IT ESSENTIALS

Final Exam Preparation Paper

Chapter 11: Windows Configuration

Comparing Windows Versions

The first version of Microsoft Windows was released in 1985. Since then, over 25 versions,
subversions, and varieties have been released. Each version can also have editions, such as
Home, Pro, Ultimate, or Enterprise, and come in either 32-bit or 64-bit versions.

Centralized management is provided through joining an Active Directory domain where the user
accounts and security policies are configured on a Domain Controller.

Other corporate features include:

• BitLocker - enables a user to encrypt all data on a disk drive or removable drive
• Encrypted File System (EFS) - allows the user to configure file and folder-level encryption
• Branch Cache - allows remote computers to share access to a single cache of data from
shared folders and files or document portals

There are some features of Windows that are aimed at personal use, such as Windows Media
Center (allows the computer to be used as a home entertainment appliance for playing DVDs).

• Windows 7 - October 2009 - January 2020, huge success

• Windows 8 - October 2012, new UI for touchscreens, not well received
• Windows 8.1 - October 2013, fixed Windows 8 mess
• Windows 10 - July 2015, Microsoft Edge
The Windows Desktop

Windows 7 has a default theme called Aero (translucent window borders, many animations).

Windows 7+ desktop features:

• Shake - minimize all windows that are not being used by clicking and holding the title bar of
one window and shaking it with the mouse
• Peek - view the desktop icons that are behind open windows by placing your cursor over the
Show desktop button found at the right edge of the taskbar
• Snap - resize a window by dragging it to one of the edges of the screen

Gadgets are small applications, such as games, sticky notes, a calendar, or a clock.

Windows introduced a new desktop that used tiles on the Start screen. Another new GUI
element is a vertical bar of five icons known as charms. They provide quick access to common
functions.

The Windows 10 Start menu consists of three main parts.

• Left - a strip of shortcuts to common libraries appears with a button that provides access to
settings and the shutdown button.
• Middle - a menu of applications that are available, in alphabetical order, with areas for the
most recently installed and most used applications at the top.
• Right - an area containing tiles for Apps that are arranged by category, such as games,
creative software, etc.

The Taskbar provides easy access to many important and commonly used features of Windows.

Useful features of the Taskbar:

• Jump lists - display a list of tasks that are unique to the application
• Pinned applications - add an application to the taskbar for easy access
• Thumbnail previews - view a thumbnail image of a running program

Windows Task Manager

The Windows Task Manager provides information about all of the applications, processes, and
services that are running on the computer. It can also be used to terminate processes that are
causing system issues or that have stopped responding to user input.
The 7 tabs of Task Manager:
• Processes - a list of processes (set of instructions started by the user, OS, or program)
currently running on the PC
• Performance - dynamic system performance graphs
• App history - historical resource utilization, only available for apps from Microsoft Store
• Startup - the processes that automatically started during Windows startup
• Users - the users who are currently connected to the PC and the system recourses they are
using
• Details - tweak the level of CPU priority for a given process, specify CPU affinity
• Services - all available services and their status, identified by their Process ID (PID)

Windows 10/8 Task Manager vs Windows 7 Task Manager

1. The Applications and Processes tabs (from W7) have been combined in Windows 10.

2. The Networking (from W7) tab is now included with the Performance tab in Windows 10.

3. The Users tab has been enhanced in Windows 10 to not only show the users that are
connected but also the resources that they are using
Windows File Explorer

File Explorer is a file management application in Window 8 and Windows 10 (aka Windows
Explorer in <W7, minus the Ribbon). It is used to navigate the file system and manage the
folders, subfolders, and applications on storage media.

In Windows versions 10 and 8.1, the This PC feature allows you to access the various Devices
and drives installed in the computer.

Depending on the file permission, only users with enough permission can access the file. To
override this behavior and gain access to those files, you must open or execute them as the
system administrator. To do so, right-click the file and choose Run as Administrator.

A library is a virtual folder that presents content from different locations within the same view.
Windows Libraries allow you to easily organize content from various storage devices on your
local computer and network, including removable media, without actually moving the files. When
Windows 10 is installed, each user has 6 default libraries.

In Windows, files are organized in a directory structure. A directory structure is designed to store
system files, user files, and program files. The root level of the Windows directory structure, the
partition, is usually labeled drive C.

Windows creates a series of folders for each user account that is configured on the computer.
These folders appear to be the same in File Explorer for each user, however, they are actually
unique to each user account. In this way, users cannot access each other's files, applications, or
data.

