CompTIA Server+ Study Guide: Exam SK0-005

CompTIA®

Server+® Study Guide

Exam SK0-005

Second Edition

Troy McMillan

Copyright © 2023 by John Wiley & Sons, Inc. All rights reserved.

Published by John Wiley & Sons, Inc., Hoboken, New Jersey.

Published simultaneously in Canada.

ISBN: 978-1-119-89143-7

ISBN: 978-1-119-89145-1(ebk.)

ISBN: 978-1-119-89144-4 (ebk.)

No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning, or otherwise, except as permitted under Section 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, Inc., 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 750-4470, or on the web at www.copyright.com. Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748-6011, fax (201) 748-6008, or online at www.wiley.com/go/permission.

Trademarks: WILEY, the Wiley logo, and the Sybex logo are trademarks or registered trademarks of John Wiley & Sons, Inc. and/or its affiliates, in the United States and other countries, and may not be used without written permission. CompTIA and Server+ are trademarks or registered trademarks of CompTIA Properties, LLC. All other trademarks are the property of their respective owners. John Wiley & Sons, Inc. is not associated with any product or vendor mentioned in this book.

Limit of Liability/Disclaimer of Warranty: While the publisher and author have used their best efforts in preparing this book, they make no representations or warranties with respect to the accuracy or completeness of the contents of this book and specifically disclaim any implied warranties of merchantability or fitness for a particular purpose. No warranty may be created or extended by sales representatives or written sales materials. The advice and strategies contained herein may not be suitable for your situation. You should consult with a professional where appropriate. Further, readers should be aware that websites listed in this work may have changed or disappeared between when this work was written and when it is read. Neither the publisher nor authors shall be liable for any loss of profit or any other commercial damages, including but not limited to special, incidental, consequential, or other damages.

For general information on our other products and services or for technical support, please contact our Customer Care Department within the United States at (800) 762-2974, outside the United States at (317) 572-3993 or fax (317) 572-4002.

Wiley also publishes its books in a variety of electronic formats. Some content that appears in print may not be available in electronic formats. For more information about Wiley products, visit our web site at www.wiley.com.

Library of Congress Control Number: 2022942939

Cover image: © Jeremy Woodhouse/Getty Images

Cover design: Wiley

For my wife, Heike, who makes the hard work all worth it

Acknowledgments

Special thanks go to Kristi Bennett for keeping me on schedule and ensuring all the deadlines are met. Also I'd like to thank David Clinton for the excellent technical edit that saved me from myself at times. Finally, as always, I'd like to acknowledge Kenyon Brown for his continued support of all my writing efforts.

About the Author

Troy McMillan writes practice tests, study guides, and online course materials for CyberVista, while also running his own consulting and training business. He holds over 30 industry certifications. Troy can be reached at [email protected].

About the Technical Editor

David Clinton is the author of books and video courses on Linux and AWS administration, data analytics, container virtualization, and IT security.

Table of Exercises

Introduction

The Server+ certification program was developed by CompTIA to provide an industry-wide means of certifying the competency of computer server technicians. The Server+ certification, which is granted to those who have attained the level of knowledge and troubleshooting skills that are needed to provide capable support to the most commonly used server and storage systems, is similar to other certifications in the computer industry. The theory behind these certifications is that if you needed to have service performed on any of their products, you would sooner call a technician who has been certified in one of the appropriate programs than you would just call the first so-called expert listed online.

CompTIA's Server+ exam objectives are periodically updated to keep the certification applicable to the most recent hardware and software. This is necessary because a technician must be able to work on the latest equipment. The most recent revisions to the objectives—and to the whole program—were introduced in 2021 and are reflected in this book.

This book is a tool to help you prepare for this certification—and for the new areas of focus of a modern server technician's job.

What Is Server+ Certification?

The Server+ certification program was created to offer a wide-ranging certification in the sense that it's intended to certify competence with servers from many different makers and vendors. Everyone must take and pass one exam: SK0-005.

The Server+ certification isn't awarded until you've passed the test. For the latest pricing on the exams and updates to the registration procedures, call Pearson VUE at (877) 551-7587. You can also go to the website, www.vue.com, for additional information or to register online. If you have further questions about the scope of the exams or related CompTIA programs, refer to the CompTIA website at www.comptia.org.

Who Should Buy This Book?

If you want to acquire a solid foundation in servers and the storage systems they use, and your goal is to prepare for the exams by filling in any gaps in your knowledge, this book is for you. You'll find clear explanations of the concepts you need to grasp and plenty of help to achieve the high level of professional competency you need in order to succeed in your chosen field.

If you want to become certified as a Server+ holder, this book is definitely what you need. However, if you just want to attempt to pass the exam without really understanding the basics of personal computers, this guide isn't for you. It's written for people who want to acquire skills and knowledge of servers and storage systems.

What Does This Book Cover?

This book covers everything you need to know to pass the CompTIA Server+ exam.

What's Included in the Book

We've included several learning tools throughout the book:

Objective Map and Opening List of Objectives   We have included a detailed exam objective map showing you where each of the exam objectives is covered. In addition, each chapter opens with a list of the exam objectives it covers. Use these resources to see exactly where each of the exam topics is covered.

