How to Use This Quick Reference
This independent Quick Reference is for candidates preparing for the CompTIA Server+ V6 (SK0-006) exam. Use it as a final-review checklist for server concepts, operational decisions, and troubleshooting patterns.
Focus your review on these exam behaviors:
- Identify the best server component, storage design, network service, or security control for a scenario.
- Distinguish redundancy, backup, clustering, replication, and disaster recovery.
- Troubleshoot from symptoms using logs, metrics, hardware indicators, and change history.
- Apply least privilege, secure configuration, patching, monitoring, and documentation practices.
- Recognize when a technology is used, not just what it is called.
Server Hardware Reference
| Form factor | Best fit | Strengths | Watch for |
|---|
| Tower server | Small office, branch, non-rack environment | Simple deployment, less rack dependency | Less dense, may lack redundant infrastructure |
| Rack server | Data center, server room, standardized deployment | Scalable, good cable/power organization | Requires rack, rails, airflow planning |
| Blade server | High-density compute with shared chassis | Centralized power, cooling, networking | Chassis dependency, vendor ecosystem |
| Modular / composable | Flexible pools of compute, storage, network | Resource pooling and automation | Complexity, management tooling reliance |
| Edge server | Remote site, low-latency workloads | Local processing near users/devices | Physical security, limited hands-on support |
Core Components
| Component | Exam-relevant details | Common trap |
|---|
| CPU | Sockets, cores, threads, cache, virtualization extensions, thermal design | More cores do not fix storage or network bottlenecks |
| Memory | ECC, registered/buffered DIMMs, speed compatibility, channel population rules | Mixing unsupported DIMM types can prevent boot or reduce performance |
| System board | Chipset, firmware, expansion slots, TPM, BMC/OOB management | Firmware settings can disable devices or virtualization features |
| PSU | Redundant supplies, hot-swap, power capacity, separate circuits | Redundant PSUs should not feed the same single point of power failure |
| Fans/cooling | Airflow direction, hot/cold aisles, sensors, thermal shutdown | Cable clutter and blanking-panel gaps can create hotspots |
| Expansion cards | NICs, HBAs, RAID controllers, GPUs, accelerators | PCIe slot lane/speed compatibility matters |
| BMC/OOB | IPMI, iLO, iDRAC-style functions, remote console, power control | OOB networks must be secured like administrative networks |
Memory Concepts
| Term | Meaning | Why it matters |
|---|
| ECC | Detects and corrects certain memory errors | Common server reliability requirement |
| Registered/buffered DIMM | Uses a register to reduce electrical load | Supports larger memory configurations |
| Unbuffered DIMM | Common in desktops/smaller systems | Often not supported in enterprise servers |
| Memory channel | Parallel path between CPU and DIMMs | Balanced channel population improves bandwidth |
| NUMA | Memory locality across CPU sockets | Poor VM or workload placement can reduce performance |
| Memory mirroring | Duplicates memory contents for fault tolerance | Reduces usable capacity |
| Memory sparing | Reserves memory to replace failing memory regions | Capacity tradeoff for resilience |
Storage Quick Reference
| Technology | Choose when | Notes |
|---|
| HDD | Capacity-sensitive, sequential workloads, lower cost per capacity | Higher latency than SSD/NVMe |
| SATA SSD | General-purpose solid-state storage | Usually lower performance than SAS/NVMe enterprise options |
| SAS HDD/SSD | Enterprise server storage, dual-port paths, reliability features | Common with hardware RAID and backplanes |
| NVMe | Low-latency, high-IOPS workloads | Uses PCIe; excellent for databases and virtualization |
| M.2 | Compact internal storage | Check thermal and enterprise durability requirements |
| U.2/U.3 | Hot-swap-capable NVMe in server bays | More server-friendly than consumer M.2 |
| Tape | Long-term retention, offline backup, archival | Slow restores; strong ransomware isolation when offline |
DAS, NAS, and SAN
| Storage type | Description | Best for | Exam distinction |
|---|
