MD-100

¡Supera tus tareas y exámenes ahora con Quizwiz!

Your company has recently upgraded half of its computers from Windows 7 to Windows 10 Pro. Staff members use Office and a web-based line-of-business application. The help desk manager has received several complaints from users who state a variety of problems following the upgrade, including that the following: ■ Their computers are slow ■ Apps stop responding ■ Websites are slow to load The remaining Windows 7-based computers do not exhibit the same issues. You need to offer the help desk some advice on how to diagnose these problems and recommend how to resolve them as soon as possible. Answer the following questions from the help desk: 1. Why might the computers be slow after the upgrade? 2. Which tool could you recommend to assist the help desk support members verify which apps are freezing? 3. You suspect that the network card could be a performance bottleneck. How could this suspicion be tested? 4. How would a network card bottleneck present itself?

1. Answers might vary. Several potential areas need to be investigated. The original com- puters should have met the minimum specifi cation for Windows 10 to upgrade from Windows 7. The computers might be quite old and contain components that are slow in comparison to modern hardware, such as older hard drives without cache, or slow RAM memory. The BIOS or motherboard fi rmware might be old and need updating. The hard- ware device drivers might not have been updated to the latest versions for Windows 10. 2. Recommend to the help desk that it suggest using Reliability Monitor to review the sta- bility history of the computers that are reporting app freezing. The Reliability Monitor report should identify the failing app and how often it is failing; also, the report should identify potential solutions. You should also be able to see whether other failures are occurring that might relate or contribute to the app failure. 3. Answers might vary. You could review the network card driver version and see whether there are any known issues relating to the network card and Windows 10 on the manu- facturer's website. You could use Performance Monitor to review the performance for the Network Interface counter and monitor the Output Queue Length. 4. Network-related activities, such as web browsing and opening and saving resources across the network, would be slower than normal. If there is network saturation, the report should indicate that the queue length is more than 2, meaning that the network card cannot process network packets quickly enough.

Adatum has 3,000 workstations currently running Windows 10. Most of the users belong to the Active Directory domain, but 50 research engineers in the R&D department do not. The research engineers need to access special 3D printing hardware that is located within their secure area. Adatum needs to ensure that only the research engineers can use the specialized printing devices. As a consultant for Adatum, answer the following questions: 1. What type of group will you use for the research engineers? 2. How will you ensure that only the research engineers are able to print to the 3D printer? 3. You find that a user has been using the 3D printer for personal use outside of normal office hours. How would you investigate this matter?

1. Create a Research Engineers Local Group. 2. Add only the research engineers to the Research Engineers Local Group and grant print permissions for the 3D printer to the research engineers local group. 3. Investigate the logs within the Event Viewer, and look for instances in which a print job has been sent to the 3D printer outside of normal office hours. You could enable logging within the Microsoft-Windows-PrintService Operational logs.

You have recently implemented a new network-shared storage facility for your organization. This storage is formatted using NTFS and has been shared to groups containing users within Active Directory. Users of the design department will use the local storage to store CAD drawings in two folders: Current Projects and New Projects. The files within the New Projects folder are confidential. You notice that users who are not part of the design department are able to access the CAD fi les. You must ensure that the network-shared storage facility is accessed by the design department personnel only. Answer the following questions for your manager: 1. How will you ensure that only design department personnel can access the storage? 2. What share-level permissions should you grant on the storage? 3. You need to confirm to your manager that members of the organization who are not in the design department do not have access to the files contained in the storage. How will you reassure your manager? 4. You need to provide an audit trail of the access to the New Projects folder. How will you proceed?

1. Create a design department security group, add all the design department personnel to the group, and give the design department group NTFS access to the storage. 2. You should give full-access, share-level permissions for the design department group. 3. You should use the Effective Access feature to verify the NTFS permissions in place. In the Advanced Security settings for the shared folders, evaluate the effective access per- missions for a user or group that is not a member of the design department group. 4. Enable Auditing for success and failure in Group Policy, and then enable auditing on the New Projects folder to track both successful access to the folder and failed attempts

You have been asked to review the backup and restore options available within Windows 10 and OneDrive.com. Your manager is developing a backup strategy and wants to ensure that files are backed up and users can easily access the backed-up files for at least six months. Back-ups will be stored offsite. Answer the following backup-related questions. 1. How would relying on the OneDrive Recycle Bin feature affect the backup strategy? 2. You want to examine how the Previous Versions feature found in File Explorer works, but you cannot see any Previous Versions listed. How do you enable Previous Versions? 3. Could the Previous Versions feature found in File Explorer offer backup and recovery of files as part of the backup strategy?

