MCSA 70-698 Installing and Configuring Windows 10
Configure when Windows updates are installed
- Automatic (recommended) - Notify to schedule restart
GPO for Windows Update: Windows Update node
- Configure automatic updates - Defer Upgrades and Updates (delay upgrades up to 8 months and updates up to four weeks)
Key stages during Windows 10 upgrade
- Copying files - Installing features and drivers - Configuring settings
Provisioning packages perform a number of management tasks, including:
- Deploy apps - Enroll devices into MDM - Distribute certificates - Configure and deploy connectivity profiles - Apply device policies
GPO for Windows Update: Delivery optimization node
- Download Mode (configure mode for downloads of Windows apps and updates) - Group ID - Max Cache Age - Max Cache Size - Max Upload Bandwidth
Features not supported on Windows 10 booted from a VHD
- Hibernation - Upgrading to newer version - BitLocker - Cannot boot from VHD stored on a remote share or USB flash drive
Ways to install desktop apps
- Install app using .exe or .msi installer - Using automatic app deployment methods such as Microsoft Deployment Toolkit (MDT) or System Center 2012 R2 Configuration Manager - AD DS GPO based deployment - Building the required apps into a desktop computer image for deployment
GPO for Windows Update: Data collection and preview builds node
- Toggle User Control Over Insider Builds - Allow Telemetry (determines amount of diagnostics and usage data related to Microsoft software is sent) - Disable Pre-release Features or Settings - Do Not Show Feedback Notifications
Possible solutions if you discover compatibility issues with any of your existing applications?
- Use ACT to apply an application compatibility fix - Determine whether updates exist - Determine whether more recent version of the application might resolve the issue - Build VM based on an OS environment in which the application works
USMT user data and settings components
- User settings: contains all configuration settings specific to a particular user - User registry: HKEY_CURRENT_USER hive of the registry contains user-specific settings - Application data: AppData folder contains the application-related settings that are not part of the registry - User data: All user-specific folders and files are stored in subfolders beneath Documents, Favorites, Downloads, etc.
Provisioning packages enables you to configure:
- devices quickly without needing new deployment images - user-owned devices without needing to implement Multiple Device Management (MDM) - multiple devices simultaneously - devices that are not connected to the corporate network
.msi installer
-Superior app removal than .exe installer -Windows Installer service manages the app installation and configuration. Install apps locally, or use automatic deployment to add, repair, or uninstall an app using the installer package
Troubleshooting name resolution steps
1. Clear the DNS resolver cache 2. Attempt to verify basic connectivity by using an IP address 3. Attempt to verify connectivity to a host name 4. If the test is not successful, edit the hosts files 5. Display the resolver cache 6. Test the name server
Apply provisioning packages in one of two ways
1. Deployment time - you can apply any provisioning packages as part of a Windows image. You can then distribute the image to target devices. 2. Runtime - Use this option to distribute the package to devices already running Windows 10.
Troubleshoot network issues steps
1. Determine the scope of your problem 2. Determine the IP configuration 3. Determine the network's hardware configuration 4. Test communication
Stages of name resolution for Windows 10
1. Determine whether the queried host name is the same as the local host name 2. Search the local DNS resolver cache for the queried host name. The cache is updated when records are successfully resolved. In addition, the contents of the local Hosts file are added to the resolver cache. 3. Petition a DNS server for the required host name.
3 Types of Windows 10 network locations
1. Domain networks 2. Private networks 3. Guest or public networks
GPO Start Menu
1. Edit start menu to liking 2. PowerShell -> export-StartLayout filename.xml 3. Move to shared folder 4. GPO path: User Configuration\Policies\Administrative Templates\Start Menu and Taskbar\Start Layout 5. Set Start Layout value as file path 6. OK
Two levels of adoption of preview builds for Windows Insider program
1. Fast ring makes builds available as soon as Microsoft releases them 2. Slow ring delays the availability of the build until it has been exposed to the Fast ring members and most if not all the bugs have been addressed by interim incremental updates
Windows 10 installation strategies
1. High-touch retail media deployment 2. Low-touch deployment 3. Zero-touch deployment
3 methods for upgrading to Windows 10
1. In-place upgrade 2. Side-by-side migration 3. Wipe-and-load migration
5 levels of events (IAEWC)
1. Information: provide info about changes related to a component or system process, usually a successful outcome 2. Audit Success/Failure: If you have enabled auditing, these log entries appear in the security log 3. Error: warn you that a problem has occurred 4. Warning: Not critical, although they could lead to more serious problems and should be investigated 5. Critical: most severe and could lead to failure or loss of function.
UAC Settings
1. Never notify me when 2. Notify me only when apps try to make changes to my computer 3. Notify me only when apps try to make changes to my computer (DEFAULT) 4. Always Notify
Turn off upgrade to latest version of Windows through Windows Update steps
1. Regedit.exe 2. HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate 3. New DWORD (32-bit) value 4. Name it DisableOSUpgrade 5. Set value as 1 6. Restart
Sharing folders by using File Explorer 3 options
1. Share button on Share tab 2. Advanced Security from Share tab 3. Sharing tab in Properties
What to do when you suffer a single disk failure in a mirrored volume?
1. Shut down PC 2. Connect new disk of equal or larger size 3. Open Disk Management 4. right click old, Remove Mirror 5. right click new, Add Mirror
Restore full redundancy of two-way or three-way mirror storage space in Storage Spaces how?
