: Intel PRO/1000 MT Desktop (82540EM)
Cable connected: selected
Tip
If you do experience problems with the installation, try disabling

and re-enabling virtualisation in the BIOS, then create another new
VM and configure all of the above settings again. Also, try disabling
and re-enabling VT-x/AMD-V.
Complete the following steps to perform a clean install of Windows 8.1 in a

VM:
1. Insert the Windows 8.1 installation disc into the host drive.
Alternatively, attach the ISO file to the VM.
2. Start the VM.
3. At the Select start-up disk dialog box, make sure Host Drive is
chosen, or alternatively select the small folder icon next to the dropdown list to bring up a standard file dialog box and pick the ISO image
file on the host disk.
Tip
If the Select start-up disk dialog box does not appear when
starting the VM, but instead, a FATAL: No bootable medium is
found! System halted message does, it means that you have not
told VirtualBox where to find the guest OS, whether it be on a
CD/DVD, virtual hard disk or USB drive. Since this is an installation
from the optical disc, choose the Host drive option from the
Devices menu (refer to Figure 15.37) or press <F12> when
asked to and choose the CD/DVD boot option.
4. Click Start. Wait for the installation files to load.

5. Next, choose the Language to install, time and currency format
and keyboard or input method. See Figure 15.38.
Page 1183 of 1229
Figure 15.38 Windows 8.1 Setup

6. Click Next.
7. Click Install now. This will start the Windows 8.1 installation process.
Wait for this setup process to complete.
8. The next screen will ask you to enter a 25-digit product key. Unlike
previous versions of Windows where you could skip the product key
entry during the installation as long as you provided one during the
evaluation period, and depending on the licensing, entering the product
key is not optional for Windows 8/8.1. Also, activating the product key
online is automatic and part of the installation process. Click Next.
Tip
Depending on the licensing, the installation might skip the product

key screen altogether and bring up the Microsoft Software
License Agreement screen and allow you to continue with the
installation, indicating that the product is under licensing but will
need to be activated later on.
9. Read and accept the license terms and click Next.

10. The next screen presents you with an important question: Which type
of installation do you want? You can either choose a Custom
Install or an Upgrade. Since this is not an upgrade, choose Custom
Install: Windows only (advanced).
11. On the next screen, you can choose where to install Windows 8.1 by
deleting and creating partitions. Since there should only be one empty
40 GB partition on Drive 0 as shown in Figure 15.39, select it and click
Next.
Page 1184 of 1229
Figure 15.39 Windows 8.1 partition installation screen

12. Windows 8.1 will now automatically install onto the partition. This step
could take minutes to complete. The VM will restart automatically
during the installation and continue to install. Wait for Windows 8.1 to
ask for input.
13. When the installation is complete, you will see a screen that will help
you customise Windows 8.1 to your preferences, including Personalize,
Wireless, Settings and Sign in. The screen will only appear for a few
seconds before automatically moving to Personalize.
14. At the Personalize screen (as shown in Figure 15.40), configure the
following options:
Colour: pick a colour that will help shape the Start screen and some
other areas of Windows 8.1. This colour scheme can be changed
later after logging in.
PC name: choose a hostname to identify the VM.
Page 1185 of 1229
Figure 15.40 Windows 8.1 Personalize installation page

15. Click Next.
16. On the Settings screen, you have the option of accepting Microsofts
recommended default settings for Windows 8.1, with the details shown
on screen (as shown in Figure 15.41), or customise them to your
preferences.
Figure 15.41 Windows 8.1 Settings installation page
Page 1186 of 1229
17. Click Use express settings for this exercise. The VM will try to
connect to the Internet, but since we are not connecting to the
Internet, the connection will fail.
Note
If you click Customize, the installation will guide you through a

series of additional screens with settings for network sharing,
Windows Update, automatic feedback to Microsoft and so on.
18. The next screen is the Sign in to your PC step. You normally have
two account options here:
Sign in with your Microsoft account: This option requires an
Internet connection. If you have an email associated with a major
Microsoft service, enter it here. If you do not, enter any email
address and Microsoft will create an account for you based on that
email address. This option will direct you to another screen where
you can choose to accept the default Skydrive settings and so on.
Sign in with a local account: Like with previous Windows
versions, this is a user account stored locally on this computer. This
is the only option available without an Internet connection. Do take
note that you will still need to create or use a current Microsoft
account sometime in the future, if you want to use features like
Windows Store to download apps.
19. Since we are not going to be connected to the Internet, choose Create
a local account for this exercise.
20. The next screen will ask you to enter a username and password, and
confirm the password and enter a password hint. See Figure 15.42.
Enter this information and click Finish.
Figure 15.42 Windows 8.1 Account installation page
Page 1187 of 1229
21. Windows will finalise the settings. Depending on the version of

Windows 8, you might sit through a series of screens explaining how
to work with the Windows 8 interface or see messages in the middle of
the screen and you might see installing apps at the bottom of the
screen. When this process is complete, the Windows 8.1 Start screen
will appear.
15.8 Exploring Windows 8.1 in a VM

When you use Windows 8/8.1 on your computer, you will notice how
different it looks and works to any previous version of Windows. The
biggest change is the Start screen. See Figure 15.43. The traditional
Windows desktop still exists though, so you can still use software used in
Windows 7.
Figure 15.43 Windows 8.1 Start screen

There is also a new style of program called the App (short for application).
Windows 8.1 comes pre-installed with many apps for email, calendar,
weather, news and so on (as shown in Figure 15.43) and you can download
many more from the Windows Store. One of the major differences between
Windows 8 and 8.1 is the Start button, which is left out in Windows 8, but
returns to the desktop in Windows 8.1. However, it only brings up the Start
screen rather than the Start menu used in previous Windows versions. In
addition, Windows 8.1 makes it easy to switch between the Start screen
and desktop.
Note
This unit will only get you up and running with Windows 8.1 and
covers only the very basics. You are strongly encouraged to fully
explore the OS, as it will only benefit you in the workplace.
Page 1188 of 1229
15.8.1 Signing in to Windows 8.1

