70-698 all 15 modules 274 total questions
There are two configuration policies that can be set. One is for the entire group of users and the other is for who ever logs in to a local server. They are called Computer Configuration and User Configuration. True or False ?
False
To promote a server to a domain controller, you must go use the command line by typing in the promote domain server command. True or False ?
False
Secure boot
Secure Boot is a Security feature which when enabled only allows the operating system to start if a signed operating system loader is used utilizing a digital certificate stored in the UEFI Secure Boot DB. This prevents malicious code from loading during the startup process. Requirements include: * Computer firmware that supports UEFI v 2.3.1 and Microsoft Windows Certification Authority is in the UEFI signature database.
ReFS first available on which OS
Server 2012 and Windows 8.1
Folder Shares
Sharing files and folders with other users of your computer, or other devices on your network, is something that sounds rather complicated - but really isn't. Windows 10 incorporates some useful tools to help you get shared folders set up and running quickly and easily. There are two very different ways to set up file sharing within Windows 10: through 'Windows HomeGroups' and or through File Explorer. Which one you should use largely depends on how much control you want over what's shared. HomeGroups simply share all your files of a particular type (pictures or documents, for example), whereas the File Explorer method allows you to create a shared folder for Windows 10 through your Network and Sharing Settings. These are very different in how they're set up, so we'll take a look at them separately. Share files using File Explorer Share files and folders using Windows HomeGroups Methods to create shares are: # From File Explorer # Using a command prompt or PowerShell @command prompt: Net Share sharename=path_to_share /remark:"Share_description" @PowerhShell: * Get-SmbShare (list all existing file-shares in the machine) * Get-SmbShareaccess - view the shares and the permissions applied to it. * new-smbshare -name ShareName (creates a File share whose name is ShareName) * remove-smbshare -name ShareName (creates a File share whose name is ShareName) * grant-smbshareaccess -name NewShare2 -accountname Everyone -accessright full (change the read/write access to a Share to full access rights) * net share /help (lists all the available switches to net share in PwerShell) # From the Shared Folders snap-in * right click Start, then select "Computer Management"
Silent Installation
Silent installation means that there is no user interaction during the installation of an application. This is accomplished by utilizing the *.msi installer of the application and providing an answer file to which the application extracts its options during installation.
OneDrive
users of Windows 10 are entitled to free online storage service called OneDrive. Its easy to use and built-in to Windows 10 and requires a Microsoft account to utilize it.
What is the volume/file size limit for exFat
volume - 256 TB file size - 4 GB
Group Policy Objects - GPOs
*Configuring Remote Assistance with GPOs* Although you can configure the necessary settings for Remote Assistance manually on each computer, in an AD DS domain environment, it is easier to use GPOs to distribute the required settings. Table shown at inset shows the settings you can configure for Remote Assistance by using GPOs. To configure these settings, open Group Policy Management and locate the appropriate GPO. Open the GPO for editing and navigate to Computer Configuration > Policies > Administrative Templates > System > Remote Assistance. *Configuring Remote Desktop with GPOs* Just as with Remote Assistance, although you can configure Remote Desktop settings manually on each computer, in an AD DS domain environment, it makes sense to configure these settings with GPOs. At the Table shown in inset, contains the configurable GPO settings for Remote Desktop. To configure these settings, open Group Policy Management and locate the appropriate GPO. Open the GPO for editing and navigate to Computer Configuration > Policies > Administrative Templates > Windows Components > Remote Desktop Services.
Activation for Windows 10 is a real pain, Windows "calls home" to verify that this is a unique installation and that the key has not been used on another system before. True or False ?
False
Group Policy can only control network-wide activities through Active Directory. True or False ?
False
The Windows image is based on a Windows BAK file. True or False ?
False
Discovery Methods
1. In the SMS Administrator console, navigate to Discovery Methods. Where? Systems Management Server >Site Database (site code - site name)> Site Hierarchy > site code - site name>Site Settings>Discovery Methods 2. In the details pane, click a discovery method, select Properties on the Action menu (or right-click the discovery method and select Properties), and then select the Enable <discovery method> check box.
Windows 10 supports which file system types?
-NTFS -ReFS -exFat -FAT32 -FAT
Virtual Hard Disks - VHDs
A VHD can be thought of as a container object that bholds files, folders and volumes. The container, or VHD, is a single file with the .vhd or .vhdx file extension. You can think of a VHD file being similar in concept to a ZIP file. Analogous container types could include ISO, RAR, and WIM; they are all objects that contain files and folders inside them.
RAID-5 Requirements
-at least three disks -not possible to create software-based RAID-5 with Windows 10.
RAID-0 Requirements
-equal sized areas of unallocated space from multiple disks
NTFS characteristics
-file level compression -volume sizes up to 256 TB -max file size of 16 TB -File names and total path size limited to 255 characters -enterprise level file and folder encryption -limited self healing
What is RAID-1?
-mirrored volume using two disks and presents them to Windows 10 as a single logical volume -data on each disk is an identical copy of the other
RAID-1 requirements
-must use equal-sized areas of unallocated space from two disks -cannot modify or resize the mirrored volume.
ReFS Characteristics
-offers protection against power failures -corruption detection/automatic repairs -Reduces disk corruption through check-sums employed on metadata -Repairs ReFS volumes while still online -Long File Names and File Path, with the total path size limited to 32,768 characters. -extremely large data sets, in excess of PB
RAID-1 Benefits
-provides redundancy and fault tolerance -boost for read operations because you can read from both disks simultaneously -slightly slower for write operations.
What is RAID-5
-provides striped volumes with fault tolerance by adding parity information to each volume.
What is RAID-0
-striping -
Total path size limit for NTFS?
255
Total path size limit for ReFS?
32,768
32-Bit Version operating system
32-Bit Version of Windows 10 is indicated when hardware does not support 64 bit architecture. 32-Bit Version of Windows 10 has following limitations: * Memory - Up to 4 GB memory only. * Security - cannot avail of security features such as Data Execution privilege (DEP), and mandatory kernel mode driver signing. These features are only available in 64 bit version. * Client Hyper-V - cannot avail of virtualization feature. * Performance - Since 32 bit systems can only process a limited amount of data for each CPU clock cycle performance suffers.
what is the volume size limit of FAT16?
4 GB
64-Bit Version operating system
64-Bit Version of Windows 10 has advantages over its 32 bit version. It includes: * Memory - 64 bit version can address more physical memory. * Security - features such as mandatory kernel mode driver signing and Data Execution privilege (DEP) are only available in 64 bit version. * Client Hyper-V - virtualization feature is only available in 64 bit version. * Performance - 64 bit processors can handle more data for each CPU clock cycle and therefore benefits the 64 bit version operating system.
Microsoft Accounts
A Microsoft account provides you with an identity that you can use to sign in on multiple devices and access online services. You can also use the account to synchronize your personal settings between your Windows-based devices. If Windows 10 detects an Internet connection during setup, you are prompted to specify your Microsoft account details. However, you can link your Microsoft account to a local or AD DS domain account after setup is complete. After you connect your Microsoft account with your local account, you can: * Access personal Microsoft cloud services, including OneDrive, Outlook.com, and other personal apps. * Use the Microsoft account to access Microsoft Intune, Microsoft Office 365, and Microsoft Azure. * Download and install apps from the Microsoft Store. * Sync your settings between devices that are linked to your account. Tip: You can browse the Windows Store even if you do not sign in using a Microsoft account.
Remote Assistance
A built-in tool that provides for interaction with the remote user. By using Remote Assistance, you can view or take remote control of the user's computer and perform remote management on it. You can also use a text-based chat facility to interact with the user.
Remote Desktop
A built-in tool that you can use to access a computer remotely using Remote Desktop Protocol (RDP). In the past, users often accessed their computers from other locations by using Remote Desktop. Security concerns and the adoption of mobile devices have made this less a common use of this tool. However, you can also use Remote Desktop to manage a remote computer. It does not provide for user interaction and requires the user of the computer to sign out before you can access the computer remotely.
Software License Manager, SLR
A command line tool used to manage Windows Software and licenses. At the Windows command prompt, type in slmgr. Type in /? switch to get context sensitive help. A command line tool used to manage Windows Software and licenses. At the Windows command prompt, type in slmgr. Type in /? switch to get context sensitive help. slmgr switches include: /ipk - install product key XXXXX-XXXXX-XXXXX-XXXXX /upk - update product key /ato - Activate Windows /dli - display license information /div - display detailed license information /xpr - expiration date for current license state /sri - assists in the renewal of a license /rearm - resets the grace period to another 30 days (only allowed 3 resets before OS needs to be activated else re-installed)
File and Print sharing
A feature introduced to the Windows operating system allowing users to share files and printers among machines.
Event Viewer Logs
A key built-in security tool in all Windows operating systems are event logs, which are accessed in the Windows Event Viewer and provide information regarding system events that occur. Event logs are generated as a background activity by the Event Log service and can include information, warning, and error messages about Windows components and installed applications and actions carried out on the system. Insert figure shows Event Viewer Overview and Summary. There are two types of log files. * Windows logs - Include Application, Security, Setup, System, and Forwarded Events * Applications and services logs - Include other logs from applications and services to record application-specific or service-specific events
Product Key
A product Key is a 25 character code that can be used to activate a Windows 10 installation. however, not all Windows 10 installations require the use of the product key to activate relying on a digital entitlement instead. The product key is used for activation when: *The Windows 10 is purchased from a retail store or authorized reseller. *The Organization has a Microsoft volume licensing agreement for Windows 10. *You purchased a new device in which Windows 10 is pre-installed.
Subnets
A subnet is a network segment. One or more routers separate a subnet from other subnets. In the Internet, each subnet must have a unique ID. The 32 bit subnet mask defines which portion of the IPv4 address is the Network ID and the Host ID in which that host resides.
Workgroup
A workgroup is a small collection of computer devices that can share resources. Unlike a HomeGroup, which is discussed in Chapter 6, "Configure networking," setup and sharing resources in a workgroup requires significant manual intervention. Unlike a domain, there is no centralization of user accounts and related security policies and settings. A workgroup is sometimes described as a peer-to-peer network, in which each device has its own set of user and group accounts, its own security policy, and its own resources that can be shared with others. To establish a workgroup, you must define the workgroup name. You do this on each computer that will be part of the workgroup. Use the following procedure to define the workgroup. 1. Open Control Panel. 2. Click System And Security and then click System. 3. Click Change Settings, as shown in inset Figure. 4. In the System Properties dialog box, on the Computer Name tab, click Change. 5. In the Computer Name/Domain Changes dialog box, in the Workgroup box, as shown in inset Figure, type the name of the new workgroup and click OK twice. Restart your computer. After you have defined the workgroup name, configure all other devices to use the same workgroup name; this makes browsing for network resources easier for users. Next, set up user accounts on each computer. This is necessary because there is no centralization of user accounts in a workgroup. When a user maps a network drive to a folder that you have shared on your computer, they must provide credentials to connect to the resource; these credentials are held on the sharing computer. Note: Your computer can only belong to one workgroup. Your computer can also only belong to a workgroup or a domain, not both.
Biometrics
After a user has completed the registration process, Microsoft Passport generates a new public-private key pair on the device known as a protector key. If installed in the device, the Trusted Platform Module (TPM) generates and stores this protector key; if the device does not have a TPM,Windows encrypts the protector key and stores it on the file system. Microsoft Passport also generates an administrative key that is used to reset credentials if necessary. The user now has a PIN gesture defined on the device and an associated protector key for that PIN gesture. *The user can now securely sign in to their device using the PIN and then add support for a biometric gesture as an alternative for the PIN*. The gesture could be facial recognition, iris scanning, or fingerprint recognition, depending on available hardware in the device. When a user adds a biometric gesture, it follows the same basic sequence as mentioned earlier. The user authenticates to the system by using the PIN and then registers the new biometric. Windows generates a unique key pair and stores it securely. The user can then sign in using the PIN or a biometric gesture.
Credential security
After you have configured sign-in options, it is important to understand how user credentials are stored and protected. Users must sign in not only to Windows 10 but to websites and online services, most of which do not use the user's Windows 10 credentials. To help users access these websites and services, Windows stores the credentials and provides two features to help protect users' credentials: * Configure Credential Manager * Configure Credential Guard
Malware
Allowing users to access USB flash drives in an unrestricted way can become a path for malware such as viruses finding its way to office computers. IT departments can issue flash drives and then controlling the removable devices using Group Policy so that only these devices can be used in Enterprise computers. Two GPO settings that are useful to retrict access to removable devices are: * Prevent installation of Removable Devices. * Allow Installation of Devices that Match Any of These IDs.
Microsoft Deployment Toolkit
Also known as as MDT is an alternative method to Group Policy Objects (GPOs) to deploy applications in an Enterprise environment. MDT uses Light-Touch Technology (LTI) to deploy Windows 10 and associated applications.
Subnet Mask
An IPv4 address also consists of a subnet mask (also a 32 bit binary string) and is used to indicate with portion of the address is a Network ID and te unique host ID.
IPv6
An IPv6 address is a 128 bit addressing scheme and expressed in a hexadecimal notation. The following is an example of a IPv6 address: 2001:CD8:1F2D:2BB:FF:EF82:1C3B IPv6 uses the following address types: * Unicast addresses - packets are delivered to a single interface. * Multicast addresses - packets are delivered to multiple interfaces. * Anycast addresses - Packet are delivered to multiple interfaces that are closest in routing distance. Unlike IPv4, IPv6 does not broadcast messages. Instead, unicast and anycast addresses in IPv6 can have the following scopes: * link-local - IPv6 hosts on the same subnet. * Site-local - IPv6 hosts in the same organization also known as provate site addressing. * Global - IPv6 Internet addresses Note: Unicast site-local addresses are similar to IPv4 private IPv4 addresses and have the FECO::/64 prefix. Unicast link-local addresses are similar to IPv4 APIPA addresses and have the FE80::/64 prefix.
Desktop apps
Applications that run on traditional Computer hardware such as a Desktop PC or Laptop PC.
Event Viewer
As you can see the status column in the Services snap-in shows whether a service is running. If a service is shown as not running, and you feel that it should be running, you can investigate further by using tools such as Event Viewer. You can see service startup information in the System log. Look for Service Control Manager source events, as shown in inset Figure.