1. Shut down PC 2. Connect new disk of equal or larger size 3. Open Storage Spaces -> Manage Storage Spaces 4. Change Settings 5. Add new disk to storage pool 6. Remove failed disk from storage pool 7. Mirror is rebuilt in background
Allowing apps through the firewall methods
1. System and security -> Windows Firewall -> Allowed apps 2. Netsh.exe 3. PowerShell
802.11ac
1.7 Gb/s - 5GHz
802.11b
11 Mbps - 2.4 GHz
Adding and removing languages in Windows 10
111 Languages Settings app or Lpksetup command, cmd command to perform unattended or silent-mode language pack operations
Default accounts
3 user accounts exist by default: Administrator account DefaultAccount Guest account
802.11n
300/600 Mbps - 2.4 to 5 GHz
Subnet mask
32-bit binary string, entered as four decimal digits, and is used to indicate the client's unique identity, known as the host ID, and the subnet where the client resides, known as the network ID. Often represented as /#, with # being the number of sequential binary 1s in the subnet mask
802.11g
54 Mbps - 2.4 GHz For use over short distances
802.11a
54 Mbps - 5 GHz
802.11 standards
802.11a 802.11b 802.11e 802.11g 802.11n 802.11ac
IPv4 address
A 32-bit binary address, which is divided into four octets (or groups of eight digits), each of which is converted to a decimal number.
Group Policy Management Console
A Microsoft Management Console (MMC) snap-in that you use to create GPOs and manage their deployment to AD DS objects.
Secure Boot
A UEFI feature that prevents a system from booting up with drivers or an OS that are not digitally signed and trusted by the motherboard or computer manufacturer.
LoadState
A User State Migration Tool (USMT) command used to copy information to the new computer.
ScanState
A User State Migration Tool (USMT) command used to scan and collect files and settings from the old computer to a server or removable media.
DiskPart
A Windows command to manage hard drives, partitions, and volumes.
Windows 10 Mobile
A Windows operating system designed for mobile devices.
BitLocker To Go
A Windows utility that can encrypt data on a USB flash drive and restrict access by requiring a password.
User State Migration Tool (USMT)
A Windows utility that helps you migrate user files and preferences from one computer to another to help a user make a smooth transition from one computer to another.
Task manager
A Windows utility that shows programs currently running and permits you to exit nonresponsive programs when you click End Task.
Network Location Server (NLS)
A basic Web server used by DirectAccess client computers to determine whether they're on the main network or a remote network.
Group Policy
A centralized configuration management feature available for Active Directory on Windows Server systems.
Deployment Image Servicing and Management (DISM)
A command-line tool that can be used to service Windows 10 images offline or online and perform imaging operations.
WBAdmin
A command-line utility that provides a comprehensive system backup function in a scriptable form. Only available on Windows RE Wbadmin get versions Wbadmin enable backup Wbadmin start backup Wbadmin get items Wbadmin start recover
Shadow copy
A copy of open files made so that open files are included in a backup.
AD Global catalog servers
A domain controller that stores a full copy of all AD objects in the host domain directory and a partial copy of all objects for all other domains in the forest.
Connection Manager Administration Kit (CMAK)
A feature that can be installed on Windows clients or servers to create VPN deployment packages.
Device Guard
A feature that helps protect a system by locking a device so that it can only run trusted applications. Requires 64bit Enterprise, Secure Boot, Virtualization features, TPM, Firmware lock. Must first digitally sign all trusted apps that you want to allow to run on your devices
Virtual Hard Disk (VHD)
A file format created by Microsoft that enables you to create a simulated hard disk, which you can mount into an operating system and access like a physical disk drive.
Resilient File System (ReFS)
A file system that offers excellent fault tolerance and compatibility with virtualization and data redundancy in a RAID system. Designed to respond to the increased scale, access speed, and distributed nature of storage currently available. Self-healing capabilities
Extensible Authentication Protocol (EAP)
A framework for transporting authentication protocols that defines the format of the messages. A point-to-point (P2P) wireless and local area network (LAN) data communication framework providing a variety of authentication mechanisms.
AD Site
A group of TCP/IP subnets
Event subscription terms: subscription
A group of events you configure based on specific criteria you create. Enables you to receive events from other computers, called sources
Access Control List (ACL)
A list of users and groups with permissions on the object
Thin provisioning
A method for creating virtual disks, whereby the virtual disk expands dynamically and uses space from the storage pool as needed until it reaches the specified maximum size.
Universal Naming Convention (UNC)
A naming system used by Windows computers to locate network file shares and network printers. The format is \\servername\sharename
Server Message Block (SMB)
A network protocol used by Windows to share files and printers on a network.
Subnet
A network segment. Each subnet on an Internet has a unique ID, just as each host within a subnet has a unique ID
Automatic Private IP Addressing (APIPA)
A networking feature in Windows that enables DHCP clients to self-configure an IP address and subnet mask automatically when a DHCP server isn't available. The IP address range is 169.254.0.1 through 169.254.255.254. The client also configures itself with a default class B subnet mask of 255.255.0.0.
Virtual Private Network (VPN)
A private data network that creates secure connections, or "tunnels," over regular Internet lines
Windows Insider program
A program that allowed users to sign up for early builds of the Windows operating system which has been expanded to include enterprise testers and advanced users Quests give short tutorials that guide you through how to use new features
Protector key
A public-private key pair on the device that is generated by Microsoft Passport after a user has completed the registration process.
AD Forest
A security boundary providing a security scope of authority for administrators who share a common AD DS domain. The first domain created is referred to as the forest root domain.