Assessment Test   We have provided an assessment test that you can use to check your readiness for the exam at the end of this Introduction. Take this test before you start reading the book; it will help you determine the areas on which you might need to brush up. The answers to the assessment test questions appear on a separate page after the last question of the test. Each answer includes an explanation and a note telling you the chapter in which the material appears.

Exam Essentials   Each chapter, just before the summary, includes a number of exam essentials. These are the key topics that you should take from the chapter in terms of areas on which you should focus when preparing for the exam.

Chapter Review Questions   To test your knowledge as you progress through the book, there are review questions at the end of each chapter. As you finish each chapter, answer the review questions and then check your answers—the correct answers appear in the Appendix. You can go back to reread the section that deals with each question you got wrong to ensure that you answer correctly the next time you're tested on the material.

Interactive Online Learning Environment and Test Bank

The interactive online learning environment that accompanies CompTIA Server+ Exam SK0-005 provides a test bank with study tools to help you prepare for the certification exams and increase your chances of passing them the first time. The test bank includes the following elements:

Sample Tests   All of the questions in this book, including the assessment test, which you’ll find at the end of this Introduction, and the chapter tests that include the review questions at the end of each chapter are provided with answers and explanations. In addition, there are two practice exams. Use these questions to test your knowledge of the study guide material. The online test bank runs on multiple devices.

Flashcards   One set of questions is provided in digital flashcard format (a question followed by a single correct answer). You can use the flashcards to reinforce your learning and provide last-minute test prep before the exam.

Glossary   The key terms from this book and their definitions are available as a fully searchable PDF.

Go to www.wiley.com/go/sybextestprep to register and gain access to this interactive online learning environment and test bank with study tools.

Note icon Like all exams, the Server+ certification from CompTIA is updated periodically and may eventually be retired or replaced. At some point after CompTIA is no longer offering this exam, the old editions of our books and online tools will be retired. If you have purchased this book after the exam was retired, or are attempting to register in the Sybex online learning environment after the exam was retired, please know that we make no guarantees that this exam’s online Sybex tools will be available once the exam is no longer available.

How to Use This Book

If you want a solid foundation for preparing for the Server+ exam, this is the book for you. We've spent countless hours putting together this book with the sole intention of helping you prepare for the exams.

This book is loaded with valuable information, and you will get the most out of your study time if you understand how we put the book together. Here's a list that describes how to approach studying:

Take the assessment test immediately following this Introduction. It's okay if you don't know any of the answers—that's what this book is for. Carefully read over the explanations for any question you get wrong, and make note of the chapters where that material is covered.

Study each chapter carefully, making sure you fully understand the information and the exam objectives listed at the beginning of each one. Again, pay extra-close attention to any chapter that includes material covered in questions you missed on the assessment test.

Read over the summary and exam essentials. These will highlight the sections from the chapter with which you need to be familiar before sitting for the exam.

Answer all of the review questions at the end of each chapter. Specifically note any questions that confuse you, and study the corresponding sections of the book again. Don't just skim these questions! Make sure that you understand each answer completely.

Go over the electronic flashcards. These help you prepare for the latest Server+ exam, and they're really great study tools.

Take the practice exam.

Performance-Based Questions

CompTIA includes performance-based questions on the Server+ exams. These are not the traditional multiple-choice questions with which you're probably familiar. These questions require the candidate to know how to perform a specific task or series of tasks. The candidate will be presented with a scenario and will be asked to complete a task. They will be taken to a simulated environment where they will have to perform a series of steps and will be graded on how well they complete the task.

Tips for Taking the Server+ Exam

Here are some general tips for taking your exams successfully:

Bring two forms of ID with you. One must be a photo ID, such as a driver's license. The other can be a major credit card or a passport. Both forms must include a signature.

Arrive early at the exam center so you can relax and review your study materials, particularly tables and lists of exam-related information.

Read the questions carefully. Don't be tempted to jump to an early conclusion. Make sure you know exactly what the question is asking.

Don't leave any unanswered questions. Unanswered questions are scored against you.

There will be questions with multiple correct responses. When there is more than one correct answer, a message at the bottom of the screen will prompt you to either Choose two or Choose all that apply. Be sure to read the messages displayed to know how many correct answers you must choose.

When answering multiple-choice questions you're not sure about, use a process of elimination to get rid of the obviously incorrect answers first. Doing so will improve your odds if you need to make an educated guess.

On form-based tests (nonadaptive), because the hard questions will eat up the most time, save them for last. You can move forward and backward through the exam.

For the latest pricing on the exams and updates to the registration procedures, visit CompTIA's website at www.comptia.org.

The CompTIA Server+ Exam Objectives

CompTIA goes to great lengths to ensure that its certification programs accurately reflect the IT industry's best practices. The company does this by establishing Cornerstone Committees for each of its exam programs. Each committee consists of a small group of IT professionals, training providers, and publishers who are responsible for establishing the exam's baseline competency level and who determine the appropriate target audience level.

Once these factors are determined, CompTIA shares this information with a group of hand-selected subject matter experts (SMEs). These folks are the true brainpower behind the certification program. They review the committee's findings, refine them, and shape them into the objectives you see before you. CompTIA calls this process a job task analysis (JTA).