1. The OneDrive Recycle Bin is not a backup facility. It will only retain fi les that have been deleted for a maximum of 93 days. This is less than the 6 months required by the backup strategy. 2. You would need to turn on the schedule to create restore points using either File History or the Backup And Restore (Windows 7) tool. Once the Backup And Restore (Windows 7) tool creates a backup, or when File History runs, previous versions of fi les will be avail- able on the Previous Versions tab. 3. Previous Versions could provide the longevity of access to the backed-up fi les if the backup storage location does not become full. To ensure that the Previous Versions complied with the backup strategy, you would need File History or the Backup And Restore (Windows 7) tool to save the image to a remote storage location, such as a networked attached drive.

You want to use the Backup And Restore (Windows 7) tool to create a backup of your files contained on your computer to a removable USB hard drive or SDHC memory card. You want to create a custom schedule. Answer the following questions relating to the Backup And Restore (Windows 7) tool: 1. What is the default backup schedule for the Backup And Restore (Windows 7) tool? 2. How would you modify the schedule so that you can be more specific? For example, you want to back up the data every 30 minutes. 3. What triggers are available that could be used to begin the backup task? 4. You no longer want to use Backup And Restore (Windows 7) tool for your Windows 10 Pro tablet. What built-in backup tool could you use instead? How could the data be safeguarded from theft?

1. The default backup schedule for the Backup And Restore (Windows 7) tool is every Sunday at 7 PM. 2. You need to edit the AutomaticBackup task in the WindowsBackup node found in Task Scheduler and configure the task to repeat every 30 minutes by editing the trigger. 3. The triggers available for the task to begin include the following: On A Schedule, At Log On, At Startup, On Idle, On An Event, At Task Creation/Modification, On Connection/ Disconnect To A User Session, and On Workstation Lock/Unlock. 4. You would suggest using File History. This feature allows the backup of fi les and folders to a removable drive—for example, a USB drive or SDHC memory card—that may be used with the device. Optionally, the external storage may be encrypted using BitLocker To Go or EFS.

Your organization wants to use Group Policy to configure power settings on the sales department laptops. All laptops are identical. You add a new Group Policy to remove the sleep feature on the laptops. Some members of the sales department report that they can still put their laptops into sleep mode. You access one of the sales departmental laptops and confirm the GPO has not been applied. Answer the following questions for your manager: 1. What GUI tool could you use to verify whether the GPO is being delivered to the laptop? 2. Some members of the sales department work out of the offi ce, often in rural locations. How could location affect the effectiveness of the GPO? 3. How could you ensure that all members of the sales department receive the GPO? 4. What command line tool could you use to verify what GPOs have been delivered to the laptop?

1. Use the Resultant Set of Policy (RSoP) tool to diagnose and troubleshoot group policy settings. 2. The GPOs are only delivered once the user connects to and logs into the Active Direc- tory Domain. If members are unable to connect their laptops to the organization, such as by using a VPN or via a wired or a Wi-Fi network, they might be using cached creden- tials, and therefore, they will not receive the new GPO. 3. Ask the members of the sales department to connect to the corporate network using a VPN or via the internal wired or Wi-Fi network. Once connected, they should then log on so that they can receive the new GPO. 4. Use the GPResult tool to display a report of the GPOs that have been applied to a system.

You work in support at Adatum Corporation. Many of your users work in small branch offi ces. Some work from home, using work laptops. It is important for you to be able to manage these users' computers remotely. As a consultant for Adatum, answer the following questions about remote management in the Adatum organization. 1. One of your users telephones the help desk, requiring assistance with an application. They need to know how to perform a grammar check with Microsoft Word 2016. They are not very experienced and, despite your best efforts and explanation of how the pro- cess works, they are still confused. What remote management tool might you consider using in this situation? 2. Another user calls the help desk. They've lost a fi le and need you to locate it. They're due to leave the offi ce for a conference this afternoon, and they tell you that's the best time for you to resolve the issue. What remote management tool would you use? 3. You try to connect to this user's computer later that afternoon, but despite knowing that the necessary Windows Firewall settings are confi gured, you cannot connect. Why? 4. You want to use Windows PowerShell remoting. You try to connect to a remote machine but are unsuccessful. What steps must you perform on the remote machine before Windows PowerShell remoting can work?