| DAS | Direct-attached storage inside or cabled to one server | Local performance, simple deployments | Not inherently shared |
| NAS | File-level storage over network | SMB/NFS shares, user files, shared repositories | Clients access files |
| SAN | Block-level storage over dedicated or converged fabric | Databases, virtualization datastores, clustering | Servers see LUNs as disks |
| Object storage | Data stored as objects with metadata | Cloud-native apps, backups, large unstructured data | Accessed through APIs, not mounted like a local disk |
RAID Selection Matrix
| RAID level | Minimum disks | Usable capacity pattern | Fault tolerance | Performance profile | Use when |
|---|
| RAID 0 | 2 | Sum of disks | None | High read/write | Temporary data only; never for resilience |
| RAID 1 | 2 | Size of one disk per mirror | One disk per mirror set | Good read, normal write | OS volumes, simple redundancy |
| RAID 5 | 3 | Total minus one disk | One disk | Good read, parity write penalty | Read-heavy workloads with moderate capacity efficiency |
| RAID 6 | 4 | Total minus two disks | Two disks | Good read, larger parity write penalty | Larger arrays where rebuild risk matters |
| RAID 10 | 4 | About half total | One disk per mirror pair | Strong read/write | Databases, virtualization, high performance plus resilience |
| Hot spare | Additional disk | Not active capacity | Speeds rebuild start | N/A | Reduce time exposed after disk failure |
High-yield RAID traps
- RAID is availability, not backup. It does not protect against deletion, corruption, ransomware, or site loss.
- Rebuilds stress remaining disks and reduce performance.
- Hardware RAID uses a controller; software RAID uses the OS or hypervisor.
- Battery-backed or flash-backed write cache protects cached writes during power loss.
- Replacing the wrong disk in a degraded array can cause data loss.
Storage Networking Terms
| Term | Meaning | Key distinction |
|---|
| HBA | Host bus adapter for storage connectivity | Common with Fibre Channel or SAS |
| RAID controller | Manages RAID sets and cache | Presents logical volumes to OS |
| LUN | Logical unit presented by SAN | Server treats it like block storage |
| WWN / WWPN | Fibre Channel identifiers | Similar role to unique network identity |
| iSCSI | SCSI commands over TCP/IP | Uses standard IP networks; secure and isolate it |
| Fibre Channel | Dedicated storage fabric | High performance, specialized switches/HBAs |
| FCoE | Fibre Channel over Ethernet | Requires compatible converged infrastructure |
| Multipathing | Multiple paths to storage | Improves availability and can balance I/O |
| Thin provisioning | Allocates storage on demand | Risk of overcommit if not monitored |
| Thick provisioning | Allocates storage up front | Predictable capacity reservation |
| Snapshot | Point-in-time copy or reference | Useful for rollback; not a full backup by itself |
Server Networking Reference
Network Services and Protocols
| Service/protocol | Common port(s) | Used for | Exam notes |
|---|
| SSH | TCP 22 | Secure remote shell | Prefer keys/MFA where possible |
| Telnet | TCP 23 | Legacy remote shell | Insecure; avoid except legacy troubleshooting |
| SMTP | TCP 25, 587, 465 | Mail transfer/submission | 587 commonly for authenticated submission |
| DNS | TCP/UDP 53 | Name resolution | TCP often for zone transfers/large responses |
| DHCP | UDP 67/68 | Automatic IP configuration | Relay/IP helper needed across subnets |
| HTTP | TCP 80 | Web traffic | Redirect to HTTPS where appropriate |
| HTTPS | TCP 443 | Encrypted web traffic | Certificate trust and hostname match matter |
| Kerberos | TCP/UDP 88 | Ticket-based authentication | Time synchronization is critical |
| POP3 | TCP 110/995 | Mail retrieval | 995 is encrypted POP3S |
| IMAP | TCP 143/993 | Mail access/sync | 993 is encrypted IMAPS |
| NTP | UDP 123 | Time synchronization | Important for logs, Kerberos, certificates |
| LDAP | TCP/UDP 389 | Directory queries | Use LDAPS or StartTLS for protection |
| LDAPS | TCP 636 | LDAP over TLS | Certificate trust required |
| SMB/CIFS | TCP 445 | Windows file/printer sharing | Common target for lateral movement |
| SNMP | UDP 161/162 | Monitoring and traps | Prefer secure versions and restricted sources |
