Chapter 7
Explain the Troubleshooting Methodology
This chapter explores CompTIA IT Fundamentals+ Objective 1.6: Explain the troubleshooting methodology. In this eight-part method, you learn to identify the problem (gather information, duplicate the problem, if possible, question users, identify symptoms, determine if anything has changed, approach multiple problems individually); research knowledge base/Internet, if applicable; establish a theory of probable cause (question the obvious, consider multiple approaches, divide and conquer); test the theory to determine the cause (once the theory is confirmed [confirmed root cause], determine the next steps to resolve the problem, if the theory is not confirmed, establish a new theory or escalate); establish a plan of action to resolve the problem and identify potential effects; implement the solution or escalate as necessary; verify full system functionality and, if applicable, implement preventive measures; and, finally, document findings/lessons learned, actions, and outcomes.
In brief, the eight-step troubleshooting method is as follows:
Step 1: Identify the problem.
Step 2: Research knowledge base/Internet.
Step 3: Establish a theory of probable cause.
Step 4: Test the theory.
Step 5: Establish a plan of action.
Step 6: Implement the solution or escalate.
Step 7: Verify full system functionality; implement preventive measures.
Step 8: Document findings/lessons learned, actions, and outcomes.
Foundation Topics
Identify the Problem
Step 1 in the troubleshooting method is to identify the problem. To identify the problem, use the following procedures as needed:
Gather information.
Duplicate the problem, if possible.
Question users.
Identify symptoms.
Determine if anything has changed.
Approach multiple problems individually.
As you begin the troubleshooting process, keep in mind that computers and computing devices are composed of subsystems. A subsystem is the combination of components designed to do a particular task, and it can include hardware, software, and firmware components.
Use Table 7-1 to identify the components in a subsystem and what to test or check.
Table 7-1 Computer and Peripheral Subsystems and Their Components
Subsystem or Process |
Hardware |
Software (App) |
Firmware |
Data Files |
What to Test/Check |
Starting (booting) the computer |
Hard drive or SSD, CMOS battery (motherboard) |
Operating system startup configuration |
BIOS/UEFI startup boot order |
(None) |
BIOS/UEFI settings, battery (if settings lost), operating system startup files, test system drive. |
Running an office app (word processing, spreadsheet, presentation) |
Storage used for app (local or network); storage used for data |
App, operating system files, Windows Registry |
(None) |
Word processing, spreadsheet, presentation data files |
Repair app; test system drive; uninstall-reinstall app; research any error messages displayed. |
Running a database |
Storage used for app (local or network); storage used for data |
Database app |
(None) |
Database tables, queries, reports, indexes |
Test data drive, network connection; repair database; repair database app. |
Opening a website |
Network adapter, storage used for app (local or network) |
Web browser |
(None) |
(None) |
Check a different website; refresh website; check wired or wireless connection; research any errors displayed; try a different web browser. |
Printing |
Printer, cable, USB port (local) Network connection |
Printer driver in the operating system, print spooler |
BIOS/UEFI configuration of port Network configuration on printer |
Files being printed, temporary print spooler files |
Cable, port, driver, test print, printhead, toner level, ink level. |
Scanning |
Scanner or multifunction unit, cable, USB port (local) Network connection |
Scanner driver in the operating system; scanner app |
BIOS/UEFI configuration of port Network configuration on scanner |
Image or document files created by scanner |
Cable, port, driver, test scan, connection to transparency unit; test ADF (Automatic Document Feeder). |
Display |
Graphics card, monitor, cables, port type, motherboard (integrated video), digitizer (touchscreen) |
Video drivers in the operating system; 3D games or other apps using display |
Video BIOS, BIOS configuration of video type, boot priority |
(None) |
Clean touchscreen; check cable, video card, video port, drivers, motherboard |
Audio |
Sound card, speakers, microphone, cables, motherboard (integrated audio) |
Audio drivers in the operating system; music recording or playback apps |
BIOS configuration of integrated audio |
Audio, A/V files created by audio apps or played back |
Mute and volume controls, speaker and microphone cables; move speaker positions; reconfigure speakers and mouse settings; swap speaker; swap microphone; try different audio apps. |
Webcam |
Webcam drivers in the operating system; webcam or IM app |
Webcam drivers in the operating system; webcam or IM app |
BIOS USB port configuration |
(None) |
Plug in webcam; adjust microphone; adjust webcam settings for color, brightness |
Mouse and pointing device |
Mouse or pointing device, USB port |
Mouse driver in the operating system |
BIOS port configuration, USB legacy configuration |
(None) |
Mouse settings (pointer size, speed, color), hardware; swap mouse; try a different USB port. |
Keyboard |
Keyboard, PS/2 or USB port, ribbon cable (laptop) |
Keyboard driver in the operating system, accessibility settings |
BIOS keyboard configuration, USB legacy configuration |
(None) |
Keyboard, devices controlled with the keyboard (Wi-Fi, brightness, etc.). |
Touchscreen |
Touchscreen cable, USB port (if external) |
Touchscreen driver in operating system |
USB configuration (if external) |
(None) |