1. Using Remote Assistance would enable you to demonstrate how to perform the gram- mar check. You could take remote control of the user's computer and show them the procedure. 2. Remote Desktop is the most suitable tool. Remote Assistance requires the interaction of the user to accept your connection request and, initially, to invite you to help. Remote Desktop requires no invitations and does not require the remote user to assist you in connecting. 3. The most likely reason you can't connect is that Remote Desktop users must be granted access in addition to the Windows Firewall configuration changes being made. 4. You must start the Windows Remote Management service and reconfigure the Windows Firewall, and then Windows PowerShell remoting must be enabled. You can perform these steps by running either winrm quickconfi g or by running enable-PSremoting.

You have been hired to deploy Windows 10 at a new office for Adatum Corporation. The office was a greenfield site with no computer infrastructure and has just had all the network cabling and wireless infrastructure installed by a contractor. You must help plan and implement networking services at the new location and verify that all equipment is working on the network. As a consultant for Adatum, answer the following questions about networking. 1. You connected a number of devices to the wireless APs in the new building. They seem to be connected, but you want to verify that they can communicate with each other. Is it true that the Test-Connection Windows PowerShell cmdlet is the equivalent of the Ping command-line tool? 2. You want to be able to view the current network configuration of the installed laptops in the new building. Which of the following commands enable you to do this? A. Ping B. Tracert C. NSlookup D. IPconfi g E. Get-NetIPAddress F. Netsh 3. You are troubleshooting name resolution to the LON-DC1 domain controller. You suspect a problem might reside with the confi gured DNS server that was just installed at the site. If you create an entry for LON-DC1 in the local hosts fi le of a test computer running Windows 10, which is used fi rst, the DNS server or the local resolver cache? 4. You have been asked to set up a VPN solution for some users who want to work from home. Which VPN tunneling protocols can you use with Windows 10? 5. You notice that one of your computers has an IPv4 address that starts 169.254. What could this mean?

1. Yes, the Test-Connection Windows PowerShell cmdlet is the equivalent of the Ping command-line tool. 2. The IPconfi g, Get-NetIPAddress, and Netsh commands enable you to view the net- work configuration of computers running Windows 10. 3. The DNS resolver cache is checked before a DNS server is petitioned. 4. You can use the following VPN tunneling protocols: Point-to-Point Tunneling Protocol (PPTP), Layer Two Tunneling Protocol with IPsec (L2TP/IPsec), Secure Socket Tunneling Protocol (SSTP), or Internet Key Exchange version 2 (IKEv2). 5. It means that the device is configured to obtain an IPv4 address automatically and has been unable to obtain an IPv4 configuration from a DHCP server. This might be because the DHCP server is offl ine or because an insufficient number of addresses are available on the server.

You work as a desktop support technician. Your Windows 10 deployment for 5000 devices is now complete, and you are now busy supporting your users. Answer the following questions about using advanced management tools and techniques for your organization: 1. You find that you are repeatedly performing the same management task on multiple computers. At the moment, you use several customized Microsoft Management Con- soles to perform the required tasks. How could you achieve this more easily? 2. A number of users are experiencing problems with their computers. You determine that the issue relates to a service that occasionally stops and is then restarted. Where can you track information about this problem? 3. What command-line tools can you use for managing services?

1. You could create Windows PowerShell scripts, as required, that contain the required management cmdlets. Because Windows PowerShell supports remoting, it is easy to run the script against remote computers at the same time. You must, however, ensure that the execution policy for each computer supports the running of PowerShell scripts and that Windows PowerShell remoting is enabled. 2. Use the System log in Event Viewer. You can group events based on source; in this instance, the source is Service Control Manager. 3. You can use Windows PowerShell to manage services. Also, the SC.exe and Net.exe command-line tools can be used.