Windows PowerShell to create Local Accounts
Before you can manage local user accounts, you must install the Windows PowerShell local account module. You can do this by running the following cmdlet from an elevated Windows PowerShell command. Find-Module localaccount | Install-Module You can then use the following cmdlets to manage local user accounts. - *Get-LocalUser* - *New-LocalUser* - *Remove-LocalUser* - *Rename-LocalUser* - *Disable-LocalUser* - *Enable-LocalUser* For example, to add a new local user account called Sales 02 with a password that expires in one month, run the following cmdlet. New-LocalUser -Name "Sales02" -Description "Sales User account" -PasswordExpires (Get-Date).AddMonths(1) Tip: To review further details about using Windows PowerShell to manage local accounts,refer to the Microsoft TechNet website at: https://technet.microsoft.com/library/mt651682.aspx
User Accounts
Before you can sign in to your Windows 10-based computer, you must create a user account. Windows 10 supports the ability for you to sign in using local accounts, Active Directory Domain Services (AD DS) domain accounts, and Microsoft accounts. After you are signed in, it is important to ensure that your user account operates as a standard user account and is only elevated to an administrative level when needed. User Account Control (UAC) can help you control administrative privilege elevation in Windows 10.
What are the different PowerShell cmdlets to view and configure Network Settings?
Below are IPv4 related PowerShell cmdlets: Get-NetIPAddress - displays information about the IP address configuration Get-NetIPv4Protocol - Displays information about IPv4 protocl information Set-NetIPAddress - Changes the IP address configuration Set-NetUPv4Protocol - Changes the IPv4 protocol configuration
BitLocker
Bitlocker is a Security feature that utilizes the Trusted Platform Module to help protect against data theft and offline tampering by using whole disk encryption. Requirements to use Bitlocker include: * A computer installed with either Windows 10 Pro or Windows Enterprise. * Using a TPM with Bitlocker enables Window to verify startup compnent integrity. Minimum requirement is TPM 1.2.
System Properties
Both Remote Assistance and Remote Desktop can be enabled through the *System Properties* dialog box, as shown in Figure at inset. To access these settings, from the Settings app: 1. Click System and then click About. 2. In the details pane, under Related Settings, click System Info. 3. In the System Properties dialog box, click the Remote tab. *Enabling Remote Assistance* To enable Remote Assistance, on the Remote tab of the System Properties dialog box, select the Allow Remote Assistance Connections To This Computer check box. Then, optionally, click Advanced. You can then configure the following additional settings. *Allow This Computer To Be Controlled Remotely* - This setting enables you to determine whether the person providing remote support can take remote control of the computer or only view the computer desktop. This setting is enabled by default when Remote Assistance is enabled. *Set The Maximum Amount Of Time Invitations Can Remain* - Open One way of initiating a Remote Assistance session is for the user to invite the support person to connect. This setting defines the validity period of the invitations. The default is 6 hours. *Create Invitations That Can Only Be Used From Computers Running Windows Vista Or Later* - Windows Vista and later versions of Windows use a superior method of encrypting Remote Assistance network traffic. It is advised to select this option if you are using Windows Vista and later on all support computers.
Update apps
By default Windows 10 checks for application updates daily for any updates that are available. Windows 10 can be configured to disable automatic updates in which case updates must be done manually.
Disable-PnpDevice
Disable-PnpDevice is a Powershell cmdlet command that disables a PnP device.
Client Hyper-V
Client Hyper-V enables the user to create, manage, and run virtual machines that you can install with different guest operating system. The host computer has to support SLAT. Also, additional memory is needed for the guest operating system (minimum of 2 GB additional memory is recommended).
Configuration Manager
Configuration Manager Is a method of deploying Applications in a large and complex organization with diverse Operating Systems and application deployment requirements. It provides a targeted deployment of applications to certain groups of users of computers. Configuration Manager also provides ability to schedule application deployment.
Cortana
Cortana is a voice activated digital assistant to control Windows 10, and perform tasks such as writing email, setting reminders, and performing web searches. Because it is voice activated, Windows 10 requires a microphone.
Cortana
Cortana is a voice-activated digital assistant in Windows 10 that can help you manage your computer and its content. Cortana is enabled by default when you sign in to Windwos 10. With this application, you can speak or type into the Windows 10 system, and your personnel assistant, Cortana, will try to find answers to any queries that you may have. Cortana is a powerful search and help utility. If your system has a microphone, then you can ask Cortana questions and Cortana will help find you an answer. If you don't have a microphone, then you can type in your questions and Cortana will try to help find you an answer.
Deployment Image Servicing and Management - DISM.exe
DISM is a command-line tool that can be used to service a Windows® image or to prepare a Windows Preinstallation Environment (Windows PE) image. DISM can be used to service a Windows image (.wim) or a virtual hard disk (.vhd or .vhdx). DISM replaces the ImageX tool which was deprecated in Windows 8. DISM also replaces Package Manager (Pkgmgr.exe), PEimg, and Intlcfg that were included in previous deployment toolkits. DISM also adds new functionality to improve the experience for offline servicing.
Data Collection and Preview Builds
Data Collection And Preview Builds is an option of Group Policy To Configure Windows Update. The Data Collection And Preview Builds node contains four settings. These are: 1. *Toggle User Control Over Insider Builds* - This policy setting determines whether users can access the Insider build controls in Advanced Options for Windows Update. If you enable or do not configure this policy setting, users can download and install Windows preview software on their devices. If you disable this policy setting, Get Insider Builds will not be available 2. *Allow Telemetry* - This policy setting determines the amount of diagnostic and usage data related to Microsoft software that is reported to Microsoft. The policy offers four choices. Choices are: > *Security* - No telemetry data is reported to Microsoft except security data such as Windows Defender data > *Basic* - Reports a limited amount of diagnostic and usage data. > *Enhanced* - Sends enhanced diagnostic and usage data. > *Full* - Sends the same data as the Basic setting plus additional diagnostics data, such as the system state at the time of a system halt or crash, and the files and content that might have caused the problem. 3. *Disable Pre-release Features Or Settings* - Use this policy setting to configure the level to which Microsoft can experiment with Windows 10 to study your preferences or device behavior. There are two settings: > *Device Setting Only* - Permits Microsoft to configure device settings only > *Full Experimentations* - Enables Microsoft to conduct full experimentations and study user preferences 4. *Do Not Show Feedback Notifications* - This policy setting enables an organization to prevent its devices from showing feedback questions from Microsoft through the Windows Feedback app.
BitLocker to Go
Data stored on USB flash drives are inherently insecure and should be protected. This can be acheived by using Bitlocker Encryption. The most appropriate method is Bitlocker To Go because users understand it easily and it can be managed using Group Policy.
Enable-PnpDevice
Enable-PnpDevice is a Powershell cmdlet command that enables a PnP device.
Tablet mode
Enables you to switch tablet and desktop modes.
Delivery Optimization
Delivery Optimization is an option of Group Policy To Configure Windows Update. The Delivery Optimization node contains the following five settings. *Download Mode* Use this setting to configure the use of Windows Update Delivery Optimization in downloads of Windows apps and updates. These settings offer slightly more granularity in the Settings app, allowing the device to receive updates from more than one place. There are four options, as - *None* - Disable the feature - *Group* - Peers on same NAT only - *LAN* - Local Network/Private Peering (PCs in the same domain by default) - *Internet* - Internet Peering only *Group ID* Set this policy to specify an arbitrary group ID to which the device belongs by using a globally unique identifier (GUID) as the group ID. This segments the devices when using the Group option in the Download Mode setting. *Max Cache Age* Use this to define the maximum time the Delivery Optimization cache can hold each file. *Max Cache Size* This option limits the maximum cache size Delivery Optimization can use as a percentage of the internal disk size. *Max Upload Bandwidth* This policy defines a limit for the upload bandwidth that a device uses for all concurrent upload activity by Delivery Optimization (kilobytes per second). Hint: *Review the new GPOs that relate to the new Windows Update functionality found in Windows 10.*
Windows Firewall
Depending on the remote management tool you have decided to use, it is almost certain that you must configure the target computer (the one you wish to manage) and possibly the local management computer (the one you are using) to enable the selected remote management tool. For example, it is common to have to enable the appropriate feature through *Windows Firewall* to allow for management of a remote Windows 10-based device. Configuring Windows Firewall to enable remote management: To enable remote management through Windows Firewall on a target computer, open Control Panel and complete the following procedure. 1. In Control Panel, click System And Security and then click Windows Firewall. 2. In Windows Firewall, click Allow An App Of Feature Through Windows Firewall. 3. In Allowed Applications, click Change Settings. 4. In the Allowed Apps And Features list, scroll down and select the appropriate management feature. For example, select Remote Assistance. This enables the selected management feature on the Private network location profile. If you also wish to allow the remote management feature on Public networks, select the Public check box.
Device Manager
Devices are hardware components, either built in to your device or connected as a peripheral device. The operating system interacts with devices by using device drivers, specialist pieces of software generally developed by the hardware vendor. You can manage devices and the associated drivers by using the Device Manager management console snap-in. You can access Device Manager from the Computer Management tool or by right-clicking Start and then clicking Device Manager, as shown in inset Figure. If there is a problem with a device, it is shown with an exclamation mark in Device Manager. You can then manage the device by right-clicking it and then choosing: - *Update Driver Software* - Use this to update the driver software for your device. You canchoose to use a device driver that you have obtained and stored locally or have Windows try to detect and download the latest driver. - *Disable* - You can stop the device from running. This option leaves the device configured in Windows for possible later use. - *Uninstall* - This option enables you to remove the device and its driver from Windows. When you restart, Windows might detect the device and install the default driver for it. - *Scan For Hardware Changes* - Windows normally detects changes in hardware and might reconfigure devices to accommodate such changes. For example, adding additional hardware might force Windows to reconfigure existing devices. If you suspect Windows has not properly adapted to a change in hardware, you can force it to scan for hardware changes. - *Properties* - You can configure advanced options by using the Properties option for a device. Table below describes the configurable options.
DirectAccess
DirectAccess enables a user to connect a Windows 10 enabled device to connect securely to an Organization's workplace without creating a VPN. Connections established with Direct Access are automatic and not user initiated. DirecAccess consists of the following components: * DirectAccess Server * DirectAccess Clients * Network Location Server * Internal Resources * AD DS * Group Policy * Public Key Infrastructure (PKI) * DNS Server
DiskPart
DiskPart is a built-in command line tool that offers you all the functionality of Disk Management plus some advanced features that can also be scripted into *.bat files to automate disk-related tasks. One limitation of DiskPart is that it only runs locally.
Verifier.exe - Driver Verification Manager
Driver Verification Manager can help you troubleshoot, identify, and resolve common device driver problems , and you can then remove, reinstall, or roll back the offending driver with Device Manager. Driver Verification Manager tests each specified driver at startup and then enables you to perform live test of each loaded driver by a range of tests. If it detects a problem, the tool can identify the driver and an option to disable it. For information on how to run the series of driver tests, see page 78 - 79, Installing and Configuring Windows 10, Exam Ref 70-698 by Andrew Bettany, Andrew Warren Microsoft Press 2016 ISBN: 978-1-5093-0295-6
Driver Verifier Manager
Driver Verifier Manager is used to pinpoint, troubleshoot, identify, and resolve common device driver problems, and you can then remove, reinstall, or roll back the offending driver with Device Manager.
Driver rollback
Driver rollback is a Device Manager functionality that is used to roll back an updated driver if the driver is causing the system to be unstable. Perform the following tasks shown in figure to perform a driver rollback:
mirrored, spanned, or striped volumes are available only on which disk type?
Dynamic disk
Deferring Upgrades
Enterprise editions of Windows 10 (Windows 10 Pro, Windows 10 Enterprise, and Windows 10 Education) enable you to defer upgrades to your computer. Windows 10 does not download or install new Windows 10 features immediately when they are available; they can be delayed for several months. Note: Deferring upgrades will not defer security updates
Log file
Event logs is a key built-in security tool in all Windows Operating systems, which are accessed in the Windows Event Viewer and provide information regarding system events that occur. Event logs are generated as a background activity by the event Log service and can include information, warning, and error messages about Windows components and installed applications and actions carried out on the system. There are two types of log files: * Windows logs * Applications and service logs For more information, see page 350 - 351, Installing and Configuring Windows 10, Exam Ref 70-698 by Andrew Bettany, Andrew Warren Microsoft Press 2016 ISBN: 978-1-5093-0295-6
System Resources
Every computer system has a performance threshold that, if pushed beyond this level, will cause the system to struggle to perform optimally. If you overload the system, it eventually slows down as it attempts to service each demand with the available resources. Most systems include a capable processor and sufficient amount of RAM for everyday or general needs. Memory is automatically reclaimed from apps that are closed. However, when apps or web browser tabs are left open, and more apps are then opened, the overall ability for the system to perform is degraded. - To Understand baseline performance vs. real-time monitoring refer to page 368 of @book - To create a performance baseline refer to page 368 of @book Note: @ - Installing and Configuring Windows 10, Exam Ref 70-698 by Andrew Bettany, Andrew Warren Microsoft Press 2016 ISBN: 978-1-5093-0295-6
What is FAT also referred to?
FAT16
Windows Fast startup
Fast Startup is a Windows feature that enables Windows 10 to startup more quickly. The operating System acheives this by combining some of the features of Windows 10 hibernation with standard shutdown features. A hybrid of hiberation/ shutdown with elements of important system files and drivers of Hiberfil.sys file is used to initiate the computer more quickly during startup. Note: To control Windows startup properly, it might be necessary to access the computer's UEFI firmware settings.
Fetch Files
Fetch Files is another unique feature in the OneDrive desktop app which has the ability to retrieve any file remotely from the computer with the app installed, from any web browser.
File Explorer
File Explorer is a second method in Windows to create a share. The other methods are: * Shared Folder snap-in * Command prompt * Windows PowerShell cmdlets File Explorer is the most common tool used to manage fiels and folders. It is located at the taskbar and Start screen. Typical functions of file explorer inlcude: * Creating new files and folders * viewing and accessing files and folders. * Searching for files and information contained in files. * Managing properties of files and folders. * Previewing contents or thumbnails of files and folders.
File History
File History was introduced in Windows 8; the current version has an enhanced user interface and new improvements and is the recommended backup solution that Windows 10 offers. To turn on File History for the first time, follow these steps. 1. Open Settings, click Update & Security, and select Backup. 2. Click the Plus (+) icon labeled Add A Drive. File History searches for available drives. 3. In the Select A Drive dialog box, select the external or local hard drive that you want to use for File History. 4. On the Back Up Using File History page, verify that the Automatically Back Up My Files toggle is On. When it's enabled, File History saves copies of your files for the first time. This is a background operation, and you can continue to work normally while it completes. File History saves the files from your user profile and all the folders located in your libraries, including data synced to your device from your OneDrive. You can modify what is saved by including or excluding folders.