When Windows 8.1 starts for the first time after booting or rebooting the
system, it will display the lock screen. You have to unlock the lock screen
before moving on to the Sign in/log-in screen, where you can type in
your name and password. You can unlock the lock screen to move to the
Sign-in screen by pressing any key on the keyboard or clicking any mouse
button.
Figure 15.44 Windows 8.1 lock screen

Depending on how the Sign In screen is configured, you have several
options:
If you see your name and/or email address listed, type your password.
When authenticated, Windows displays the Start screen.
If you do not see your name, but you have an account on the computer,
click the left-pointing arrow
. Windows displays a list of all the
account holders. You may see the computer owners name and an
Administrator and Guest account.
If you have just bought the computer, use the account named
Administrator.
Page 1189 of 1229
Figure 15.45 Windows 8.1 sign-in screen

Note
As an alternative to a standard password, you can create a

numerical (PIN) password or use a picture password. To switch
between using a standard password, PIN, or picture if you have
one set up within the OS, click Sign-in options at the Sign-in
screen when asked for your password.
15.8.2 Understanding user accounts

Windows allows several users to work on the same computer at the same
time, but keeps every users work separate. To do that, when you sign in
by clicking your username, Windows presents your personalised Start
screen. When you are finished working, you can sign out so that another
user can use the computer. Later, when you sign back in, your own files
will be waiting for you.
15.8.3 The Start Screen

The Start screen (Figure 15.43) is based around square and rectangular
coloured blocks called Tiles. Each tile when clicked starts an app that
performs a specific task. For example, clicking on the desktop tile starts the
desktop app, which launches the desktop, while clicking on the weather tile
launches the weather app.
As you look around, you might see some live tiles. These are tiles that
change constantly to display text or images, which provide information
from inside the app or display anything that is new or changed, such as
new emails or news headlines, etc, when connected to the Internet.
Note
The bundled Windows apps work well on the Start screen.

Unfortunately, Microsoft configured the Windows desktop to use
some of these Start screen apps rather than standard desktop
programs.
Page 1190 of 1229
Try the following at the Start Screen:

1. Move the mouse pointer to the far left or right of the screen and the
Start screen will follow along. (Make sure mouse integration is disabled
on the VM).
2. Click and drag the scroll bar at the bottom to look around the Start
screen.
3. Spin the mouse wheel to move the Start screen left or right.
4. Rearrange tiles on the Start screen by clicking and dragging them
around and dropping them into their new locations. When you drag a
tile between groups, you will see a coloured vertical bar appear. Drop a
tile onto this bar to create a new group. This can be useful to separate
apps, such as games, websites and so on.
5. On the keyboard, press the right-arrow or left-arrow key to move
around the Start screens tiles.
15.8.4 Charms bar

The Charms bar is a menu that pops out from the right side of the screen
that contains icons or charms for useful tasks. You can open the Charms
Bar by pressing the <Windows> + <C> key combination or by moving
the mouse to the bottom right or top right corner of the screen. See Figure
15.46.
Figure 15.46 Charms bar

Note
The Charms bar can be displayed from anywhere within Windows,

whether you are on the Start screen, Windows desktop, or even in
an app or a desktop program.
Page 1191 of 1229
You will find the following charms on the Charms Bar:
Search: opens the search panel so you can find just about anything,
including settings, files and apps.
Share: use this charm to access share options for the current activity
or active app. On the Desktop app, the Share icon lets you share a
screenshot of what you are currently viewing.
Start: use this charm to access the Start screen. This can also be done
by pressing the <Windows> key.
Devices: use this charm to access hardware devices such as print,
monitor and media devices that are available for use with the current
app, screen or window.
Settings: use this charm to access PC settings, to get information
about the network, to change sound levels, to set screen brightness, to
turn notifications on and off, to turn off the computer and more. The
More PC Settings link will enable you to access more options in the
Control Panel. The Settings option will display settings for individual
active apps.
Tip
Instead of opening the search panel, you can search for apps,
settings and files and even Internet content simply by typing
directly at the Start screen.
15.8.5 App Bar

Right-click anywhere inside the Start screen or on a tile to show the App
Bar. Alternatively, press <Windows> + <Z>. The App Bar is a strip along
the screens top or bottom that contains menus with options that are
equivalent to drop-down menus in Windows desktop programs and can be
used to perform many actions, depending on where you are and what you
are doing. See Figure 15.47. Right-click again and the App Bar disappears.
Figure 15.47 App bar

Tip
To perform an action on a tile on the Start screen, such as hiding it

from the Start screen, right-click on the tile to display the App Bar.
The App Bar has options for actions you can perform on that tile. If
you want to open a menu in an app or on the Start screen, you will
do this from the App Bar. This is where all the controls for apps
can be found.
Page 1192 of 1229
15.8.6 Finding all apps

To keep the list of apps and programs manageable, the Start screen does
not list every program or app on the computer. To pin them there you will
need to do so from within the All Apps view. You can see all of the apps
that are installed, including Windows desktop programs by moving the
mouse around on the Start screen until a small down-arrow
appears
near the bottom left corner. Click this arrow to open the All Apps view. See
Figure 15.48.
Figure 15.48 All Apps view