Adatum Corporation uses Microsoft 365 and has an IT security policy in place that requires company laptop devices to be encrypted at all times. Many of the remote workers operate from home, and the IT policy allows these users to choose a corporate-owned device from an authorized device list. Employees selected various devices, including the Surface laptop, which comes pre-installed with Windows 10 Home. All company data is stored in Microsoft 365 cloud-based storage, such as OneDrive for Business and SharePoint Online. The sales department often needs to leave customers with USB thumb drives that contain presentations, which include sensitive information. How will you respond to the security manager, who has raised the following concerns? 1. The Surface laptops do not currently support EFS or BitLocker Drive Encryption. What should you do first? 2. You need to recommend an encryption solution for the company data stored on the sales department laptop devices so that they comply with the IT security policy. What should you recommend? 3. How will your encryption solution be deployed to the remote staff?

1. You need to upgrade the device license on the Surface Laptops to Windows 10 Pro or Windows 10 Enterprise before encryption can be used. 2. You could ensure that devices use BitLocker Drive Encryption. In this way, all data stored on the device will be encrypted. 3. The Surface Laptops can be joined to Azure Active Directory by the user or by using Windows Autopilot. Once joined, they can be auto-enrolled into Microsoft Intune. Once managed by Intune, they will receive device policies to enforce encryption

1. An in-place upgrade from Windows 7 directly to Windows 10 is supported and recommended by Microsoft and could be performed in the timescale required. 2. Because all devices are less than two years old and currently run Windows 7, they already meet the minimum system requirements for running Windows 10. 3. By upgrading the devices directly to Windows 10 using an in-place upgrade, all user and application settings will be preserved. This will offer the least disruption to the users. 4. All devices would be automatically activated using the digital license present on the device if they were previously running a genuine version of Windows 7.

Adatum has 2,000 workstations running Windows 7. The company plans to implement Windows 10. Adatum management wants to minimize the effects of the changes and so it intends to roll out the new operating system over a weekend. All computers are less than two years old and must be running Windows 10 Enterprise at the end of the project. 1. What is the most appropriate method for Adatum to implement Windows 10? 2. How can you reassure management concern whether devices meet the minimum system requirements? 3. What deployment method could you use to minimize the disruption to Adatum employees? 4. How would you plan to activate the devices once they are running Windows 10?

The Surface Pro devices should be configured to use Windows Hello with users providing either facial recognition or their Microsoft 365 usernames and passwords for sign in. 2. The Surface Pro devices are running Window 10 Pro and therefore, they should be con- figured to use BitLocker Drive Encryption. 3. Adatum could implement Enterprise Mode so that the Adatum intranet website opens automatically in Internet Explorer 11. All other websites would be opened in Microsoft Edge, by default. 4. The design team desktop computers would need to be upgraded to the Windows 10 Pro for Workstations for them to use the Ultimate Performance power plan.

Adatum has recently implemented Microsoft 365 Business with all devices using Windows 10 Pro. The company has a head office with 200 people using desktop computers, a branch office where 25 members of the design team work, and a remote sales force of 50 people. Each member of the sales team uses a Surface Pro device. Adatum is concerned about security, especially on the mobile devices. Members of the sales and finance teams need to access the Adatum intranet to produce quotations and manage sales orders. The intranet does not display properly using Microsoft Edge. Answer the following questions relating to address Adatum concerns. 1. What sign-on method would you recommend for the mobile devices? 2. What encryption technology could you implement on the mobile devices? 3. How would you recommend the sales and finance team access the Adatum intranet website? 4. Your manager has asked you how to enable the Ultimate Performance power plan on the design team desktop computers.