Long-Term Servicing Branch
For some organizations, the concept of a continually changing and upgrading operating system would be a reason for not installing Windows 10. Microsoft has therefore created a specialized edition of Windows 10 Enterprise that only enterprise customers can obtain and install. This special branch of Windows 10 is referred to as the *Long-Term Servicing Branch (LTSB)*, and it is aimed at businesses that have computers that need to run in a known (and fixed) environment that does not change. Microsoft envisages that the maximum period an organization will use a particular build of LTSB is five years, but it will provide long-term support for 10 years. There are key differences in the feature set between this edition and other Windows 10 editions. The following features and apps are not included in the LTSB: /Microsoft Edge web browser/ __Windows Store Client__ __Cortana_ __ __Microsoft Outlook Mail/Calendar, Microsoft OneNote, and Weather Windows universal apps__ - These apps or services are likely be frequently updated with new functionality, so their support cannot be maintained on PCs running the LTSB. The LTSB receives security and other updates as they are released, but there will be no upgrades. It is recommended that each build version of LTSB have a normal life expectancy of five years. Certain industries that use a base operating system to host line-of-business (LOB) or critical applications are likely to consider deploying LTSB. These scenarios include: *Factory production, factory floor machinery.* *Manufacturing control systems.* *Hospital emergency room computers.* *Retail point-of-sale (POS) systems.* *Automated teller machines (ATM).* *Pharmaceutical firms* that might have regulatory requirements for PCs used for the development of their products. *Kiosk devices.*
Get-PnpDevice
Get-PnpDevice is a Powershell cmdlet command that displays information about a PnP device.
Get-PnpDeviceProperty
Get-PnpDeviceProperty is a Powershell cmdlet command that displays detailed properties for a PNP device.
Group Policy Objects
Group Policy Objects is a collection of settings that, when applied, determine how a system functions. To apply the GPO to specific computers, users, or even for everyone in the domain, you associate the policy with Active Directory containers such as sites, domains, or organizational units. There are more than 3,000 policies, and new GPOs are added regularly as new features and functionality are added to the Windows client and server operating system.
Group Policy
Group Policy provides a proven mechanism to create rules so that management of user's computers and other objects such as printers stored in Active Directory is possible. Group Polcy applies configuration settings that the organization declares are mandatory. These are pushed out to targeted groups of userts accounts or computers. Group Policy in an Active Directory environment is typically managed using Group Policy management Console (GPMC) to create and manage policy settings. Inset image shows the Group Policy Management Editor. Settings that apply to users and computers are stored in Group Policy Objects (GPOs). By using Group Policy, you can deploy settings on a per computer, or per use basis depending on which setting is configured and which objects the GPO is assigned to.
Group Policy
Group Policy provides you with a proven mechanism to create rules so that you can manage users' computers and other objects such as printers stored in Active Directory. Typically, Group Policy applies configuration settings that the organization declares are mandatory. These are pushed out to targeted groups of user accounts or computers. Standard users cannot modify a managed setting. Group Policy in an Active Directory environment is typically managed using the Group Policy Management Console (GPMC) to create and manage policy settings.
HomeGroup
Homegroup enables a Windows 7, 8, 8.1, and 10 user to join computers quickly and easily create a simple file-and-resource sharing network, share other resources such as printers and peripherals, and to share VPN access called DirectAccess (at workplace) either in a home or workplace setting.
Hyper-V Manager
Hyper-V Manager is one of the methods to create a virtual hard disk. The other two are Disk Management and Windows PowerShell. DiskPart command-line tool can also be used but this is becoming depracated. Hyper-V can be added to Windows 10 if it is running Windows 10 Pro or Enterprise Edition and has hardware that supports virtualization.
IPv4
IPv4 is a 32 bit binary address which is divided into four octets each of which is converted into a decimal number. Each decimal number component of the IPv4 address is separated by a dot (.) . An IPv4 address also consists of a subnet mask (also a 32 bit binary string) and is used to indicate with portion of the address is a Network ID and te unique host ID.
System Configuration tool
If you are experiencing problems with starting your Windows 10 device, and you suspect a service might be the cause of the problem, you can control which services start when you start your computer by using Safe Mode. This reduces the set of services that start to the minimum required to run Windows. You can force your computer into Safe Mode during startup or use the System Configuration tool, Msconfig.exe, as shown in Figure below. To access the System Configuration tool, run msconfig.exe. You can then configure your computer's startup behavior. Configurable options are described in Table below.
Performance Baseline
If you intend to ship a device to a user who will use the device extensively for system-intensive tasks, such as video editing or computer-aided design, it might be useful to create a *performance baseline* for the device so that you can establish how the system performs normally and when under heavy load. This will be useful to confirm that the device specification is suitable for the user, but also if the user reports performance issues, you can run another performance baseline and compare the two baselines to evaluate whether the system environment has changed, for example, if the user regularly multitasks with additional new apps on the system that use additional memory. In this scenario, when an issue or symptom occurs, you can compare your baseline statistics to your real-time statistic and identify differences between the two instances. When you can diagnose the issue, you can recommend a solution, such as to add more memory.
Create VHDs by using Windows PowerShell
If you need to create complicated VHDs, such as differentiating disks, or if you need to crate 20 VHDs for a team of developers to work with, it would be easier and quicker to build utilizing Windows PowerShell scripts to do so. More than 50 cmdlets are available in Windows 10 that enable you to manage virtual and physical disks. This will expand as new functionality is added. Table below outlines some of the common Windows PowerShell cmdlets that enable you to manage disks natively. After a VHD has been created, it is managed in the same way as a physical disk.
app startup behavior
In addition to using Fast Start-up feature, you can also improve system startup by controlling the apps startup behavior. This is done at the Task Manager | Start-up tab. Each listed application is given a Start-up Impact rating of either: None, Low, Medium, or High. If an App's impact is too high , you can right-click the app then select Disable. This prevents the app from running at startup.
Picture passwords
In addition to using PINs and biometric gestures to sign in, users can also choose to use a picture password. This is configured in the Settings app. As shown in inset Figure, select Accounts and then select the Sign-In Options tab. To set up picture passwords, complete the following procedure. 1. On the Sign-in Options tab, under Picture Password, click Add. You are prompted to verify your account information. 2. Reenter your account password. 3. You are provided with an initial picture. If you want, click Select Picture to choose another. 4. Draw three gestures directly on your screen. Remember that the size, position, and direction of the gestures are stored as part of the picture password. 5. You are prompted to repeat your gestures. If your repeated gestures match, click Finish. Note: If you do not see the Picture Password heading, your display is not touch-enabled. Picture passwords are associated with an image and a touch gesture on the screen.
User Account Control
In earlier versions of Windows, it was necessary to sign in using an administrative account to perform administrative tasks. This often led to users signing in with administrative accounts at all times, even when performing standard user tasks, such as running apps or browsing Internet websites. However, being signed in with administrative privilege at all times poses a security risk because it provides for the possibility of malicious software exploiting administrative access to files and other resources. Windows 10 provides UAC to help mitigate this threat. When you sign in using an administrative account, UAC inhibits the account's access to that of a standard user, only elevating the account's privileges to administrative level when required, and only after prompting the user for permissions to do so. In addition, if a user signs in with a standard user account and attempts to perform a task requiring administrative privileges, UAC can prompt the user for administrative credentials. Standard users can perform the following tasks without requiring elevation: * Change their user account passwords. * Configure accessibility options. * Configure power options. * Install updates by using Windows Update. * Install device drivers included in the operating system or by using Windows Update. * View Windows 10 settings. * Pair Bluetooth devices. * Establish network connections, reset network adapters, and perform network diagnostics and repair. However, the following tasks require elevation: * Install or remove apps. * Install a device driver not included in Windows or Windows Update. * Modify UAC settings. * Open Windows Firewall in Control Panel. * Add or remove user accounts. * Restore system backups. * Configure Windows Update settings.
AD DS Domain Settings
In most organizations, using an AD DS domain environment provides the best management experience. In a domain environment, you can centralize administration, security, and application policies and provide a more managed approach to sharing and accessing resources. To join a computer to an AD DS domain, use the following procedure. 1. Open Control Panel. 2. Click System And Security. 3. Click System. 4. Click Change Settings. 5. In the System Properties dialog box, on the Computer Name tab, click Change. 6. In the Computer Name/Domain Changes dialog box, under Member Of, in the Domain box, type the domain name and click OK. 7. In the Windows Security dialog box shown in inset Figure, enter the credentials of a domain account that has the required permission to join computers to the domain. Typically, this is a domain administrator account. 8. Click OK. The computer attempts to connect to the domain, create an object for the computer in the AD DS domain, and then update the local computer's configuration to reflect these changes. 9. When prompted, click OK twice. 10. Click Close and restart your computer. You can now sign in using domain user accounts. After you have added your computer to the domain, it becomes a managed device and is affected by domain GPO settings and security policies. To use the preceding procedure to add a computer to a domain, the computer you are adding must be online and must be able to communicate with a domain controller. It is possible to add a computer to a domain if the computer you want to add is offline; this process is known as offline domain join. Offline domain join is useful when you are adding computers to a domain from a regional data center that has limited connectivity to the main data center where domain controllers reside. To add a computer to a domain by using the offline domain join procedure, use the Djoin.exe command-line tool. Note: Need More Review? Offline Domain Join (Djoin.exe) Step-by-Step Guide To review further details about using offline domain join, refer to the Microsoft TechNet website at https://technet.microsoft.com/library/offline-domain-join-djoin-step-by-step(v=ws.10).aspx
IPsec
Internet Protocol Security (IPsec) is a network protocol suite that authenticates and encrypts the packets of data sent over a network. IPsec includes protocols for establishing mutual authentication between agents at the beginning of the session and negotiation of cryptographic keys for use during the session. IPsec can protect data flows between a pair of hosts (host-to-host), between a pair of security gateways (network-to-network), or between a security gateway and a host (network-to-host).[1] Internet Protocol security (IPsec) uses cryptographic security services to protect communications over Internet Protocol (IP) networks. IPsec supports network-level peer authentication, data-origin authentication, data integrity, data confidentiality (encryption), and replay protection. IPsec is an end-to-end security scheme operating in the Internet Layer of the Internet Protocol Suite, while some other Internet security systems in widespread use, such as Transport Layer Security (TLS) and Secure Shell (SSH), operate in the upper layers at the Transport Layer (TLS) and the Application layer (SSH). Hence, only IPsec protects all application traffic over an IP network. IPsec can automatically secure applications at the IP layer. Connection Security rules are based on IPSec and help to ensure confidentiality, integrity, and authenticity of data in transit on your network. Connection security rules force between two configured computers before communication are established and data are transmitted. You can configure the following types of Connection Security rules: * Isolation rules * Authenication exemption rules * Server-to-Server rules * Tunnel rules * Custom rules
User Account Control - UAC
Introduced to Windows environment since Vista, it prompts the user for permission and for administrative password to elevate the user's rights to administrator mode to perform certain tasks in the Operating System.
Hyper-V
Is Microsoft's Virtualization technology product that can be used from the client operating system. Hyper-V can be used natively on all on all versions of Windows 10.
Device Manager
Is a Control panel application used by advanced users for managing and troubleshooting hardware device issues. Device Manager provides information about each device, such as device type, device status, manufacturer, device-specific properties, and device-driver information. Ways to load Device Manager are: * Right click Start button and select Device Manager. * Typing 'Device Manager' into Search * Open Control Panel, and select 'Hardware and Sound', and then selecting Device Manager. Device Manager default view is shown below:
Sigverif.exe
Is a command-line tool used to check whether any drivers have been installed on the computer that have not been signed. This utility is used to address issues with drivers that seem to relate to malware or missing drivers. The Sigverif tool is useful if you need to locate an unsigned driver. There is a more powerful driver verification tool built into Windwos 10 called the Driver Verifier Manager. For more information, see page 77 - 78, Installing and Configuring Windows 10, Exam Ref 70-698 by Andrew Bettany, Andrew Warren Microsoft Press 2016 ISBN: 978-1-5093-0295-6
Zero-touch installation
Is a method of deploying application utilizing Microsoft Deployment Toolkit (MDT) in conjunction with Configuration Manager in deploying Windows 10 and associated applications.
provisioning packages
Is a method of deploying applications to a large target of machines using packaging and deployment tools.
sideload apps
Is a way to make applications available to users without the use of Store Apps. Side loading is a technique by which the app is installed without the requiring access to the Windows Store. When an application is side-loaded, it must have the *.appx installer file for the application.
Show Hidden Devices
Is an Advanced View type item in Device Manager. This is an item that a standard user do not normally use. In previous versions of Windows, printers and non-Plug and Play (PnP) devices could be marked by the device manufacturer as a NoDisplayClass type of device, which prevents it from being displayed in the Device Manager. Devices that have been removed from the computer but whose registry entries are still present can also be found in the hidden devices list. For more information, see page 80, Installing and Configuring Windows 10, Exam Ref 70-698 by Andrew Bettany, Andrew Warren Microsoft Press 2016 ISBN: 978-1-5093-0295-6
Devices by Connection
Is an Advanced View type item in Device Manager. This is an item that a standard user do not normally use. Use this option to view devices based on hardware connections, such as physical or virtual. For more information, see page 80, Installing and Configuring Windows 10, Exam Ref 70-698 by Andrew Bettany, Andrew Warren Microsoft Press 2016 ISBN: 978-1-5093-0295-6
Resources by Type
Is an Advanced View type item in Device Manager. This is an item that a standard user do not normally use. Use this option to view resources organized by how they connect to system resources, including Direct Memory Access (DMA), Input/output (IO), Interrupt request (IRQ), and Memory. Unless your BIOS allows you to declare that you are not using a Plug and Play-compliant operating system, you will not be able to modify these settings. For more information, see page 80, Installing and Configuring Windows 10, Exam Ref 70-698 by Andrew Bettany, Andrew Warren Microsoft Press 2016 ISBN: 978-1-5093-0295-6
HomeGroup
It is a simple way of sharing data such as documents, pictures, videos, media and other file resources such as backup devices and printers in one place in a small home network or small business setup where Active Directory Domain Services (AD DS) is not used. Computers running Windows 7 or newer can connect to HomeGroups. Although HomeGroups are created automatically by using 'Create a HomeGroup Wizard', they are password protected by a system-generated password. By protecting access to this password, a HomeGroup owner has control over who can connect to their HomeGroup. Homegroup has been around since Windows 7.