Swap display; run touchscreen diagnostics; check USB cables (if external); check cable (if internal). |
Storage |
Drives, data cables, power connectors, USB, SATA, or add-on card ports |
Storage drivers in operating system |
BIOS drive configuration, BIOS configuration of built-in USB or SATA ports |
OS, program, data, temporary file |
Drive diagnostics; move drives to other ports and retest. |
Power |
Power supply, splitters, fans |
Power-management software in operating system |
BIOS power-management configuration |
(None) |
Check voltage in BIOS or with multimeter; replace power supply; replace splitters; check front-panel wires; check outlet voltage and wiring. |
CPU |
CPU, motherboard |
System devices |
BIOS cache and CPU configuration |
(None) |
Reset CMOS to defaults; swap CPU or motherboard. |
Motherboard |
Motherboard, add-on cards, CPU, RAM, built-in ports (USB, SATA, etc.) |
System devices, drivers for add-on cards |
CPU, memory settings, port settings |
(None) |
Reset CMOS to defaults; swap SATA, USB headers; check front panel wires; swap motherboard. |
Cooling |
Power supply fan, CPU active heatsink, GPU active heatsink, case fans, power/speed monitoring cables from fans to motherboard or power supply, case vents |
CPU throttling driver in the operating system |
Fan speed display in BIOS Fan/temperature alarms in BIOS |
(None) |
Clean fans, case vents; replace power lead extensions/splitters; check fan speeds; adjust temperature alarms; replace power supply, case fans, active heatsinks. |
RAM |
RAM, motherboard |
System devices |
BIOS RAM configuration |
(None) |
Swap RAM; run RAM diagnostics; reset CMOS to defaults. |
Network (wired) |
NIC, motherboard, USB port (for USB devices), network cable, switch, router |
Network configuration files and drivers in operating system |
BIOS PnP and power management, BIOS configuration of integrated network port or USB port |
(None) |
Check TCP/IP configuration; check/swap cable; swap NIC or USB network adapter; check router configuration; check switch. |
Network (wireless) |
NIC, motherboard, USB port (for USB devices), antenna cables (internal), wireless router or access point |
Network configuration files and drivers in operating system |
BIOS PnP, power management, BIOS port configuration |
(None) |
Check TCP/IP configuration; swap USB network adapter; check router configuration; check USB port; check internal card connection; check antenna connections on card, router. |
You can see from Table 7-1 that virtually every subsystem in the computer has hardware, software, and firmware components and that some processes also save, edit, or manage data. A thorough troubleshooting process will take into account both the subsystem and all its components.
Before you make any changes, make sure you safeguard current settings:
If possible, back up the entire system.
On a Windows computer, back up the system Registry using Regedit.
Print out or record current firmware/UEFI/BIOS, network, and software settings.
What’s the best way to decide whether a hardware, software, data file, or firmware problem is the most likely cause? Typically, hardware problems are intermittent, whereas software, data files, and firmware problems are consistent. Why? A hardware problem is often the result of a damaged or loose wire or connection; when the connection is closed, the component works, but when the connection opens, the component fails.
Gather Information
Start the process by gathering information. Some of the information you need may be obtained from log files created by the operating system. You can also compare the current settings for the device to its default settings.
Note
To learn more about log files for Windows, macOS, and Linux, see “Logs,” Chapter 31, p.650.
Other information sources include the following:
Printer self-test to display amount of RAM and number of pages printed (laser); firmware version (laser or inkjet)
Network logs
Current BIOS/firmware settings
Hardware information
Windows Update history
Use Table 7-1 for additional suggestions.
Duplicate the Problem, If Possible
If the problem can be duplicated, this can make the discovery of possible causes much easier. Try the same task with the same files and output device(s) that were originally involved. Record any error messages or dialogs that are displayed.
Tip
Use the system’s built-in screen-capture utility, such as Windows 10’s Snipping Tool (see https://support.microsoft.com/en-us/help/13776/windows-use-snipping-tool-to-capture-screenshots and https://www.cnet.com/how-to/7-ways-to-take-screenshots-in-windows-10/) or macOS’s screen capture (Shift+Command+3 keys). With Linux, install a screen capture tool (see https://www.tecmint.com/take-or-capture-desktop-screenshots-in-ubuntu-linux/) and save the output files to a separate device (if possible) or use the built-in camera in a smartphone or tablet to record error messages or dialogs. If you install a third-party screen capture app or save captures to the system’s built-in storage, you might change how the system functions. Also, you usually cannot use a screen-capture app before the operating system has loaded.
Question Users
Users of the device, network, or mobile connection can sometimes provide valuable clues, but need to be questioned in a nonthreatening manner if you want to get the facts of the case.
Some users might be fearful of possible consequences if they were not using a device or network connection in an authorized manner and may be unwilling to be forthcoming about what they were doing.
Be compassionate and understanding, and work to help users understand that your questions are not designed to assign personal blame but are intended to help the device, system, or network to run properly.