The All Apps view lists every app and desktop software installed on the
system. The apps on the left of the screen and desktop software on the
right are organised into categories to make them easy to find. You can
move left and right in the All Apps view and you can change how apps and
programs are arranged by clicking the by Name link at the top of the
screen. In the top right of the All Apps view is a search box that you can
use to find an app or program if you are having difficulty finding it in the
list.
You can return to the Start screen by clicking the small up-arrow
near
the bottom left of the screen or by pressing the <Windows> key. While
you are back at the Start screen, begin typing in the missing apps name.
As you type in the first few letters, the Search pane quickly appears,
presenting you with a list of names beginning with those letters. You can
then select the app to start it.
15.8.7 Launching a Start screen program or app

In Windows 8/8.1, each tile on the Start screen is a button for starting an
app or a traditional Windows program. Click the button or press <Enter>
to start the app or program. If it is a desktop program, it will launch on the
desktop.
Page 1193 of 1229
Tip
Close the app bar to launch an app with a single click.
15.8.8 Switching between running apps

Start screen apps usually fill up the entire screen, with no visible menus.
That makes it difficult not only to control them but also to switch between
them. The same is true with the desktop apps. Windows makes it fairly
easy to switch between them by following these steps:
a) With multiple apps running on the Start screen, move the mouse
pointer to the screens top left corner.
b) A thumbnail of your last-used app will appear. You can click it to bring
that app to the screen or if you want to open other apps running in the
background, do the following:
When the thumbnail of your last-used app appears, raise or lower
your mouse pointer along the screens left edge. As you move the
pointer along the screens left edge, a bar appears alongside the
screens left edge, as shown in Figure 15.49, showing thumbnails of
your open apps.
Figure 15.49 App thumbnail bar listing running apps (on the left)
Tip
You can also switch between apps by using the <Windows> +

<Tab> keys to switch between running apps or the <Alt> +
<Tab> key combination to switch between all running apps and
desktop programs. To switch between apps using the keyboard,
hold down the <Alt> or <Windows> key and keep pressing
<Tab> until you get to the app you want.
c) To return to an app, click its thumbnail.
Page 1194 of 1229
15.8.9 Closing an app

To close an app, right-click its thumbnail and choose Close. Alternatively,
drag it downward from the top centre of the screen with your mouse (when
the mouse pointer changes to a hand) and throw it off the bottom of the
screen. This includes app thumbnails and the currently running app.
15.8.10 Adding and removing Start screen items

To remove an unwanted or unused tile from the Start screen, right-click it
and choose Unpin from Start from the App Bar. To add programs or apps
to the Start screen, follow these steps:
1. Click the Start screens downward-pointing arrow near the screens
lower-left corner to bring up the All Apps view.
2. Right-click the item you want to appear on the Start screen and choose
Pin to Start. You can select and add several items at the same time.
Right-click a folder, file, library, or other item you want to add to the
Start screen, and a check mark appears next to them. When you have
selected everything you want to add, choose Pin to Start. You can also
Unpin items from the Start Screen from the All Apps view by selecting
the items and choose Unpin from Start on the App Bar.
Tip
If you cannot find a newly installed app, chances are good that it is
in the All Apps area. Windows 8.1 places newly downloaded apps
in the All Apps area rather than on the Start screen.
15.8.11 Logging out, locking or exiting Windows 8/8.1

If several users use Windows on your computer and you want to switch to a
different user, you can do this by clicking your user icon and name in the
top right of the Start screen. See Figure 15.50.
Figure 15.50 User icon on Start screen

This will bring up a menu with three options:
Change account picture: this allows you to choose a new picture for
your account from images that you have on the system.
Lock: this will lock the system so that a password, PIN or picture
password is needed to sign in again.
Page 1195 of 1229
Sign-Out: this will sign you out of your account so that other users can
sign-in. You can sign in again later on to access the system as you left
it.
Tip
If you want to change your password, you can do this from the
Accounts page in PC Settings. Click the Settings Charm and then
click Change PC Settings to access the options.
To restart or shut down the computer, follow these steps:

1. Open the Charms Bar.
2. Click Settings > Power.
3. In the menu that appears, click Shut Down or Restart. See Figure
15.51.
Figure 15.51 Shut down or Restart option
15.8.12 Working with the desktop and Start button

The Start screen is great for listening to music, checking email and doing
other personal tasks, but when it is time to do work, the desktop is the
place to be. If you have worked with the traditional Windows desktop, then
working with the Windows 8/8.1 desktop will not be a problem. The
desktop is where you open files and folders, use the new Windows Explorer
replacement called File Explorer, and run several desktop programs at the
same time, each within their own window, as well as share information
between them.
Page 1196 of 1229
The Start screen treats the desktop as just another app, so you can switch
to the desktop just as you would open any other app: Click the Start
screens Desktop tile or press <Windows> + <D>. Figure 15.52 shows
the Windows 8.1 desktop.
Figure 15.52 Windows 8.1 desktop

Tip
The desktop works best with a keyboard and mouse.
The desktop comes with four main parts:
Start button: To launch a program, click the Start button in the

desktops bottom-left corner. When the Start screen appears, click the
tile for the program you want to run. Alternatively, you can populate
the desktops taskbar with icons of your favourite programs to launch
them.
Taskbar: the taskbar sits at the bottom edge of the desktop and is
where you can access active programs, files, folders and windows.
Programs such as Microsoft Paint and Notepad are not apps, but
desktop programs and thus need the desktop to work. Point at a
programs icon on the taskbar to see the programs name or perhaps a
thumbnail image of that program in action and click on the programs
icon to launch it.
For example, click on the folder icon on the taskbar to open File
Explorer. See Figure 15.53. This is the filing program that lets you
navigate the computers hard disk and the network and open and
manage files and folders. It has a ribbon with commands (buttons,
lists, etc.) that are organised on task-specific tabs and in featurespecific groups on each tab. Some groups have related dialog boxes or
task panes that contain additional commands.
Page 1197 of 1229
Figure 15.53 File Explorer