Device Security
It is important that when users attempt to connect their devices to your organization's network, you can determine that those devices are secure and conform to organizational policies regarding security settings and features. Microsoft provides two features in Windows 10 that can help you meet the goal of allowing only secured devices to connect to your organization's network. These features are: - *Device Guard* and - *Device health attestation*
Device Health Attestation
It is important to consider the question, "What is device health?" before looking at how Windows 10 helps to ensure that only healthy devices can connect to corporate network resources. Generally, a Windows 10 device might be considered healthy if it is configured with appropriate security features and settings. For example, a Windows 10-based device might have the latest antivirus patterns and antimalware signatures installed, be up to date with important Windows updates, and have Device Guard and Credential Guard enabled and configured. Windows 10 Enterprise includes the Device Health Attestation feature, which can help you determine the health of devices connecting to your corporate network. The requirements for Device Health Attestation are the same as for Device Guard with the exception that TPM 2.0 is required. However, you also require a cloud-based service such as Microsoft Intune to enable the necessary MDM features and device policies to enforce health attestation on your users' devices. After determining what constitutes a healthy device, you must next consider how to evaluate device health and what to do when devices fail health evaluation. Windows 10 contains features that enable device health determination during startup, and Device Health Attestation to be stored in the device's TPM. The process is as follows: 1. Hardware startup components are measured. 2. Windows 10 startup components are measured. 3. If Device Guard is enabled, the current Device Guard policy is measured. 4. The Windows 10 kernel is measured. 5. Antivirus software is started as the first kernel mode driver. 6. Boot start drivers are measured. 7. The MDM server through the MDM agent issues a health check command by using the Health Attestation configuration service provider (CSP). 8. Startup measurements, now stored in a log, are sent to and validated by the Health Attestation Service. Note: Need More Review? Control the Health of Windows 10-Based Devices To review further details about Device Health Attestation, refer to the Microsoft TechNet website at https://technet.microsoft.com/itpro/windows/keep-secure/protect- high-value-assets-by-controlling-the-health-of-windows-10-based-devices
Local Accounts
Local accounts, as the name suggests, exist in the local accounts database on your Windows 10 device; it can only be granted access to local resources and, where granted, exercise administrative rights and privileges on the local computer. When you first install Windows 10, you are prompted to sign in using a Microsoft account or to create a local account to sign in with. Thereafter, you can create additional local user accounts as your needs dictate. *Default accounts* In Windows 10, three user accounts exist by default in the local accounts database. These are the Administrator account, DefaultAccount, and the Guest account. All of these are disabled by default. When you install Windows 10, you create an additional user account. You can give this account any name. This initial user account is a member of the local Administrators group and therefore can perform any local management task. You can view the installed accounts, including the default accounts, by using the Computer Management console, as shown in inset Figure. You can also use the net user command-line tool and the *get-wmiobject -class win32_useraccount* Windows PowerShell cmdlet to list the local user accounts. You can view the installed accounts, including the default accounts, by using the Computer Management console, as shown in inset Figure. You can also use the *net user* command-line tool and the *get-wmiobject -class win32_useraccount* Windows PowerShell cmdlet to list the local user accounts.
Malware
Malicious software, or malware, can do many things to your computer, such as allowing unauthorized parties remote access to your computer or collecting and transmitting information that is sensitive or confidential to unauthorized third parties. Some types of malware include: - *Computer viruses* - Replicating malware, normally with email attachments or files. - *Computer worms* Replicate, without direct intervention, across networks. - *Trojan horses* Tricks the user into providing an attacker with remote access to the infected computer. - *Ransomware* - Harms the user by encrypting user data. A ransom (fee) needs to be paid to the malware authors to recover the data. - *Spyware* - Tracking software that reports to the third party how a computer is used.
NTFS Inheritance
Manually setting inheritance on hundreds of files and folders would take a long time and hard to manage. Fortunately, that is not necessary because of NTFS inheritance. By default NTFS and ReFS security permissions are inherited from their parent folder.
Reliability Monitor
Members of the desktop support team often report that it is difficult to ascertain the precise nature of calls that relate to poor performance or system instability. Reliability Monitor is an excellent tool for these situations because it enables you to review a computer's reliability and problem history and offers both the help desk and you the ability to explore the detailed reports and recommendations that can help you identify and resolve reliability issues. Changes to the system such as software and driver installations are recorded, and changes in system stability are then links to changes in the system configuration. To launch Reliability Monitor, type reliability in the Start screen and click View Reliability History in Control Panel, or type perfmon /rel at a command prompt. The tool displays a summary of the reliability history for your system.
Dynamic Access Control
Microsoft Dynamic Access Control - DAC is a data governance tool in Windows Server and Windows 10 that lets administrators control access settings. DAC uses centralized policies to let administrators review who has access to individual files. Files can be manually or automatically classified. Using Dynamic Access Control, administrators can choose to apply protection to sensitive Microsoft Office files with Rights Management Services encryption. DAC can extend outside of a network when it is combined with Active Directory Federated Services.
Microsoft Management Console MMC
Microsoft Management Console -MMC is an extensible interface for management applications in both Windows client and Windows Server. To perform management by using MMC, a specific tool for the management task, known as a snap-in, is loaded into the console. For example, to perform management of disks and attached storage, you add the Disk Management snap-in to MMC. You can use MMC snap-ins to manage Windows 10 devices remotely by targeting the remote computer from the MMC interface.
OneDrive
Microsoft OneDrive enables you to store your files online, sync files between your PC and OneDrive, and access files directly by a web browser located at OneDrive.com. You need to understand how you can recover files from OneDrive that you have deleted. If you accidentally delete a file stored in your OneDrive account, you can recover it by using Recycle Bin, which is available with OneDrive.com and on the local desktop of your PC. OneDrive automatically empties files from Recycle Bin after 30 days. If you delete a file by mistake, to prevent losing a deleted file, make sure you restore it within 30 days. When you delete a file in OneDrive from one device, OneDrive deletes the file from all your OneDrive locations everywhere, including the OneDrive folder synced to File Explorer. If you move a file out of OneDrive to a different location, such as a local folder on a device, this removes the filefrom your OneDrive. The OneDrive Recycle Bin can retain deleted items for a minimum of 3 days and up to a maximum of 30 days. The actual retention period is normally 30 days, but this depends on the size of Recycle Bin, which is set to 10 percent of the total storage limit by default. If you are running low on available OneDrive space or if Recycle Bin is full, old items will be deleted to make room for new items as they are added to Recycle Bin, and this might have an impact on the 30-day retention period. To recover deleted files from your OneDrive.com, follow these steps. 1. Browse to your OneDrive.com or right-click the cloud icon in the notification area and click Go To OneDrive.com. 2. On the left side of the page, select Recycle Bin. 3. If Recycle Bin is not visible, click the three horizontal lines in the top left corner of the screen and select Recycle Bin. 4. Select the items that you want to recover. 5. Click Restore on the menu. 6. OneDrive restores the items, and they are removed from Recycle Bin.
Task Manager
Monitor performance using Task Manager - If you have used an earlier version of Windows, you probably have used Task Manager. This is one of the most useful tools available in Windows for gaining an immediate insight into how a system is performing. The Task Manager built into Windows 10 shows you which processes (tasks) are running on your system and, importantly, shows the system resource usage that directly relates to performance. If a particular task or process is not responding, or continues to run after you have closed the application,you can use Task Manager to view this behavior and force the offending process to end. To open Task Manager, right-click the Start button and then click Task Manager. There are several other ways to open Task Manager, including Ctrl+Shift+Esc or right-clicking the taskbar, Cortana, or the Task View button and then clicking Task Manager. Inset figure shows Task Manager in Simple View. If you click More Details, Task Manager reopens and displays seven tabs, which enable you to review specific areas of your computer activity. The tabs are described in table in figure below.
Manage Printers using PowerShell
More than 20 Windows PowerShell cmdlets can be used to manage printers. Some of the most common cmdlets are shown in Table in inset figure. To list all the available cmdlets, type the following command into a Windows PowerShell console: *Get-Command -Module PrintManagement*
Microsoft Management Console
Most of the administrative and management tools built in to Windows 10 are based on Microsoft Management Console. This tool is a framework into which you can plug management tools. You can also set the focus of the tool to be local or remote, enabling you to manage not just your own Windows 10-based device. The tools you can utilize are: - The management console - Console by using Taskpad views
Windows Defender
Most organizations use an enterprise malware solution, often unaware that the *Windows Defender* antimalware software that is included with Windows 10 offers fully featured antimalware protection against viruses, spyware, rootkits, and other types of malware. Compared to earlier versions of Windows Defender, the solution is significantly improved in Windows 10.
Name resolution
Name resolution in Windows 10 is performed by a service called client resolver. This service converts names into IPv4 or IPv6 addresses. This enables devices running Windows 10 to use names rather that IPv4 or IPv6 addresses. Windows 10 based devices use two forms of name resolution: Host names - is a name that consists of characters of up to 255 characters in length, contains only alpha-numeric characters, periods and hyphens. A host name is an alias combined with a fully qualified domain name (FQDN). For example the alias computer1 is prefixed to the domain name contoso.com to create the host name or FQDN of computer1.contoso.com. NetBIOS names - Les relevant today,. NETBIOS names use a nonheirarchical structure based on a 16 character name.
netstat
Netstat is a command-line network utility tool that displays network connections for the Transmission Control Protocol (both incoming and outgoing), routing tables, and a number of network interface (network interface controller or software-defined network interface) and network protocol statistics. It is available on Unix-like operating systems including macOS, Linux, Solaris, and BSD, and is available on Windows NT-based operating systems including Windows XP, Windows Vista, Windows 7, Windows 8 and Windows 10. It is used for finding problems in the network and to determine the amount of traffic on the network as a performance measurement.
Network Discovery
Network Discovery in the Windows operating system is a network setting, using which you can set whether other computers on the network can see your computer or whether your computer can find other computers and devices on the network. If Network Discovery is enabled, sharing files and printers over a network becomes easier. Methods of enabling Network Discovery: 1. Via Windows Settings Select the network and then click on Properties. From the panel which opens, turn the slider to the 'On' position for the Make this PC discover-able setting. 2. Using Control Panel - From the WinX Menu, open Control Panel > All Control Panel Items > Network and Sharing Center > Advanced sharing settings. 3. Using Command Console To turn on Network Discovery run the following command in an elevated command prompt: netsh advfirewall firewall set rule group="Network Discovery" new enable=Yes
Network discovery
Network discovery is the ability for a Windows 10 computer to locate devices and resources on the networks to which it is connected, and for other devices to discover your device and resources. Network discovery is tightly linked to network location profiles and to Windows Firewall configuration. As we have seen, by default, network discovery is enabled for devices connecting to networks that are assigned the Domain or Private network location profile, but network discovery on public networks is disabled.
Does FAT any security?
Nope. Anyone with access can change it.
Task Scheduler
Often, there will be tasks that you must perform at specific times, or on a repeated basis. Task Scheduler can help you. You can use it to schedule simple or complex tasks, either on the local computer or on a remote computer. You can access Task Scheduler from All Apps, under the Windows Administrative Tools node. In fact, Task Scheduler is a management console snap-in and can be added to any custom console using the procedure outlined earlier. To create a task, load Task Scheduler and, from the Action pane, click Create Basic Task, as shown in inset Figure. The Create A Basic Task Wizard starts. Use the following procedure to create a task. 1. On the Create A Basic Task page, type a name and description for your task and then click Next. 2. On the Task Trigger page, specify when you want the task to start. Choose from Daily, Weekly, Monthly, One Time, When The Computer Starts, When I Log On, and When A Specific Event Is Logged. Click Next. If you chose a time trigger, you must then specify the time. For example, if you chose Weekly, you must define when during the week. Click Next. 3. On the Action page, choose Start A Program. 4. On the Start A Program page, specify the name and location of the program and any command-line switches for the program. Click Next. 5. On the Summary page, click Finish. You can select the Open The Properties Dialog For This Task When I Click Finish check box to review your task settings. To review or reconfigure your scheduled task, in the navigation pane, click Task Scheduler Library and, in the center pane, locate and double-click your task. You can then use the tabbed dialog box to reconfigure the properties. Exam Tip: You can view and manage scheduled tasks from the command line by using the Schtasks.exe tool. You can find out more on the TechNet website at https://technet.microsoft.com/library/cc772785(v=ws.10).aspx Note: Need More Review? Task Scheduler How To To review further details about using managing scheduled tasks, refer to the Microsoft TechNet website at https://technet.microsoft.com/library/cc766428(v=ws.11).aspx
OneDrive
OneDrive is a cloud based storage designed for storing files and synchronizing settings aimed at the consumer market. Microsoft gives each user G Gigabytes of free storage. To access the service, the user must use a Microsoft account, and the service can be accessed natively from a computer or smartphone.
Removable devices
Removable devices such as USB flash drives and Secure Digital High-Capacity (SDHC) memory cards are common and can offer portability benefits but also pose a potential threat to data security and loss.
Revert to Previous Build
Since Windows 8, you have had the option to remove an update completely and revert to the preupdate status. With Windows 10, this process has become more reliable and more refined. With the Insider Preview of Windows 10, you have been able to remove the preview version andinstall the full version. If you upgraded from a previous version of Windows within the past 30 days, and things are not working out, you can simply roll back to your previous operating system installation, and your settings, apps, and any files, such as photos or documents, you've added during the past 30 days to your Windows 10 installation will be retained with the older version of Windows. During any system upgrade—for example, upgrading from Windows 8.1 or implementing the Windows 10 1511 build upgrade—Windows creates a Windows.old folder on the system volume to retain a copy of your previous version of Windows. Because this file can be very large, 10 GB or larger, the file is automatically deleted after 30 days. You can preserve a copy of this file, or rename it, to prevent the deletion. You would need to replace and rename it back to the original Windows.old filename if you wanted to use it. If you have recently upgraded to a newer build of Windows 10 and want to revert to the previous version, you can do so by using Recovery in the Settings app or the Go Back To Previous Windows From Windows 10 in the Advanced Startup options.
Convertible devices
Some devices including the Microsoft Surface pro, can switch in and out of Tablet mode with the removal and reattachment of the keyboard, or by reorienting the device. When a device switches like this, you can choose whether Windows switches to full-screen Start (tablet mode).