Folder and file locations:

• Users folder - C:\Users\User_name
• System folder - C:\Windows\system32
• Program files - C:\Program files (if 32-bit) or C:\Program files (x86) (if 64-bit)

Windows naming convention:

• Maximum 255 characters allowed
• / and \ not allowed
• Filenames not case sensitive
• 3 or 4 letter extension added
The directory structure maintains a set of attributes for each file that controls how the file can be
viewed or altered.
Some common file attributes:
• R - read-only file
• A - will be archived next time the disk is backed up
• S - system file, warning given
• H - hidden file

Control Panel Utilities

Windows 10 offers two ways to configure the operating system:

1. Settings app - first appeared in W8
2. Control panel - first appeared in W7

You can open the Control Panel from Command Prompt (CLI) by typing control.

Control Panel categories:

• System and Security - general hardware, storage, encryption, Windows Defender Firewall
• Network and Internet - networking, file sharing, default browser
• Hardware and Sound - printers, media devices, power, mobility
• Programs - changes/updates/removals to installed programs, activation/deactivation
• User Accounts - UAC, Management of Web and Windows Credentials
• Ease of Access - make Windows easier to use (especially for ppl with disabilities)
• Clock and Region - date, time, language
• Appearance and Personalization - taskbar, navigation, file explorer, fonts

User and Account Control Panel Items

Administrator accounts are generated when Windows is installed. They can change all system
settings and access all files and folders on the computer.

Standard user accounts can manage most configuration settings that don't affect other users.
They can only access their own files and folders.

UAC monitors programs on the computer and warns users when an action might present a
threat to the computer.
Credential Manager helps you to manage passwords that are used for websites and Windows
applications. Web credentials are not saved for sites accessed by browsers other than Internet
Explorer and Edge.

Sync Center allows files to be edited from multiple Windows devices. Using it requires activation
of the Offline Files feature (sets up a local file location that will store the files to be
synchronized).

Microsoft OneDrive offers a similar service. OneDrive is a cloud storage service that is available
to Microsoft Windows users.

Network and Internet Control Panels

Mobile devices use Wireless Wide Area Network (WWAN) or cellular Internet access
technology. WWAN adapters can be internal or external connected by USB. Connection to the
WWAN is automatic once the adapter and adapter software are installed.

Internet options for Microsoft Internet Explorer:

• General - basic internet settings (default home page, browsing history, search settings,
browser appearance)
• Security - local internet, trusted/untrusted/restricted sites, security levels
• Privacy - internet zone, location services, ad blocker
• Content - parental controls, AutoComplete settings, web slices
• Connections - internet connection, network settings, dial-up, VPN, proxy server (reduces
bandwidth)
• Programs - default web browser, add-ons, HTML editor
• Advanced - reset settings, advanced settings

Network and Sharing Center shows how your computer connects to a network. It also allows the
configuration of file and device sharing through the use of network profiles.

In Windows networking, a HomeGroup is a group of computers that are on the same network.
They simplify sharing files on simple networks. Devices that are attached to computers in the
HomeGroup can also be shared. In newer versions of Windows 10, HomeGroup functionality is
not available.
Display Settings and Control Panel

The following settings can be adjusted:

• Display - A specific monitor can be configured if there is more than one monitor
• Screen resolution - specifies the number of pixels horizontally and vertically.
• Orientation - (flipped) Landscape, (flipped) Portrait
• Refresh rate - how often the image in the screen is redrawn (60Hz)
• Display colors - adjust bit depth (number of colors that can be displayed)
• Multiple displays - 2+ monitors

Power and System Control Panels

The Power Options Control Panel item allows you to change the power consumption of certain
devices or the entire computer.

Power plans are a collection of hardware and system settings that manage the power usage of
the computer. Windows has preset power plans that were created when it was installed.

You can choose from the following options:

• Require a password on wake up (W7)
• Choose what the power buttons do
• Choose what closing the lid does (laptops)
• Create a power plan
• Choose when to turn off the display
• Change when the computer sleeps

If users do not want to completely shut down a computer, the following options may be available:
• Do nothing - computer runs at full power
• Sleep - everything saved in RAM
• Hibernate - everything saved on a temp file in hard drive
• Turn off the display - full power, just display off
• Shut down - bye bye

System properties:
• Computer name - pretty self explanatory, workgroup
• Hardware - device manager, device installation settings
• Advanced - performance, user profiles, startup, recovery
• System Protection - System Restore, amount of disk space
• Remote - Remote Assistance and Remote Desktop
To enhance the performance of the OS, you can change the virtual memory configuration
settings. When Windows determines that system RAM is insufficient, it will create a paging file
on the hard drive that contains some of the data from RAM. When the data is required back in
RAM, it is read from the paging file.

Windows ReadyBoost enables Windows to treat an external flash device, such as a USB drive,
as hard drive cache. ReadyBoost will not be available if Windows determines that no
performance improvement will be gained.

Hardware and Sound Control Panels

Device Manager displays a list of all the devices installed in the computer, allowing you to
diagnose and resolve device problems. Device Manager organizes devices by type.