You can personalise the taskbar by pinning desktop app icons to it that
you use often and right-click on it to add or hide toolbars and configure
its properties. On the far right of the desktop is the notification area,
which offers access to various system settings, including available
networks, sounds, the current state of the system and time and date.
Recycle Bin: The desktops Recycle Bin icon stores recently deleted
files for easy retrieval.
Charms bar: Technically, the Charms bar is not part of the desktop,
but is hidden beyond every screens right edge. To open the Charms bar
with a mouse, point at the desktops top- or bottom-right corners.
To visit the Start screen from the desktop, click the Start button.
Alternatively, right-click on the Start button to show the Power User
menu. This menu has shortcuts to management, configuration and other
Windows tools. You can also press <Windows> + <X> to display the
Power User menu, as shown in Figure 15.54.
Page 1198 of 1229
Figure 15.54 Power User menu
15.8.13 Exploring PC Settings and Control Panel

The Control Panel is still part of Windows 8/8.1 and is housed in a single
window. This is where you can view information and make changes to the
system, such as add users, manage the network, add devices, uninstall
programs, troubleshoot the system and more. You can open the Control
Panel from the Power User menu or from the Charms bar by pointing to
the top- or bottom-right corner of the desktop. To navigate the Control
Panel, you can use links, enter search terms in the search box and use the
back button as desired.
Figure 15.55 Control Panel

Windows 8/8.1 also includes the PC Settings hub, which shows the most
frequently used settings and other settings. To open it, point the mouse at
the screens top- or bottom-right corner and when the Charms bar appears,
click the Settings icon. Then click Change PC Settings. See Figure 15.56.
Page 1199 of 1229
Figure 15.56 PC Settings

The PC Settings screen breaks its settings down into the categories and
categories can be further divided into sub-categories and relevant topics,
The main categories are as follows:
Activate Windows: Here a new product key can be entered and

Windows can be activated online.
PCs and Devices: Here you can personalise the PC and adjust mouse,
keyboard, display (resolution and multi-monitor), printer, scanner and
other peripheral settings. You can also customise the lock screen and
hot corner functionality, set power, sleep and Autoplay options and view
information about the PC.
Accounts: Here you can switch between Local and Microsoft accounts,
change password and the account picture, and add, edit and remove
user accounts and authorise other users access to use this system.
SkyDrive: Here you can check your available space on SkyDrive,

Microsofts online storage service, and choose which PCs settings
should be synced to your Microsoft account. This is useful for keeping
your settings with you when you sign in to other PCs.
Search and Apps: Here you can configure how search works and
whether to keep searches local only or to search the Internet as well,
clear search history, and enable and disable apps that you wish to use
when searching. You can also configure how Windows Store App
notifications called toast notifications that appear on the top right
corner of the Start Screen are displayed, as well as choose the apps and
programs Windows will use by default.
Page 1200 of 1229
Privacy: Here you can configure what personal or usage information

Windows can use, including whether or not apps can use your current
location, name or picture, or if your URLs can be sent to the Windows
Store.
Network: Here you can view and configure existing network

connections (wired, wireless, or VPN) and connection discoverability (for
public or private networks), view and copy any connection properties to
the clipboard, see data usage details for mobile devices, join a
homegroup and configure proxy settings.
Time and Language: Here you can change the time zone, adjust the
time and date formats to match your region, and adjust other settings
relating to your language and geographic region.
Ease of Access: Here you can configure settings that make Windows
8/8.1 easier to use.
Update and recovery: Here you can troubleshoot problems with

Windows updates, and perform various recovery options.
15.8.14 Boot to the desktop

1. You can set Windows 8.1 to automatically boot to the desktop every
time the computer starts. To do this, right-click in a blank space on the
Taskbar and select Properties. The Taskbar and Navigation
properties dialog box will appear. Click the Navigation tab, as shown
in Figure 15.57.
Figure 15.57 Taskbar and Navigation Properties (Navigation tab)
Page 1201 of 1229
2. To boot Windows 8.1 to the desktop, select When I sign in or close all
apps on a screen, go to the desktop instead of Start.
3. You can also configure the All Apps view in interesting ways here:
a) The option Show the Apps view automatically when I go to
Start will disable the Start screen completely. If you check this
option, pressing the <Windows> key will take you straight to the All
Apps view instead.
b) The option List desktop apps first in the Apps view when its
sorted by category option, will list desktop programs in the All Apps
view ahead of Start screen apps.
15.8.15 Using common Windows 8.1 keyboard shortcuts

To recap, there are several timesaving shortcuts that you can use with a
mouse and keyboard when working in Windows 8.1:
Press <Windows> to toggle between the Start screen and desktop.

Press <Windows> + <C> to open the Charms Bar.
Press <Windows> + <E> to open File Explorer with Computer view
displayed on the desktop.
Press <Windows> + <F> to open the Metro File browser.
Press <Windows> + <I> to display the Settings panel.
Press <Windows> + <L> to lock the system.
Press <Windows > + <S> to open the Search charm.
Press <Windows > + <Tab> to switch between running apps.
Press <Windows> + <Z> to display the App Bar.
Press <Ctrl> + <Shift> + <Esc> to launch the Task Manager.
Press <Ctrl> + <Alt> + <Del> to bring up secure logon screen.
You can also move your mouse to the four corners of the screen. These are
called hot corners. Each will display different options. The top and bottom
right corners will open the App Bar and the top and bottom left corners will
allow you to switch between running apps and opening the Start screen.
15.8.16 Finding help

The quickest ways to find help are as follows:
o Press <F1> when on the desktop or from within Windows or any
program.
o At the Start screen, type in the word help directly at the Start screen
and then click Help and Support.
Tip
You are strongly encouraged to explore Windows 8.1 more.
Page 1202 of 1229
15.8.17 System protection and recovery