Rollback Updates
Sometimes you need to remove a single Windows update. You can perform this task in a number of ways, through Control Panel, the Settings app, or the command prompt. There are three mehtods to rollback an update: - *using Control Panel* - *Uninstall a Windows update in Settings* - *Uninstall a Windows update by using the command prompt* *Uninstall a Windows update by using Control Panel* If you prefer to use Control Panel, you can see an Installed Updates list in Control Panel by following these steps 1. Right-click the Start button and select Control Panel. 2. Open Programs > Programs And Features. 3. Click View Installed Updates. 4. Select an update that you want to uninstall. If Windows allows you to uninstall it, Uninstall appears on the toolbar. 5. In the Uninstall An Update dialog box, click Yes to confirm. 6. Accept the UAC if prompted. Note: A restart might be needed to complete the removal of the update. *Uninstall a Windows update in Settings* The Settings app ultimately opens the same Installed Updates list in Control Panel. Perform these steps if you prefer to use the Settings app. 1. Open Settings and click Update & Security. 2. Click Windows Update and then click Advanced Options. 3. Click View Your Update History. A list of your installed Windows Updates appears. 4. Click Uninstall Updates at the top of the screen. The link opens the Control Panel > Programs> Programs and Features > Installed Updates page. 5. Select an update that you want to uninstall. If Windows allows you to uninstall it, Uninstall appears on the toolbar. 6. In the Uninstall An Update dialog box, click Yes to confirm. 7. Accept the UAC if prompted. Note: A restart might be needed to complete the removal of the update. *Uninstall a Windows update by using the command prompt* To generate the list of installed Windows Update packages on your device, open an elevated command prompt and type the following command. wmic qfe list brief /format:table When you have identified an update that you want to remove, you can use the Windows Update Stand-Alone Installer (Wusa.exe) command-line tool to uninstall updates by providing the package number (from the Microsoft Knowledge Base) of the update to be uninstalled. The syntax for the tool is as follows. wusa.exe /uninstall /kb:<KB Number> Substitute <KB Number> in the command with the actual KB number of the update you want to uninstall. The WMIC and WUSA commands work in either the command prompt or Windows PowerShell.
Standard User Analyzer
Step 1: Install the Application Compatibility Toolkit and Start the Standard User Analyser. You dont need to run this as administrator; you can just launch it. Step 2: In the Target application tab, browse to the executable which the application will be launching. In this example, it is StockViewer.exe. Click on the button Launch. (You can also specify any command line arguments / parameters for this executable) Step 3: Start your application which you want to monitor; you can perform all the operations which an end-user would do!
What is a Raid-5 alternative choice?
Storage Spaces
System Restore
System Restore has been available in previous versions of Windows. It is useful when a computer becomes unstable and you need to restore the operating system to one of the restore points created during a period of stability. System Restore is not enabled by default in Windows 10. To turn on System Restore and manually create a system restore point, follow these steps. 1. Click the Start button, type system, and click System Control Panel. 2. On System, select the System Protection link in the left pane. The System Properties dialog box appears with the System Protection tab open. 3. Highlight the drive you want to protect and click Configure. 4. In the System Protection For Local Disk dialog box, select Turn On System Protection. 5. Under Disk Space Usage, move the slider for Max Usage to allow room on the restore points to be saved (5 percent is a reasonable amount), 6. Click OK. 7. In the System Protection dialog box, click Create, provide a name, and then click Create. 8. After the restore point is created successfully, click Close. 9. Click OK to close the System Properties dialog box. When System Restore is enabled, it automatically creates restore points at these times: * Whenever System Restore-compliant apps are installed. * Whenever Windows 10 installs Windows updates. * Based on the System Restore scheduled task. * When you create a system restore manually from the System Protection screen. * When you use System Restore to restore to a previous restore point. Windows 10 automatically creates a new restore point.
Taskbar And Navigation
Taskbar And Navigation allows you to configure how the Taskbar, Start menu, and toolbars will operate.
Active Directory Administrative Center
The Active Directory Administrative Center (ADAC) is the primary GUI-based tool that you can use for object-related tasks that need to be performed occasionally, typically for administration of Active Directory in smaller environments. inset image shows the ADAC graphical user interface. The ADAC can manage Active Directory objects such as users, groups, computer accounts, OUs, and domains, and was designed to supersede the Active Directory Users and Computers MMC snap-in. The ADAC provides an enhanced management experience in the graphical user interface. You can still use the Active Directory Users and Computers MMC snap-in to perform tasks such as creating users, groups, and OUs, but for the exam, you should explore the new features in the ADAC.
App History
The App History tab shows a list of all modern apps that are installed on the device. The table format lists the app usage for the previous month, and columns include CPU Time, Network, Metered Network, and Tile Updates. Where an app has related apps, such as the Messaging + Skype item, the results show aggregated usage totals for Skype Video and Messaging. The grid uses color to highlight the items that are using the most resources within each column. If you right-click the name of an app, you can select Switch To, which launches the app.
Microsoft Application Compatibility Toolkit (ACT)
The Application Compatibility Toolkit for Windows 10 is shipping with the Windows 10 ADK: http://blogs.technet.com/b/yongrhee/archive/2015/08/11/download-windows-10-assessment-and-deployment-kit-adk.aspx A website that you might want to check your applications for compatibility with Win 10: Windows - Compatibility Center Find compatibility information and get Windows compatible device drivers, app updates, and downloads http://www.microsoft.com/en-us/windows/compatibility/CompatCenter/Home
Disk Management
The Disk Management MMC can be used to create VHDs. The Disk Management MMC includes a wizard that enables you to create VHD that you can then mount and use. Not all of the the VHD options are available in the Disk Management console, such as ability to create VHD sets or differentiating disks; you should use Windows Powershell of Hyper-V Manager if these tasks are required. Figure shows creating a VHD in Disk Management
Microsoft Assessment And Planning Toolkit (MAP)
The Microsoft Assessment and Planning Toolkit (MAP) is an agentless, automated, multi-product planning and assessment tool for quicker and easier desktop, server and cloud migrations. MAP provides detailed readiness assessment reports and executive proposals with extensive hardware and software information, and actionable recommendations to help organizations accelerate their IT infrastructure planning process, and gather more detail on assets that reside within their current environment. MAP also provides server utilization data for Hyper-V server virtualization planning; identifying server placements, and performing virtualization candidate assessments.
Public Folders
The Public Folder is a Windows folder that you can use to share files with other people that either uses the same computer or connect to it over a network. The Public folder is located in the Users folder of your root directory (for example, C:\Users\Public). Everyone with a user account and password on your computer can access the Public folder. However, you may decide whether anyone on the network can access the Public folder. (By default, network access is turned off).
Remote Server Administration Tools (RSAT) for Windows 10
The RSAT enables you to open tools, including Server Manager, Microsoft Management Console (MMC) snap-ins, consoles, Windows PowerShell cmdlets and providers, and command-line tools for managing roles and features that run on Windows Server Technical Preview. On a Windows 10 Computer that is a member of a domain, RSAT enables you to manage roles and features in Windows Server 2016 remotely, including Group Policy Management. To download RSAT tools, go to https://www.microsoft.com/download/details.aspx?id=45520
Resource Monitor
The Resource Monitor displays more information and activity statistics relating to your system resources in real time. It is similar to Task Manager but also enables you to dive deeper into the actual processes and see how they affect the performance of your CPU, disk, network, and memory subcomponents. Open Resource Monitor by using the link on the Performance tab of Task Manager or search for Resource on the Start button. The executable for Resource Monitor is Resmon.exe, which you can run from a Run dialog box or command prompt. When you open Resource Monitor, you see an overview of your system with graphs for each area of the system subcomponent. Four further tabs are available, for CPU, Disk, Network, and Memory. The statistics tracked on the Overview tab include the following. - *% CPU Usage* - *CPU Maximum Frequency* - *Disk I/O Bytes Per Second* - *Disk % Highest Active Time* - *Network I/O Bytes Per Second* - *% Network Utilization* - *Memory Hard Faults Per Second* - *% Physical Memory Used* Review each tab, each sub component offers additional components as shown in inset table.
Server Message Block
The Server Message Block (SMB) protocol is a network file sharing protocol that allows applications on a computer to read and write to files and to request services from server programs in a computer network. The SMB protocol can be used on top of its TCP/IP protocol or other network protocols. Using the SMB protocol, an application (or the user of an application) can access files or other resources at a remote server. This allows applications to read, create, and update files on the remote server. It can also communicate with any server program that is set up to receive an SMB client request. Windows Server 2012 introduces the new 3.0 version of the SMB protocol. Windows PowerShell cmdlet that reports the current SMB version in use: Get-SmbConnection
System Preparation Tool or Sysprep
The System Preparation Tool, or Sysprep (Sysprep.exe), is used to prepare a computer for disk imaging, and the disk image can then be captured by using the Image Capture Wizard (an imaging-management tool included with Windows 10) or by using the Deployment Image Servicing and Management ,DISM utility.
Sharing files through Command prompt
The command prompt enables you to share a folder using the net share command. To create a simple share, you would use the following example: net share MyShareName=c:\Temp|Data /remark:"Temp Workarea" This command shares the c:\Temp\Data folder with the share name MyShareName and includes a description of Temp Workarea. You must have administrative privileges to create a shared folder by using Net Share.
Activation method
The method you use to activate Windows 10 is determined by a number of factors, including how you obtained Windows 10 and whether your organization has a volume license agreement with Microsoft. The following determine how you activate Windows 10: * Retail - If you purchase Windows 10 from a retail store, it comes with a unique product key. You can enter the key during or after installatioin to activate your copy of Windows 10. *OEM - if you purchase a new computer on which Windows 10 is pre-installed, it comes with a unique product key, often on a sticker attached to the computer. You can activate Windows by using this pre-installed product key. * Microsoft Volume Licensing - Microsoft offers a number of volume licensing programs to suit different organizational sizes and needs. These programs support both Active Directory-based activation and KMS. inset image shows the activation graphical user interface.
Services Management Console
The most straightforward way to manage services is to use the Services management console snap-in,shown in Figure. You can use this console to view and manage services in the operating system. For example, to manage the status of a service (assuming it is not running), right-click the service and then click Start. If you want to stop or restart a running service, right-click the running service and then click either Stop or Restart. You can also manage the settings of a service by double-clicking the desired service. In the Properties dialog box for the named service you can then configure the properties shown in Table.
Task Scheduler
The scheduled task that automatically creates system restore points is located at the Task Scheduler Library\Microsoft\Windows\SystemRestore location in the Scheduled Tasks feature.
Continuous Servicing
The servicing lifetime of Current Branch or Current Branch for Business is finite. Windows 10 will be continually upgraded itself. To continue receiving monthly security updates, you must ensure that new feature upgrades on machines running these branches are installed. For many organizations, this requires a change to the current deployment and image servicing methodology. There are three stages to consider when deploying Windows 10 in an enterprise. These are: *Evaluate* - Use the Windows Insider Preview for this stage. *Pilot* - Deploy the Current Branch. *Deploy* - Use the Current Branch for Business for the main deployment. The diagram shown in inset figure depicts the Current Branch release schedule, which is useful to overlap with your new deployment and image servicing methodology.
Configure HomeGroup, workgroup, and domain settings
There are a number of ways you can connect your users' devices to your organization's network infrastructure, depending on your requirements. In small networked environments, the simplicity of creating and using a workgroup is usually sufficient. In larger organizations, the desirability of centralizing security settings for connected devices means that using an AD DS domain is the logical option. Understanding when to use workgroups and domains is important, and you must know how to connect your users' devices to these environments: - workgroups - AD DS domain membership - Device Registration
Quick Action Tiles
These are commonly used features of the Windows 10 operating system. When the expanded view is selected, a larger number of tiles are visible. The tiles that appear in the expanded view is selected, a larger number of tiles are visible. The tiles that appear in expanded view depend on your device type and orientation. The following tiles are available: Tablet Mode Rotation Lock Flight Mode All Settings Connect Project Battery Saver VPN Bluetooth Brightness Note Wi-Fi Quiet Hours
app startup options
These are elements in the Operating System that can be controlled in order to start a computer quickly. This ability to start a computer quickly is an important feature for users and the Administrator must be able optimize the system for fast startups. The two features that be controlled are: - Control Windows 10 Fast Startup - Configure app startup behavior
Current Branch
This servicing option ensures that devices are kept up to date with the latest Windows 10 features through the upgrades that are released two to three times a year. When Microsoft releases a new public build, all devices that have the default configuration begin downloading and installing the upgrade. In the real world, the default configuration is most appropriate for early adopters; IT team members; and other, broader piloting groups who need to test the mainstream business build before full rollout with CBB. All versions of Windows 10 are on Current Branch unless they have been configured to defer upgrades, which moves them to CBB. Windows 10 Home edition does not have a defer upgrades option and therefore will always be on CB and upgrade through Windows Update automatically. Other Windows 10 editions can upgrade through Windows Update, WSUS, or other management systems such as System Center Configuration Manager. You can use the GUI interface, Group Policy, or a management tool to defer upgrade implementation for approximately four months before you are required to deploy the upgrade. With each release of a Current Branch feature update, Microsoft produces new ISO images that volume licensing, system builders, and similar kinds of users can download from MSDN or similar websites. You can use these images to upgrade existing machines or use as a base image to create new custom images. Organizations using WSUS will be able to deploy these feature upgrades to devices already running Windows 10.