Windows Hardware Quality Labs (WHQL)
A service provided by Microsoft to hardware developers and vendors to test their hardware with different versions of Windows. This testing only validates that a device works with Windows; it does not compare devices. Provides device drivers
Windows Internet Name Service (WINS)
A service that resolves NetBIOS names to IP addresses, older name resolution service
Storage Spaces
A software RAID solution that enables users to group multiple drives into a single storage pool. Uses ReFS file format to configure volumes, which provides greater file resilience through ReFS self-healing capabilities
Virtual switch
A software-based switch that provides functionality similar to physical switches, and is used for connecting virtual systems to form a network. Types: Private, internal, external
Compatibility Administrator
A tool which helps resolve potential application compatibility issues before they are used by a new version of Windows OS
Simple volume
A type of dynamic volume used on a single hard drive that corresponds to a primary partition on a basic disk. Contiguous, unallocated, area of a physical disk that you format with one of the supported file types: NTFS, ReFS, exFat, FAT32, or FAT
Wipe-and-load migration
A type of migration in which user settings and data from a computer running and older Windows operating system are collected, and then the same computer is upgraded to Windows 10 and the user settings and data are restored to this computer.
Side-by-side migration
A type of migration in which user settings and data from an old computer are transferred to a new Windows 10 computer.
HomeGroup
A type of peer-to-peer network where each computer shares files, folders, libraries, and printers with other computers in the Homegroup. Access to the Homegroup is secured using a Homegroup password. No longer in Windows 10.
Homegroup
A type of peer-to-peer network where each computer shares files, folders, libraries, and printers with other computers in the homegroup. access to the homegroup is secured using a homegroup password.
Windows Imaging and Configuration Designer (ICD)
A utility that is used to create provisioning packages for Windows 10. Can also create bootable media that includes a Windows 10 installation image and a provisioning package. .ppkg file extension
External virtual switch
A virtual switch in which one of the host's physical network adapters is bound to the virtual network switch, allowing virtual machines to access a LAN connected to the host.
Internal virtual switch
A virtual switch that isn't bound to any of the host's physical NICs. However, a host virtual NIC is bound to the internal virtual switch, which allows virtual machines and the host computer to communicate with one another, but VMs can't access the physical network.
Private virtual switch
A virtual switch with no host connection to the virtual network, thereby allowing VMs to communicate with one another. However, there's no communication between the private virtual network and the host.
Continuum
A way for the operating system to adapt to the way a device is being used at the moment—as a PC with a keyboard or as a tablet with touch input
Classless Inter-Domain Routing (CIDR)
A way of allocating IP addresses and routing Internet Protocol packets. It was intended to replace the prior classful IP addressing architecture in an attempt to slow the exhaustion of IPv4 addresses.
Multiple Activation Key (MAK)
Activation key used for a one-time activation with Microsoft's hosted activation service. This method is ideal for isolated client computers.
Key Management Service (KMS)
Activation service that allows organizations to activate systems within their own network, eliminating the need for individual computers to connect to Microsoft for product activation
3 modes of wireless networking
Ad-hoc Wi-Fi Direct Infrastructure
DISM for packages
Add packages using DISM to save you from having to rebuild the whole image Use DISM to cleaup old device driver packages
Unsolicited remote assistance
Administrator can offer assistance when a user might not be in a position to request assistance
Windows Hardware Developer Center Dashboard portal
All Windows 10 kernel mode drivers must be digitally signed by this, Windows 10 will prevent the loading of new kernel mode drivers that are not signed by the portal
WinSxS
All driver packages that were installed during the Windows 10 setup process are stored in this directory, the side-by-side component store
Multibooting
Allow two or more operating systems to inhabit one hard drive. Allows user to reboot and select an alternate version of Windows for testing purposes or multiple users
DirectAccess
Allows connectivity for remote users to organization network resources without the need for traditional Virtual Private Network (VPN) connections. With DirectAccess connections, remote client computers are always connected to your organization - there is no need for remote users to start and stop connections, as is required with VPN connections. In addition, your IT administrators can manage DirectAccess client computers whenever they are running and Internet connected.
Dynamic Access Control (DAC)
Allows you to identify data by using data classifications (both automatic and manual) and then to control access to these files based on these classifications. Helps organizations control and audit data access by enabling you to set access controls on files and folders, based on conditions that are retrieved from Active Directory
Virtual Smart Card
An authentication method similar to a smart card, but the certificate is stored in a TPM on the motherboard rather than on a physical card.
PowerShell ISE
An integrated scripting environment that includes a text editor.
Microsoft Active Protection Service (MAPS)
An online community that can help you decide how to respond to certain threat types and it serves as a resource to help stop the spread of new viruses and malware.
Driver Rollback
An option in Windows that allows you to restore a previously used driver after a driver has been upgraded. This option provides an easy mechanism for restoring a driver if the upgraded driver does not work properly. Access in Device Manager
RAW file format
An unformatted drive is considered this; can still contain data
Windows Defender
Anti-malware software embedded in Windows 10 that can detect, prevent, and clean up a system infected with viruses and other malware.
Active Directory-based activation
Any device running Windows 10 that is connected to your organization's domain network is using a generic volume license key (VLK) can use Active Directory-based activation.
DirectAccess clients
Any domain-joined computer that is running the Enterprise edition of Windows 10, 8.1, 8, or 7
DirectAccess server
Any server computer that is a member of an AD DS domain that is running Windows Server 2012 or later. This server establishes communication with intranet resources for remote Direct Access
Backup of OS before upgrade
As part of the upgrade process, a backup of the current OS is made and stored in Windows.old folder on the system drive. Windows retains it for 30 days after the upgrade
App deployment types when considering GPOs
Assign: assigned apps are automatically installed. Assign to user (installs when sign in) or assign to computer (installs when boot up)
IPsec: Server-to-server rules
Authenticate and secure communications between specific computers
Infrastructure
Based on wireless APs, consist of wireless local area networks to enable communications between wireless client devices
Windows Hello
Biometric authentication mechanism to address the requirements that users must be able to prove who they are by something they uniquely have. Facial recognition, fingerprint scanning
Windows Firewall
Blocks or allows network traffic based on the properties of that traffic. Controls the flow of network traffic by using configurable rules.