| RDP | TCP/UDP 3389 | Windows remote desktop | Restrict, monitor, and protect with MFA/VPN |
| NFS | TCP/UDP 2049 | Unix/Linux file sharing | Export permissions are critical |
| iSCSI | TCP 3260 | Block storage over IP | Isolate and secure storage networks |
| Syslog | UDP/TCP 514, TLS 6514 | Log forwarding | Centralize logs for correlation |
VLANs, Trunks, and Segmentation
| Concept | Meaning | Use case |
|---|
| Access port | Carries one untagged VLAN | Server NIC for a single network |
| Trunk port | Carries multiple tagged VLANs | Hypervisor host, router, firewall, switch uplink |
| Native VLAN | Untagged VLAN on a trunk | Misconfiguration can cause security issues |
| Management VLAN | Admin interfaces and OOB access | Restrict access tightly |
| Storage VLAN | iSCSI/NFS/storage traffic | Reduce contention and exposure |
| DMZ | Semi-trusted network zone | Public-facing services isolated from internal systems |
| East-west traffic | Server-to-server traffic | Important for microsegmentation |
| North-south traffic | Client-to-server or internet-to-data-center traffic | Common firewall/load-balancer path |
NIC Teaming and Link Aggregation
| Method | Purpose | Key requirement |
|---|
| Active/passive failover | One NIC active, one standby | Switch support often simpler |
| Active/active load balancing | Multiple NICs carry traffic | Algorithm and switch compatibility matter |
| LACP / 802.3ad | Standards-based link aggregation | Switch ports must be configured as a group |
| Switch-independent teaming | Host controls failover/load distribution | Less switch configuration, fewer aggregation benefits |
| SR-IOV | VM direct access to NIC capabilities | Improves performance, may reduce mobility features |
Common trap: NIC teaming improves availability and aggregate throughput, but one flow may not exceed the speed of a single physical link depending on hashing and configuration.
Load Balancing Patterns
| Pattern | Description | Choose when |
|---|
| Layer 4 load balancing | Balances TCP/UDP connections | Fast transport-level distribution |
| Layer 7 load balancing | Uses HTTP headers, paths, cookies | Application-aware routing |
| Round robin | Rotates requests across targets | Simple distribution |
| Least connections | Sends to server with fewer active connections | Uneven session duration |
| Source IP persistence | Same client IP goes to same backend | Basic session stickiness |
| Cookie persistence | Application/session stickiness via cookie | Web apps needing session affinity |
| Active/passive | Standby node waits for failover | Simpler resilience |
| Active/active | Multiple nodes serve traffic | Better capacity utilization |
Virtualization, Containers, and Hybrid Infrastructure
Virtualization Decision Table
| Concept | Meaning | Exam focus |
|---|
| Type 1 hypervisor | Runs directly on hardware | Enterprise server virtualization |
| Type 2 hypervisor | Runs on a host OS | Lab, desktop, testing |
| VM | Full virtual machine with virtual hardware | Strong isolation, OS flexibility |
| Container | Process-level isolation using shared kernel | Lightweight app deployment |
| vSwitch | Virtual switch inside hypervisor | Connects VMs to networks/VLANs |
| Datastore | Storage location for VM files/disks | Performance and redundancy matter |
| Template | Preconfigured VM image | Standardized deployment |
| Clone | Copy of a VM | Useful for testing or rapid provisioning |
| Snapshot | VM point-in-time state | Short-term rollback; not a backup |
| Live migration | Move running VM between hosts | Requires shared/compatible resources |
| HA cluster | Restarts workloads after host failure | Not the same as application-level clustering |
VM Resource Sizing Traps
| Symptom | Possible cause | What to check |
|---|
| High CPU ready/wait | Overcommitted host CPU | vCPU allocation, host utilization |
| Guest reports low memory | VM underallocated or ballooning/swapping | Hypervisor memory metrics |
| Poor disk latency | Datastore contention | IOPS, latency, queue depth, noisy neighbors |
| Network drops | vSwitch/VLAN/NIC teaming issue | VLAN tags, MTU, uplinks, logs |
| Failed migration | CPU compatibility, network/storage mismatch | Cluster settings and host compatibility |
Containers vs VMs
| Use containers when | Use VMs when |
|---|