This section looks at some recovery and protection tools you can use to put
a failed Windows 8/8.1 system back online as quickly as possible.
15.8.17.1 File History
File History is an easy-to-configure backup and recovery tool that initially
runs a full backup of files and folders on another disk or at a network
location and then runs a schedule that only backs up files and folders that
have been changed and deleted. Over time, File History keeps a complete
history of your files, enabling you to choose which file version to restore. It
can be found in the Control Panel (see Figure 15.58) or by opening PC
Settings and then clicking Update and Recovery, followed by File
History. It requires a second or external hard drive or a network location.
Figure 15.58 File History in Control Panel
15.8.17.2 Reset and Refresh

Windows 8/8.1 include the reset and refresh methods to recover a
computer:
Reset your PC: this performs a clean install of the OS to the factory
default. You lose everything from your current Windows 8/8.1
installation, only keeping the apps that came with the system at the
factory. See Figure 15.59. You might be asked to insert recovery media
that came with the system.
Page 1203 of 1229
Figure 15.59 Reset your PC
Refresh your PC: this repairs Windows 8/8.1 by reinstalling the OS

while keeping your personal files, important personalisation settings
and apps installed from Windows Store (re-installing them). However,
all installed third-party apps you installed from discs or websites will
be removed. See Figure 15.60. The program will leave a list of
programs on your desktop, complete with website links, so you know
exactly what to re-install. You might be asked to insert recovery
media that came with the system.
Figure 15.60 Refresh your PC

To Reset or Refresh, open PC Settings via Settings from the Charms Bar
and then click Update and recovery. Click Recovery, and from there you
have the three options shown in Figure 15.61.
Page 1204 of 1229
Figure 15.61 Update and Recovery Options

The Advanced startup option is the central fix-it location for the entire
OS. From here you can access repair tools such as Refresh and Reset your
PC, System Restore, command prompt and more.
15.8.17.3 Recovery drive
If the Windows 8/8.1 computer will not start, you can still Refresh it to get
it working again, but you will first need to create a Recovery Drive. This is
a USB flash drive that you can use to start the computer. To create a
Recovery Drive, search for recovery at the Start screen and run
Recovery drive option from search results. See Figure 15.62.
Figure 15.62 Update and Recovery Options
Page 1205 of 1229
If the USB flash drive is large enough and if the PC came with a Recovery
Partition containing a copy of Windows 8.1, you can also copy across this
backup copy of Windows 8.1 to the drive. This means that if you are in a
situation where the Windows 8.1 computer simply will not start and you
need to re-install the OS, start the computer from the Recovery Drive and
you will be presented with the Windows recovery environment (Figure
15.63).
Figure 15.63 Windows Recover Environment (Windows RE)

If you start the computer from the recovery drive and you want to restore
a backup image that was provided with the computer and was copied to the
recovery drive when it was created, click the Use a device button and
choose the USB flash drive from the options listed.
If you are using Windows 8.1 own Refresh image, click Troubleshoot. At
the next screen you will see a Refresh button. Click this to begin the
recovery process. Be aware that this can take some time, so if you are
using a portable computer, make sure it has power.
Both the Refresh and Reset procedures take one or more hours to
complete, depending on the size of the volumes in the computer and other
hardware, but the process itself is mostly automatic after you have
answered some questions about how you want to handle the files and
settings.
Note
Windows 8/8.1 also includes system restore, device manager, task

manager, event viewer, services console, task scheduler, disk
cleanup and defragmenter, msconfig, msinfo32, command prompt,
registry and many other tools to manage and troubleshoot the
system.
Page 1206 of 1229
15.8.17.4 Using Windows Recovery Environment

The Windows Recovery Environment (Windows RE) is a set of
troubleshooting tools that can be used to repair common causes of
unbootable operating systems. In the event of a startup problem such as
when the computer fails to start after a few attempts, Windows will
automatically restart in Windows RE to run the startup repair tool to help
diagnose the problem with the startup process.
Windows RE can also be accessed by completing the following steps:
1.
2.
3.
4.
Open the Settings charm and select Change PC Settings.

Select Update and Recovery > Recovery.
In Advanced Startup, select Restart Now.
From the Choose an option screen, shown in Figure 15.64, select
Troubleshoot.
Figure 15.64 Choose an option

5. On the Troubleshoot screen, shown in Figure 15.65, select Advanced
Options.
Figure 15.65 Troubleshoot
Page 1207 of 1229
6. On the Advanced Options screen, shown in Figure 15.66, select

Startup Settings, and then click Restart.
Figure 15.66 Advanced options

This restarts the computer and opens the Startup Settings menu, from
which you can perform the actions shown in Figure 15.67. Use <F1> to
select option 1, <F2> to select option 2 and so on.
Figure 15.67 Startup Settings
Page 1208 of 1229
You have one additional option to access the recovery console: press
<F10> and select Launch Recovery Environment. This causes Windows
to restart and open at the beginning of the Advanced Startup menu,
enabling you to begin the startup option selection process from the
beginning. From there, you can select Command Prompt.
Tip
Windows 8 boots very quickly, resulting in it being difficult to open

the boot options menu using the <F8> key . Therefore, you can
access Windows RE from a recovery USB drive, from the Windows
setup media, from an OEM recovery partition, holding down the
<Shift> key while clicking Restart in the OS or at the Sign-in
screen or at the command prompt by running
shutdown.exe /r /o.
15.9 VM guest additions and viewing modes

Guest Additions is an image file called VBoxGuestAdditions.iso that
contains programs and drivers to optimize the VM for better performance
and add extra functionality to it. Guest additions can only be installed
within the guest OS on a running VM.
1. To install the Guest Additions, in the Devices menu in the VMs menu
bar, select Insert Guest Additions CD image, as shown in Figure
15.68, which mounts the Guest Additions ISO file inside the VM.
Figure 15.68 Insert Guest Additions CD image