You can perform the following functions:

• Update a driver - change the currently installed driver
• Roll back a driver - Change the currently installed driver to the previously installed driver
• Uninstall a device
• Disable a device

Devices displayed in the Devices and Printers Control Panel item are typically external devices
you can connect to your computer through a port such as USB, or a network connection. Those
devices include:
• Portable devices that you occasionally connect to your computer
• Devices you plug into a USB port on your computer
• Printers connected to your computer or available on the network
• Wireless devices connected to your computer
• Compatible network devices connected to your computer
Use the Sound Control Panel item to configure audio devices or change the sound scheme of
the computer.

Clock, Region and Language

The Windows clock will automatically synchronize with a time authority on the internet. This
ensures that the time value is accurate.

Windows allows you to change the format of numbers, currencies, dates, and times by using the
Region Control Panel item.

Users can install language packs that include fonts and other resources required by different
languages.

Programs and Features Control Panels

Use the Program and Features Control Panel items to uninstall a program from your computer if
you no longer use it or if you want to free up space on your hard disk. It is important that
applications be uninstalled either through the Programs and Features Control Panel item or
from an uninstallation menu choice that is associated with the application in the Start menu. You
can also choose to manually install software from the network, activate/deactivate Windows
features.

If an application is uninstalled incorrectly, you might be leaving files on the hard drive and
unnecessary settings in the registry, which wastes hard drive space and system resources.
Microsoft recommends that you always use the Programs and Features Control Panel utility
when removing, changing, or repairing applications.

The Default Programs Control Panel item provides the means to configure the way that
Windows handles files and the applications that are used to work with them, choose how
AutoPlay works.

Other Control Panels

• Troubleshooting - has a number of built-in scripts that are used to identify and solve common
problems with many Windows components
• BitLocker Drive Encryption - a service provided with Windows that will encrypt an entire
volume of disk data so that it can't be read by unauthorized parties.
• File Explorer and Folder Options - permits changing a variety of settings regarding the way
files are displayed in Windows Explorer or File Explorer
Functions of file explorer tabs in W10:
General:
• Browse folders - how a folder is displayed when it is opened
• Click items as follows - the number of clicks required to open an item
• Privacy - which files and folders are shown in Quick Access + allows File History to be cleared
View:
• Folder views - view settings for a folder being viewed to all folders of the same type
• Advanced settings - customizes viewing experience including the ability to view hidden files
and file extensions
Search:
• What to search (W7) - search settings based on indexed and non-indexed locations to make
files and folders easier to find
• How to search - whether an indexed search is used
• When searching non-indexed locations - whether system directories, compressed files and file
contents are included when searching non-indexed locations

Administrative Tools

The Administrative Tools Control Panel item is a collection of tools that are used to monitor and
configure Windows operation. It is unusual in that it is a collection of shortcuts that open in File
Explorer.

One of the Administrative Tools items is the Computer Management console. It allows you to
manage many aspects of your computer and remote computers in one tool. It provides access to
3 groups of utilities. The focus will be on the System Tools group.

Event Viewer allows viewing the history of application, security, and Windows system events.
These events are stored in log files.

Each log is identified by its type or level:

• Information - successful event
• Warning - indication of a potential problem with a software component that is not functioning
ideally
• Error - a problem exists, but no immediate action is required
• Critical - immediate attention is required, usually related to system or software crashes or
lockups
• Success audit (security only) - a security event has been successful
• Failure audit (security only) - a security event has not been successful
Local Users and Groups provides an efficient way of managing users. You can create new users
and assign those users to membership in Groups. Groups have rights and permissions assigned
that are suitable for different types of users.

Default user accounts and groups provided by Windows:

• Administrators - full control of the computer and access to all folders
• Guests - can access the computer through a temporary profile that is created at logon and
deleted on logoff, disabled by default
• Users - can perform common tasks such as running applications and accessing local or
network printers, persists on the system

Performance Monitor allows customized performance graphs and reports to be created from a
wide range of hardware and software components. Data Collector Sets are collections of
metrics, called performance counters. Windows has a number of default Data Collector Sets and
you can create your own. Data collection can be scheduled to occur at different times and for
different durations and stop criterion for a monitoring session can also be set.

Component Services is an administrative tool used by administrators and developers to deploy,

configure, and manage Component Object Model (COM) components. COM is a way to allow
the use of software components in distributed environments such as in enterprise, internet, and
intranet applications.

A service is a type of application that runs in the background to achieve a specific goal, or to
wait for service requests. The Services console (SERVICES.MSC) allows you to manage all the
services on your computer and remote computers.