| App is stateless or cloud-native | Different OS kernels are needed |
| Fast scaling and deployment matter | Stronger isolation boundaries are required |
| Image-based deployment is mature | Legacy apps need full OS dependencies |
| Orchestration is available | Traditional administration model is preferred |
Operating System Administration
Windows and Linux Administration Equivalents
| Task | Windows examples | Linux examples |
|---|
| View IP configuration | ipconfig, Get-NetIPConfiguration | ip addr, nmcli |
| Test connectivity | ping, tracert, Test-NetConnection | ping, traceroute, tracepath |
| View listening ports | netstat, Get-NetTCPConnection | ss -tulpen, netstat |
| Manage services | Services console, Get-Service, Restart-Service | systemctl status/start/stop |
| View logs | Event Viewer, Get-WinEvent | journalctl, /var/log/* |
| Disk/volume info | Disk Management, Get-Disk, Get-Volume | lsblk, df -h, du -sh |
| Process monitoring | Task Manager, Resource Monitor | top, htop, ps, pidstat |
| Package updates | Windows Update, vendor tools | apt, dnf, yum, zypper |
| Permissions | NTFS ACLs, share permissions | POSIX mode bits, ACLs, ownership |
| Scheduled tasks | Task Scheduler | cron, systemd timers |
High-Value Commands
## Windows: service, network, and log checks
Get-Service | Where-Object Status -ne "Running"
Test-NetConnection server01 -Port 443
Get-NetIPConfiguration
Get-WinEvent -LogName System -MaxEvents 20
Get-Volume
## Linux: service, network, disk, and log checks
systemctl status nginx
ss -tulpen
ip route
df -h
lsblk
journalctl -u nginx --since "1 hour ago"
File Systems and Sharing
| Item | Windows | Linux/Unix | Exam focus |
|---|
| Common file systems | NTFS, ReFS | ext4, XFS, Btrfs, ZFS | Features, compatibility, resilience |
| File sharing | SMB/CIFS | NFS, SMB | Authentication and permissions |
| Permissions | NTFS ACLs and share ACLs | Owner/group/other, ACLs | Effective access can be cumulative/restrictive |
| Mounting | Drive letters, mount points | /etc/fstab, mount | Persistent mounts need correct identifiers/options |
| Quotas | User/folder/volume quotas | Filesystem/user quotas | Prevent one user/app from consuming all capacity |
Permission trap: For Windows file shares, effective access is constrained by both share permissions and NTFS permissions. The most restrictive combination often determines access.
Identity, Access, and Secure Administration
Authentication and Authorization
| Concept | Meaning | Use when |
|---|
| Authentication | Proves identity | Login, service account validation |
| Authorization | Grants permitted actions | File access, admin role, API permission |
| Accounting/auditing | Records activity | Compliance, investigations, nonrepudiation |
| Local account | Exists on one system | Break-glass or isolated systems |
| Directory account | Centralized identity | Enterprise access management |
| Service account | Runs an application/service | Use least privilege and rotate credentials |
| Privileged account | Admin-level permissions | Protect with MFA, logging, separation |
| RBAC | Permissions based on role | Scalable access management |
| ACL | Object-specific allow/deny entries | File, folder, network, or object control |
Common Identity Protocols
| Protocol | Purpose | Important distinction |
|---|
| LDAP | Directory query/update | Not inherently encrypted unless protected |
| LDAPS / StartTLS | Encrypted LDAP | Requires certificate trust |
| Kerberos | Ticket-based authentication | Time skew causes failures |
| RADIUS | Centralized network authentication | Common for VPN, wireless, network devices |
| TACACS+ | Device administration AAA | Separates authentication, authorization, accounting |
| SAML | Browser-based federation | Common for SSO to web apps |
| OAuth / OIDC | Delegated authorization / identity layer | Common for modern app authentication |
| SSH keys | Key-based remote administration | Protect private keys and disable weak access |
Secure Administration Checklist
- Use least privilege; avoid daily use of full administrator/root accounts.
- Require MFA for privileged and remote access where supported.
- Use named admin accounts instead of shared admin accounts.
- Disable or rename default accounts where appropriate.
- Restrict management interfaces to management networks or VPNs.