Some of the ways you can help to develop a good relationship with your clients during the process include the following:
Using proper language and avoiding jargon, acronyms, and slang, when applicable
Maintaining a positive attitude and projecting confidence
Actively listening (taking notes) and avoiding interrupting the customer
Using your smartphone only for business-related matters after explaining what you’re doing and why (no social media, personal calls, or personal texts)
Avoiding judging the customer
Avoiding arguments with the customer
Asking permission before touching, viewing, or moving printouts or other personal/business items
Identify Symptoms
As you review the computing environment and talk to users, you should be trying to identify symptoms. Some possible symptoms might include the following:
Loud noise from inside the computer
An unpleasant or unusual odor, which might or might not be accompanied by smoke or fumes
An unexpected error message
Flickering lights or other signs of a power fluctuation
Slower-than-normal system response
Inability to connect to network resources
Blank screen
Software not performing as expected
Table 7-2 lists some of the symptoms that can be caused by different parts of the computer.
Note
Make sure you turn off the computer, disconnect it from power, and use ESD protection before examining the inside of a computer!
Table 7-2 Computer Subsystems and Symptoms
Subsystems |
Common Symptoms |
Most Likely Causes |
Motherboards, RAM, CPUs, power |
Unexpected shutdowns |
Power supply failure. |
|
System lockups |
Overheating, power supply. |
|
POST code beeps |
Check list of beep codes for BIOS/UEFI for causes. |
|
Blank screen on bootup |
Bad RAM, video card. |
|
BIOS/UEFI time and setting resets |
Battery on motherboard may be bad. |
|
Attempts to boot to incorrect device |
Reset boot order in BIOS/UEFI. |
|
Continuous reboots |
Power supply, repair OS boot files. |
|
No power |
Front-panel wire from switch to motherboard may be loose, power supply turned off, AC cord not plugged in, bad power supply. |
|
Overheating |
Check case and fan air vents for dirt and blockage, check fans, remove dust and dirt from motherboard and components. |
|
Loud noise |
Check power supply, fans. |
|
Intermittent device failure |
Disconnect and reconnect power, data cables. |
|
Fans spin, no power to other devices |
Disconnect and reconnect power cables to peripherals. Check power supply voltage. |
|
Indicator lights |
Look up meaning of lights. |
|
Smoke |
Component failed on motherboard, add-on cards, or power supply. |
|
Burning smell |
Component failed on motherboard, add-on cards, or power supply. |
|
Proprietary crash screens (BSOD/pin wheel) |
Look up error code(s) on OS website. |
|
Distended capacitors |
Replace capacitors, if possible, or replace motherboard or other component. |
|
Log entries and error messages |
Look up entries and error messages. |
Hard drives, SSDs, and RAID arrays (mass storage) |
Read/write failure |
Test drive with OS or drive-vendor app. |
|
Slow performance |
Make sure drive is connected to the recommended port type; test drive with OS or drive-vendor app. |
|
Loud clicking noise |
Back up drive immediately if not recently backed up; test drive with OS or drive-vendor app. |
|
Failure to boot |
Check BIOS/UEFI boot order; use OS boot repair functions. |
|
Drive not recognized |
Check power and data cables. |
|
OS not found |
Check BIOS/UEFI boot order; use OS boot repair functions. |
|
RAID not found |
Check connections to RAID drives; check RAID setup. |
|
RAID stops working |
Check connections to RAID drives; check RAID setup; replace failed drive. |
|
Proprietary crash screens (BSOD/pin wheel) |
Look up error code(s) on OS website. |
|
S.M.A.R.T. errors |
Indicates drive in imminent danger of failure; back up drive and replace. |
Video, projector, and displays |
VGA mode |
Restart system in normal mode; reinstall correct video drivers. |
|
No image on screen |
Check power and data cables to display; use special display keys on a laptop to display desktop on built-in monitor; check video drivers. |
|
Overheat shutdown |
Check GPU fans; check fans in projector; if overclocking GPU, return to standard settings. |
|
Dead pixels |
Try gently tapping pixels on display with a pencil eraser; have display replaced. |
|
Artifacts |
See overheat shutdown notes. |
|
Incorrect color patterns |
See overheat shutdown notes. |
|
Dim image |
Adjust brightness/contrast; if projector, check bulb. |
|
Flickering image |
Reset resolution to recommended. |
|
Distorted image |
Reset resolution to recommended. |
|
Distorted geometry |
Reset resolution to recommended. |
|
Burn-in |
Replace display or projector. |
|
Oversized images and icons |
System was booted in safe mode (Windows); restart. On any OS, reset resolution to recommended; reset scale and layout to 100% (Windows). |
Mobile devices (tablets, smartphones, laptops) |
No display |
Check power, check brightness. |
|
Dim display |
Check brightness, check power saving mode, recharge device. |
|
Flickering display |
Loose internal connection, have device serviced. |
|
Sticking keys |
Clean keyboard with vacuum or canned air. |
|
Intermittent wireless |
Connect to a stronger network. |
|
Battery not charging |
Check charger and charger cable. |
|
Ghost cursor/pointer drift |
Accidental finger taps on laptop touchpad. |
|
No power |
Check battery, charger, charger cable. |
|
Num Lock indicator lights |
Press Num Lock to turn on/off. |
|
No wireless connectivity |
Turn off airplane mode, make sure wireless is turned on. |
|
No Bluetooth connectivity |
Turn off airplane mode, make sure Bluetooth is on. |
|
Cannot display to external monitor |
Check connection to display, mirror or extend desktop. |
|
Touchscreen nonresponsive |
Clean touchscreen, may need to service device. |
|
Apps not loading |
Reset app, uninstall and reinstall. |
|
Slow performance |
Close open apps, uninstall unused apps to free up space. |