Finally, CompTIA conducts a survey to ensure that the objectives and weightings truly reflect the job requirements. Only then can the SMEs go to work writing the hundreds of questions needed for the exam. And, in many cases, they have to go back to the drawing board for further refinements before the exam is ready to go live in its final state. So, rest assured, the content you're about to learn will serve you long after you take the exam.

Exam objectives are subject to change at any time without prior notice and at CompTIA's sole discretion. Please visit the certification page of CompTIA's website at www.comptia.org for the most current listing of exam objectives.

CompTIA also publishes relative weightings for each of the exam's objectives. The following tables list the objective domains and the extent to which they're represented on each exam.

The following sections look at the objectives beneath each of these domains in more detail.

CompTIA SK0-005 Exam

1.1 Given a scenario, install physical hardware.

Enclosure sizes

Unit sizes

1U, 2U, 3U, etc.

Rack layout

Cooling management

Safety

Proper lifting techniques

Rack balancing

Floor load limitations

Power distribution unit (PDU)

Keyboard-video mouse (KVM) placement

Rail kits

Power cabling

Redundant power

Uninterruptible power supply (UPS)

Separate circuits

Separate providers

Power connector types

Cable management

Network cabling

Redundant networking

Twisted pair

Fiber

SC

LC

Single mode

Multimode

Gigabit

10 GigE

Small form factor pluggable (SFP)

SFP+

Quad small form factor pluggable (QSFP)

Cable management

Server chassis types

Tower

Rack mount

Blade enclosure

Server components

Hardware compatibility list (HCL)

Central processing unit (CPU)

Graphics processing unit (GPU)

Memory

Bus types

Interface types

Expansion cards

1.2 Given a scenario, deploy and manage storage.

RAID levels and types

0

1

5

6

10

Just a bunch of disks (JBOD)

Hardware vs. software

Capacity planning

Hard drive media types

Solid state drive (SSD)

Wear factors

Read intensive

Write intensive

Hard disk drive (HDD)

Rotations per minute (RPM)

15,000

10,000

7,200

Hybrid

Interface types

Serial attached SCSI (SAS)

Serial ATA (SATA)

Peripheral component interconnect (PCI)

External serial advanced technology attachment (eSATA)

Universal serial bus (USB)

Secure digital (SD)

Shared storage

Network attached storage (NAS)

Network file system (NFS)

Common Internet file system (CIFS)

Storage area network (SAN)

Internet small computer systems interface (iSCSI)

Fibre Channel

Fibre Channel over Ethernet (FCoE)

1.3 Given a scenario, perform server hardware maintenance.

Out-of-band management

Remote drive access

Remote console access

Remote power on/off

Internet protocol keyboard video-mouse (IP KVM)

Local hardware administration

Keyboard-video-mouse (KVM)

Crash cart

Virtual administration console

Serial connectivity

Console connections

Components

Firmware upgrades

Drives

Hot-swappable hardware

Drives

Cages

Cards

Power supplies

Fans

Basic input/output system (BIOS)/Unified Extensible Firmware Interface (UEFI)

2.1 Given a scenario, install server operating systems.

Minimum operating system (OS) requirements

Hardware compatibility list (HCL)

Installations

Graphical user interface (GUI)

Core

Bare metal

Virtualized

Remote

Slip streamed/unattended

Scripted installations

Additional drivers

Additional applications and utilities

Patches

Media installation type

Network

Optical

Universal serial bus (USB)

Embedded

Imaging

Cloning

Virtual machine (VM) cloning

Physical clones

Template deployment

Physical to virtual (P2V)

Partition and volume types

Global partition table (GPT) vs. master boot record (MBR)

Dynamic disk

Logical volume management (LVM)

File system types

ext4

New technology file system (NTFS)

VMware file system (VMFS)

Resilient file system (ReFS)

Z file system (ZFS)

2.2 Given a scenario, configure servers to use network infrastructure services.

IP configuration

Virtual local area network (VLAN)

Default gateways

Name resolution

Domain name service (DNS)

Fully qualified domain name (FQDN)

Hosts file

Addressing protocols

IPv4

Request for comments (RFC) 1918 address spaces

IPv6

Firewall

Ports

Static vs. dynamic

Dynamic host configuration protocol (DHCP)

Automatic private IP address (APIPA)

MAC addresses

2.3 Given a scenario, configure and maintain server functions and features

Server roles requirements

Print

Database

File

Web

Application

Messaging

Baselining

Documentation

Performance metrics

Directory connectivity

Storage management

Formatting

Connectivity

Provisioning

Partitioning

Page/swap/scratch location and size

Disk quotas

Compression

Deduplication

Monitoring

Uptime

Thresholds

Performance

Memory

Disk

Input output operations per second (IOPS)

Capacity vs. utilization

Network

Central processing unit (CPU)

Event logs

Configuration

Shipping

Alerting

Reporting

Retention

Rotation

Data migration and transfer

Infiltration

Exfiltration

Disparate OS data transfer

Robocopy

File transfer

Fast copy

Secure copy protocol (SCP)

Administrative interfaces

Console

Remote desktop

Secure shell (SSH)