2. Windows should then automatically start the Guest Additions installer,
which installs the Guest Additions in the Windows guest. If it does not
start automatically, navigate to the File Explorer and double-click on
CD VirtualBox Guest Additions, as shown in Figure 15.69.
Page 1209 of 1229
Figure 15.69 CD Drive VirtualBox Guest Additions

3. When the setup program starts, click Next twice and click Install.
4. For every dialog box that asks you to install device software during the
installation, click Install.
5. Select Reboot now and click Finish. Windows will reboot.
6. Sign in. This completes the installation.
15.9.1 Viewing modes

Figure 15.70 shows the different viewing modes accessed from the View
menu of a running VM window. These modes are explained below:
Switch to Fullscreen use this so that the guest OS fills the entire
screen.
Switch to Seamless Mode with this option, the Host OS and guest
OS appear to merge. This allows the window of an application running
on the desktop of a guest OS, such as Windows, to be placed on the
desktop of the host OS, such as Linux, that makes it appear as if it is
running directly on the host rather than within the VM.
Switch to Scaled Mode use this so that the VMs screen will be
scaled to the size of a window. This can be useful if many VMs are
running and you want to have a look at one of them while it is running
in the background.
Adjust Window size use this option to change the window size.
Page 1210 of 1229
Figure 15.70 VM Viewing modes
15.10 VM closing states

When clicking the Close Red X button of the VMs window, VirtualBox will
display a dialog box with three options to close the VM:
Save the machine state: This tells VirtualBox to freeze the state of the
VM to a file on the hosts local disk, so that when the VM is started
again, it will resume in the same state it was left in. Any programs that
were open will still be open.
Send the shutdown signal: This is like pressing the PCs power
button, it sends an ACPI shutdown signal to the VM. This is an
appropriate way of shutting down the VM, but only if it is running a fairly
modern guest OS and only if the shutdown command within the guest
OS cannot be executed.
Power off the machine: This is like pulling the PCs power cable. It
tells VirtualBox to stop running the VM without saving its state. Avoid
using this option as much as possible, due to potential loss of data.
Figure 15.71 VM closing states

You can also restart the VM by selecting Reset from the Machine menu of
the running VM.
Note
You should shut down the VM the same way you would with any
host, that is, by clicking the shutdown button within the guest OS.
Page 1211 of 1229
15.11 Snapshots
A snapshot is a point in time image of the VMs state that you can
repeatedly go back to and use in the future in the event of a failure, even
though you might have changed the VM considerably since taking the
snapshot. You can create many snapshots to go back many points in time,
but remember: they all take up disk space.
A snapshot contains three items:
A complete copy of VM settings, including the hardware configuration,

which can be restored to the point when the snapshot was taken.
The complete state of all virtual disks attached to the VM. Any changes
made to the disk, file by file, bit by bit, after the snapshot was taken will
be undone.
If the snapshot was taken while the VM was running, it will include the
memory state of the VM, which means that you can restore the VM to its
exact state with all files and folders put back to the exact way they were
when the snapshot was taken.
There are different ways of taking a snapshot, including:
If the VM is running, select Take snapshot from the Machine menu of

the VM window.
If the VM is currently in either the saved or powered off state, select the
small camera icon that says Snapshots on the top right of the
VirtualBox Manager window. Then, right-click on the Current State
item in the list and select Take Snapshot from the menu, as shown in
Figure 15.72.
Figure 15.72 Snapshots screen
Page 1212 of 1229
You can see snapshots of a VM by selecting the VM in VirtualBox Manager

and clicking on the Snapshots button at the top right of the window.
Unless you have taken a snapshot, the list will be empty except for the
Current State item, which represents the Now point in the lifetime of the
VM.
When you select Take Snapshot, a window will appear and ask you to
give the snapshot a name. Type in a name that will help you remember the
state of the snapshot. Look at Figure 15.73 for an example of what you
could type in to identify the snapshot. You can also add a longer text in the
Description field if you want.
Figure 15.73 Creating a snapshot

After clicking OK, the new snapshot will appear in the snapshots list. The
Current State item will appear underneath the new snapshot. This
signifies that the current state of the VM is a variation based on the
snapshot taken earlier. If you take another snapshot later on, you will see
that they will be displayed in sequence, one after the other, and each
subsequent snapshot comes from an earlier one.
You can restore or delete a snapshot by right-clicking on it in the list and
selecting the appropriate option. See Figure 15.74. Do take note that by
restoring a snapshot, you go back in time, but the current state of the VM
is lost, and the VM is restored to the exact state it was in when the
snapshot was taken. To avoid losing the current state when restoring a
snapshot, create a new snapshot before the restore.
Page 1213 of 1229
Figure 15.74 Restoring or deleting a snapshot

Note
You are strongly encouraged to take snapshots and restore them.

You can test a snapshot by taking one, then making one or more
changes to the VM, and then restoring the VM from a snapshot to
undo the changes you make.
15.12 Removing VMs

To remove a VM, right-click on it in the VirtualBox Manager and select
Remove. You will be given the opportunity to select whether to remove the
VM only, or to remove all of its files as well.