|
Unable to decrypt email |
Reinstall decryption app. |
|
Extremely short battery life |
Switch to low-power mode, replace battery. |
|
Overheating |
Close open apps; remove device from case; avoid overcharging battery. |
|
Frozen system |
Shut down device and allow to cool off. |
|
No sound from speakers |
Check speaker connections (cable or Bluetooth); adjust volume. |
|
GPS not functioning |
Enable GPS in settings. |
|
Swollen battery |
Battery overcharged; replace battery and charger. |
Printers |
Streaks |
For laser, remove and shake toner cartridge. For inkjet, clean printhead, make sure correct paper type chosen. |
|
Faded prints |
Check print style. This is normal for economy printing. For laser, replace toner cartridge. |
|
Ghost images |
Check fuser; check toner cartridge/imaging drum. Replace as needed. |
|
Toner not fused to the paper |
Check fuser; replace as needed. |
|
Creased paper |
Reload paper; check for obstructions in paper path; remove and replace duplex (double-sided) print component. |
|
Paper not feeding |
Remove some paper from paper tray; adjust settings on printer for paper thickness; hand-feed thick paper or card stock if possible. |
|
Paper jam |
Clear out jam; check for obstructions (torn paper, stickers, labels) in paper path; remove and replace duplex print component. |
|
No connectivity |
If wired, check cable to printer; if wireless, check Wi-Fi or Bluetooth setting on printer. |
|
Garbled characters on paper |
Check printer driver; check printer cable. |
|
Vertical lines on page |
Dirty rollers; (laser) low toner. |
|
Backed-up print queue |
Make sure printer is online and properly connected; open print queue and restart jobs. |
|
Low-memory errors |
For laser: Too many fonts or graphics on page; reduce number of fonts or graphics; upgrade printer memory if possible. |
|
Access denied |
Printer or network management settings may not give access to user or group at any time or at particular times. |
|
Printer will not print |
Shut down printer; restart printer. See “Backed-up print queue.” If no jobs in queue, try printer self-test. |
|
Color prints in wrong print color |
Make sure toner or ink cartridges are in correct positions; printer may need to be serviced or replaced. |
|
Unable to install printer |
User may not have permission to install a printer. |
|
Error codes |
Check error codes (error lights) in printer documentation for answers. |
|
Printing blank pages |
Ask user to review document for a blank page at the end of a document; some printers or network print queues are configured to print a blank page after each job to protect user privacy. |
|
No image on printer display |
Printer may be turned off or may be in low-power mode. Turn on printer; wake up printer. |
Wired and wireless networks |
Limited connectivity |
Log in to network with proper credentials; disconnect and reconnect as needed; open browser to complete login process on free, public networks. |
|
Unavailable resources |
Network resources are not available until you log in to the network. |
|
Internet |
Log in to network with proper credentials; disconnect and reconnect as needed; open browser to complete login process on free, public networks. DHCP server on network may have assigned all available IP addresses; try setting up an IP address in the correct range manually. |
|
Local resources |
Make sure USB or other cables have not been disconnected. |
|
Shares |
For a workgroup network, the device with folder or printer share must have account for you to log in to. For a domain (corporate) network, contact manager to have account permissions changed. |
|
Printers |
For a workgroup network, the device with folder or printer share must have account for you to log in to. For a domain (corporate) network, contact manager to have account permissions changed. |
|
Make sure email settings are correct; make sure network/Internet connection is working. |
|
|
No connectivity |
For wireless, turn off airplane mode; make sure Wi-Fi or Bluetooth is on. Release/refresh IP address lease. |
|
APIPA/link local address |
Device could not receive IP address from DHCP server. Release/refresh IP address lease; shut down and restart Wi-Fi connection. |
|
Intermittent connectivity |
Cellular-equipped: Device not switching between Wi-Fi and cellular; try turning off Wi-Fi when out of range. Wi-Fi: Wi-Fi signal weak in some areas. Add Wi-Fi repeaters. |
|
IP conflict |
IP address set manually is clashing with addresses set by DHCP. Choose an address that is in the same network but not in the range used by the DHCP server. Make sure all devices on the network use the same DHCP server. |
|
Slow transfer speeds |
Make sure fastest SSID (wireless network) available is used for connection. Make sure wired network adapter is set to use fastest connection settings available. |
|
Low RF signal |
Move Wi-Fi or Bluetooth device to different location to improve signal strength. If a USB Wi-Fi or Bluetooth adapter is used, connect it to a USB extension cable and reposition it for better signal strength. |
|
SSID not found |
Wireless router/access point might be out of service. Make sure Wi-Fi device is using correct frequency. If SSID is hidden, select hidden SSID and provide SSID name and password. |
Some of these symptoms might still exist when you are talking to users, but others are likely to no longer be evident. How you ask users about symptoms can help you discover the symptoms that took place before the reported problem occurred:
“Did you hear anything different than usual?”
“Do you usually print to a network printer?”
“Do you remember what apps were open when the problem happened?”
“Have you used the (printer, device, app) before, or was it just installed?”
Keep in mind that you should not limit the conversation to immediate issues. Anything out of the ordinary that occurred earlier on the same day, earlier in the week, or even the previous week could be significant.