You can use the following settings, or states, to control a service:

• Automatic - service starts when the computer is started, prioritizes the most important
services
• Automatic (delayed) - service starts after services that are set to Automatic have started (only
W7)
• Manual - service must be started manually by the user or by a service or program that needs it
• Disabled - service cannot be started until it is enabled
• Stopped - service is not running

Data Sources is a tool used by administrators to add, remove, or manage data sources using
Open Database Connectivity (ODBC). ODBC is a technology that programs use to access a
wide range of databases or data sources.
The Print Management utility provides a detailed view of all of the printers that are available to a
computer. It enables efficient configuration and monitoring of directly attached and network
printers, including print queues for all printers to which it has access. It also allows the
deployment of a printer configuration to multiple computers on a network through the use of
group policies.

The Windows Memory Diagnostics tool schedules a memory test that will be executed when the
computer starts. After the tests are complete, Windows will restart. The results of the test can be
viewed by finding the memory diagnostic test result in the Windows Log folder in Event Viewer.

System Utilities

Administrators can use the System Information tool to collect and display information about
local and remote computers. Support personnel can use this information to diagnose and
troubleshoot a computer. It can also display the configuration of other machines on the network.

Can be opened from the command prompt by typing msinfo32.

System Configuration (MSCONFIG) is a tool used to identify problems that keep Windows from
starting correctly. To help with isolating the issue, services and startup programs can be turned
off and turned back on one at a time.
System Configuration Tabs:
• General - 3 startup selections (Normal, Diagnostic - basic services and drivers only, Selective -
same as Diagnostic but customizable)
• Boot - choose Windows OS version to boot, or choose Safe boot
• Services - list of services that are started with the OS
• Startup - (W7) list of apps that run automatically when Windows starts, (W7+ reference to
Task Manager)
• Tools - list of diagnostic tools to aid troubleshooting

The Windows Registry is a database that contains settings for Windows and for applications that
use the Registry. The settings are low-level (meaning a lot). Values in the Registry are created
when new software is installed or new devices are added. Every setting in Windows, from the
background of the desktop to the licensing of applications, is stored in the Registry.

The Registry consists of a hierarchical arrangement of keys and sub-keys that are represented
as a tree. Levels of the sub-key tree can be deeply nested with a maximum of 512 levels
permitted.
The Registry exists as multiple database files, called hives, that are associated with each of the
top level registry keys. Each key has values. The values consist of the name of the value, its data
type, and the setting or data that is associated with the value. These keys are recognized by their
distinctive names, which begin with HKEY_

Registry Root Keys:

The Registry Editor allows an administrator to view or make changes to the Windows Registry. It
can only be opened from a search or command prompt command regedit.

Microsoft Management Console (MMC) is an application that allows the creation of custom
management consoles for collections of utilities and tools from Microsoft or other sources. The
Computer Management console that was previously discussed is a pre-made MMC. Utilities and
tools, known as snap-ins, can be added to the console.

DxDiag stands for DirectX Diagnostic Tool. It displays details for all DirectX components and
drivers that are installed in a computer. It is run from a search or from the command line.

Disk Management

Disk operations:
• Mount disk - take a disk image and open it like a drive
• Initialize disk - format a disk before using it with Windows
• Extend Partition - add space to a volume from another volume on the disk
• Split partition - create a new partition from an existing one
• Shrink partition - create unallocated space from an existing partition

The Disk Management utility is part of the Computer Management console. You can use the
Disk Management utility to complete the following tasks:
• Extend partitions
• Shrink partitions
• View drive status
The drives in the computer can display one of the following conditions:
• Foreign - A dynamic disk that has been moved to a computer from another
computer
• Healthy - functioning properly
• Initializing - basic disk that is being converted into a dynamic disk
• Missing - dynamic disk that is corrupted, turned off, or disconnected
• Not initialized - disk that does not contain a valid signature
• Online - basic or dynamic disk that is accessible and shows no problems
• Online (Errors) - I/O errors detected on a dynamic disk
• Offline - dynamic disk that is corrupted or unavailable
• Unreadable - basic or dynamic disk that has experienced hardware failure,
corruption, or I/O errors
• Assign or change drive letters
• Add drives
• Add arrays
• Designate the active partition

In Windows disk management, you can create mirrored, spanned, or RAID 5 arrays from
multiple dynamic disks. Storage Spaces is the disk array technology that is recommended by
Windows. It creates pools of physical hard drives from which virtual disks (storage spaces) can
be created.

As files increase in size, some data is written to the next available cluster on the disk. In time,
data becomes fragmented and spread over nonadjacent clusters on the hard drive. As a result, it
takes longer to locate and retrieve each section of the data. A disk defragmenter gathers the
noncontiguous data into one place, making the OS run faster. It is not recommended to perform
disk defragmentation on SSDs, however, it’s OK on SSHDs.

The Optimize Drives utility allows analysis of the drive prior to optimization. The analysis will
display the degree of fragmentation of the drive.