- Use secure protocols: SSH, HTTPS, LDAPS, SNMPv3, TLS-protected syslog where supported.
- Store secrets in approved secret-management tools, not scripts or plain-text files.
- Log administrative actions centrally.
- Review permissions and group membership regularly.
- Use break-glass accounts carefully, monitor them, and protect credentials offline.
Security Controls and Hardening
Control Types
| Control type | Examples | Purpose |
|---|
| Administrative | Policies, procedures, training, change control | Direct human and process behavior |
| Technical | Firewalls, ACLs, encryption, MFA, EDR | Enforce security through systems |
| Physical | Locks, cameras, badges, cages, guards | Protect facilities and equipment |
| Preventive | Hardening, access control, patching | Stop incidents before they occur |
| Detective | Logs, IDS, alerts, file integrity monitoring | Identify suspicious activity |
| Corrective | Restore from backup, reimage, patch | Recover after an issue |
| Compensating | Alternate control when primary is not feasible | Reduce risk when ideal control cannot be used |
Server Hardening Matrix
| Area | Hardening action | Why it matters |
|---|
| Firmware | Update firmware, protect setup access, enable Secure Boot where appropriate | Reduces low-level attack surface |
| OS | Remove unused roles/features, patch regularly | Fewer exploitable services |
| Accounts | Disable unused accounts, enforce strong authentication | Reduces credential risk |
| Services | Stop and disable unnecessary services | Reduces listening ports |
| Network | Host firewall, segmentation, restrict admin ports | Limits lateral movement |
| Files | Least-privilege ACLs, integrity monitoring | Protects sensitive data |
| Logs | Centralize and protect logs | Attackers often tamper with local logs |
| Encryption | TLS in transit, encryption at rest | Protects data exposure |
| Anti-malware/EDR | Deploy, update, monitor | Detects known and suspicious activity |
| Configuration | Baselines, drift detection | Finds unauthorized changes |
Certificate and TLS Pitfalls
| Symptom | Likely cause | Check |
|---|
| Browser warning | Expired, untrusted, or mismatched certificate | CN/SAN, chain, expiration, trust store |
| TLS handshake failure | Protocol/cipher mismatch | Supported TLS versions and cipher suites |
| LDAPS failure | Directory server certificate issue | Certificate chain and hostname |
| Mutual TLS failure | Client cert missing/untrusted | Client certificate mapping and CA trust |
| Intermittent cert errors | Load-balanced nodes differ | Cert installed consistently on all nodes |
Backup, Resilience, and Disaster Recovery
Key Metrics
| Metric | Meaning | Exam use |
|---|
| RTO | Recovery Time Objective: maximum acceptable time to restore service | Determines recovery architecture |
| RPO | Recovery Point Objective: maximum acceptable data loss measured in time | Determines backup/replication frequency |
| MTTR | Mean Time To Repair/Recover | Measures restoration speed |
| MTBF | Mean Time Between Failures | Reliability indicator |
| SLA | Service Level Agreement | Defines expected service commitments |
| MTTD | Mean Time To Detect | Detection speed for failures/incidents |
\[
\text{Availability} = \frac{\text{Uptime}}{\text{Total time}} \times 100
\]
Backup Types
| Backup type | What it copies | Restore characteristics | Use when |
|---|
| Full | All selected data | Simplest restore | Baseline or smaller data sets |
| Incremental | Changes since last backup of any type | Restore needs last full plus incrementals | Save backup time/storage |
| Differential | Changes since last full | Restore needs last full plus latest differential | Faster restore than long incremental chains |
| Snapshot | Point-in-time state/reference | Fast rollback, storage-dependent | Short-term recovery before changes |
| Image/bare-metal | Entire system state | Full server recovery | OS/app rebuild time must be minimized |
| File-level | Selected files/folders | Granular recovery | User or application file restore |
| Application-aware | Coordinates with app/database | Consistent app recovery | Databases, email, transactional apps |
| Offline/air-gapped | Not continuously reachable | Strong ransomware resilience | Critical backups and long-term retention |
Resilience vs Backup vs DR
| Technology | Primary purpose | Does it replace backups? | Notes |
|---|
| RAID | Disk fault tolerance | No | Does not protect from deletion/corruption |
| Clustering | Service availability | No | Protects against node failure |
| Load balancing | Distribute traffic and improve availability | No | App state must be handled |
| Replication | Copy data to another location/system | No | Can replicate corruption or ransomware |
| Snapshots | Fast point-in-time rollback | No | Often depends on same storage platform |
| Backup | Recover data/system to a prior state | N/A | Must be tested |
| Disaster recovery site | Continue operations after major outage | No | Still needs data protection strategy |
DR Site Models
| Model | Description | Tradeoff |
|---|
| Cold site | Facility/infrastructure available, little or no live equipment | Lower cost, longer recovery |
| Warm site | Some preconfigured systems/data | Balanced cost and recovery time |
| Hot site | Ready-to-run duplicate environment | Faster recovery, higher cost/complexity |
| Cloud recovery | Restore or fail over to cloud resources | Requires network, identity, and data planning |
Backup Validation Checklist
- Confirm backups complete successfully; do not rely only on scheduled job existence.