ADAC UI features
Breadcrumb bar: enables you to navigate to any container within AD quickly by specifying the container's path Navigation pane: enables you to browse for objects in AD by using either the list or the tree view Management list: displays contents of the currently selected container Preview pane: previews information about the object or container selected in the management list Tasks pane: enables you to perform different actions on the selected items
OneDrive For Business
Business-oriented service that provides 1 TB of free space
Update Windows Store apps
By default, Windows 10 checks for app updates daily. Automatically updates any apps for which updates are available.
Share folders
By default, everyone on the network is given read access to the share folder. Share folders available on the network are no different from normal folders, and they can contain applications, corporate data, or private data.
Default AD database file location is?
C:\Windows\NTDS\Ntds.dit
Bad sectors
Can be either logical or physical sectors on the disk. If damage is minor, often no data is lost. Replace if number of bad sectors become to high
Device Health Attestation
Can help you determine the health of devices connecting to your corporate network. Hardware components, startup components, Windows 10 kernel, boot start drivers all measured Uses measured boot data to help perform organization's security and compliance requirement verification
In-place upgrade vs Migration
Can only upgrade to same edition of Windows for in-place, migration can upgrade to any Windows 10 editions. Upgrading is major advantage because all applications, settings, and data are retained; much quicker process
OneDrive Group policy settings
Cannot implement policies to restrict or control what data is copied to or from OneDrive, so solution is to block all OneDrive access Computer Configuration\Policies\Administrative Templates\Windows Components\OneDrive
AD DS
Centralize administration, security, and application policies and provide a more managed approach to sharing and accessing resources
Default IPv4 address classes
Class A - 1 to 127 Class B - 128 to 191 Class C - 192 to 223 Class D - used for multicasting Class E - reserved
Delete restore points
Click Delete in the System Protection dialog box Disk Cleanup removes all restore points except the most recently created one
Ways to create/manage VHD
Client Hyper-V manager Disk Management Windows PowerShell Familiarize with using each
OneDrive
Cloud-based service designed for storing files and synchronizing settings aimed at the consumer market. 5 GB of free storage
AD Domain trees
Collection of domains that are grouped in hierarchical structures and share a common root domain
Windows Assessment and Deployment Kit (ADK)
Collection of tools and technologies produced by Microsoft designed to help deploy Microsoft Windows operating system images to target computers or to a virtual hard disk image in VHD format.
Group Policy Objects (GPOs)
Collections of user and computer settings, including system settings, security settings, software installation settings, scripts settings, and folder redirection settings.
netsh.exe
Command-line tool used to configure IPv4 and IPv6 settings
USMTUtils
Compresses, encrypts, and validates the migration storage files
GPO two sections
Computer Configuration User Configuration
UAC GPO in AD DS
Computer Configuration \ Policies \ Windows Settings \ Security Settings \ Local Policies \ Security Options
GPO for Windows Update
Computer Configuration\Administrative Templates/Windows Components Windows Update Data Collection and Preview Builds Delivery Optimization
GPO location for securing removable devices
Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Removable Data Drives Computer Configuration\Administrative Templates\System\Removable Storage Access
Credential Guard GPO
Computer Configuration\Policies\Administrative Templates\System\Device Guard
Configure remote assistance GPO
Computer Configuration\Policies\Administrative Templates\System\Remote Assistance
Microsoft Passport GPO
Computer Configuration\Policies\Administrative Templates\Windows Components\Microsoft Passport For Work
File History GPO
Computer Configurations\Administrative Templates\Windows Components\File History\
Ways to create shared folder
Computer Management -Shared Folders snap-in File Explorer Command prompt PowerShell cmdlets
Miracast
Connect your Windows device wirelessly to an external monitor or projector
IPsec: Isolation rules
Connections between computers are restricted based on authentication criteria
Boot Configuration Data (BCD)
Contains the system's boot menu information, and provides the user with access to the boot menu.
Inbound/outbound rules: Program rules
Control connections that a specified app uses
Inbound/outbound rules: port rules
Control connections that use a particular TCP or UDP port
Component manifests
Controls which OS settings are to be migrated. These manifests are specific to the OS and are not modifiable
VPN profiles
Create vpn profiles with specific settings to distribute to users
Tasks to perform on ADAC
Create: - new users - new groups - new organizational units (OUs) - computer accounts - InetOrgPerson objects Change the focus of the tool to another domain or domain controller Raise the forest or domain functional level Enable the AD recycle bin Configure fine-grained password policies Configure Dynamic Access Control
Spanned volume
Creates a join across unallocated space on at least two, and at most, 32 disks and presents this to the operating system as a single logical disk. Provides no protection against a disk failure; no performance benefit but is used to increase storage space
Ways you can deploy custom images
DVD installation USB installation WDS deployment Image-based installation Shared network folder installation Windows SIM Windows PE
IPsec: Authentication exemption rules
Define when authentication is not required between computers
GPO settings for securing removable devices
Deny write access to removable drives not protected by Bitlocker Control use of bitlocker on removable drives Enforce drive encryption type on removable data drives Prevent installation of removable devices Allow installation of devices that match any of these device IDs
ICD Image configuration tabs
Deployment Assets: add applications and drivers to your image, specify available features and language packs, and configure and deploy updates Image Time Settings: Control behavior of OS components, including audio settings, BitLocker, devices such as Bluetooth and cameras, power settings, etc. Runtime Settings: Apply customizations to OS after the image is applied, like regional settings, certificates, user accounts, desktop personalization settings, etc.