The Disk Error-Checking tool checks the integrity of files and folders by scanning the hard disk
surface for physical errors.

Application Installation and Configuration

Before purchasing or attempting to install an application, you should verify that the system
requirements are met. The may include:
• Processor speed
• RAM
• OS and version

Most applications use an automatic installation process when the application disc is inserted in
the optical drive. Most Windows software installations are attended, meaning the user must be
present to interact with the installer software to provide input about the options to use when
installing the software.

Other types of installations include:

Installer software usually has an EXE or Microsoft Silent Installer (MSI) file extension. The user
must have the appropriate permissions in order to install the software. They must also not be
blocked by group policies that prevent software installation.

The Microsoft Store allows a user to search for and install apps on Windows devices (not
available on W7).

Allowing users to install software on computers that are owned by a business organization can
be a security risk.

Using the Windows CLI

Windows has 2 command line utilities:

• PowerShell
• The original command line

PowerShell is a more powerful command line utility. It offers many advanced features, such as
scripting and automation. It even comes with its own scripting development environment, called
PowerShell ISE, to help with the task of writing scripts.
PowerShell uses "cmdlets", or small applications, that represent the commands that are
available. PowerShell also allows naming of cmdlets with aliases, so the same cmdlet can be run
at the command line with any name that adheres to naming conventions that you choose to
assign to it.

The original command line still exists in Windows 10, and can be opened by typing cmd into the
search field on the Taskbar.

Basic commands and keys:

• whoami - display the name of the computer that the prompt is open on and the user account
• help or help|more - get info on commands
• command /? - get help on a specific command
• cls - clear the screen
• up-arrow keys - move through previously entered commands
• F7 key or doskey/history - display command history
• Ctrl + C keys - exit a running command/script
• exit - close the command window

File System CLI Commands

Special characters, called wildcards, can be substituted for characters or groups of characters in
filenames. Wildcards can be used when you only know part of a filename that you are trying to
find or when you want to perform a file operation on a group of files that share elements of a
filename or extension.

The 2 wildcards that can be used with Windows Command Prompt are:
• * - matches groups of characters, including entire filenames and file extensions (e.g. my*.txt =
start with my and have the .txt extension)
• ? - same as *, but stands for any single character
Common Syntax Conventions:

File system navigation commands:

• <Drive> - display contents from a different drive
• dir - display contents of the current directory
• /a - all, including hidden files
• /os - sort files by size
• /b - list file and folder names only
• /w - display wide view
• cd - change directory
• /d - change drive and directory
• . - refers to current path
• .. - go up the path one lvl
• \ - go to root of the drive
• md - make directory
• echo - echo something into a file
• move - move a file from one location to another OR change the name of the file
• rd - delete directory
• /s - remove all subdirectories
• /q - quiet mode, do not request confirmation
• ren - rename directory or file
• > - redirect, send the output of a command to a file
• type - display contents of a file
• del - delete a file/folder
• copy - copy a file
• xcopy - extended copy, copy directory trees
• robocopy - robust copy, same as xcopy

Disk CLI Commands

• chkdsk - checks disk for system errors (admin privilege)

• /f - fix disk errors, recover bad sectors
• /r - same as /f but fixes physical errors too
• format - creates a new file system for a disk (admin privilege)
• /q - quick scan
• /v: - specify volume name
• /fs: - specify file system
• diskpart - starts a separate command interpreter with commands for working with disk
partitions (admin privilege, Windows Disk Manager functions)

System CLI Commands

• tasklist - displays the current list of tasks running on local/remote computer
• taskkill - kills a current running process
• /pid - specify tasks to kill by Process ID
• /im - specify tasks ti kill by image name
• /f - forcefully terminate process
• /t - terminate process and any child process started by it
• dism - Deploy Image Servicing and Management, used for working with system images before
they’re deployed
• sfc - verifies and replace Windows system files (admin privilege)
• /scannow - scans and repairs
• /verifyonly - checks only, no repair
• shutdown - power off a local/remote computer (admin privilege)
• /m \\ComputerName - specify remote computer
• /s - shutdown computer
• /r - restart computer
• /h - put local computer into hibernation
• /f - forces running apps to close without user warning

Other Useful CLI Commands

• gpupdate - Group Policy update

• /target:computer - force update of another computer
• /force - force update even if Group Policy hasn’t changed
• /boot - restart computer after change
• gpresult - display Group Policy Resultant Set of Policy (RSoP) information (aka group policy
settings currently in effect for the logged in user)
• /s - the system to view the result on, name or IP address
• /r - displays summary data
• net use - display and connect to network recourses
• net user - display and change info about computer users
• username - the username you want to work with
• /add - after username creates new user
• /delete - after username deletes new user

The Windows run line utility can be opened by pressing the Win+R keys and entering cmd to
open the command line window. Some other utilities and tools you can open this way:
• EXPLORER - File Explorer/Windows Explorer
• MMC - Microsoft Management Console (specify name and add .msc for a custom console)
• MSINFO32 - System Information
• MSTSC - Remote Desktop Utility
• NOTEPAD - Notepad

Network Sharing and Mapping Drives

A domain is a group of computers and electronic devices with a common set of rules and
procedures administered as a unit. A specialized server called a domain controller manages all
security-related aspects of users and network resources, centralizing security and
administration. For example, within a domain, Lightweight Directory Access Protocol (LDAP) is
a protocol used to allow computers to access data directories that are distributed throughout the
network.