Web interface

2.4 Explain the key concepts of high availability for servers.

Clustering

Active-active

Active-passive

Failover

Failback

Proper patching procedures

Heartbeat

Fault tolerance

Server-level redundancy vs. component redundancy

Redundant server network infrastructure

Load balancing

Software vs. hardware

Round robin

Most recently used (MRU)

Network interface card (NIC) teaming and redundancy

Failover

Link aggregation

2.5 Summarize the purpose and operation of virtualization.

Host vs. guest

Virtual networking

Direct access (bridged)

Network address translation (NAT)

vNICs

Virtual switches

Resource allocation and provisioning

CPU

Memory

Disk

NIC

Overprovisioning

Scalability

Management interfaces for virtual machines

Cloud models

Public

Private

Hybrid

2.6 Summarize scripting basics for server administration.

Script types

Bash

Batch

PowerShell

Virtual basic script (VBS)

Environment variables

Comment syntax

Basic script constructs

Loops

Variables

Conditionals

Comparators

Basic data types

Integers

Strings

Arrays

Common server administration scripting tasks

Startup

Shut down

Service

Login

Account creation

Bootstrap

2.7 Explain the importance of asset management and documentation.

Asset management

Labeling

Warranty

Leased vs. owned devices

Life-cycle management

Procurement

Usage

End of life

Disposal/recycling

Inventory

Make

Model

Serial number

Asset tag

Documentation management

Updates

Service manuals

Architecture diagrams

Infrastructure diagrams

Workflow diagrams

Recovery processes

Baselines

Change management

Server configurations

Company policies and procedures

Business impact analysis (BIA)

Mean time between failure (MTBF)

Mean time to recover (MTTR)

Recovery point objective (RPO)

Recovery time objective (RTO)

Service level agreement (SLA)

Uptime requirements

Document availability

Secure storage of sensitive documentation

2.8 Explain licensing concepts.

Models

Per-instance

Per-concurrent user

Per-server

Per-socket

Per-core

Site-based

Physical vs. virtual

Node-locked

Signatures

Open source

Subscription

License vs. maintenance and support

Volume licensing

License count validation

True up

Version compatibility

Backward compatible

Forward compatible

3.1 Summarize data security concepts.

Encryption paradigms

Data at rest

Data in transit

Retention policies

Data storage

Physical location storage

Off-site vs. on-site

UEFI/BIOS passwords

Bootloader passwords

Business impact

Data value prioritization

Life-cycle management

Cost of security vs. risk and/or replacement

3.2 Summarize physical security concepts.

Physical access controls

Bollards

Architectural reinforcements

Signal blocking

Reflective glass

Datacenter camouflage

Fencing

Security guards

Security cameras

Locks

Biometric

Radio frequency identification (RFID)

Card readers

Mantraps

Safes

Environmental controls

Fire suppression

Heating, ventilation, and cooling (HVAC)

Sensors

3.3 Explain important concepts pertaining to identity and access management for server administration.

User accounts

User groups

Password policies

Length

Lockout

Enforcement

Permissions and access controls

Role-based

Rule-based

Scope based

Segregation of duties

Delegation

Auditing

User activity

Logins

Group memberships

Deletions

Multifactor authentication (MFA)

Something you know

Something you have

Something you are

Single sign-on (SSO)

3.4 Explain data security risks and mitigation strategies.

Security risks

Hardware failure

Malware

Data corruption

Insider threats

Theft

Data loss prevention (DLP)

Unwanted duplication

Unwanted publication

Unwanted access methods

Backdoor

Social engineering

Breaches

Identification

Disclosure

Mitigation strategies

Data monitoring

Log analysis

Security information and event management (SIEM)

Two-person integrity

Split encryption keys tokens

Separation of roles

Regulatory constraints

Governmental

Individually privileged information

Personally identifiable information (PII)

Payment Card Industry Data Security Standard (PCI DSS)

Legal considerations

Data retention

Subpoenas

3.5 Given a scenario, apply server hardening methods.

OS hardening

Disable unused services

Close unneeded ports

Install only required software

Apply driver updates

Apply OS updates

Firewall configuration

Application hardening

Install latest patches

Disable unneeded services, roles, or features

Host security

Antivirus

Anti-malware

Host intrusion detection system (HIDS)/Host intrusion prevention system (HIPS)

Hardware hardening

Disable unneeded hardware

Disable unneeded physical ports, devices, or functions

Set BIOS password

Set boot order

Patching

Testing

Deployment

Change management

3.6 Summarize proper server decommissioning concepts.

Proper removal procedures

Company policies

Verify non-utilization

Documentation

Asset management

Change management

Media destruction

Disk wiping

Physical

Degaussing

Shredding

Crushing

Incineration

Purposes for media destruction

Media retention requirements

Cable remediation

Power

Networking

Electronics recycling

Internal vs. external

Repurposing

3.7 Explain the importance of backups and restores.

Backup methods

Full

Synthetic full

Incremental

Differential

Archive

Open file

Snapshot

Backup frequency

Media rotation

Backup media types

Tape

Cloud

Disk

Print

File-level vs. system-state backup

Restore methods

Overwrite

Side by side

Alternate location path

Backup validation

Media integrity

Equipment

Regular testing intervals

Media inventory before restoration

3.8 Explain the importance of disaster recovery.

Site types

Hot site

Cold site

Warm site

Cloud

Separate geographic locations

Replication

Constant

Background

Synchronous vs. asynchronous

Application consistent

File locking

Mirroring

Bidirectional

Testing

Tabletops

Live failover

Simulated failover

Production vs. non-production

4.1 Explain the troubleshooting theory and methodology.

Identify the problem and determine the scope.