Windows 10 Home
Designed primarily for home users. Comes with basic Windows applications
Driver signing
Digital signature for drivers used by Windows to protect against potentially bad drivers. New Universal Windows driver introduced, more robust security
Ways to manage disks
Disk Management MCC Snap-in PowerShell DiskPart
Task manager Services tab
Displays all running and stopped system services
Resource Monitor
Displays more info and activity statistics relating to your system resources in real time. Similar to task manager, but enables you to dive deeper into the actual processes and see how they affect the performance on your CPU, disk, network, and memory subcomponents. Useful for troubleshooting performance issues that relate to high resource usage
Physical components of Active Directory
Domain controllers Global catalog servers Operations masters Read-only domain controllers (RODC)
Page Description Language (PDL)
Driver that tells a printer how to lay out the contents of a printed page.
Dynamic Host Configuration Protocol (DHCP)
Dynamically assigns IP address information (for example, IP address, subnet mask, DNS server's IP address, and default gateway's IP address) to network devices.
IPsec: Custom rules
Enable you to create specific connection security settings based on one or several features
Volume Activation Management Tool (VAMT)
Enables Administrators to manage the activation of product keys for Microsoft products, obtained through retail and volume channels
Disable Driver Signature Enforcement
Enables drivers containing improper signatures to be installed, disable in Advanced Boot Options
Volume Activation Services
Enables the automation and management of volume licenses for your organization. Key management services (KMS) as well as Active Directory-based activation further simplify the management of license activations across the organization.
Microsoft User Experience Virtualization(UE-V)
Enables the capture and centralization of users' application settings and Windows 10 settings
Windows Recovery Environment (Windows RE)
Enables you to boot Windows 10 into safe mode or use other advanced troubleshooting tools. Boot from Recovery Drive System Restore System Image Recovery Startup Repair Command Prompt Startup Settings Go Back To The Previous Build
ICACLS command-line utility
Enables you to configure and view permissions on files and folders on a local computer
Windows PowerShell remoting
Enables you to connect to one or several remote computers and execute one or more cmdlets or scripts on those remote computers and return to your local computer
Taskpad Views
Enables you to create a task-focused version of your console. Particularly useful for when you want to designate a particular subset of management tasks to a user
Client Hyper-V
Enables you to create and manage virtual machines (VMs) using a virtual switch. Requirements: 64-bit Windows 10 Pro or Enterprise edition, SLAT support, minimum of 2 GB memory
Windows SIM
Enables you to create installation answer files for use in automated deployments. These answer files contain the configuration options used to install Windows 10
Device Registration
Enables you to facilitate single sing-on (SSO) experience, negating the need to enter credentials repeatedly or add the device to the domain
Remote Server Administration Tools (RSAT)
Enables you to manage roles and features in Windows Server 2016 remotely, including Group Policy Management
Configure Recovery Drive
Enables you to recover your system in case Windows 10 becomes corrupted. Minimum 8 GB USB drive
Reliability monitor
Enables you to review a computer's reliability and problem history and offers both the held desk and you the ability to explore the detailed reports and recommendations that can help you identify and resolve reliability issues
Hyper-V
Enables you to run virtual machines for: - running multiple operating systems on a single computer - Supporting older applications that do not work properly on Win10 - Creating a test or training environment
Shared Folders snap-in
Enables you to view existing shares and modify their properties, including settings such as offline file status, share permissions, and even the NTFS security permissions
BitLocker To Go: Encrypt used disk space only
Encrypts only the part of the drive that currently has data stored on it. This is quicker and appropriate in most cases
BitLocker To Go: Encrypt entire drive
Encrypts the full volume, including areas that contain no data, which takes longer to complete
Three stages to consider when deploying Windows 10 in an enterprise
Evaluate - Windows Insider Preview ➡ Pilot - Deploy the CB ➡ Deploy - CBB for the main deployment
Local accounts
Exist in the local accounts database on your Windows 10 device; it can only be granted access to local resources and, where granted, exercise administrative rights and privileges on the local computer
LTSB example uses
Factory production, manufacturing control systems, hospital emergency room computers, ATM, Kiosk devices, pharmaceutical firms
Fast Startup
Feature in Windows 10 that enables quicker startup. Combines features of hibernation with standard shutdown features. Go to UEFI firmware settings to edit.
Creating a Homegroup
File Explorer Control Panel Network and Internet Settings app
FAT16
File allocation table that uses 16 bits to address and index clusters. Used as the primary hard drive format on DOS and early Windows 95 machines; currently used with smaller-capacity (2 GB or less) flash media devices.
FAT32
File allocation table that uses 32 bits to address and index clusters. Commonly used with USB flash-media drives and versions of Windows prior to XP. - volume limit 32 GB - file size limit 4 GB - for smaller drives
Connection security rules
Filter and secure network traffic by using IPsec. Used to require authentication or encryption of connections between two computers
Zero-touch deployment
For large organizations. Requires a considerable investment in IT skills. Requires the use of MDT and Microsoft System Center Configuration Manager to deploy Windows 10.
Configuration manager to deploy apps
For very large organizations or those with complex and diverse operating system and app deployment requirements. Benefits: -Schedule deployments -Collections (groups) -Multiple deployment methods -Reporting (feedback) -Wake on LAN -Software inventory
Microsoft Management Console (MMC)
Framework into which you can plug management tools. Add management tools, snap-ins
Creating a VPN on Windows 10
From the Network and Sharing Center, under Change Your Network Settings, click Set Up a New Connection or Network and then click Connect to a Workplace
Block Windows Store App
GPO: User Configuration\Administrative Templates\Windows Components\Store\Turn off the Store application
Media creation tool (MCT)
Generates a ready-to-use, bootable USB flash drive or an ISO file
PnP Powershell cmdlets
Get-PnpDevice Get-PnpDeviceProperty Enable-PnpDevice Disable-PnpDevice
OneDrive: Fetch Files On Your PC
Go to settings on OneDrive and click "Let me use OneDrive to fetch any of my files on this PC" to retrieve any file remotely from the computer
AD Organizational units
Group objects for management, organization, and resources for easier administration, including delegation
Electronic failure
Hard disk's electronic circuit controller board can fail with age or become damaged by electrical power surges. Might be able to recover some data
Ransomware
Harms the user by encrypting user data. A ransom (fee) needs to be paid to the malware authors to recover the data
Standard User Analyzer
Help identify issues relating to running your application as a standard user
System protection for drives
Helps prevent permanent data loss when you accidentally change or delete files, or files become corrupted. Computer regularly creates and saves restore points containing your computer's system files and settings. Adjust max disk space for restore points; older restore points are deleted when space is full
IPv6 and types
Hexadecimal 128-bit addressing scheme -Unicast addresses -Multicast addresses -Anycast addresses
Power plan: High Performance
High power consumption 100% brightness Keeps drives, memory, and processors continuously supplied with power
HID
Human Interface Device
Classful addressing
IP addresses that are split between the network and host portions set on the boundaries between the bytes. Do not send subnet mask information with their routing updates.