A workgroup is a collection of workstations and servers on a LAN that are designed to

communicate and exchange data with one another. Each individual workstation controls its user
accounts, security information, and access to data and resources.

Domain and workgroup are methods for organizing and managing computers on a network.

All computers on a network must be part of either a domain or a workgroup. When Windows is
first installed on a computer, it is automatically assigned to a workgroup.

All Windows computers that belong to the same workgroup can also belong to a HomeGroup.
There can only be one HomeGroup per workgroup on a network. Computers can only be a
member of one HomeGroup at a time. HomeGroups are secured with a simple password.

HomeGroup availability depends on your network location profile:

• Home network - allowed to create/join a HomeGroup
• Work network - not allowed to create/join a HomeGroup, but can view and share resources
with other computers
• Public network - HomeGroup not available

When a computer joins a HomeGroup, all user accounts on the computer, except the Guest
account, become members of the HomeGroup. Users control access to their resources.

Network file sharing and mapping network drives is a secure and convenient way to provide
easy access to network resources.

Drive mapping is done by assigning a letter (A-Z) to the resource on a remote drive and allows
you to use the remote drive as a local drive.
Network file sharing permissions:
• Read - view and navigate folders, subfolders and files and run program files
• Change - read + adding/changing/deleting stuff
• Full control - change + change NTFS partitions and take ownership of files & folders

Administrative shares, also called hidden shares, are identified with a dollar sign ($) at the end of
the share name. By default, Windows creates several hidden administrative shares. These
include the root folder of any local drives (C$), the system folder (ADMIN$), and the print driver
folder (PRINT$). Administrative shares are hidden from users and only accessible by members
of the local administrators’ group.

Sharing Local Resources With Others

Advanced Sharing Settings, located in the Network and Sharing Center, manages the sharing
options for three different network profiles; Private, Guest or Public, and All Networks.

The following can be controlled:

• Network discovery
• File and printer sharing
• Public folder sharing
• Password protected sharing
• Media streaming

To enable sharing resources between computers connected to the same workgroup, Network
Discovery and File and printer sharing must be turned on.

Microsoft’s file sharing mechanism is called Nearby Sharing (partly replaces HomeGroup). It
provides the ability to share content with a nearby device using both Wi-Fi and Bluetooth.

A printer can be directly attached to a computer. In that case, the printer is considered local, and
the PC it’s attached to is acting as the print server. Once the printer is shared, users with the
right permissions can connect to the network shared printer.

A printer can also come with integrated Wi-Fi/Bluetooth and connect directly to the network.
Once it is connected to the network, it can be mapped. Mapping a printer enables the user to
print over the network without the need for a direct connection to the printer.
Configure a Wired Network Connection

Windows 10 network settings are managed through the Network & Internet section in the
Settings App. Network card properties are configured in the Advanced tab of the adapter
properties window. The Windows Internet Protocol Version 4 (TCP/IPv4) Properties window
includes an Alternate Configuration tab which allows an administrator to configure an
alternative IP address for the PC to use if it is unable to contact a DHCP server.

The default settings for both IPv4 and IPv6 is to obtain the IP settings from a DHCP server in
the case of IPv4 and from a Stateless Automatic Address Configuration (SLAAC) in the case of
IPv6.

Windows 10 allows alternative IP address configuration in case DHCP is unaccessible and

APIPA is not desired.

The first time a computer with Windows 10 connects to a network, a network profile must be
selected. Depending on the profile selected, file and printer sharing, or network discovery can be
turned off or on, and different firewall settings can be applied.

Windows 10 has 2 network profiles:

• Public - disables file and printer sharing and network discovery on the link, the PC is hidden
from other devices
• Private - allows the user to customize the sharing options, for use on trusted networks, the PC
is discoverable by other devices

The easiest way to test for an internet connection is to open a web browser and see if the
internet is available. To troubleshoot a connection, you can use the Windows GUI or CLI.