Chapter 2 Summary

Local accounts are local to the Windows 10 device, and the password is stored in the SAM database. ■ Most settings are configured within the Settings app and not the Control Panel. ■ The Administrator has full permissions and privileges on a Windows 10 device and can manage all the objects on the computer. ■ The Creator Owner is a special identity that has special administrator level permissions to the resources over which they have ownership. ■ Azure Active Directory (Azure AD) is a cloud-based identity authentication and authori- zation service. ■ Devices can be joined or registered to Azure AD. ■ Azure AD supports registering of Bring Your Own Device (BYOD) scenarios for multiple types of devices, including Windows 10, iOS, Android, and macOS. ■ Only Windows 10 devices can be joined to Azure AD. ■ Existing Windows 10 devices can be joined to Azure AD using the Accounts section of the Settings app. ■ The Device Enrollment Manager (DEM) account in Microsoft Intune is a special account that allows you to enroll up to a maximum of 1,000 devices. ■ Windows 10 supports NTFS as the default fi le system. ■ The Quick Access area is new in Windows 10 and appears at the uppermost left area of the File Explorer navigation pane. It shows the frequently used fi les and folders. ■ Effective Permissions is useful to determine the permissions a particular user would have through NTFS permissions. ■ Windows 10 NTFS uses 6 Basic Permissions and 13 Advanced Permissions for securing fi les and folders. ■ When applying permissions to groups, an explicit Allow setting will override an implicit Deny permission. ■ Use the ICACLS command line tool to confi gure and view permissions on fi les and fold- ers on a local computer and reset them to defaults. ■ Inheritance of permissions can be useful when applying permissions to a large environ- ment because the permissions will be automatically propagated based on the default inheritance setting. ■ You can use the Effective Access feature to ensure that your NTFS permissions are as expected. ■ If you have administrative privileges, you can take ownership of an object, such as a fi le, and allocate it to another user or group.

Chapter summary 1

Windows 10 is available in many editions including Windows 10 Home, Windows 10 Pro, Windows 10 Pro for Workstations, Windows 10 Enterprise, and Windows 10 Education. ■ Windows 10 in S mode is a special edition of Windows 10 that is a limited, locked down version of the operating system. ■ Some features of Windows 10 require special hardware or additional configuration, such as biometric sensors or TPM. ■ You cannot perform an in-place upgrade from a 32-bit version of Windows to the 64-bit version of Windows 10. ■ There are multiple methods of implementing Windows 10, including clean installs and upgrading a prior version of Windows. ■ You can choose between three upgrade strategies: in-place, side-by-side, and wipe-and-load. ■ You can use a number of tools in Windows ADK, including the Windows Configuration Designer, to customize, and distribute Windows 10 settings for deployment throughout your organization. ■ Windows Configuration Designer generates provisioning packages with the .ppkg file extension, which can customize Windows 10. ■ You can migrate user and application settings from one device to another, using the USMT. ■ USMT uses ScanState and LoadState to migrate data and can use compression or encryption during the migration process. ■ Windows 10 can be configured with additional language features including the display language, text-to-speech, speech recognition, and handwriting support. ■ You can use the Lpksetup command-line tool to implement silent-mode language pack installations.

Chapter 1 Summary (Cont.)

Windows 10 requires activation, which can be performed manually or automatically. ■ Microsoft provides a number of ways to manage Windows 10 volume activation. ■ Microsoft provides the Activation Troubleshooter, which can identify issues experienced with activating Windows 10. ■ Windows Hello is a two-factor biometric authentication mechanism built into Windows 10. ■ Dynamic Lock allows you to pair a Bluetooth device, such as a smartphone, to your Windows 10 device, which will automatically lock the device when the Bluetooth device is moved away from the PC. ■ You can customize the Start menu, desktop, taskbar, and notifi cation settings indi- vidually or by using Group Policy, provisioning packages, or using mobile device management. ■ To customize the Start layout using XML templates and GPOs requires Windows 10 Pro, Windows 10 Enterprise, or Windows 10 Education. ■ Microsoft Edge is a cross-platform web browser for Windows 10 that supports touch devices, inking, reading mode, and secure browsing. ■ Microsoft Edge kiosk mode allows Microsoft Edge to display a specifi c site in full-screen mode as used in digital/interactive signage or for public browsing. ■ Enterprise Mode allows you to confi gure Microsoft Edge to be the default browser and allow selected websites to open in Internet Explorer 11 for web app and website compatibility. ■ Windows 10 provides several ways to manage power settings, including creating custom power policies, thereby extending the battery life of your users' devices. ■ Desktop computers running Windows 10 Pro for Workstations can use the Ultimate Per- formance power plan scheme, which allows the device to run at maximum performance. ■ You can import and export power plans by using the Powercfg.exe command-line tool.