SRV Record
Identifies computers that host specific services.
Firmware failure
If the hard disk firmware code is corrupt or unreadable, your computer will be unable to communicate with the drive. Either attempt to re-flash the firmware or reset it to factory defaults
Resetting NTFS settings
If you simply cannot decipher which NTFS settings are creating problems, you could try to reset the file and folder permissions by using the ICACLs command-line utility icacls* /reset /t /c /q
Credential Guard
Implements technology known as virtualization-assisted security, enables Credential Guard to block access to credentials stored in the Local Security Authority, which contains Kerberos tickets and related security tokens
WPA2
Improved version of WPA that is the de facto Wi-Fi security standard. Employs larger encryption key sizes than WPA
Install hardware not supported by PnP
In Device Manager, use the Add Hardware Wizard
Creating a VHD
In Disk Management, click Create VHD; Provide parameters; Click OK
AD Objects
In addition to user objects, there are also objects for computers, printers, groups, and other logical components
802.11e
Incorporates Quality of Service to improve telephone service over wireless connections
original equipment manufacturers (OEMs)
Individuals and organizations that buy business goods and incorporate them into the products they produce for eventual sale to other producers or to consumers
PnPUtil.exe
Install a driver manually before connecting the device to pre-stage the installation of specific hardware device. Can use this tool to manage the Driver store, adding, deleting, and listing driver packages
Domain Name System (DNS)
Internet service that translates domain names into IP addresses.
Configure Remote Assistance
Invite someone you trust to help you Help someone who has invited you Invitation files are .msrclincident file extension
Types of connection security rules
Isolation rules Authentication exemption rules Server-to-server rules Tunnel rules Custom rules
System Recovery
Keep My Files - remove all apps and settings but retain your personal files Remove Everything - restores operating system to the initial state; all files, settings, and personal files removed
Task manager Startup tab
List all the apps that startup when the computer boots
Task manager Users tab
Lists all the users currently logged on to the computer locally and remotely
Microsoft Deployment Toolkit (MDT)
Lite-touch installation (LTI) process to enable you to deploy Window 10 and associated apps. You need management computer and a reference computer that provides a source image that is used during the deployment process.
AD Domain
Logical administrative, security, and replication boundary for users and computers that are stored in a common directory database
Power plan: Power Saver
Low power consumption Screen off after 5 minutes inactivity Saves energy
Print Management
Manage your device printers from a single management console. printmanagement.msc Use to manage both local and remote printers
Private IPv4 address ranges Class A
Mask: 10.0.0.0/8 Range: 10.0.0.0-10.255.255.255
Private IPv4 address ranges Class B
Mask: 10.0.0.0/8 Range: 172.16.0.0-172.31.255.255
Private IPv4 address ranges Class C
Mask: 192.168.0.0/16 Range: 192.168.0.0-192.168.255.255
Power plan: Balanced
Medium power consumption Full power to system components currently in use
32-bit vs 64-bit Windows
Memory: 32-bit limited to 4 GB or RAM, 64-bit has much higher limit Security: 64-bit more secure Client Hyper-V: Only available on 64-bit Performance: 64-bit versions can handle more data
Windows Update
Microsoft application used to keep Windows operating systems up to date with the latest patches or enhancements.
OneDrive security
Microsoft has upgraded the level of security and encryption to protect data held on the OneDrive service. Data is now protected with Perfect Forward Security (PFS) encryption when you access OneDrive through the web portal.
Patch Tuesday
Microsoft routinely releases security updates on the second Tuesday of each month.
Migration XML files
MigApp.xml, MigUser.xml, or MigDocs.xml files, and custon XML files USMT uses to configure the process
Inbound rules
Monitor inbound network traffic and allow/block traffic.
Outbound rules
Monitor outbound network traffic and allow or block outbound traffic that meets the criteria of the rule.
PowerShell to manage remote computers
Must first establish a connection with the remote computer, then you can run any cmdlet or script against the remote machine, displayed on your computer. Invoke-Command Enter-PSSession
Sharing folders from the command prompt
Net Share MyShareName=C:\Location /remark:"text" - Will not create a folder and share it. You can only share folders that already exist on the computer
Joining a Homegroup
Network and Sharing Center, enter password
Guest or public networks
Network discovery is disabled, helping to keep your computer from being visible to other computers on the network
Inbound/outbound rules: predefined rules
Network-aware apps often create these types of rules so that you can enable or disable the app as a group setting
Domain networks
Networks that are connected to an AD DS domain. Assigning this option ensures proper communication with AD DS domain controllers. Network discovery is enabled
NTFS
New Technology File System used in Win10 and is widely used across most Windows OS, offers advanced functionality such as file compression, permissions on individual files and folders, and file encryption using EFS
Electronic Software Download (ESD)
New file format for Windows 10. Is a compressed and encrypted version of the traditional WIM file format. In a protected container to ensure that it is not tampered with during delivery
Sharing folders by using PowerShell
New-SmbShare -Name MyShareName -Path C:\Location Most appropriate choice for scripting the creation of shares
Drawbacks of GPO app deployment
No scheduling capability and no reporting function, meaning that it's not easy to verify successful deployment of or updates to your apps. Harder to maintain apps in more complex organizations
NetBIOS names
Non-hierarchical structure based on a 16-character name. The 16th character identifies a particular service running on the computer named by the preceding 15 characters.