Network CLI commands:

• ipconfig - displays basic IP configuration information, to include the IP address, subnet mask,
and default gateway for all network adapters to which TCP/IP is bound
• /all - additional network config information including DHCP, DNS, MAC address,
NetBIOS status and domain name
• /release - releases the IP address learned from DHCP, resulting in no longer having
an IP address
• /renew - forces a DHCP client to renew the IP address
• /displaydns - displays the DNS resolver cache, which contains host and domain
names recently queried
• /flushdns - clears DNS resolver cache
• ping - tests basic connectivity between devices by using ICMP echo request and reply
messages
• tracert - traces the route that packets take from your computer to a destination host
• nslookup - tests and troubleshoots DNS servers

Configure a Wireless Network Interface

There are 4 wireless network security type options:

• No authentication (Open) - data is sent unencrypted and with no authentication
• WEP - very weak security and should not be relied upon for confidentiality
• WPA2 Personal - uses the Advanced Encryption Standard (AES) cipher and a Pre-shared
Key (PSK) to encrypt communications
• WPA2 Enterprise - authentication is passed from the access point to a centralized
authentication server running Remote Authentication Dial-in User Service (RADIUS)

Remote authentication for wireless devices can be provided by a scalable authentication

architecture by using RADIUS or Terminal Controller Access Control System Plus (TACACS+).
Both technologies use a AAA server that performs the authentication on behalf of network
devices. Rather than the network devices storing and validating user credentials directly, they
pass the request to the AAA server and forward the response to the user.

Remote Access Protocols

VPN uses dedicated secure connections, routed through the internet, from the corporate private
network to the remote user. When connected to the corporate private network, users become
part of that network and have access to all services and resources as if they were physically
connected to it.

Remote-access users must install a VPN client on their computers to form a secure connection
with the corporate private network. The VPN software encrypts data before sending it over the
internet to the VPN gateway at the corporate private network.

Telnet is a command-line terminal emulation protocol and program. The Telnet daemon listens
for connections on TCP port 23. Telnet is sometimes used for troubleshooting services and for
connecting to routers and switches for entering configurations.

SSH is a secure alternative to Telnet and other file copy programs such as FTP.

Client authentication methods with SSH:

• Username/Password - The client sends credentials to the SSH host, which are then verified
against a local user database or sent to a centralized authentication server
• Kerberos - Networks which use Kerberos authentication protocol, such as Windows Active
Directory, allow for SSO
• Host-based authentication - The client requests authentication with a public key. The server
generates a challenge with this key which the client must decrypt with the matching private
key to complete the authentication
• Public key authentication - additional protection over host-based authentication. The user
must enter a passphrase to access the private key. This helps prevent the private key from
becoming compromised

Remote Desktop and Assistance

Common Problems and Causes

• OS locks up - computer overheating, OS files corrupted, power supply/RAM/motherboard/

hard drive defective, incorrect BIOS settings, unknown event, incorrect drivers
• Keyboard/mouse don’t respond - incompatible/old driver, cable damaged/disconnected,
device defective, KVM switch used and active computer not displayed
• OS will not start - hardware failed to initialize, OS files/boot sector corrupted, power supply/
RAM/motherboard/hard drive defective, incorrect drivers, Windows updates corruption
• “Invalid Boot Disk” after POST - incorrect boot order, hard drive not detected/no OS, MBR/
GPT corrupted, boot sector virus, hard drive failure
• “BOOTMGR missing” after POST - BOOTMGR missing/damaged, incorrect boot order, MBR
corrupted, hard drive failure
• Service failed to start after boot - service not enabled/set to Manual/requires another service
to be enabled
• A device didn’t start after boot - external device off, data cable not connected, disabled in
BIOS/failed, driver corrupted, has conflict with another device
• Computer restarts without displaying desktop - computer set to restart when there is a failure,
startup file corrupted
• “BCD missing” while boot, Windows update fails - download update is corrupted, update
requires a previous uninstalled update
• Computer displays Black or Blue Screen of Death (BSOD) - driver not compatible with
hardware, RAM/Power supply failing
• Computer locks up without any error messages - incorrect CPU/FSB settings, computer
overheating, update has corrupted the OS, RAM/power supply failure
• An application does not install - application installer has a virus, installation disk/file corrupted,
installer not compatible with the OS, hardware doesn’t meet minimum requirements, software
not installed
• W7 computer doesn’t run Aero - doesn’t meet the minimum requirements
• UAC doesn’t prompt the user for permission - UAC is off
• No Gadgets on desktop - Gadgets uninstalled, XML broken/corrupted/not installed
• Computer is slow and delayed - a process is using most of CPU
• “BCD missing while booting” - improperly shutting down the computer, Windows update fail
• Cannot print from Windows - print hardware and software issues with Windows settings
• Computer is slow to boot - unnecessary services and programs running at startup, virus/
malware, corrupt user profile
• “Inaccessible Boot Device” after POST - recent driver not compatible with boot controller,
BOOTMGR corrupted
• Search takes too long to find results - no/incorrect indexing
• Missing or corrupt DLL - one program using DLL was removed and took the DLL file with it,
DLL file corrupted
• A program listed in the registry is not found - uninstall incorrect, hard drive corrupted, virus
• RAID not detected during installation - proper drivers not included, RAID settings in BIOS/
UEFI incorrect
• System file corrupted - computer shut down incorrectly
• Computer boots to safe mode - it was configured to do so lol
• A file fails to open - virus, corrupted, file type not associated with any program