- Perform test restores, including full-system and application-level restores.
- Validate backup encryption keys and recovery credentials.
- Keep at least one copy protected from routine network access.
- Monitor capacity for backup repositories and snapshot stores.
- Document restore order for dependent systems.
- Align backup frequency with RPO and recovery procedure with RTO.
What to Monitor
| Area | Metrics/signals | Common issue indicated |
|---|
| CPU | Utilization, load, run queue, CPU ready | Compute saturation or overcommit |
| Memory | Free/available memory, paging/swapping, ballooning | Memory pressure |
| Disk | Latency, IOPS, throughput, queue depth, SMART alerts | Storage bottleneck or failing media |
| Network | Throughput, errors, drops, retransmits, latency | Duplex, cabling, congestion, routing |
| Services | Process health, response time, restart events | App or dependency failure |
| Logs | Errors, warnings, authentication events, kernel/system events | Root-cause evidence |
| Hardware | Temperature, fan speed, PSU status, chassis intrusion | Environmental or physical failure |
| Backup | Job result, duration, repository capacity | Recovery risk |
| Security | Failed logins, privilege changes, malware alerts | Compromise or misuse |
Log Sources
| Source | Use |
|---|
| OS system logs | Kernel, driver, service, boot issues |
| Application logs | App-specific errors and transactions |
| Security/auth logs | Login, privilege, policy, access events |
| Hypervisor logs | VM, host, datastore, migration problems |
| Storage logs | Disk, controller, path, array, replication events |
| Network device logs | Link, VLAN, routing, ACL, spanning tree issues |
| BMC/OOB logs | Hardware faults, thermal, power events |
| SIEM/log platform | Correlation across systems |
Bottleneck Clues
| Symptom | Likely bottleneck | Confirm with |
|---|
| High CPU, normal disk/network | CPU-bound workload | CPU graphs, process list |
| Low CPU, high disk latency | Storage bottleneck | Disk latency/queue, array stats |
| Heavy paging/swapping | Memory pressure | Memory counters, swap/pagefile usage |
| Slow file transfers, errors | Network/cabling/duplex/VLAN issue | Interface counters, switch logs |
| App slow only during backup | Backup contention | Backup schedule, disk/network metrics |
| VM slow but host busy | Resource contention | Hypervisor metrics |
| Users cannot authenticate | Directory/DNS/time issue | DNS lookup, NTP, directory logs |
| Intermittent failures after change | Misconfiguration or compatibility | Change records and rollback test |
Change, Patch, and Configuration Management
Change Management Flow
flowchart TD
A[Identify need or issue] --> B[Assess risk and impact]
B --> C[Plan implementation]
C --> D[Plan rollback]
D --> E[Get approval if required]
E --> F[Communicate maintenance window]
F --> G[Implement change]
G --> H[Test and validate]
H --> I{Successful?}
I -- Yes --> J[Document final state]
I -- No --> K[Rollback or remediate]
K --> H
Patch and Firmware Review
| Task | Exam-relevant practice |
|---|
| Inventory | Know OS, firmware, drivers, apps, agents, dependencies |
| Test | Validate patches in nonproduction where possible |
| Schedule | Use maintenance windows for disruptive changes |
| Backup | Confirm recoverability before major updates |
| Dependencies | Check firmware-driver-OS compatibility |
| Order | Follow vendor guidance for firmware, drivers, hypervisor, and tools |
| Rollback | Have uninstall, snapshot, image, or failover plan |
| Verify | Confirm services, logs, performance, and user access |
| Document | Record versions, results, issues, and approvals |
Documentation Artifacts
| Artifact | Contains |
|---|
| Network diagram | VLANs, IP ranges, firewalls, load balancers, uplinks |
| Rack diagram | RU position, power feeds, cabling paths |
| Asset inventory | Serial numbers, warranty/support, owner, location |
| Baseline | Normal performance/configuration state |
| Runbook | Repeatable operational procedure |
| SOP | Standard procedure for common tasks |
| DR plan | Recovery sequence, contacts, dependencies |
| Change record | What changed, when, why, who approved, rollback |
| Credential escrow/break-glass process | Controlled emergency access |
Troubleshooting Methodology
Standard Troubleshooting Pattern
- Identify the problem.