Private networks
Nondomain or home networks, where you trust the people using the network and the devices connected to the network. Network discovery is enabled
Requirements for Hyper-V
OS: 64-bit Win10 Pro, Enterprise, or Education CPU: x64 CPU with hardware-assisted virtualization, Data Execution Prevention (DEP), Second-level address translation (SLAT) RAM: 4 GB Storage: SSD is preferred
What is Upgrade
Often generically used term to explain the licensing process of obtaining a version of Windows 10 that replaces an existing and supported upgradeable OS.
Wired Equivalent Privacy (WEP)
Old security standard with a number of documented security issues. Use WEP only if there is no choice
VHD vs VHDX
One of the biggest advantages of VHDX compared with the legacy VHD format is virtual disk storage capacity. Before Windows Server 2012, Hyper-V virtual hard disks had a 2 TB limit. VHDX files have a 64 TB capacity. The advantages of VHDX aren't limited to improved capacity, however; VHDX files were designed to work with today's modern hardware and have a 4 KB logical sector size that improves performance compared with VHD files.
OneDrive web portal
Online version has slightly more functionality than from file explorer.
Current Branch for Business (CBB)
Only Pro, Enterprise, and Education editions. Microsoft re-releases the feature upgrade a second time, approximately 4-6 months after the initial release, and at this time, all devices using CBB begin downloading and installing the upgrade
Unicast addresses
Packets are delivered to a single interface. Data is sent from one computer to another computer. Unicast is a one-to-one type of network communication. Examples) Browsing a website, downloading file from FTP server
Anycast addresses
Packets are delivered to multiple interfaces that are the closest in routing distance. IPv6 datagrams from a source are routed to the nearest device (in terms of routing distance) from a group servers which provide the same service. Every nodes which provide the same service are configured with same Anycast destination address.
Multicast addresses
Packets are delivered to multiple interfaces. Multicast traffic addressed for a group of devices on the network. IPv6 multicast traffic are sent to a group and only members of that group receive the Multicast traffic. The sender transmit only one copy of data and it is delivered to many devices who are interested in that traffic.
Previous Versions
Part of System Protection that keeps copies (previous versions) of user data. It's also called shadow copy. Enables users to view, revert, or recover files and folders that have been modified or deleted
Three items to monitor on Performance Monitor
Performance objects: system components such as physical, logical, software Performance object instances: represent single occurrences of performance objects. Performance counters: measurable properties of performance objects, such as bytes sent/sec
Requirements for creating a virtual disk with Storage Spaces
Physical disk - minimum of one unformatted disk Storage pool - collection of one or more physical disks Storage space - logical disk created from one or more physical disks Disk drive - drive letter allocated to the logical virtual disk and accessed through File Explorer
Mechanical failures
Physical failure of the hard disk. Even if drive motor failure causes the drive to stop working, the data might still be intact
Type of VPN
Point-to-Point Tunneling Protocol (PPTP), Layer Two Tunneling Protocol with IPsec (L2TP/IPsec), Secure Socket Tunneling Protocol (SSTP), or Internet Key Exchange version 2 (IKEv2)
3 Power plans
Power Saver Balanced High Performance
Active Directory Administrative Center (ADAC)
Primary GUI-based tool that you use for object-related tasks that need to be performed occasionally, typically for the administration of AD in smaller environments
Authentication
Process of verifying the identity of a security principal: a user, a group, a computer or other device, a service or process
Minimum hardware requirements for Windows 10
Processor: 1 GHz or faster Memory: 1 GB for 32-bit, 2 GB for 64-bit Hard disk space: 16 GB for 32-bit, 20 GB for 64-bit Graphics card: DirectX 9 or later with a Windows Display Driver Model (WDDM) 1.0 driver Display resolution: 800x600 px
PID
Product ID
Types of inbound and outbound rules
Program rules Port rules Predefined rules Custom rules
Enable/Disable Windows Features
Programs and features PowerShell Dism.exe command-line tool
Uninstall Windows update
Programs and features Settings -Windows Update CMD- wusa.exe
Types of UAC Prompts
Prompt for consent: appears to administrators in Admin Approval Mode when they attempt to perform an administrative task. Prompt for credentials: appears to standard users when they attempt to perform an administrative task
File History
Protects your data by backing it up periodically to a local or network drive. You can easily recover files that have been accidentally deleted or modified, in a simple and user-friendly method
Windows Store
Provides a single point of access for your users to browse, download, and install their apps, including both kinds of desktop apps, such as Office and Windows Store Apps
Windows PowerShell ISE
Provides command-completion functionality. Create and edit scripts in ISE and then run the scripts step by step in the script window. Can help you debug your scripts
Remote Assistance
Provides for interaction with the remote user. You can view or take remote control of the user's computer and perform remote management of it. Can also use a text-based chat facility to interact with the user
Device Manager
Provides information about each device, such as the device type, device status, manufacturer, device-specific properties, and device driver information
Windows 10 Education
Provides same features as Windows 10 Enterprise, but does not offer support for LTSB
Windows Store for Business
Provides you with a means to distribute LOB apps more easily and consistently to users' devices within your organization. This enables you to manage and maintain these custom apps in the same way as you do commercially available apps from the Windows Store. You can also create a private store so that users in your organization can easily view, download, and install your LOB apps
Windows Defender scan options
Quick Full Custom
Shared folders permissions
Read Change Full
Baseline performance vs. real-time monitoring
Real-time monitoring information is useful for instant diagnosis, whereas creating a baseline for your computer's performance can generate a system-specific report that can be useful to show what your performance statistics look like during normal or heavy use
Recover files from OneDrive
Recover from Recycle Bin, automatically deleted from Recycle Bin after 30 days
Optimize Drive Usage
Redistributes data across all the drives and makes best use of the pool's new capacity and increased resiliency
Computer worms
Replicate, without direct intervention, across networks
Computer virus
Replicating malware, normally with email attachments or files
RAID-5
Requires at least three disks and provides striped volumes with fault tolerance by adding parity information to each volume
Striping
Requires two or more disks, user could stripe data between two volumes on separate hard drives to achieve improved write performance by writing data in stripes cyclically across the disks. RAID-0
File History file recovery
Restore a folder or files that have been deleted Navigate through each restore point
3 Types of Advanced Security rules with Windows Firewall
Rules are criteria that define what network traffic is filtered and what action is taken on that filtered traffic. 1. Inbound rules 2. Outbound rules 3. Connection security rules
Windows 10 Pro
Same as Windows 10 Home, but includes additional features such as Domain Join and GPM, Azure, BitLocker, Hyper-V, etc.