Current Branch for Business
This servicing option is for the majority of users within an organization. Businesses often prefer or require more time to test the feature upgrades prior to mainstream deployment. Only the Windows 10 Pro, Windows 10 Enterprise, and Windows 10 Education editions support Current Branch for Business by Windows Update, WSUS, or other management systems. Microsoft re-releases the feature upgrade a second time, approximately four to six months after the initial release, and at this time, all devices using Current Branch for Business begin downloading and installing the upgrade. If the organization uses tools to control the update process, such as Group Policy or System Center Configuration Manager, an additional deferral of at least eight months is available. Throughout this time, monthly security updates will continue to be made available to all machines on CB or CBB. When the maximum deferral period has expired, the upgrades will be automatically installed. To configure a PC for Current Branch for Business, the Defer Upgrades setting needs to be configured. This can be done in any of these ways. *Manually using the Settings app* *Group Policy* *Mobile device management or MDM* - such as Microsoft Intune or Windows Update for Business
Microsoft Passport
To avoid authentication with passwords, Microsoft provides an authentication system called *Microsoft Passport*. This enables secure authentication without sending a password to an authenticating authority, such as an AD DS domain controller. Microsoft Passport uses two-factor authentication based on Windows Hello-based biometric authentication (or a PIN) together with the ownership of a specific device. Using Microsoft Passportm provides a number of benefits for your organization. *User convenience* - After your employees set up Windows Hello, they can access enterprise resources without needing to remember user names or passwords. *Security* - Because no passwords are used, Microsoft Passport helps protect user identities and user credentials. To set up Microsoft Passport, after users have configured Windows Hello and signed in using their biometric features (or PIN), they register the device. The registration process is as follows: 1. The user creates an account on the device; this can be a local account or a domain account. 2. The user signs in using the account. 3. The user sets up PIN authentication for the account. After a user has completed the registration process, Microsoft Passport generates a new public-private key pair on the device known as a protector key. If installed in the device, the Trusted Platform Module (TPM) generates and stores this protector key; if the device does not have a TPM, Windows encrypts the protector key and stores it on the file system. Microsoft Passport also generates an administrative key that is used to reset credentials if necessary. Note: Signing in with a Microsoft account on a Windows 10-based device automatically sets up Microsoft Passport on the device; users do not need to do anything else.
Hardware compatibility
To get the most of Windows 10, consider installing it on hardware that exceeds the minimum hardware specification listed in table below.
Indexing Options
To maintain the performance of Windows 10 search, the system automatically indexes data on your computer in the background. This data includes user-generated files, folders, and documents. Most users will never modify the default indexing settings, but you can add new areas to be indexed and exclude others. Common locations include your user profile areas and app data that you access frequently, such as Office apps. If you store a lot of data in a storage space or a removable drive, you can add this location to Indexing Options to speed up the performance of future searches in this location significantly. To view your existing indexing locations, type Index on the Start screen and click Indexing Options in Control Panel to see the Indexing Options dialog box.
Computer Management
To manage user accounts by using Computer Management, right-click Start and then click Computer Management. Expand the Local Users And Groups node and then click Users. To create a new user, right-click the Users node and click New User. In the New User dialog box, configure the following properties, as shown in inset Figure, and then click Create. * User Name * Full Name * Password * User Must Change Password At Next Logon * User Cannot Change Password * Password Never Expires * Account Is Disabled After you have added the new user account, you can modify more advanced properties by double-clicking the user account. On the General tab, you can change the user's full name and description and password-related options. On the Member Of tab, you can add the user to groups or remove the user from groups. The Profile tab, enables you to modify the following properties: *Profile path* - The path to the location of a user's desktop profile. The profile stores the user's desktop settings, such as color scheme, desktop wallpaper, and app settings, including the settings stored for the user in the registry. By default, each user who signs in has a profile folder created automatically in the C:\Users\Username folder. You can define another location here, and you can use a Universal Naming Convention (UNC) name in the form of \\Server\Share\Folder. *Logon script* - The name of a logon script that processes each time a user signs in. Typically, this will be a .bat or .cmd file. You might typically place commands to map network drives or load apps in this script file. It is not usual to assign logon scripts in this way. Instead, Group Policy Objects (GPOs) are used to assign logon and startup scripts for domain user accounts. *Home folder* - A personal storage area where users can save their personal documents. By default, users are assigned subfolders within the C:\Users\Username folder for this purpose. However, you can use either of the following two properties to specify an alternate location. *Local path* - A local file system path for storage of the user's personal files. This is entered in the format of a local drive and folder path. *Connect* A network location mapped to the specified drive letter. This is entered in the format of a UNC name.
Type 4 print class drivers
To protect the system from rogue drivers and to aid simplified sharing, Windows 10 uses the new Type 4 Print Class Driver for each printer device model; this was first introduced in Windows 8. Unlike the older type 3 print drivers, an administrator only needs to install a Type 4 printer driver rather than multiple drivers, such as 32-bit and 64-bit drivers, to support both types of client architecture. Type 4 drivers can support multiple print models and often install faster than the older Type 3 drivers. The security of Windows 10 is enhanced becasue Type 4 printer drivers can only ne updated by using Windows Update or Windows Update Services (WSUS).
Enable scripts to run
To protect you from unsafe scripts, Windows 10 prohibits running unsigned scripts. Unless you can sign your scripts, you must enable your computer to run unsigned Windows PowerShell scripts. You can do this by using the Set-executionpolicy cmdlet in an elevated Windows PowerShell window. To enable your computer to run any scripts that you create locally, but only digitally signed scripts from remote sources, run the following cmdlet. Set-ExecutionPolicy RemoteSigned Need More Review? Microsoft Script Center To review further details about using Windows PowerShell scripts, refer to the Microsoft TechNet website at https://technet.microsoft.com/scriptcenter/default
Authentication in Windows 10
Traditional computer authentication is based on user name and password exchange with an authentication authority. Although password-based authentication is acceptable in many circumstances, Windows 10 provides for a number of additional, more secure methods for users to authenticate with their devices, including multifactor authentication. Multifactor authentication is based on the principle that users who wish to authenticate must have two (or more) things with which to identify themselves. Specifically, they must have knowledge of something, they must be in possession of something, and they must be something. For example, a user might know a password, possess a security token (in the form of a digital certificate), and be able to prove who they are with biometrics, such as fingerprints.
The Group Policy settings for client machines automatically refreshes every 90 minutes with a random additional 30 minutes. True or False ?
True
The User Account Control process allows for single login and prompts you when you need specific credentials to access various tasks that require greater levels of security. True or False ?
True
There are several ways to activate your systems in volume including KMS, MAK and through Active Directory. KMS is used in an enterprise setup with multiple servers and persistent workstation connections. True or False ?
True
VAMT stores the activation information in a database stored in the System directory. True or False ?
True
Windows Imaging and Configuration Designer is a tool in Windows Assessment and Deployment Kit. True or False ?
True
Two-factor authentication
Two-factor authentication is a Security feature that provides user authentication based on two-factors: * something the user knows such as a password, and * something the user has such as a bio-metric feature (fingerprint or facial features
Update history
Updates are necessary to maintain the security and reliability of Windows 10. However, in rare cases, an update can actually create a problem for your system. In such cases, you need a mechanism to review installed updates and, if necessary, uninstall and block offending updates from being installed again. In Windows 10, you can uninstall the update or driver that is causing that instability. Microsoft releases important updates every second Tuesday each month, known as "Patch Tuesday." Security and definition updates can be released at any time, and the Windows Update service automatically checks for new Windows Updates at the default time of 3:00 A.M. or the time you set in automatic maintenance. *View update history* To view your update history and see which Windows updates failed or successfully installed on your Windows 10-based PC, follow these steps. 1. Open Settings and click Update & Security. 2. Click Windows Update and then click Advanced Options. 3. Click View Your Update History. A list of your installed Windows updates appears, similar to the list shown in inset Figure. 4. Click one of the Successfully Installed On (date) links to see more details for that update. 5. Close Settings. Each update contains a summary of the payload. If you click More Info at the bottom of the summary, you are directed to the detailed knowledge base description on the Microsoft support pages. If you prefer to use Control Panel, you can see a list in Installed Updates in Control Panel by using these steps. 1. Right-click the Start button and select Control Panel. 2. Open Programs > Programs And Features. 3. Click View Installed Updates. The support link appears in the lower part of the screen. 4. Close Control Panel. The Control Panel view is limited, and the support link does not open the support webpage when selected.
Virtual secure mode
Virtual Secure Mode is a Security feature that moves some sensitive elements of the operating system to trustlets that run in a Hyper-V container that Windows cannot access. This helps the operating system more secure. This feature is only available in the Windows 10 Enterprise Edition.
Virtual smart card
Virtual Smart card is a Security feature that offers security benefit in two-factor authentication which is provided by physical smart cards. Virtual smart cards require a compatible TPM (version 1.2 or later).
Volumes
Volumes are used to arrange areas on disks. a simple volume is a contigous, unallocated areas of a physical hard disk that you format with one of the supported file systems: NTFS, ReFS, exFat, FAT32, or FAT. After a volume is formatted, you can then assign a drive letter to it, elect not to provide a drive letter, or mount the drive in an existing volume by using a volume mount point.
Notifications
When Windows 10 wants to inform you about something, it raises a notification. You can see and act on a notification in a list shown in Action Center. To respond to a notification, click it. You can remove notifications by clicking Clear ALL at the top of the page. Windows notifies you about a variety of operating system events and situations, including the need to obtain updates or perform an antivirus scan, and Windows also prompts about which action you want to take when a new device, such as a USB memory stick, has been detected.
Network locations
When a Windows 10 machine connects to a new network, whether Wi-Fi or wired Network, Windows prompts the user to define the Network Location profile. Selecting a certain type of Network Location profile changes certain behaviors in Windows 10, including Firewall Settings, network discovery, and file-and-print-sharing options, and HomeGroup settings. The currently selected Network Location Profile can be seen in the Network and Sharing Center. Windows provides three distinct types of network Location: * Domain Networks - these are networks connected to the AD DS domains. Assigning this option ensures proper communication with AD DS domain. By default network discovery is enabled. * Private Networks - These are non-domain Work or Home networks, where you trust the people using the network and devices connected to the network. Network discovery is enabled, and Windows 10-based devices on a home network can belong to a Homegroup. Note: The domain network location profile is assigned automatically to network connections that are connected to AD DS domains. * Public or Guest Networks - By selecting this network location profile, network discovery is disabled, helping to keep our computer from being visible to other computers on the network. Homegroup is also not available.
Credential Guard
When a user signs in to an AD DS domain, they provide their user credentials to a domain controller. As a result of successful authentication, the authenticating domain controller issues Kerberos tickets to the user's computer. The user's computer uses these tickets to establish sessions with server computers that are part of the same AD DS forest. Essentially, if a server receives a session request, it examines the Kerberos ticket for validity. If valid in all respects, and issued by a trusted authenticating authority, such as a domain controller in the same AD DS forest, a session is allowed. These Kerberos tickets, and related security tokens such as NTLM hashes, are stored in the Local Security Authority, a process that runs on Windows-based computers and handles the exchange of such information between the local computer and requesting authorities. However, it is possible for certain malicious software to gain access to this security process and, hence, exploit the stored tickets and hashes. To help protect against this possibility, 64-bit versions of both Windows 10 Enterprise and Windows 10 Education editions have a feature called Credential Guard, which implements a technology known as virtualization-assisted security; this enables Credential Guard to block access to credentials stored in the Local Security Authority. In addition to requiring the appropriate edition of 64-bit editions of Windows 10, the following are the requirements for implementing Credential Guard: - Unified Extensible Firmware Interface (UEFI) 2.3.1 or greater - Secure Boot - Virtualization features: Intel VT-X, AMD-V, and SLAT must be enabled - A VT-d or AMD-Vi input-output memory management unit - A TPM: Windows 10 version 1511 supports both TPM 1.2 and TPM 2.0, but earlier versions of Windows 10 support only TPM 2.0 - Firmware lock After you have verified that your computer meets the requirements, you can enable Credential Guard by using GPOs in an AD DS environment. Open the appropriate GPO for editing and navigate to Computer Configuration \ Policies \ Administrative Templates \ System \ Device Guard. Enable Turn On Virtualization Based Security, as shown in inset Figure.
Microsoft Edge
When used with an Internet connection, Microsoft Edge provides an interface for accessing the Internet or a local intranet.
Credential Manager
When users access a website, online service, or server computer on a network, they might need to provide user credentials to access those sites and services. Windows can store the credentials to make it easier for users to access those sites and services later. These credentials are stored in secure areas known as *vaults*. To access the stored credentials, open Control Panel, click User Accounts, and then click Credential Manager. As shown in inset Figure, you can then browse the list of stored credentials. Windows separates the list into those used for websites, listed under Web Credentials, and those used for Windows servers, listed under Windows Credentials. To view stored credentials, select the appropriate website or online service from the list and expand the entry by clicking the Down Arrow. Click Show to view the stored password and click Remove if you no longer want to store the entry. You are prompted to reenter your user account password before you can perform either of these actions.
Custom View
When you explore Event Viewer, you might find so many entries that it is hard to locate specific issues. You'll want to remove entries, but you should not clear a log on a production machine without first saving the log. A better method of removing log entries such as informational or warning log entries is to create a custom view that shows only specific events. This acts like a saved filter that you can invoke. To create a custom view in Event Viewer that displays only Critical events in the System log, follow these steps: 1. Open Event Viewer. 2. On the Action menu, click Create Custom View. 3. On the Filter tab, select the Critical check box in Event Level. 4. In By Log, use the Down Arrow and expand Windows Logs; select only the System check box. 5. Click OK. 6. Type a name, such as System-Critical for the log name, and click OK. The custom view immediately refreshes and displays log entries that match the criteria. 7. Your custom view filter, in this case named System-Critical, is located in the left pane, under the Custom Views node. 8. Close Event Viewer.
Recovery Drive
When you install Windows 10, it does not include a separate recovery partition by default. However, if you purchase a new device, the original equipment manufacturer (OEM) might create one instead of providing Windows 10 installation media. You can create a USB recovery drive that enables you to recover your system. If Windows 10 becomes corrupted, your recovery drive can help you troubleshoot and fix problems with your PC when it won't start.
Miracast
Windows 10 Miracast to connect Windows device wirelessly to an external Monitor or Projector. The only thing needed is a Miracast compatiblen external monitor or projector.
Windows Store for Business
Windows Store for Business provides a distribution of line-of-business applications to be deployed in an organization. It enables the owner to manage and maintain these custom apps in the same way as you do commercially available apps.