Chapter 4 Summary (Cont.)

Windows Update Delivery Optimization is a method of peer-to-peer sharing of Windows update files. This feature significantly reduces the time that a Windows 10 device is vulnerable from zero-day malware attacks. Peer caching can occur between other users on the local network or optionally across the Internet. ■ Administrators can use Group Policy to centrally confi gure and manage Windows Update behavior, location of WSUS servers, and Windows Update Delivery Optimization settings. ■ If a driver update causes system stability issues, you can uninstall the update, and if necessary, you can disable the automatic application of the update. ■ Event logs automatically record system activity such as logons, application errors, and services stopping and starting. ■ If you enable remote management, you can pull event logs from remote computers by using event subscriptions. ■ Windows 10 includes several tools to view system performance, including Task Manager, Performance Monitor, and Resource Monitor. ■ In Performance Monitor, you can create benchmarking reports by creating your own user-defined collector sets and running them to generate a performance baseline. ■ Windows 10 introduces the option, to manage your default printer by setting the default to the last printer you used, rather than the printer at your current location. ■ The built-in Search feature uses the background indexing service to index areas of your hard drive automatically, including files stored in your user profile. ■ Reliability Monitor provides a graphical history of your computer's reliability and offers solutions to resolve issues.

Chapter 2 Summary (Cont.)

You can reset the permissions of all the folders, fi les, and subfolders using the command-line tool icacls <fi le name> /reset. ■ Only fi les stored on a NTFS-formatted hard drive have a Security tab in their File properties. ■ Windows 10 uses a feature called Network Discovery, which uses a new layer two proto- col called Link Layer Topology Discovery (LLTD) to identify other devices present on the local subnet. ■ Share permissions can be Read, Change, or Full. ■ The registry is a database, which is split into multiple separate fi les known as hives. ■ You use the built-in Registry Editor (Regedit.exe) tool to view, search, and modify the registry's contents. ■ Local Security Policy allows you to confi gure security policies, such as a password or audit policy, on a local computer. ■ User rights policies are used to determine what rights a user or group of users have on a device and relate to activities or tasks that the user can perform. ■ User Rights Assignments policies affect what users can do to a system, and Security Permissions affect which access permissions a user has. ■ Use the Resultant Set of Policy (RSoP) tool to check and troubleshoot group policy settings. ■ Use the GPResult command line tool to verify what group policy objects have been applied to a user or computer. ■ The Windows Security app collects and displays the security status of your device and will trigger notifi cations through the Action Center. ■ User Account Control (UAC) helps protect the operating system from unauthorized confi guration changes and app installations. ■ UAC elevation prompts can be prompts for consent or prompts for credentials. ■ Whenever UAC prompts the user for consent, it uses a feature called Secure Desktop to focus the activity only on the UAC prompt and prevents malware from interacting with the UAC process. ■ Windows 10 is protected by the Windows Defender Firewall, which acts as a network barrier. ■ You can Allow an app through the Windows Defender Firewall or create connection security rules using Windows Defender Firewall with Advanced Security. ■ Windows 10 supports two encryption technologies: Encrypting File System (EFS) and BitLocker. ■ Windows 10 Home does not support encryption.

Chapter 2 (Cont.)

You should always create a Data Recovery Agent (DRA) whenever EFS is used within an enterprise, so that encrypted fi les can be recovered. ■ EFS can be managed though the GUI or by using the command line tool cipher.exe. ■ BitLocker Drive Encryption enables you to encrypt an entire hard disk. ■ Devices with a Trusted Platform Module (TPM) can securely store the encryption keys that BitLocker uses. ■ BitLocker supports versions 1.2 and 2.0 of the TPM specifi cation. ■ BitLocker offers users several key-protection options, including storing the key protec- tors on a TPM, smart card, or a USB drive with a startup key on it. BitLocker also allows you to require a PIN on start up. ■ On a modern Windows device, BitLocker Drive Encryption will be already enabled when shipped. When the user signs in to the device for the fi rst time with a Microsoft account, the recovery key is saved to his or her Microsoft account. ■ For personal and small-business users, a BitLocker recovery key is stored in their Micro- soft accounts at https://onedrive.live.com/recoverykey. ■ On devices without a TPM, you can confi gure the Require Additional Authentication At Startup GPO setting to allow BitLocker to be used without a compatible TPM. ■ Before upgrading your computer—for example, performing a BIOS fi rmware upgrade— you should suspend BitLocker Drive Encryption. By default, after a reboot, protection will be automatically resumed. ■ If a device enters BitLocker recovery mode, you will need to recover the drive by supplying the 48-digit recovery password. ■ The BitLocker recovery password can be stored in Active Directory or Azure Active Directory. From