- Gather symptoms, scope, timeline, error messages, and affected users.
- Determine what changed.
- Establish a theory of probable cause.
- Start with simple, likely causes.
- Consider hardware, software, network, security, and environmental factors.
- Test the theory.
- Confirm or reject with evidence.
- If rejected, form a new theory.
- Establish a plan of action.
- Consider impact, risk, backups, and rollback.
- Implement the solution or escalate.
- Verify full system functionality.
- Confirm service health, logs, monitoring, and user impact.
- Document findings, actions, and outcomes.
Fast Triage Table
| Problem type | First checks | Useful tools |
|---|
| Server will not power on | Power source, PSU LEDs, PDU/UPS, power cables, BMC logs | OOB console, multimeter if appropriate, vendor diagnostics |
| POST/boot failure | Beep/LED codes, firmware settings, boot order, recent hardware change | BIOS/UEFI, hardware diagnostics |
| OS boot failure | Bootloader, disk visibility, recent patch/driver, filesystem errors | Recovery media, logs, safe mode/rescue mode |
| Disk failure | RAID status, SMART, controller logs, hot spare status | RAID utility, smartctl, vendor tools |
| Network unreachable | Link light, VLAN, IP, gateway, DNS, firewall | ping, traceroute, ipconfig, ip, switch logs |
| Slow performance | CPU, memory, disk latency, network errors, recent jobs | Performance monitor, top, iostat, hypervisor metrics |
| Service down | Process state, dependencies, port binding, config changes | systemctl, Services, logs, ss, netstat |
| Authentication failure | Time sync, DNS, account lockout, directory reachability | NTP checks, directory logs, nslookup |
| Backup failure | Credentials, repository space, network path, agent status | Backup console, logs, storage metrics |
| Overheating | Fans, airflow, blocked vents, room temperature, dust | BMC sensors, environmental monitoring |
Scenario Decision Tables
“What Should You Do First?”
| Scenario | Best first action |
|---|
| Many users report a new outage after a maintenance window | Review change records and recent changes |
| One server loses network connectivity after recabling | Check physical link, switch port, VLAN, and cable |
| Disk alert on a RAID array | Verify array status and identify the failed disk before replacement |
| Authentication failures across multiple servers | Check directory services, DNS, and time synchronization |
| One VM is slow while others are normal | Check VM-level resource usage and host contention |
| All VMs on one host are impacted | Check host hardware, storage paths, and hypervisor logs |
| Web app works by IP but not name | Check DNS records and resolution path |
| HTTPS site shows trust warning | Check certificate validity, hostname, chain, and trust store |
| Backup jobs suddenly fail | Check repository capacity, credentials, network access, and agent health |
| Server shuts down under load | Check thermal sensors, fans, CPU heatsinks, and power capacity |
“Which Technology Solves This?”