Support Skills Labs and References (G185eng) book:
o Lab 1: Windows 7 (pp. 1115).
o Lab 2: System Administration Tools (pp. 1623)
o Lab 3: User Account Management (pp. 2427)
o Lab 4: Disk Management (pp. 2832)
o Lab 5: File Management (pp. 3339)
o Lab 6: Application Management (pp. 4043)
o Lab 7: Device Management (pp. 4448)
o Lab 8: System Management Utilities (pp. 4953)
o Lab 9: Windows Maintenance Tasks (pp. 5458)
o Lab 10: Installing and Configuring Windows XP (pp. 5968)
o Lab 11: Installing Windows Vista (pp. 6972)
o Lab 12: Boot Troubleshooting (pp. 7380)
o Lab 13: Automated System Recovery (pp. 8186)
o Lab 14: Event Viewer (pp. 8789)
o Lab 15: AntiVirus Software (pp. 90)
Page 1214 of 1229
o
o
o
o
o
o
Note
Lab
Lab
Lab
Lab
Lab
Lab
16:
18:
20:
21:
22:
23:
Account and Password Policies (pp. 9193)

Diagnosing System Errors (pp. 96)
Network Adapter Properties (pp. 9899)
Windows Networking (pp. 100106)
Remote Desktop (pp. 107109)
Testing Network Connectivity (pp. 110118)
Two computers are needed to complete the labs. You can create
your own VMs for those exercises that are performed on VMs. The
lecturer will provide you with the resources and equipment that are
available. Skip those lab exercises that require resources and
equipment that are unavailable. However, it is advisable that you
read through every exercise as they cover the tasks that a
computer technician would perform in their job.
Page 1215 of 1229

Student:
Start date :
Student, please note that unless all of the following exercises have been
signed off by a lecturer, you will not be allowed to book for the A+ practical
examination.
DATE
SIGN
Unit 1
Unit 2
Unit 3
Unit 4
Unit 5
Unit 6
Unit 7
Unit 8
Unit 9
Unit 10
Unit 11
Unit 12
Unit 13
Unit 14
Unit 15
Page 1216 of 1229
Unit 16 Theory and Practical Examination
16.1 Theory examination

The A+ 801 examination consists of various types of questions from units
112 of the A+ 801 section of this book. The A+ 802 examination consists
of various types of questions from units 115 of the A+ 802 section of this
book. Both theory examinations will primarily examine your understanding
of the theory and your ability to apply your knowledge. The review
questions set out at the end of every unit in the GTS A+ books provide
good preparation for the theory examinations.
16.2 Practical examination

Note the following about the practical examination:
You will need to go through all of the exercises in this study guide and
both GTS lab books to prepare for the practical examination.
You should focus on the following areas for the practical examination:
o Troubleshooting hardware
o Assembling a PC
o Changing BIOS settings
o Installing Windows 7, Windows XP and Windows 8.1
o Changing computer names
o Installing drivers
o Installing and configuring VirtualBox
o Networking computers and testing network connectivity
o Performing Remote Desktop tasks
o Installing a second hard drive on VirtualBox and a physical computer
o Creating partitions
o Converting a basic disk to a dynamic disk
o Creating dynamic disk volumes (simple, striped, etc.)
o Performing backups
o Configuring power management
o Changing registry settings
o Editing the BOOT.INI file
o Creating users and adding them to specific groups
o Creating folders and files
o Hiding files and displaying hidden files
o Sharing folders
o Changing NTFS and Share permissions
o Mapping a network drive
o Redirecting the results of commands into a text file using command
prompt
Page 1217 of 1229
o Creating a script file that will run commands with appropriate

switches and options
o Changing display settings
o Using performance monitoring tools
o Working with offline files
o Working with shadow copies
o Adding and sharing printer and printing to a file from another
computer
o Configuring the firewall
Practise doing the exercises in this book and both lab books. They are
guaranteed to help attain a pass in the practical examination.
The practical examination counts for 30% of the final mark for this
module.
Page 1218 of 1229
Bibliography
Web sites
www.tomshardware.org
www.intel.com
www.amd.com
www.nvidia.com
technet.microsoft.com
www.microsoft.com
windows.microsoft.com
msdn.microsoft.com
www.apple.com
www.cisco.com
www.comptia.org
www.virtualbox.org
www.vmware.com
pcsupport.about.com
www.cnet.com
www.webopedia.com
Books
Soper, E. M. Prowse, L. D. & Mueller, S. 2013. Authorized Cert Guide

CompTIA A+ 220-801 220-802. Third Edition. Pearson Education, Inc.
Prowse, L. D. 2013. Authorized Exam Cram CompTIA A+ 220-801 220802. Sixth Edition. Pearson Education, Inc.
Page 1219 of 1229
A+ Preparation Evaluation Form

APLSC-14 V1.0
How would you evaluate the A+ Preparation study guide? Place a or in one
of the five squares that best indicates your choice. Your response will help us
to improve the quality of the book and will be much appreciated.
The study guide is clear and understandable.
The exercises helped you grasp the course material.
You knew what to expect in the theory and practical
examination.
The examinations were fair and covered the text
evenly.
The practical examinations tested your knowledge
and ability.
Your lecturer was able to help you.
What did you enjoy most?
What did you enjoy least?
General comments (what would you add, leave out, change, etc.).
Please note any errors that you find in the book.
Campus:
Lecturer:
Date:
Please return this evaluation form to your lecturer so that it can be forwarded
to the Division for Courseware Development. Thank You.
Page 1220 of 1229
Bedfordview Campus
1st Floor, 14 Skeen Boulevard
Bedfordview, 2008
P.O. Box 1389, Bedfordview, 2008
Tel: +27 (0)11 450 1963/4, Fax: +27 (0)86 686
4950
Email: bedfordview@cti.ac.za
Bloemfontein Campus
Tourist Centre, 60 Park Avenue,
Willows, Bloemfontein, 9301
P.O. Box 1015, Bloemfontein, 9300
Tel: +27 (0)51 430 2701, Fax: +27 (0)51 430 2708
Email: bloemfontein@cti.ac.za
Cape Town Campus