OS Preventive Maintenance Plan

Preventive Maintenance Plan includes the following:
• Hard drive error checking, defragmentation and backup
• Updates to OS, apps, antivirus and other protective maintenance

Preventive maintenance should take place when it causes the least amount of disruption to the
users.

Use the Windows Malicious Software Removal Tool to check a computer for malicious software.
If an infection is found, the tool removes it. This should be a standard item in your preventive
maintenance program. To ensure that these programs run each time the computer is booted,
add the program to the Startup folder of the Start Menu.

Windows update is a website located at update.microsoft.com. The site hosts software and
hardware updates for Windows 7,8 and 10. There is also a program called Microsoft Update
which keeps Microsoft Office apps patched.

A control installed in Windows allows the OS to browse the update site and select updates to
download using Background Intelligent Transfer Service (BITS) protocol.

Microsoft releases updates on the second Tuesday of each month, unofficially known as Patch
Tuesday.

A windowsupdate.log file stored in %SystemRoot% contains records of update activity.

Other types of updates are firmware and driver updates, firmware updates being less common
than driver updates.

Backup and Restore

Sometimes installing an application or hardware driver can cause instability or create

unexpected problems. Uninstalling the application or hardware driver usually corrects the
problem. If not, you can restore the computer to a time before the installation with the System
Restore utility.

Restore points contain information about the operating system, installed programs, and registry
settings. If a computer crashes or if an update causes a problem, the computer can be rolled
back to a previous configuration using a restore point. System restore does not back up personal
data files, nor does it recover personal files that have been corrupted or deleted.
Restore points should always be made before doing either of the following actions:
• OS update
• Hardware installation/upgrade
• Application installation
• Driver installation

You can use the Microsoft Backup utility to perform backups as required. Only the files that have
changed since the last backup need to be backed up.

Windows 8 and Windows 10 ship with File History which can be used to back up the files in the
Documents, Music, Pictures, Videos, and Desktop folders. Over time, File History builds a history
of your files, allowing you to go back and recover specific versions of a file.

Abbreviations and Programs

• EFS - Encrypted File System

• Windows Media Center - allows the computer to be used as a home entertainment appliance
for playing DVDs
• Task manager - provides information about all of the applications, processes, and services
that are running on the computer
• File Explorer - a file management application
• Control Panel - configure the operating system
• UAC - monitors programs on the computer and warns users when an action might present a
threat to the computer
• Credential Manager - manage passwords that are used for websites and Windows applications
• Sync Center - allows files to be edited from multiple Windows devices
• WWAN - Wireless Wide Area Network
• Network and Sharing Center - shows how your computer connects to a network
• Power Options Control Panel - allows you to change the power consumption of certain
devices or the entire computer
• Windows ReadyBoost - enables Windows to treat an external flash device, such as a USB
drive, as hard drive cache
• Device Manager - displays a list of all the devices installed in the computer, allowing you to
diagnose and resolve device problems
• Administrative Tools Control Panel Item - a collection of tools that are used to monitor and
configure Windows operation
• Computer Management Console - allows you to manage many aspects of your computer and
remote computers in one tool
• Event Viewer - allows viewing the history of application, security, and Windows system events
• Performance Monitor - allows customized performance graphs and reports to be created from
a wide range of hardware and software components
• COM - Component Object Model
• Component Services - an administrative tool used by administrators and developers to deploy,
configure, and manage COM components
• Services Console - allows you to manage all the services on your computer and remote
computers
• ODBC - Open Database Connectivity
• Data Sources - a tool used by administrators to add, remove, or manage data sources using
ODBC
• Print Management Utility - provides a detailed view of all of the printers that are available to a
computer
• Windows Memory Diagnostics - schedules a memory test that will be executed when the
computer starts
• System Information - collect and display information about local and remote computers
• System Configuration (MSCONFIG) - tool used to identify problems that keep Windows from
starting correctly
• Registry - a database that contains settings for Windows and for applications that use the
Registry
• Registry Editor - view or make changes to the Windows Registry
• Microsoft Management Console (MMC) - an application that allows the creation of custom
management consoles for collections of utilities and tools from Microsoft or other sources
• DxDiag - displays details for all DirectX components and drivers that are installed in a
computer
• RADIUS - Remote Authentication Dial-in User Service
• TACACS+ - Terminal Controller Access Control System Plus