Question users/stakeholders and identify changes to the server/environment.

Collect additional documentation/logs.

If possible, replicate the problem as appropriate.

If possible, perform backup before making changes.

Escalate, if necessary.

Establish a theory of probable cause (question the obvious).

Determine whether there is a common element or symptom causing multiple problems.

Test the theory to determine the cause.

Once the theory is confirmed, determine the next steps to resolve the problem.

If the theory is not confirmed, establish a new theory.

Establish a plan of action to resolve the problem.

Notify impacted users.

Implement the solution or escalate.

Make one change at a time and test/confirm the change has resolved the problem.

If the problem is not resolved, reverse the change, if appropriate, and implement a new change.

Verify full system functionality and, if applicable, implement preventive measures.

Perform a root cause analysis.

Document findings, actions, and outcomes throughout the process.

4.2 Given a scenario, troubleshoot common hardware failures.

Common problems

Predictive failures

Memory errors and failures

System crash

Blue screen

Purple screen

Memory dump

Utilization

Power-on self-test (POST) errors

Random lockups

Kernel panic

Complementary metal-oxide-semiconductor (CMOS) battery failure

System lockups

Random crashes

Fault and device indication

Visual indicators

Light-emitting diode (LED)

Liquid crystal display (LCD) panel readouts

Auditory or olfactory cues

POST codes

Misallocated virtual resources

Causes of common problems

Technical

Power supply fault

Malfunctioning fans

Improperly seated heat sink

Improperly seated cards

Incompatibility of components

Cooling failures

Backplane failure

Firmware incompatibility

CPU or GPU overheating

Environmental

Dust

Humidity

Temperature

Tools and techniques

Event logs

Firmware upgrades or downgrades

Hardware diagnostics

Compressed air

Electrostatic discharge (ESD) equipment

Reseating or replacing components and/or cables

4.3 Given a scenario, troubleshoot storage problems.

Common problems

Boot errors

Sector block errors

Cache battery failure

Read/write errors

Failed drives

Page/swap/scratch file or partition

Partition errors

Slow file access

OS not found

Unsuccessful backup

Unable to mount the device

Drive not available

Cannot access logical drive

Data corruption

Slow I/O performance

Restore failure

Cache failure

Multiple drive failure

Causes of common problems

Disk space utilization

Insufficient disk space

Misconfigured RAID

Media failure

Drive failure

Controller failure

Hot bus adapter (HBA) failure

Loose connectors

Cable problems

Misconfiguration

Corrupt boot sector

Corrupt file system table

Array rebuild

Improper disk partition

Bad sectors

Cache battery failure

Cache turned off

Insufficient space

Improper RAID configuration

Mismatched drives

Backplane failure

Tools and techniques

Partitioning tools

Disk management

RAID and array management

System logs

Disk mounting commands

net use

mount

Monitoring tools

Visual inspections

Auditory inspections

4.4 Given a scenario, troubleshoot common OS and software problems.

Common problems

Unable to log on

Unable to access resources

Unable to access files

System file corruption

End of life/end of support

Slow performance

Cannot write to system logs

Service failures

System or application hanging

Freezing

Patch update failure

Causes of common problems

Incompatible drivers/modules

Improperly applied patches

Unstable drivers or software

Server not joined to domain

Clock skew

Memory leaks

Buffer overrun

Incompatibility

Insecure dependencies

Version management

Architecture

Update failures

Missing updates

Missing dependencies

Downstream failures due to updates

Inappropriate application level permissions

Improper CPU affinity and priority

OS and software tools and techniques

Patching

Upgrades

Downgrades

Package management

Recovery

Boot options

Safe mode

Single user mode

Reload OS

Snapshots

Proper privilege escalations

runas/Run As

sudo

su

Scheduled reboots

Software firewalls

Adding or removing ports

Zones

Clocks

Network time protocol (NTP)

System time

Services and processes

Starting

Stopping

Status identification

Dependencies

Configuration management

System center configuration manager (SCCM)

Puppet/Chef/Ansible

Group Policy Object (GPO)

Hardware compatibility list (HCL)

4.5 Given a scenario, troubleshoot network connectivity issues.

Common problems

Lack of Internet connectivity

Resource unavailable

Receiving incorrect DHCP information

Non-functional or unreachable

Destination host unreachable

Unknown host

Unable to reach remote subnets

Failure of service provider

Cannot reach server by host-name/fully qualified domain name (FQDN)

Causes of common problems

Improper IP configuration

IPv4 vs. IPv6 misconfigurations

Improper VLAN configuration

Network port security

Component failure

Incorrect OS route tables

Bad cables

Firewall (misconfiguration, hardware failure, software failure)