Determine if Anything Has Changed
If you can determine if anything has changed (device settings, upgraded hardware, updated operating system or app, cables, and so on), the change might be the reason for the failure you are trying to troubleshoot.
Some of the ways to determine if anything has changed might include the following:
Reviewing operating system and application update logs
Comparing the default settings for the device to the current settings
Reviewing device driver versions and when they were last updated
Reviewing antivirus and anti-malware scan histories
Reviewing network update logs
Checking to see if any device or peripheral cables have been disconnected or connected to different ports than their assigned ports
Checking IT department records of system hardware upgrades
Checking BIOS/UEFI firmware revisions and updates
Checking to see what apps/programs were installed recently
Determining if new hardware was installed recently
Checking to see what apps/programs were updated recently
Determining if there were changes to the database recently (new tables, new data, new queries, old data removed, and so on)
Approach Multiple Problems Individually
If multiple problems have been reported, approach each of them individually. It’s possible that multiple problems might have a common cause (for example, a network failure would cause problems with all network operations, including printing, backup, email, and so on), but in most cases, it’s easier to figure out the solution to a single problem.
Research Knowledge Base/Internet, If Applicable
After you’ve completed Step 1 (Identify the problem), it’s time to move onto Step 2: Research knowledge base/Internet, if applicable. Unless you find a glaringly obvious problem such as a loose or missing cable or physical damage to a device, it’s time for some research.
If your organization has its own knowledge base, search that first. However, sooner or later, it’s going to be time to head to the Internet:
Whether you suspect a hardware or software problem, try searching the Internet for the symptoms before going to a particular vendor’s website to search.
Use keywords that describe the symptoms or problems.
Be sure to include brand, model and operating system information in your search—for example, “HP LaserJet Pro 400,” “Windows,” “Epson ET-4750,” “macOS,” “Microsoft Office 2016 for macOS,” “Office 365 Home and Student for Windows,” “Adobe Photoshop CC 2018,” and so on.
Pay attention to the dates of proposed solutions if multiple suggestions are given, as newer suggestions may work better than older suggestions.
Note the operating system or app version listed. Sometimes the same solution will work with older or newer versions than the current one.
For apps that have cloud or local/network versions, make sure you specify the correct version.
Note
Don’t be too specific if you are searching for help with a device, operating system, or app that has many variations. For example, HP often has many different model numbers for laptops that are essentially the same (varying by CPU speed, RAM installed, and so on). If you are searching for help with a smartphone or tablet that has different models for different carriers, try searching for the basic model first. If you are searching for help with a software program (app), you might try searching for the name first, then narrow it down by adding the version.
Establish a Theory of Probable Cause
After you’ve researched problems and symptoms, it’s time for Step 3: Establish a theory of probable cause. The more thorough a job you’ve done in Steps 1–2, the easier it will be to establish a successful theory: that is, a theory that, when tested, solves the problem.
Question the Obvious
Keep in mind that the obvious answer isn’t always the best answer, and a “solution” that was implemented without understanding the problem can make matters worse.
For example, a user reports a loud cooling fan inside a desktop computer. At the prompting of another user, the power to the cooling fan was disconnected. The fan no longer makes any noise, but a temperature alarm inside the case is now going off. Fortunately, the user called the help desk and was advised to shut down the computer before the system was damaged or data lost.
Another example: A user reports an error message being displayed and the system becoming unbearably slow whenever two apps were being run at the same time. The user decided to run only one app at a time. This made it difficult to get work done as both apps were needed. Fortunately, the user decided to call the help desk and it was determined that both apps needed updates. After the apps were updated, the error message no longer appeared.
Consider Multiple Approaches
There may be more than one solution to a problem, so consider multiple approaches. Generally, the simplest solution is preferred, especially if it enables the current tasks to be performed without interruption. For example, if a keyboard appears to have failed, plug in a new USB keyboard. USB devices are generally hot-pluggable, so the keyboard should be recognized and enabled without specific drivers being installed. This is also a good “quick fix” if a laptop’s keyboard stops working.
If an internal component appears to have failed, such as a network adapter, consider using a USB adapter as a temporary replacement. A USB adapter can typically be plugged in and used with a driver installation, instead of shutting down the computer and sending it in for repairs.
If you suspect a network connection problem, try connecting to a different wireless network or a different physical network.
If a problem occurs at certain times of the day, but not others, look for potential interference issues. For example, wired security systems and elevators can interfere with wired networks that use unshielded twisted pair (UTP) cabling. A microwave oven can interfere with some wireless networks. Try to examine the environment where the problem takes place under similar circumstances to when the problem takes place. Because you’re not familiar with the location, you might notice issues that the occupants don’t.
If a problem occurs with software, check the documentation to see if there’s a way to start the misbehaving app in safe mode. An app’s safe mode (when available) turns off features that might cause problems. For example, to start Microsoft Office for Windows apps in safe mode, hold down the Ctrl key while the app starts, or use the Run command and add the /safe option to the command to start the app.
Divide and Conquer
As you can see from Table 7-1, most subsystems (and thus, most potential causes for problems) have multiple components. When you propose a solution to try in Step 4, make one change at a time. When you are looking for possible causes, divide the problem into the smallest possible parts.