Chapter 3 Summary

■ Each device on a network requires a unique IPv4 and, optionally, IPv6 confi guration. ■ Windows 10-based network devices use name resolution to change names in IP addresses for network communications. ■ Windows 10 supports four commonly used VPN protocols. These are Point-to-Point Tunneling Protocol (PPTP), Layer 2 Tunneling Protocol (L2TP), Secure Socket Tunneling Protocol (SSTP), and Internet Key Exchange, Version 2 (IKEv2). ■ Windows 10 uses common authentication protocols including EAP-MS-CHAPv2, PAP, CHAP and MS-CHAP v2. ■ VPN Reconnect is a feature supported when using IKEv2, which enables VPN connec- tions to be automatically re-established if they are broken. VPN Reconnect uses the IKEv2 tunneling protocol with the MOBIKE extension. ■ Always On, App-triggered VPN, and LockDown VPN profi les are new VPN features in Windows 10 that enable administrators to implement enterprise-grade VPN requirements. ■ Wi-Fi Direct enables Windows 10 devices to interact with other hardware, such as printers, TVs, PCs, and gaming devices, such as Xbox One. ■ Windows 10 provides a number of tools that you can use to help troubleshoot networking issues. ■ You can choose from a number of management tools to perform remote management. ■ To confi gure and enable remote management settings, you must fi rst modify the Windows Firewall confi guration. ■ Remote Assistance and Quick Assist can be used to view or take remote control of a remote user's computer. ■ Both Remote Desktop and Remote Assistance can be confi gured manually or by using GPOs. ■ Windows PowerShell remoting enables you to perform remote management of any Windows 10-based computer with Windows PowerShell. ■ Management console snap-ins support both local and remote connections.

Chapter 4 Summary

■ Windows 10 File History is the preferred backup option that performs automatic back-ups of files every hour to a non-local storage. ■ Previous Versions is a feature that allows you to recover deleted or modified versions of your files directly from File Explorer rather than via a backup or File History. ■ OneDrive offers you a Recycle Bin, which allows you to recover files you've deleted from OneDrive folders and syncs with the File Explorer Recycle bin. ■ OneDrive can provide a history of older versions of Office documents that are stored within OneDrive, so that you can access, restore, and download previous versions of your files. ■ A Windows 10 recovery drive can be used to recover your system in the event of failure. ■ System Restore is useful for restoring the operating system to a previous point in time. For example, you can restore to a point prior to when your computer became unstable. ■ Windows RE enables you to access the advanced startup options to troubleshoot Windows 10 startup issues. ■ You can use Reset this PC to recycle a computer for use by another user or to revert the computer to its OOBE state if you experience serious problems with the computer. ■ Fresh Start within Windows Security enables you to keep your personal files and some Windows settings but remove all apps, including third-party apps that are pre-installed on your device. ■ Restore points are created when the Backup and Restore (Windows 7) tool creates a backup image. You can use a system image to recover Windows 10 if Windows 10 becomes unstable (for example, if your hard drive has failed and other recovery meth- ods have failed). ■ Driver Rollback allows you to revert to a previous device driver after your system begins to suffer the effects of upgrading to a new device driver that is poorly performing. ■ Windows 10 Home users have Windows Updates automatically downloaded and installed on their devices. Windows 10 Pro, Education, and Enterprise customers can defer feature updates for up to 365 days, and they can defer quality updates for up to 30 days. ■ Windows 10 Pro, Education, and Enterprise customers can pause quality updates for up to 35 days.


Conjuntos de estudio relacionados

Sadlier Vocabulary Workshop Level G Unit 1-3

View Set

Healthcare Policy and Healthcare Organizations NCLEX

View Set