Misconfigured NIC

DNS and/or DHCP failure

DHCP server misconfigured

Misconfigured hosts file

Tools and techniques

Check link lights

Confirm power supply

Verify cable integrity

Check appropriate cable selection

Commands

ipconfig

ip addr

ping

tracert

traceroute

nslookup

netstat

dig

telnet

nc

nbtstat

route

4.6 Given a scenario, troubleshoot security problems.

Common problems

File integrity

Improper privilege escalation

Excessive access

Applications will not load

Cannot access network file shares

Unable to open files

Causes of common problems

Open ports

Services

Active

Inactive

Orphan/zombie

Intrusion detection configurations

Anti-malware configurations

Improperly configured local/group policies

Improperly configured firewall rules

Misconfigured permissions

Virus infection

Malware

Rogue processes/services

Data loss prevention (DLP)

Security tools

Port scanners

Sniffers

Telnet clients

Anti-malware

Antivirus

File integrity

Checksums

Monitoring

Detection

Enforcement

User access controls

SELinux

User account control (UAC)

Objective Map

The following objective map shows you where the exam objectives are covered in the chapters. Use it as a reference to find the information you're looking for.

SK0-004 Exam Objectives

Exam specifications and content are subject to change at any time without prior notice and at CompTIA's sole discretion. Please visit CompTIA's website (www.comptia.org) for the most current information on the exam content.

How to Contact the Publisher

If you believe you have found a mistake in this book, please bring it to our attention. At John Wiley & Sons, we understand how important it is to provide our customers with accurate content, but even with our best efforts an error may occur.

In order to submit your possible errata, please email it to our Customer Service Team at [email protected] with the subject line Possible Book Errata Submission.

Assessment Test

Which of the following is not part of the form factor of a server?

Size

Appearance

Dimensions

Security

Which function is made easier when a server has a rail kit?

Installation

Maintenance

Configuration

Network access

Which of the following is the unit of measurement when discussing rack components?

M

I

U

C

Which of the following is another term for RAID 1?

Duplicating

Doubling

Duplexing

Mirroring

What is the primary function of PXE?

Remote booting

Secure routing

Remote administration

Redundant connections

Shares are used to allocate which of the following to VMs?

ROM

CPU

NVRAM

L2 cache

What is the most common protocol a SAN uses?

IPX

IP

Ethernet

Fibre Channel

Which of the following is true of a NAS?

A NAS has lower latency and higher reliability than a SAN.

A NAS typically supports only RAID 5.

A NAS does not support high throughput.

Implementing a NAS is inexpensive.

Which of the following is a standard firmware interface for servers and PCs designed to replace BIOS?

SCSI

ISCSI

UEFI

FDDI

What is the role of a DHCP server in a network?

Issues IP configurations

Translates private to public addresses

Authenticates users

Resolves IP addresses to hostnames

The metric IOPS is used to describe the performance of which resource?

Memory

Disk

CPU

Network

As the number of users assigned to a printer increases, which resource should be increased?

Disk

Network

CPU

Memory

What is the function of the command-line utility wevtutil?

Manages log files

Manages network connections

Manages memory issues

Manages CPU affinity

Which of the following are simply whole numbers?

Strings

Arrays

Integers

Conditionals

Which RAID version requires at least three drives?

RAID 0

RAID 1

RAID 5

RAID 10

Which of the following statements is true with respect to safes?

No safes are fireproof.

Consumer Reports assigns ratings to safes that you can use to assess the suitability of the safe.

Those that are fire-resistant will protect a backup tape from being damaged.

When considering a safe, you should focus on two items: the cost and the size.

Which of the following is true of an HIDS?

A high number of false negatives can cause a lax attitude on the part of the security team.

An HIDS cannot address authentication issues.

Encrypted packets can be analyzed.

An HIDS monitors only traffic destined for the machine on which it is installed.

Which of the following is a compact, hot-pluggable transceiver not standardized by any governing body like the IEEE?

SELinux

PXE

SPF

QoS

Which of the following would Joe use to digitally sign a document so that Sally can verify his signature?

Joe's private key

Sally's private key

Joe's public key

Sally's public key

Which authentication mechanism is an example of something you are?

Password

Username

Smartcard

Retina scan

What is a common host-based firewall on Linux-based systems?

iptables

nessus

tripwire

scannow

Which of the following can be accomplished using port security?

Set the minimum number of MAC addresses that can be seen on a port.

Set the maximum number of IP addresses that can be seen on a port.

Define which MAC addresses are not allowed on the port.

Set the maximum number of MAC addresses that can be seen on a port.

Which of the following is one that is a process, completes its work, but is mistakenly marked as a dead process, preventing it from ending?

Orphan

Active

Zombie

Inactive

Which is the minimum category of cable required for 100 Mbps transmissions?

CAT3

CAT5

CAT5e

CAT6

Which of the following services uses port number 443?

SFTP

NTP

HTTP

HTTPS

Backdoors are also sometimes called which of the following?

Teardrops

Remote access trojans

Trapdoors

Rootkits

Which of the following parts of a MAC address is unique for each interface made by a vendor?

UAA

BAA

OUI

EUI-64

How many sets of backup tapes are used in the GFS system?

2

3

4

5

When creating a backup, what function can be used to verify the integrity of the results?

Checksums

Encryption

Digital signatures

Transaction logs

If you perform a full backup once a week and use a differential backup scheme the rest of the week, how many tapes are required for a restore four days after the full backup is taken?