Windows Recovery
Windows 10 includes a comprehensive recovery environment that enables you to troubleshoot issues relating to the boot process and retains most of the functionality that was available in previous versions of Windows. The *Windows Recovery Environment (Windows RE)* enables you to boot Windows 10 into safe mode or use other advanced troubleshooting tools. There are several ways to start Windows 10 in advanced troubleshooting mode, including: - *Boot from a Recovery Drive.* - *Click Settings, select Update & Security, select Recovery, and then, under Advanced Startup, click Restart Now.* - *Press the Shift key and select Restart on the Start menu.* - *Restart the computer by running the Shutdown.exe /r /o command.* - *Use installation media and select Repair.*
Windows Backup and Restore
Windows 10 includes the Backup And Restore (Windows 7) tool, which allows the creation of backups of your data. This backup feature was not included in Windows 8, but it has returned in Windows 10 to enable users who might have upgraded from Windows 7 to this version to restore data contained in Windows 7 system image backups. In addition to restoring files and folders, you can also use this tool to create backups of files contained in folders, libraries, and whole disk volumes. Backups can't be saved to the disk on which Windows 10 is installed, so you must provide another location such as an external USB drive, network drive, or non-system local disk. To launch the Backup And Restore (Windows 7) tool in the GUI, open the System And Security section of Control Panel or use the Backup And Restore (Windows 7) item listed in the Settings app. To create a backup of your files and folders and a system image, follow these steps. 1. Open Settings and click Update And Security. 2. Click Backup and then click Go To Backup And Restore (Windows 7). 3. On the Backup And Restore (Windows 7) page, click Set Up Backup. 4. On the Select Where You Want To Save Your Backup page, choose the location and click Next. 5. On the What Do You Want To Back Up page, click Let Windows Choose (Recommended) and click Next. 6. On the Review Your Backup Settings page, click Change Schedule. 7. On the How Often Do You Want To Back Up page, leave the Run Backup On A Schedule (Recommended) check box selected and, if necessary, modify the backup schedule. 8. Click OK. 9. On the Review Your Backup Settings page, click Save Settings And Run Backup. The backup begins, and you see the progress bar as shown in figure at inset.
Last Know Good Configuration
Windows 10 no longer supports the Last Known Good Configuration startup option that was present in Windows 7 and other versions of Windows.
Manage Printers using Print Management
Windows 10 provides some additional options for you to manage your printing compared to previous versions of Windows. A new "Print Management desktop app" and the new *Printers & Scanners* options in the Settings app provide basic printer management such as Add, Remove, and Set As Default Printer. You still have previous printer tools, in the Devices And Printers section of Control Panel or from the link at the bottom of the Printers & Scanners options in the Settings app. The Devices And Printers Control Panel item is the same interface as in previous versions of Windows 7. For the exam, you should also review the older printer tools. For procedure on how to Manage printers by using Print Management, refer to page 370 of @book. For procedure on how to Manage printers by using Windows PowerShell, refer to page 371 of @book. Note: @book = Installing and Configuring Windows 10, Exam Ref 70-698 by Andrew Bettany, Andrew Warren Microsoft Press 2016 ISBN: 978-1-5093-0295-6
File systems
Windows 10 supports the most common file systems icluding NTFS, ReFS, exFat, FAT32, and FAT.
Windows Update
Windows 10 will continually benefit from new feature upgrades rolled out through *Windows Update*. To enhance the security protection delivered in Windows 10, *the user can no longer turn off security updates or upgrades*. Enterprise users can still choose to test updates and deliver them internally, using Windows Server Update Service (WSUS) or other management tools to keep their devices updated. For organizations that require deployment of a static installation of Windows 10 that will not have upgrades, Microsoft ships a special build of Windows 10. Windows 10 will receive security updates as they are required in addition to a regular schedule of rollup updates and feature upgrades. The process of continually bringing your computer up to date is known as *servicing*. It is expected that new features will appear two to three times a year. It is important to distinguish the different types of Windows 10 updates. - *Servicing updates* - Regular security updates and software updates - *Feature upgrades* - New features and functionality Both types will be cumulative and contain all previous updates, which reduces the likelihood of a hacker or malware attack through a missing update.
Touch
Windows 10, like Windows 8 before it, is a touch centric operating system. Although you do not need a touch device to use Windows 10, some features are made more usable through the use of touch. To implement Touch, your tablet or display monitor must support touch.
Windows Firewall
Windows Firewall blocks or allows network traffic based on the properties of that traffic. You can configure how Windows Firewall controls the flow of network traffic by using configurable rules. In addition to blocking or allowing traffic, Windows Firewall can filter traffic and be used to implement authentication and apply encryption to this filtered traffic. The way in which Windows Firewall and the Network Locations profiles can have a significant impact on file and printer sharing and can affect the discover ability of the device on connected networks.
Windows Hello
Windows Hello is a biometric authentication mechanism built into Windows 10 to address the requirement that users must be able to prove who they are by something they uniquely have. When you implement Windows Hello, users can unlock their devices by using facial recognition or fingerprint scanning. Windows Hello works with Microsoft Passport to authenticate users and enable them to access your network resources. It provides the following benefits: - It helps protect against credential theft. Because a malicious person must have both the device and the biometric information or PIN, it becomes more difficult to access the device. - Employees don't need to remember a password any longer. They can always authenticate using their biometric data. - Windows Hello is part of Windows 10, so you can add additional biometric devices and authentication policies by using GPOs or mobile device management (MDM) configurations service provider (CSP) policies. To implement Windows Hello, your devices must be equipped with appropriate hardware. For facial recognition and iris scanning, suitable cameras must be present in the Windows 10 device. For fingerprint recognition, your devices must be equipped with a fingerprint scanner. After you have installed the necessary hardware devices, to set up Windows Hello, open Settings, click Accounts, and then, on the Sign-in Options page, under Windows Hello, review the options for face, fingerprint, or iris. If you do not have Windows Hello-supported hardware, the Windows Hello section does not appear on the Sign-in Options page. Note: Need More Review? Windows Hello Biometrics in the Enterprise To review further details about using Windows Hello in the enterprise, refer to the Microsoft TechNet website at https://technet.microsoft.com/itpro/windows/keep-secure/windows-hello-in-enterprise
Windows Imaging and Configuration Designer (ICD)
Windows Imaging and Configuration Designer is a component of Windows Assessment and Deployment Kit that provides a tool for Windows 10 to deploy images of Windows. It has the following functionality: * View settings and policies in a Windows 10 image and provisioning package. *Create and manage Windows provisioning answer files. *Define applications and drivers in an answer file. *Build and flash a Windows image. *Build provisioning packages to modify existing Windows installations.
Windows PowerShell ISE
Windows PowerShell ISE, shown in inset Figure, provides command-completion functionality. This feature enables you to learn about cmdlet syntax as you use them. You can also create and edit scripts in Windows PowerShell ISE and then run the scripts step by step in the script window. This procedure can help you debug your scripts to ensure that they are running as intended.
Simple Scripts
Windows PowerShell cmdlets are constructed of verbs and nouns. The nouns are always singular. For example, you have seen in this chapter that you can use the get-service cmdlet to retrieve information on Windows 10 services; "get" is the verb, "service" is the noun. You can also add parameters to most cmdlets. So, for example, to retrieve information about the service called LanmanWorkstation, add the -name parameter to the get-service cmdlet: *get-service -name lanmanworkstation* You can pass the results of one cmdlet to another for additional processing. This is known as piping. For example, you can retrieve a list of services with the get-service cmdlet and then pipe the result (a list of all services) and look for those services that are running, as shown in the following code. *Get-Service | Where-Object {$_.status -eq "running"}* In the preceding command, you search through the list of all returned services and look for those services for which the status value equals running. You could just as easily use the same approach to look for services that are not running and then pipe that on to another cmdlet that might start those services or query why they're not running. You can see that a few simple cmdlets joined together begin to create a powerful script. Your script can contain any Windows PowerShell cmdlet that you have used in the Windows PowerShell window. You can also use variables and gather input from an operator and provide output to the monitor to let the operator know what's happening in the script. To create a simple script, you merely need to store your cmdlets in a text file with a .ps1 file extension. Then, to run the script, double-click the file in File Explorer or type the path and name of the file in a Windows PowerShell window.
Windows PowerShell cmdlets to create a Share
Windows PowerShell cmdlets is a fourth method in Windows to create a Share. The other methods are: * Shared Folder snap-in * File Exploer * Command prompt if you need to script the creation of Shares, Windows powershell is most appropriate to use for this task and provides several cmdlets that enable you to manage shares in Windows 10. Windows Powershell offers an increased scope and functionality or the net Share command. An example of creating an share is: New-SmbShare -Name MyShareName -Path C;\Temp\Data Other PowerShell cmdlets used in admiistration of shares are shown in table below.
PowerShell remoting
Windows PowerShell is a powerful command line management tool and scripting environment. You can use it to perform virtually every management function in Windows 10. You can also use Windows PowerShell to manage remote computers. This is known as Windows PowerShell remoting.
Windows PowerShell
Windows Powershell offers many disk-related tasks from the command line. It can be used locally or remotely, and can be scripted. It enables the owner to manage disks, volumes, and partitions, and perform a range of tasks that cannot be performed in DiskPart or Disk Management. For the 70-698, you should be familiar with Get-Disk, Clear-Disk, Initialize-Disk, Set-Disk, Get-Volume, Format-Volume, Get-Partition. Table below shows common disk-related Windows PowerShell cmdlets:
Continuum
With Windows 10 available on a variety of device types and form factors, with Continuum, Microsoft optimizes the user experience across device types by detecting the hardware on your device and changing to that hardware. An example use of Continuum is in Microsoft Surface Pro. When the keyboard cover, Windows switches to Tablet mode. When you use Windows 10 Mobile, Continuum enables you to use a second external display and optimizes app behavior on that display.
Device Guard
With malicious software (malware) changing daily, the ability of organizations to keep up to date with emerging threats is challenged. Device Guard is an attempt to mitigate this challenge. Rather than allow apps to run unless blocked, Device Guard only runs specifically trusted apps. The requirements for Device Guard are as for Credential Guard. These are: - 64-bit version of Windows 10 Enterprise. - UEFI 2.3.1 or greater. - Secure Boot. - Virtualization features: Intel VT-X, AMD-V, and SLAT must be enabled. - A VT-d or AMD-Vi input-output memory management unit. - A TPM: Windows 10 version 1511 supports both TPM 1.2 and TPM 2.0, but earlier versions of Windows 10 support only TPM 2.0. - Firmware lock. To enable Device Guard in your organization, you must first digitally sign all the trusted apps that you want to allow to run on your devices. You can do this in a number of ways: - *Publish your apps by using the Windows Store* - All apps in the Windows Store are automatically signed with signatures from a trusted certificate authority (CA). - *Use your own digital certificate or public key infrastructure (PKI)* - You can sign the apps by using a certificate issued by a CA in your own PKI. - *Use a non-Microsoft CA* - You can use a trusted non-Microsoft CA to sign your own desktop Windows apps. - *Use the Device Guard signing portal* - In Windows Store For Business, you can use a Microsoft web service to sign your desktop Windows apps. After digitally signing the trusted apps, you must enable the required hardware and software features in Windows 10. Assuming your devices meet the hardware requirements, and you have enabled the required software features in Windows 10 (Hyper-V Hypervisor and Isolated User Mode), using Control Panel, you can use GPOs to configure the required Device Guard settings. Open the appropriate GPO for editing and navigate to Computer Configuration \ Policies \ Administrative Templates \ System \ Device Guard. Note: Need More Review? Device Guard Signing? To review further details about digital signing for Device Guard, refer to the Microsoft TechNet website at https://technet.microsoft.com/itpro/windows/manage/device-guard-signing-portal
Insider Preview
With the continual development of Windows 10, Microsoft has created a process to support the incremental build process that Windows 10 uses. Microsoft internally implements a new version of Windows 10 on a regular basis, such as daily and weekly, and initial user issues such as bugs or improvement feedback is relayed immediately back to the development team rapidly. These versions are deemed too early for widespread public release, but when they have experienced a level of acceptance and reliability, they are ready for the next group of users to field test. The first publicly available version of Windows 10 was made available to a growing volunteer user base called *Windows Insider*. Initially, this group of IT pros and consumers were invited to download and review the Windows 10 Technical Preview (in 2014). Nowadays, the program has grown to over 7 million members. These *insiders* sign up to receive early feature upgrades to their Windows 10 devices and receive a dedicated newsletter to keep them informed from the program manager at Microsoft. You must be *registered* as a Windows Insider and use a Microsoft account.
management console
You can add management tools, or snap-ins, to the console by clicking the File menu and then choosing Add/Remove Snap-in, as shown in Figure. You can then choose one or more snap-ins to add to your console. When you add a snap-in, you are asked whether the focus for the snap-in will be the local computer or a remote computer. Make this selection and then click Finish. If you want, you can add additional snap-ins to the console. When you have added all the required snap-ins, click OK. After you have added your snap-ins, you can save the console. Click File and then click Save. Specify a suitable name and location for the console. Click Save.
Command-Line tools to manage Services
You can also use the command line to investigate and troubleshoot service startup. Table in inset figure shows some of the more common command-line tools you can use to work with services. To use these commands, open an elevated command prompt.
Event Subscriptions
You can configure Event Viewer to view other computers' event logs. Manually connecting to other computers on a regular basis can be cumbersome. You can automate the collection of event logs from other computers by creating event subscriptions. All computers participating in a subscription must be configured to allow remote administration. This is achieved by enabling the Windows Remote Management service on the source computer. On the collector computer, start the Windows Event Collector service, which enables the computer to collect events from remote devices. To configure the computers to collect and send events, perform the following short procedures: - *View subscriptions* - see page 353 of @book - *Create a subscription* - see page 354 of @book - *Access event logs remotely* - see page 355 of @book @book = Installing and Configuring Windows 10, Exam Ref 70-698 by Andrew Bettany, Andrew Warren Microsoft Press 2016 ISBN: 978-1-5093-0295-6
Taskpad Views
You can further customize your console by using Taskpad Views. Taskpad enables you to create a task-focused version of your console. This is particularly useful for when you want to designate a particular subset of management tasks to a user. To create a Taskpad view, click Action and then click New Taskpad View. As shown in inset Figure, you have the option to display Taskpad as a vertical or horizontal list or use no list. Give your Taskpad a name and then click Finish. You are prompted to launch the Add New Tasks Wizard. This enables you to add specific tasks to the Taskpad view. In the New Task Wizard, you can add menu commands, shell commands, or navigation options. You can run through the wizard as many times as you need to set up the individual tasks that you want to enable in Taskpad. Finally, you must restrict a user to use only the Taskpad view you have created. This is achieved by clicking the File menu and then the Options menu. In the Options dialog box, in the console mode list, click User Mode—Limited Access, Single Window. Clear the Allow The User To Customize Views check box and then click OK. Save your console. For example tasks for viewing user properties, deleting users, and setting user passwords have been added to a Taskpad view. Note that the user still requires administrative rights to perform the management tasks that the console facilitates.