For example, suppose you can’t print to a local printer. The printing subsystem includes the printer, the USB cable between the printer and the computer, the USB port, the printer driver in the operating system, and the application. Each of these could cause the problem.
Start by checking the printer itself. Is it turned on? Online? Does is have ink or toner installed? If not, correct the problem and retry.
Next, check the USB cable. Is it connected to the printer and to a USB port on the computer? If not, correct the problem and retry.
Continue until you have checked each part of the subsystem. By using this “divide and conquer” method, you can find and fix problems in a systematic way.
If a problem appears complex, try looking for common features. For example, problems with printing, saving documents, and opening documents could have different causes if only local devices are being used, but if a network is used, all of these problems could be traced back to the network.
Here’s an example with software:
The system locks up when two specific programs are running at the same time. The application subsystem includes the operating system, the storage for the apps, the app files, and the data files created by each app. Each of these could cause the problem.
Start by running the first app and opening, editing, and saving some files. Note the app’s version and installed updates. Are there any problems with the app? If not, close it. If there are problems, resolve them.
Next, run the second app and open, edit, and save some files. Note this app’s version and installed updates. Are there any problems with the app? If not, close it. If there are problems, resolve them.
You have determined that the apps work properly when run separately. By using the “divide and conquer” method with apps, you now know the problem has to do with the combination of these apps running and not a problem with either app by itself.
Test the Theory to Determine the Cause
Have a theory of probable cause? It’s time for Step 4: Test the theory to determine the cause. To test a theory, change what you think is causing the problem. Some examples include the following:
Update device drivers.
Uninstall the device and let the operating system reinstall the device.
Swap a cable.
Move a USB device to a different port.
Swap memory modules.
Mute audio components.
Install updates for the operating system.
Install updates for apps.
Test drives for errors.
Test databases or data files for errors.
See Table 7-1 for additional suggestions. If you swap (replace) parts, be sure to use parts that are compatible and are known to work. A new, untested part could be defective.
Caution
If you don’t record the current configuration of the system’s hardware and software before you make a change to test your theory, you will not be able to reset the system to its previous condition if your first change doesn’t solve the problem.
After you make a single change in the system, retest it to see if the problem is solved. What do you do next? That depends on what you found out.
Once the Theory Is Confirmed (Confirmed Root Cause), Determine the Next Steps to Resolve the Problem
If your theory is confirmed, it’s time to decide how to resolve the problem. Let’s look at the specific examples provided in the previous section:
Update device drivers. Continue to use the updated device drivers.
Uninstall the device and let the operating system reinstall the device. If the device now operates properly, continue to use it.
Swap a cable. If the replacement cable is not needed elsewhere, continue to use it.
Move a USB device to a different port. If the USB device now works, you must decide if the USB port’s host device (card, motherboard, or hub) needs to be replaced.
Swap memory modules. If the replacement memory modules are not needed elsewhere, continue to use them.
Mute microphone or speakers. If muting either the microphone or speakers solves the problem, determine a permanent solution.
Install updates for the operating system. If installing operating system updates solves the problem, plan to implement the solution on other affected systems.
Install updates for apps. If installing app updates solves the problem, plan to implement the solution on other affected systems.
Test drives for errors. The results of the test determine what the solution should be.
Test databases or data files for errors. The results of the test help determine what the solution should be.
If the Theory Is Not Confirmed, Establish a New Theory or Escalate
What should you do if your theory didn’t work? Develop a new theory and test it. If you’re fairly certain you have identified the correct subsystem as the problem, move to the next step in the process of testing the subsystem.
For example, if swapping in memory didn’t solve the problem, try the memory you removed from the problem system in a different, but similar, working system. If the other system continues to work, that suggests that the original computer’s memory sockets are dirty or have failed.
If you have checked everything in a particular subsystem, you can either look at another subsystem or escalate the problem to the next support tier.
Tip
End users who have some knowledge of basic troubleshooting may grow frustrated if you are following a script that asks whether this, that, or the next thing have been tried and they’ve already tried those steps. Thank them for their efforts, and if you have reached the end of what you can do, escalate it to a more advanced level.
Establish a Plan of Action to Resolve the Problem and Identify Potential Effects
Once you’ve discovered the solution in Step 4, it’s time for Step 5: Establish a plan of action to resolve the problem and identify potential effects.
A plan of action can be as simple as installing a replacement cable. Sometimes a plan of action might be more complex, as in dealing with a failing internal drive in a RAID 10 array, as follows:
Step 1: Back up data if data has not been backed up in ___ days (the exact amount of time depends upon how often the data changes; if data changes frequently, a backup might be needed daily).
Step 2: Shut down system and disconnect from power.
Step 3: Take ESD (electrostatic discharge) precautions and open system.
Step 4: Remove old drive.
Step 5: Check capacity.
Step 6: Install new drive of same capacity.
Step 7: Reconnect to power.
Step 8: Restart system.
Step 9: Prepare drive for use (partition, reformat) using RAID firmware.
Step 10: Rebuild RAID array.
Step 11: Test drive for proper operation using operating system or drive vendor diagnostics.
Step 12: Restart system and test functionality.
Here’s an example of a plan of action for dealing with a malware outbreak:
Step 1: Identify and research malware symptoms.
Step 2: Quarantine the infected systems.