1

2

3

4

Which of the following components is a system responsible for preventing attacks?

HIDS

NIDS

IPS

DC

Which of the following is a suite of protocols that establishes a secure channel between two devices?

IPsec

SPI

iSCSI

VLAN

Which of the following is not true about server backplanes?

They can be a single point of failure.

They provide data and control signal connectors for CPU.

Backplane failures are uncommon.

You should implement redundant backplanes.

Which of the following steps in the CompTIA troubleshooting method comes first?

Verify full system functionality and, if applicable, implement preventive measures.

Document findings, actions, and outcomes throughout the process.

Identify the problem and determine the scope.

Perform a root cause analysis.

Which command is used on a Windows computer to identify the path taken to a destination network?

traceroute

tracert

ipconfig/trace

trace

On which type of device is port security used?

Hub

Switch

Router

Multiplexer

You receive a destination unreachable message with a source IP address. Where is it coming from?

A remote router

A remote DNS server

A local DNS server

The local router

The sudo fdisk -l command lists the partitions on what type of system?

Windows

Mac

Novell

Linux

In Linux, what is fstab used for?

To mount partitions on boot

To create partitions

To format a partition

To defragment a drive

What component locates the operating system in Linux?

NTLDR

GRUB

Bootmgr

boot.ini

Answers to Assessment Test

D.  Form factor refers to the physical appearance and dimensions of the server.

B.  Rail kits, when implemented, allow for the server to be slid out of the rack for maintenance.

C.  Each U is 1.75 inches (4.445 cm) high.

D.  RAID 1 is also known as disk mirroring. This is a method of producing fault tolerance by writing all data simultaneously to two separate drives.

A.  The Preboot Execution Environment (PXE) is an industry standard client/server interface that allows networked computers that are not yet loaded with an operating system to be configured and booted remotely by an administrator.

B.  There are three ways the allocation of the use of the physical CPU(s) can be controlled. These methods are as follows:

Shares: Using values such as Low, Normal, High, and Custom (in VMWare, for example), these values are compared to the sum of all shares of all virtual machines on the server. Therefore, they define the relative percentage each VM can use.

Reservation: Guaranteed CPU allocation for a VM.

Limit: Upper limit for a VM's CPU allocation.

D.  In a classic SAN, devices communicate using the Fibre Channel protocol over a fiber network of storage devices typically connected to a Fibre Channel switch.

D.  Implementing a NAS is inexpensive when compared to implementing a SAN.

C.  Some advantages of UEFI firmware are:

Better security; protects the preboot process

Faster startup times and resuming from hibernation

Support for drives larger than 2.2 terabytes (TB)

Support for 64-bit firmware device drivers

Capability to use BIOS with UEFI hardware

A.  DHCP servers are used to automate the process of providing an IP configuration to devices in the network. These servers respond to broadcast-based requests for a configuration by offering an IP address, subnet mask, and default gateway to the DHCP client.

B.  IOPS (input/output operations per second) is a common disk metric that describes how fast the disk subsystem is able to read and write to the drive. The higher this value, the better.

D.  Print servers need lots of memory to hold the print jobs waiting in the print queue. The exact amount will depend on the number of users assigned to the printers being managed by this print server.

A.  Managing log files can be done at the command line using the following command, inserting the name of the log file and the maximum size in bytes:

wevtutil sl <LogName> /ms:<MaxSizeInBytes>

C.  Integers are simply whole numbers. This data type can be used to:

Assign a value to a variable

Set the parameters of a loop

Define a condition to be met

C.  A minimum of three drives is required for RAID 5.

C.  With respect to fire, no safe is fireproof. Many are fire-resistant and will protect a document from being destroyed, which occurs at a much higher temperature than many of the other items (such as backup tapes and CDs) can tolerate without damage. For these reasons, items such as backup tapes should be stored off-site.

D.  A host-based system is installed on the device (for purposes of our discussion, a server) and the system focuses solely on identifying attacks on that device only.

C.  The small form-factor pluggable (SFP) is a compact, hot-pluggable transceiver that, though not standardized by any governing body like the IEEE, was created through a multisource agreement (MSA) between competing manufacturers. For this reason, you may find that there is not full compatibility among these from various sources.

A.  Since Sally will use Joe's public key to verify the signature, he must sign it with his private key.

D.  While passwords and usernames are examples of something you know and a smartcard is an example of something you possess, a retina scan provides something you are.

A.  On Linux-based systems a common host-based firewall is iptables, which replaces a previous package called ipchains. It has the ability to accept or drop packets.

D.  It is possible to specify a maximum number of MAC addresses allowed on a port.

C.  A zombie process (work performed on behalf of services is done using processes) is one that is a child of another process. It becomes a zombie when it completes its work but is mistakenly marked as a dead process, preventing it from ending.

B.  CAT5 transmits data at speed up to 100 Mbps and specifies cable lengths up to 100 meters.

D.  HTTPS is a secure form of HTTP that uses port 443.

B.  A Trojan horse can create a backdoor. These backdoors are also sometimes called remote access Trojans (RATs) because they allow the hacker to connect to the machine without going through any sort of authentication process.