The Brookside Building, 11 Imam Haron Street
(old Lansdowne Road), Claremont, 7708
P.O.Box 2325, Clareinch, 7740
Tel: +27 (0)21 674 6567, Fax: +27 (0)21 674
6599
Email: capetown@cti.ac.za
Durban Campus
59 Adelaide Tambo Drive (old Kensington Drive)
Durban North, 4067
P.O. Box 20251, Durban North, 4016
Tel: +27 (0)31 564 0570/5, Fax: +27 (0)31 564
8978
Email: durban@cti.ac.za
Durbanville Campus
Kaapzicht, 9 Rogers Street, Tyger Valley, 7530
P.O. Box 284, Private Bag X7
Tyger Valley, 7536
Tel: +27 (0)21 914 8000, Fax: +27 (0)21 914
8004
Email: durbanville@cti.ac.za
East London Campus

12 Stewart Drive, Berea, East London, 5241
PostNet Suite 373
Private Bag X9063, East London, 5200
Tel: +27 (0)43 721 2564, Fax: +27 (0)43 721 2597
Email: eastlondon@cti.ac.za
Nelspruit Campus
50 Murray Street
Nelspruit, 1200
P.O. Box 9497, Sonpark, Nelspruit, 1206
Tel: +27 (0)13 755 3918, Fax: +27 (0)13 755
3918
Email: nelspruit@cti.ac.za
Port Elizabeth Campus

Building 4, Ascot Office Park
Cnr Ascot & Conyngham Roads, Greenacres,
6065
P.O. Box 40049, Walmer, 6065
Tel: +27 (0)41 374 7978, Fax: +27 (0)41 374 3190
Email: port_elizabeth@cti.ac.za
Potchefstroom Campus
16 Esselen Street
Cnr Esselen Street & Steve Biko Avenue
Die Bult, Potchefstroom, 2531
P.O. Box 19900, Noordbrug, 2522
Tel: +27 (0)18 297 7760, Fax: +27 (0)18 297
7783
Email: potchefstroom@cti.ac.za
Pretoria Campus
Menlyn Corporate Park, Building A
175 Corobay Avenue (Cnr Garsfontein), Pretoria,
0181
PostNet Suite A147, Private Bag X18
Lynnwood Ridge, 0040
Tel: +27 (0)12 348 3060, Fax: +27 (0)12 348 3063
Email: pretoria@cti.ac.za
Randburg Campus
6 Hunter Avenue, Cnr Bram Fischer Drive
Ferndale, Randburg, 2194
P.O. Box 920, Randburg, 2125
Tel: +27 (0)11 789 3178, Fax: +27 (0)11 789
4606
Email: randburg@cti.ac.za
Vanderbijlpark Campus
Building 2, Cnr Rutherford & Frikkie Meyer Blvds
Vanderbijlpark, 1911
P.O. Box 6371, Vanderbijlpark, 1900
Tel: +27 (0)16 931 1180, Fax: +27 (0)16 933 1055
Email: vanderbijlpark@cti.ac.za
Group Head Office

Fourways Manor Office Park, Building 1
Cnr Roos & Macbeth Streets, Fourways, 2191
P.O. Box 1398, Randburg, 2125
Tel: +27 (0)11 467 8422, Fax: +27 (0)11 467
6528
Website: www.cti.ac.za

A+ Preparation Guide for Computer Hardware and Software

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

A+ Preparation Guide for Computer Hardware and Software

Uploaded by

Copyright:

Available Formats

A+ Preparation

How this study guide is arranged

Unit 1 Staying Safe

Unit 2 Cases, Motherboards and Power Supplies

Unit 3 I/O, Multimedia and Expansion Bus

Health and safety laws

3.19 Sound devices

Unit 4 Storage, Memory and Processing

Unit 5 BIOS and CMOS Setup

Unit 6 Custom Configuration and Gaming

Unit 7 Portable and Wearable Computers

Unit 8 Printers, Scanners and Bar Code Readers

Unit 9 Preventive Maintenance

Unit 10 Soft Skills and Incident Response

CMOS Setup program

10.1 Job roles and responsibilities

Unit 11 Local and Wireless Networking

Unit 12 Internet Connectivity

A+ 801 Lab Completion Form

11.1 Network building blocks

A+ 802 study schedule

Unit 1 Operating System Installation and Upgrade

1.14 Post installation tasks

Unit 2 Operating System Administration

Unit 3 Account Management

Unit 4 Storage and File System Management

Unit 5 File and Folder Management

Unit 6 Applications and Services

Unit 7 Device and Power Management

Unit 8 System and Performance Monitoring

Navigating the Windows 7 Desktop

Installing and uninstalling software

Advanced system properties

Unit 9 Maintenance and Backup

Unit 10 Troubleshooting Systems

Unit 11 Network Configuration and Troubleshooting

11.1 Network adapter properties

Unit 12 Printer Configuration and Troubleshooting

Unit 13 Computer and Network Security

Unit 14 Mobile Devices

13.1 Security fundamentals

14.1 Mobile device hardware

A+ 802 Lab Completion Form

Unit 16 Theory and Practical Examination

A+ Preparation Evaluation Form

15.1 Virtualisation basics

16.1 Theory examination

A+ Preparation | V1.0 Jan 2014

How this study guide is arranged

A+ 801 tests technical understanding of the computer, portable printer

Conventions and icons

e.g. means for example.

A+ Preparation | V1.0 Jan 2014

Sequences of commands sequences of steps to follow are shown in

The following icons are used in this study guide:

IS/MLM unit icon.

IS/MLM sub-unit icon.

Outcomes at the beginning of each unit. The outcomes indicate

Additional supplementary reading for you to do to further your

Review questions. These refer to questions at the end of each

Practical lab exercises to be done on the computer. Exercises

Using a keyboard and mouse