Step 3: Disable System Restore (in Windows).
Step 4: Remediate the infected systems.
4a: Update the anti-malware software.
4b: Scan and use removal techniques (safe mode, pre-installation environment).
Step 5: Schedule scans and run updates.
Step 6: Enable System Restore and create a restore point (in Windows).
Step 7: Educate the end user.
What are potential effects? Potential effects for any solution can range from nothing (system works immediately, no downtime) to significant (system must be taken offline for repairs) as in the plans of action just described.
Implement the Solution or Escalate as Necessary
With the plan of action (Step 5) in hand, it’s time to implement it or escalate it (Step 6).
If you are responsible for implementing the plan of action, follow it carefully. Be sure to note any problems with the plan or any additional problems you observe.
If you are not responsible for implementing the plan of action, escalate it to the department that is responsible.
Verify Full System Functionality and, If Applicable, Implement Preventive Measures
After the plan of action is implemented (Step 6), it’s time to verify full system functionality (Step 7). Simply put, make sure the system, peripheral, or device does what it is supposed to do. This step, while vital, is often missed by technicians. Don’t just install something and walk away, hoping it will work.
Here are some examples of testing full system functionality:
Connect to a wired network and open a folder, then a file.
Connect to a wireless network and open a folder, then a file.
Connect to the Internet and view a web page that changes frequently, such as a news aggregator.
Print to a local printer.
Print to a network printer.
Open a file from local or network storage, edit it, and save it under a different name.
Scan a document or photograph.
Copy a file to a USB drive.
Burn an optical disc.
Extend the desktop or mirror dual displays (depending on task requirements).
Scroll through a document with a mouse or pointing device.
Pinch zoom a web page with a touchscreen.
Run a backup.
Run the OS or app update process.
Run an app and use it normally (open, edit, save data, close app).
What circumstances require the implementation of preventive measures? Here are some examples:
Data loss due to a lack of backups: Set up a backup schedule and enable automatic backup in supported apps (Microsoft Office, and so on).
Malware infection due to outdated malware protection: Update malware protection and set up an update schedule.
Malware infection due to lack of real-time protection: Enable real-time protection.
Malware infection due to infection from website: Set up real-time protection and enable browser anti-malware features.
Malware infection due to phishing emails or social engineering: Set up training to help users distinguish legitimate emails from fakes and to avoid social engineering attempts in person or by phone.
Drive failure: Enable S.M.A.R.T. drive self-monitoring, schedule operating system disk testing on a regular schedule, and make sure backups are scheduled.
Any problem caused by user error or omission of needed tasks: If possible, automate tasks that should be done and set up user training.
Document Findings/Lessons Learned, Actions, and Outcomes
Many IT problems are not one-offs; they are likely to occur again and again. Instead of starting from scratch each time, document the entire process of solving a problem. Follow the eight-step troubleshooting process when you record your findings. Be sure to add any figures (screen captures, diagrams, photos, and so on) that will help you or others solve similar problems the next time. Be sure to record the outcomes. All of these are part of Step 8: Document Findings/Lessons Learned, Actions, and Outcomes.
What lessons did you and others in the organization learn? For example, did users learn how to detect phishing emails? When to check for malware? How to tell when a backup drive is becoming full? How to tell that the wireless network is not working? Be sure to record this as well.
Here’s an example that shows it might be necessary to make several attempts to solve a problem and that one “solution” can lead to another problem that needs to be solved:
Step 1: A user is unable to perform a video chat on a desktop computer. Symptoms included a blank screen during video chat and no video device available.
Step 2: Research indicated most likely reason was that webcam was not plugged in to a working USB port.
Step 3: Theory: Plug in webcam.
Step 4: Webcam was plugged in and video responded. However, speakers began to make loud howling and clicking noises. Return to Step 1 to solve newly discovered problem.
Return to Step 1: User recalled that webcam was disconnected because of sounds coming from speakers.
Step 2: Research indicated that feedback between the webcam and speakers was a possible cause of the problem.
Step 3: Theory: Mute microphone in webcam.
Step 4: Webcam’s microphone was muted and sound from speakers stopped. However, webcam’s microphone and speakers, rather than a headset, are needed for video chat. Return to Step 1 to look for a permanent solution.
Return to Step 1: Speakers are behind webcam and are at same height as webcam (which is attached to the top of a display).
Step 2: Further research indicated that moving the webcam (microphone) away from the speakers might reduce/eliminate feedback.
Step 3: Theory: Place webcam on desk below level of speakers.
Step 4: Webcam was moved, unmuted, and feedback stopped.
Step 5: Plan of action: Make sure webcams and speakers are not at same height for this user or other user in a similar situation.
Step 6: Webcam’s position was adjusted permanently.
Step 7: Tested webcam and speakers in video chat. Verified correct operation. Played music and audio with speakers. Verified correct operation. Showed user how to mute/unmute webcam microphone in case future changes in equipment setup would cause problems.
Step 8: Wrote up problem and solution. Made available in in-house support documents. Advised all users with similar situations.
Exam Preparation Tasks
Review All Key Topics
Review the most important topics in this chapter, noted with the Key Topics icon in the outer margin of the page. Table 7-3 lists these key topics and the page number on which each is found.