C.  Each part of this address communicates information. The left half of the address is called the organizationally unique identifier (OUI). It identifies the vendor who made the interface. The right half is called the universally administered address (UAA). It will be unique for each interface made by the vendor. Together they make a globally unique MAC address.

B.  In the Grandfather-Father-Son (GFS) backup scheme, three sets of backups are defined. Most often these three definitions are daily, weekly, and monthly.

A.  If you create the backup using checksums (which is an option with many utilities), it will allow you to check that the data has not changed since it was made or that it has been corrupted or damaged.

B.  You will need the last full backup tape and the last differential tape. Each differential tape contains all changes that occurred since the last full backup.

C.  An IPS is a system responsible for preventing attacks. When an attack begins, an IPS takes actions to contain the attack.

A.  Internet Protocol Security (IPsec) is a suite of protocols that establishes a secure channel between two devices. IPsec is commonly implemented over VPNs, but that is not its only use.

B.  Backplanes are advantageous in that they provide data and control signal connectors for the hard drives. They also provide the interconnection for the front I/O board, power and locator buttons, and system/component status LEDs. Unfortunately, this creates a serious single point of failure because if the backplane fails, we lose communication with the servers to which it is connected.

C.  The steps in order are:

Identify the problem and determine the scope.

Establish a theory of probable cause.

Test the theory to determine the cause.

Establish a plan of action to resolve the problem and notify impacted users.

Implement the solution or escalate as appropriate.

Verify full system functionality and, if applicable, implement preventive measures.

Perform a root cause analysis.

Document findings, actions, and outcomes throughout the process.

B.  The tracert command (traceroute in Linux and Unix) is used to trace the path of a packet through the network on routers.

B.  Switches can be used to implement port security. Some of the things you can specify using port security are the only MAC address or addresses allowed to send traffic in the port, the total number of MAC addresses that can transmit on the port, and an action to be taken when a violation occurs (either shut the port down or prevent transmissions by the guilty MAC address).

A.  If the message comes with no source IP address, that means the message is coming from the local router (the default gateway of the sender). If it has a source IP address of the sender, then it is another router in the path.

D.  The sudo fdisk -l command lists the partitions on a Linux system.

A.  fstab (File System Table) is a file used by Linux operating systems to mount partitions on boot.

B.  In Linux this is handled by GRUB.

Chapter 1

Server Hardware

COMPTIA SERVER+ EXAM OBJECTIVES COVERED IN THIS CHAPTER:

1.1 Given a scenario, install physical hardware.

Enclosure sizes

Unit sizes

1U, 2U, 3U, etc.

Rack layout

Cooling management

Safety

Proper lifting techniques

Rack balancing

Floor load limitations

Power distribution unit (PDU)

Keyboard-video-mouse (KVM) placement

Rail kits

Power cabling

Redundant power

Uninterruptible power supply (UPS)

Separate circuits

Separate providers

Power connector types

Cable management

Network cabling

Redundant networking

Twisted pair

Fiber

SC

LC

Single mode

Multimode

Gigabit

10 GigE

Small form factor pluggable (SFP)

SFP+

Quad small form factor pluggable (QSFP)

Cable management

Server chassis types

Tower

Rack mount

Blade enclosure

Server components

Hardware compatibility list (HCL)

Central processing unit (CPU)

Graphics processing unit (GPU)

Memory

Bus types

Interface types

Expansion cards

While servers and workstations have many of the same hardware components and in many cases use the same or similar operating systems, their roles in the network and therefore the requirements placed upon them are quite different. For this reason, CompTIA has developed the Server+ certification to validate the skills and knowledge required to design, install, and maintain server systems in the enterprise. Although many of the skills required to maintain workstations are transferable to maintaining servers, there are certainly enough differences both in the devices themselves and in the environment in which they operate to warrant such a certification. This book is designed to prepare you for the SK0-005 exam, otherwise known as the CompTIA Server+ exam.

Racking

Racking is the process of installing rack systems and then populating the rack systems with rack-mounted devices such as routers, switches, servers, intrusion detection system (IDS) devices, and many other types of network gear. In the opening section of this chapter, you'll learn about issues related to racking.

Enclosure Sizes

Racks come in different sizes, and we refer to the space the rack provides as the enclosure size. For example, the Dell PowerEdge rack enclosures are offered in three height options: 24U (2420), 42U (4220), and 48U (4820). Each U is 1.75 inches (44.45 mm) high.

Unit Sizes

Rack systems can accommodate a variety of device sizes. Each device is a unit, and in this section you'll learn about standard unit sizes.

1U, 2U, 3U, etc.

Rack mount servers are those that are designed to be bolted into a framework called a rack and thus are designed to fit one of several standard size rack slots, or bays. They also require rail kits, which when implemented allow you to slide the server out of the rack for maintenance. One of the benefits of using racks to hold servers, routers, switches, and other hardware appliances is that a rack gets the equipment off the floor, while also making more efficient use of the space in the server room and maintaining good air circulation. A rack with a server and other devices installed is shown in Figure 1.1.

FIGURE 1.1 Server in a rack

Dimensions

As you may have noticed in Figure 1.1, there are several items in the rack and they take up various amounts of space in the rack. While both 19-