| Requirement | Best fit |
|---|
| Survive one disk failure | RAID 1/5/6/10 depending on workload and capacity |
| Restore deleted files from last week | Backup |
| Quickly roll back a pre-patch VM state | Snapshot, with backup still required |
| Keep service running if one node fails | Cluster or load-balanced redundant nodes |
| Spread web requests across servers | Load balancer |
| Copy data to another site for DR | Replication plus tested recovery plan |
| Authenticate switch/VPN users centrally | RADIUS or TACACS+ depending on use case |
| Secure remote shell access | SSH with strong authentication |
| Secure web administration | HTTPS with trusted certificate |
| Isolate public-facing servers | DMZ and firewall rules |
| Monitor hardware health without OS access | BMC/OOB management |
| Provide shared file storage | NAS with SMB/NFS |
| Provide block storage to hosts | SAN/iSCSI/Fibre Channel |
| Improve admin consistency | Automation, templates, configuration management |
Physical, Power, and Environmental Reference
Data Center and Server Room Essentials
| Area | Key points |
|---|
| Rack layout | Balance weight, mount heavy equipment low, use proper rails |
| Airflow | Front-to-back airflow, hot/cold aisle discipline, blanking panels |
| Power | Redundant PSUs, PDUs, separate circuits where possible |
| UPS | Provides short-term power and graceful shutdown time |
| Generator | Longer-term facility power support |
| ESD | Use grounding/ESD precautions when handling components |
| Cable management | Label both ends, avoid blocking airflow, separate power/data when appropriate |
| Physical security | Locks, badges, cameras, visitor logs, cages |
| Fire suppression | Protect equipment and personnel; know local procedures |
| Environmental monitoring | Temperature, humidity, water, smoke, door status |
Power Concepts
| Term | Meaning |
|---|
| Redundant PSU | Multiple power supplies in one server |
| PDU | Distributes power within a rack |
| Metered PDU | Provides power usage visibility |
| Switched PDU | Allows remote outlet control |
| UPS | Battery-backed power and conditioning |
| Graceful shutdown | Controlled OS/app shutdown to prevent corruption |
| Power budget | Ensures rack/circuit capacity supports connected load |
High-Yield Exam Traps
| Trap | Correct understanding |
|---|
| RAID equals backup | RAID improves disk availability; backup enables point-in-time recovery |
| Snapshot equals backup | Snapshots are short-term rollback aids and may depend on the same platform |
| More CPU fixes slowness | Determine bottleneck first: CPU, memory, disk, network, app, or dependency |
| Open firewall broadly to fix access | Test narrowly; apply least privilege rules |
| Ignore DNS when troubleshooting authentication | Directory services often depend heavily on DNS |
| Ignore time sync | Kerberos, logs, certificates, and distributed systems require accurate time |
| Replace hardware without checking logs | Logs and indicators prevent wrong-part replacement |
| Use shared admin accounts | Use named privileged accounts with auditing |
| Patch production without rollback | Always plan backup, rollback, and validation |
| Trust local logs after compromise | Centralized logs are more reliable for investigations |
| Put management interfaces on user networks | Isolate OOB and admin access |
| Assume replication protects against ransomware | Replication may copy encrypted/corrupted data |
| Overcommit VMs without monitoring | Oversubscription requires capacity monitoring and baselines |
| Leave default SNMP/community strings | Use secure versions and restrict access |
Final Review Checklist
Before exam day, make sure you can:
- Select server hardware based on workload, redundancy, expansion, and environment.
- Compare RAID levels and explain failure/rebuild implications.
- Distinguish DAS, NAS, SAN, iSCSI, Fibre Channel, and object storage.
- Identify common ports and match protocols to server functions.
- Troubleshoot DNS, DHCP, VLAN, routing, firewall, and load-balancer issues.
- Administer basic Windows and Linux services, logs, storage, and networking.
- Explain virtualization concepts: hypervisors, vSwitches, templates, snapshots, migration, HA.
- Apply least privilege, secure administration, encryption, certificates, and hardening.
- Compare backup types and map RTO/RPO to recovery designs.
- Use a structured troubleshooting process and document outcomes.
- Recognize environmental, power, cooling, and physical security issues.
- Choose the best first step in scenario-based troubleshooting questions.
Practical Next Step
Use this Quick Reference as a checklist, then move into timed CompTIA Server+ V6 (SK0-006) practice questions and hands-on troubleshooting scenarios. For each missed item, write down the decision rule you should have used: what symptom mattered, what technology fit, and what action should come first.