Control Panel
You can manage user accounts from Control Panel. Open Control Panel and click User Accounts and then click User Accounts again. From here, you can: *Make Changes To My Accounts In PC Settings* - Launches the Settings app to enable you to make user account changes. *Change Your Account Name* - Enables you to change your account name *Change Your Account Type* - Enables you to switch between Standard and Administrator account types *Manage Another User Account* - Enables you to manage other user accounts on this computer, as shown in inset Figure. *Change User Account Control Settings* - Launches the User Account Control Settings dialog box from Control Panel Note: You cannot add new accounts from this location. If you want to add a new account, use Computer Management, the Settings app, or Windows PowerShell.
Advanced security
You can perform more advanced Windows Firewall configuration by using the Windows Firewall with Advanced Security management console snap-in. To access the snap-in , from Windows Firewall, click Advanced Settings. The Windows Firewall configuration is presented differently. Traffic flow is controlled by rules, and there is a Monitoring node for viewing the current status and behavior of configured rules.
Group Policy for Updates
You can use Group Policy to configure the new Windows Update settings and then use Active Directory Domain Services (AD DS) to distribute the settings to the devices across the network. Although there are many Group Policy Objects (GPOs) that relate to Windows Update for earlier versions of Windows, three nodes in Group Policy contain Windows Update settings for Windows 10. They are found in the Computer Configuration/Administrative Templates/Windows Components/ area with the following node names. * Windows Update * Data Collection And Preview Builds * Delivery Optimization
Windows 10 Readiness
You can use Upgrade Readiness to plan and manage your upgrade project end-to-end. Upgrade Readiness works by establishing communications between computers in your organization and Microsoft. Upgrade Readiness collects computer, application, and driver data for analysis. This data is used to identify compatibility issues that can block your upgrade and to suggest fixes that are known to Microsoft.
Powershell Tools to manage Services
You can use Windows PowerShell to manage services. This is particularly useful because you can use Windows PowerShell to administer other computers remotely, including their services. In addition, you can script Windows PowerShell cmdlets, enabling you to store common administrative tasks for future use. Table ininset figure shows the cmdlets you can use to manage services in Windows 10. Open an elevated Windows PowerShell window to use these cmdlets. Note: Need more review of Managing Services? To review further details about using Windows PowerShell to manage services, refer to the Microsoft MSDN website at https://msdn.microsoft.com/powershell/scripting/getting-started/cookbooks/managing- services
VPN
You can use a VPN to connect to your workplace network over the Internet, A VPN provides a secure connection through a public network by using authentication and encryption protocols. To create a VPN in Windows 10, from the Network and Sharing Center under Change Your Network Settings, click Setup A New Connection or network and then click Connect To A Workplace.
File System permissions
You can use both Share and NTFS permissions to protect resources. These resources are often folders that contain Data such as Word processing files. They could also be other resources such as Printers, backup drive and other hardware.
Data Collector
You can use the Performance Monitor Microsoft Management Console (MMC) snap-in to monitor and track your device for the default set of performance parameters or a custom set you select for display. These performance parameters are referred to as counters. Performance Monitor graphically displays statistics and offers real-time monitoring and recording capabilities. By default, the update interval for the capture is set to one second, but this is configurable. You can use the tool to record performance information in a log file so that it can be played back and used as part of your overall benchmarking process on a system being tested, or when collecting information to help you troubleshoot an issue. You can also create alerts that notify you when a specific performance criterion, such as a threshold or limit, has been met or exceeded. The easiest way to learn how to use Performance Monitor is to run one of the two built-in collector sets and review the results. - *System Diagnostics Data Collector Set* collects the status of local hardware resources and configuration data, together with data from the System Information tool. - *System Performance Data Collector Set* reports the status of local hardware resources, system response times, and processes. For details on how to run the Performance Monitor data collector, refer to page 363 of @book. Note: @book = Installing and Configuring Windows 10, Exam Ref 70-698 by Andrew Bettany, Andrew Warren Microsoft Press 2016 ISBN: 978-1-5093-0295-6
Performance Monitor
You can use the Performance Monitor Microsoft Management Console (MMC) snap-in to monitor and track your device for the default set of performance parameters or a custom set you select for display. These performance parameters are referred to as counters. Performance Monitor graphically displays statistics and offers real-time monitoring and recording capabilities. By default, the update interval for the capture is set to one second, but this is configurable. You can use the tool to record performance information in a log file so that it can be played back and used as part of your overall benchmarking process on a system being tested, or when collecting information to help you troubleshoot an issue. You can also create alerts that notify you when a specific performance criterion, such as a threshold or limit, has been met or exceeded.
Automation of management tasks with Windows PowerShell
You have already seen in this book how useful Windows PowerShell can be and how pervasive this management tool in Windows 10 is. However, it's worth considering the benefits of using Windows PowerShell to automate common or repetitive administration or management tasks. Building complex scripts in Windows PowerShell can be daunting and is beyond the scope of this book. However, there is no reason you cannot begin to gain skills with Windows PowerShell and save your frequently used cmdlets to .ps1 files for subsequent reuse. The three skills you need to know are: - Create simple scripts - Enable scripts to run - Use Windows PowerShell ISE
Real-time Monitoring
You have seen that with tools such as Performance Monitor, Resource Monitor, and Task Manager, you can monitor your system activity and understand how demands on processor, RAM, networking, and disks affect your computer system. *Real-time monitoring information* is useful for instant diagnosis, whereas creating a *baseline* for your computer's performance can generate a system-specific report that can be useful to show what your performance statistics look like during normal or heavy use.
Restore Points
You reviewed how to enable System Restore earlier in this chapter. You also need to make sure you understand how to configure the amount of disk space that restore points occupy and how to remove old restore points manually to recover disk space. The Recovery item in Control Panel contains the advanced recovery tools. Configure System Restore enables you to perform the several tasks relating to restore points that this section covers in more detail. Restore points are created both manually and automatically. To create a restore point manually, you must have administrator privileges. When you create a restore point, the feature creates a restore point that includes all drives that are protected. If you find that not many restore points are available, you can increase the space used for system protection. If you want to delete all restore points for a specific volume, click Delete in the System Protection For Local Disk (C:) dialog box. After you click Delete, you receive a warning message that you cannot undo the deletion. After it is deleted, the current drive usage for the selected drive is zero. Another method of removing restore points is to use the Disk Cleanup feature, which removes all restore points except the most recently created one. In Disk Cleanup, click the More Options tab and choose Clean Up in System Restore And Shadow Copies. You can remove all or selected restore points from the command prompt, using the *vssadmin command*. You need to use an elevated command prompt to use this feature. When you use the vssadmin command-line tool, you see for each restore point the volume drive letter and a Shadow Copy ID number. This ID number is useful if you need to delete specific restore points.
Device health attestation
_
$WINDOWS~TMP
blah
Answer file
blah
Bootable USB
blah
Certificate authority
blah
Clean installation
blah
DISM
blah
DVD installation
blah
Deployment Image Servicing and Management tool
blah
Diskmgmt.msc
blah
Driver packages
blah
Driver signing
blah
Electronic Software Download (ESD)
blah
Get Windows 10 (GWX)
blah
Gpedit.msc
blah
Image-based installation
blah
Imaging and configuration designer
blah
License terms
blah
Media creation tool (MCT)
blah
Microsoft User Experience Virtualization(UE-V)
blah
PnPUtil.exe
blah
Public and private addressing
blah
Regedit.exe
blah
Remote Desktop Connections
blah
Remote Management Tools
blah
Shared network folder installation
blah
USB installation
blah
Upgrade
blah
Virtual hard disk (VHD)
blah
WDS deployment
blah
Wi-Fi
blah
Windows Assessment and Deployment Kit (ADK)
blah
Windows Imaging and Configuration Designer
blah
Windows SIM
blah
Windows power shell
blah
What is the volume/file size limit for NTFS?
file - 16 TB volume - 256 TB
File/volume size limit of FAT32
file size - 4 GB volume size - 32 GB
What is exFat designed for?
flash storage devices
In-place upgrade
in-place upgrade is one of the methods to upgrading to Windows 10. The other two methods are: * side-by-side migration * wipe-and-load migration In in-place upgrade , you choose to update an existing operating system and on existing hardware. The user data and settings are retained.
ipconfig
ipconfig (internet protocol configuration) is a Microsoft Windows command line tool that displays all current TCP/IP network configuration values and can modify Dynamic Host Configuration Protocol (DHCP) and Domain Name System (DNS) settings. command switches: /all - displays more detailed information about the Network than if ipconfig is issued alone /release - is executed to force the client to immediately give up its lease by sending the server a DHCP release notification which updates the server's status information and marks the old client's IP address as "available" /renew - is executed to request a new IP address. /flushdns - parameter can be used to clear the Domain Name System (DNS) cache to ensure future requests use fresh DNS information by forcing hostnames to be resolved again from scratch.
Volume Activation Management Tool (VAMT)
is a Server role that allows the management of an organization's volume activation centrally. Figure shows the main console of VAMT. VAMT is one of the tools in the Windows Assessment and Deployment Kit (Windows ADK). This tool is downloaded from Microsoft website: http://go.microsoft.com/fwlink/p/?LinkId=526740 VAMT can perform the following tasks: * Verify the KMS host key - enables you to setup your host for volume activation * Discover Computers and products - You can discover computers and licensable products on your organization's network. * Monitor status - Collect licensing data from installed products and devices. * Manage product keys - Determine the number of activations remaining for your MAKs and install these MAKs on remote devices. * Manage and view activation data - View and if desired export activation data for reporting purposes.
Power settings
is a Windows 10 feature that allows mobile users to conserve battery life in their Windows 10 based Tablets and Laptops. Power settings consists of two sections - Basic power options and Power plans. Basic power options - You can configure basic power options in the Power & sleep tab in the System settings app. *Screen - On battery power, Turn Off After a set amount of time has lapsed. - When plugged in, Turn Off After a set amount of time has lapsed. *Sleep - On battery power, PC goes to sleep after a set amount of time has lapsed. - When plugged in, PC goes to sleep after a set amount of time has lapsed. Note 1: You can configure additional power options by using Battery Saver tab under System settings app. Note 2: Windows 10 Mobile does not support Power & sleep feature. ** Power plans - in addition to basic settings, Windows 10 also provides a number of preconfigured power plans. You can access these power plans from System settings, Power & Sleep, and then Additional Power Settings. The following are the available power plans in Windows 10: * Power Saver * Balanced * High Performance
User Account Control
is a Windows feature that can help control administrative privilege escalation. It ensures that a user upon logging in to a Windows system operates as a standard user and is only elevated to an administrative level when needed. Being signed in to a machine with administrative privilege at all times poses a security risk becasue it offers the possibility for malicious software to exploit administratove access to files and other resources. Windows provides UAC to help mitigate that threat.
Active Directory
is a database that provides a scalable management of capabilities for larger organizations in relation to domain services. Active Driectory stores computer and user objects in a secure distributed database consisting of containers such as organizational units (OUs) Active Directory is organized in a hierarchical and and logical components such as: *sites *Forest *Domain *Domain Trees *Organizational units *Domain controllers *Global Catalog servers *Operational masters *Read only domain controllers
host file
is a file located in the Windows/System32/drivers/etc/ subdirectory that locally resolves IP address to a hostname.
Accessibility options
is the ability to interact easily with a computer for all users, including those individuals with physical handicap or limitation. Windows 10 provides a number of accessibility feature to ensure that your computer is easy and comfortable to use, whatever your needs: * Narrator - A screen reader that reads all the screen elements, including text and buttons. * Magnifier - makes things larger on the screen. When you enable this setting you can optionally choose to invert color, start Magnifier automatically, and enable tracking. * High Contrast - This setting makes the display easier to read. * Closed Captions - Enables you to configure how closed captions appear in Windows apps, such as Videos app. * Keyboard - Settings that enable you to control how Windows respond to inadvertent key presses or overlong key presses. * Mouse - options that enable you to reconfigure the mouse pointer to be clearly visible. You can also enable mouse buttons so that users can navigate cursor keys. * Other options - animations, touch feedback
Volume activation
it is used for deploying Windows operating system for large organization with hundreds or thousands of client and server machines where using manual product key entry and activation is impractical. Using manual product key entry and activation is error prone and time consuming. There are three methods of volume activation: *Key Management Service, KMS - this Windows Server role can be used to activate Windows 10 in an organization's network. Client computers connect the KMS server to activate the machine, thereby preventing to connect to Microsoft for activation. Note: KMS is designed for organizations with 25 (physical or virtual) client devices persistently connected to a network or organization with five or more (physical or virtual) servers. *Active-Directory based activation - any device running Windows 10 that is connected to an organization's domain network and is running generic volume license key (VLK) can use Active Directory-based activation. For the activation to remain valid, the client device must remain part of the organization's domain. *Multiple Activation Key, MAK - uses special VLKs that can activate a specific number of devices to run Windows 10. The MAKs can be distributed as part of the organization's Windows operating system image. This method is ideal for isolated client computers.
nslookup
nslookup is a network administration command-line tool available for many computer operating systems for querying the Domain Name System (DNS) to obtain domain name or IP address mapping or for any other specific DNS record.
Basic disks support what kind of partitions?
primary partitions, extended partitions, and logical drives
Side-by-side migration
side-by-side migration is one of the methods to upgrading to Windows 10. The other two methods are: * in-place upgrade * wipe-and-load migration In side-by-side migration, the source and destination computers for the upgrade are different machines. You install a new computer with Windows 10 and then migrate the data and most user settings from the earlier operating system to the new computer.
tracert
traceroute is a computer network diagnostic tool for displaying the route (path) and measuring transit delays of packets across an Internet Protocol (IP) network. The history of the route is recorded as the round-trip times of the packets received from each successive host (remote node) in the route (path); the sum of the mean times in each hop is a measure of the total time spent to establish the connection. Traceroute proceeds unless all (three) sent packets are lost more than twice, then the connection is lost and the route cannot be evaluated. Ping, on the other hand, only computes the final round-trip times from the destination point. The command traceroute is available in Windows. In Microsoft Windows, it is named tracert. Windows NT-based operating systems also provide PathPing, with similar functionality. For Internet Protocol Version 6 (IPv6) the tool sometimes has the name traceroute6 or tracert6.
Wipe-and-load migration
wipe-and-load migration is one of the methods to upgrading to Windows 10. The other two methods are: * side-by-side migration * in-place upgrade In wipe-and-load migration, the source and destination computer are the same. You back up the user data and settings to an external location and then install Windows 10 on the user's existing computer. Afterward, you restore user data and settings.