Table 7-3 Key Topics for Chapter 7
Key Topic Element |
Description |
Page Number |
List |
How to identify the problem |
|
Computer and peripheral subsystems |
||
List |
Safeguarding current settings |
|
List |
Information sources for a system or device |
|
List |
Possible symptoms |
|
List |
How to identify if anything has changed |
|
List |
Research tips |
|
List |
Testing a theory |
|
List |
Resolving the problem |
|
List |
Testing full system functionality |
|
List |
Preventive measures |
Define Key Terms
Define the following key terms from this chapter and check your answers in the glossary:
Complete the Tables and Lists from Memory
Print a copy of Appendix B, “Memory Tables,” or at least the section from this chapter, and complete the tables and lists from memory. Appendix C, “Memory Tables Answers,” includes completed tables and lists to check your work.
Practice Questions for Objective 1.6
1. Reviewing operating system and application update logs is part of which troubleshooting step?
Establish a theory of probable cause
Identify the problem
Establish a plan of action to resolve the problem and identify potential effects
Implement the solution or escalate as necessary
2. Setting up staff training to avoid phishing and social engineering is an example of ____________.
establishing a plan of action
identifying the problem
testing the theory
preventive measures
3. Resetting the CMOS is not an example of troubleshooting which of the following components?
Power
RAM
Motherboard
CPU
4. Which of the following components uses TCP/IP configuration settings?
Network adapter
Display
Storage
RAM
5. How can you capture a BIOS/UEFI/firmware setup screen? (Choose the correct method.)
Press the PrintScreen key.
Use a screen snipping program.
Use your smartphone’s camera.
Use Alt+C keys.
6. The scanner driver is an example of which of the following?
Software
Hardware
Firmware
Subsystem
7. You are preparing to test an internal SATA hard drive. Which of the following is not part of the storage subsystem?
SATA cable
BIOS/firmware settings
Power connector
USB port
8. Identify symptoms” is part of which step?
Step 2: Research knowledge base/Internet
Step 4: Test the theory
Step 1: Identify the problem
Step 6: Implement the solution or escalate
9. Select the correct order for these steps: (a) Test the theory; (b) Research knowledge base/Internet; (c) Identify the problem; (d) Document findings.
a, b, c, d
c, b, a, d
d, a, c, b
d, c, b, a
10. A speed monitoring cable is used by which of the following subsystems?
Storage
Display
Power
Cooling
11. You have swapped a cable with a brand-new cable, and the device still does not work. Which of the following is the correct conclusion to draw?
Something else besides the cable is wrong.
The port is defective
The replacement cable is not known to be working.
The device is defective.
12. In the process of repairing a “dead” computer, you wind up swapping the power supply, the RAM, and the video card, in that order, keeping each of the replacement parts connected as you swapped the next one. The computer now works. Which of the following is a correct statement of what happened?
The power supply was the problem.
The RAM was the problem.
All of the replaced parts were defective.
We don’t know if the power supply and the RAM are defective.
13. If the theory is confirmed (confirmed root cause), you should determine the next steps to resolve the problem. What should you do if the theory is not confirmed?
Establish a new theory or escalate.
Question users.
Verify full system functionality and, if applicable, implement preventive measures.
Duplicate the problem, if possible.
14. You are applying the troubleshooting methodology steps in order to fix a user’s laser printer that won’t print. While establishing a theory of probable cause, what should you do first?
Duplicate the problem, if possible.
Question the obvious.
Change the toner cartridge.
Approach multiple problems individually.
15. What are the first and last steps of the troubleshooting methodology?
Establish a theory of probable cause and implement the solution or escalate as necessary.
Research knowledge base/Internet, if applicable, and verify full system functionality.
Test the theory to determine the cause and establish a plan of action.
Identify the problem and document findings/lessons learned, actions, and outcomes.
16. You are attempting to identify an operating system application-related problem for a user. Where would be a great place to gather information from?
The users Pictures folder
The network log
The operating system application log
A second-tier help desk support technician
17. The user is attempting to open a picture and sees an error message instead. When you have the user open another picture in the same folder, the picture opens normally. Which of the following is most likely the cause?
App failure
Hardware problem
Firmware problem
Picture file corrupted
18. You are helping a user with a website that doesn’t want to load. Which of the following troubleshooting actions should be tried first to determine if the website itself has a problem?
Open a different website.
Disconnect and reconnect the network cable or USB adapter.
Reinstall the web browser.
Contact the Internet service provider.
19. A user’s desktop computer won’t turn on. The user reports that a hard drive was just replaced at the user’s work area and the tech didn’t test the computer before leaving. Which of the following should you check first?
AC outlet used by computer
Switch on surge suppressor
Power supply switch and AC cord
Front-panel wire from case power switch to motherboard
20. You are sitting in an airport terminal awaiting a connecting flight. A fellow passenger is playing “Angry Birds” but can’t make a phone call. Which of the following should be checked first?
Power
Airplane mode
Bluetooth
Wireless
Your Next Steps (More Certs)
Troubleshooting is an essential skill, and this chapter is just the first taste of a big part of working in IT. Whatever direction you go in, we’d suggest getting the CompTIA A+ certification next, as it will greatly enhance your ability to troubleshoot hardware, software, firmware, and networks. After that, it’s up to you!