Windows 10 Mobile Enterprise
Same as Windows 10 Mobile, but provides security updates more quickly
Windows 10 Enterprise
Same features as Windows 10 Pro, with additional features of relevance to larger organizations, such as DirectAccess, Windows To Go Creator, AppLocker, etc.
USMT Tools
ScanState LoadState USMTUtils Migraiton XML files Config.xml Components manifest
Slmgr.vbs
Script for Windows Software Licensing Management Tool to view Windows activation status
IPsec: Tunnel rules
Secure communications between two computers by using tunnel mode in IPsec instead of transport mode
Virtual Secure Mode
Security feature that moves some sensitive elements of the operating system to trustlets that run in a Hyper-V container that Windows cannot access. This helps the operating system more secure. This feature is only available in the Windows 10 Enterprise Edition.
Using Event Viewer to see services
See service startup information in the System log -> Service Control Manager
Internal resources
Server-based resources that users want to connect to, for example, file servers, web servers, etc
AD Domain controllers
Servers that contain the AD databases. Stores only the information about objects located in its domain.
Current Branch (CB) servicing
Servicing option that ensures that devices are kept up to date with the latest Windows 10 features through the upgrades that are released two to three times a year. When Microsoft releases a new build, all devices that have the default configuration begin downloading and installing the upgrade
Two types of Windows updates
Servicing updates - regular security updates and software updates; every second Tuesday of each month Feature updates - New features and functionality * To enhance the security protection delivered in Windows 10, the consumer can no longer turn off security updates or upgrades
User Configuration
Set policies that apply to users, regardless of which computer they log on to.
Computer Configuration
Sets policies that are applied to the computer regardless of who logs on to it.
How to sideload an app
Settings -> Update & Security For Developers -> Sideload Apps PowerShell - add-appxpackage PATH\your_app.appx Make sure app is signed with a certificate that is trusted
Task manager Processes tab
Shows all running apps and background processes
Task manager Details tab
Shows detailed statistics on all running and suspended processes
Task manager App History tab
Shows historical data for universal and modern apps usage for the previous month
Task manager Performance tab
Shows real-time statistics for CPU, memory, disk, Ethernet, Bluetooth, and Wi-Fi usage
Windows Update History
Shows you updates that have been applied and those that failed to be applied. Each update contains a unique name and reference number and a summary of the effect the update will have on the system.
Storage Space storage layouts
Simple Two-way or three-way mirrors Parity
In-place upgrade
Simplest option, small group of computers. Data files, applications, and user and application settings are retained. Determine whether PC meets minimum hardware requirements, back up files, run installation file
Logical components of Active Directory
Site Forest Domain Domain Trees Organizational Units
Workgroup
Small collection of computers that can share resources. No centralization of user accounts and related security policies and settings. Peer-to-peer network, in which each device has its own set of user and group accounts, its own security policy, and its own resources that can be shared with others PC can only belong to one Workgroup, and either Workgroup or domain, not both.
Disk Management
Snap-in available with the Microsoft Management Console that enables techs to configure the various disks installed in a system; available in the Computer Management Administrative Tool.
Checkpoints
Snapshots of a virtual machine at a point in time. Right-click the appropriate virtual machine in Hyper-V Manager and then click Checkpoint
Service
Software component that interacts at one level with devices drivers and, at another level, with app-level components. In a sense, services sit between apps and hardware devices and are considered a core part of the OS, controlling user requests, through apps, to hardware resources. Use Services management console snap-in
Microsoft Assessment and Planning (MAP) Toolkit
Software that can be used by a system administrator from a network location to query hundreds of computers in a single scan to determine if a computer qualifies for a Windows upgrade.
Why use IPv6?
Some services require IPv6 like DirectAccess Larger address space, with 128-bits Hierarchical addressing which uses a structured address space, which is more efficient for routers, helping to optimize network communications Support for stateless and stateful autoconfiguration
Long-Term Servicing Branch (LTSB)
Special branch of Windows 10 aimed at businesses that have computers that need to run in a known (and fixed) environment that does not change. Not included: Edge, Windows Store, Cortana, Outlook, OneNote Receives security and other updates, but no upgrades
Windows 10 Enterprise Long-Term Servicing Branch
Specialized edition of Win10 that receives security and other important updates, but does not receive feature updates so that environment does not change over time.
Credential Manager
Stores credentials when users access a website, online service, or server computer on a network in secure areas known as vaults. Access via control panel
User rights assignment
Subcategory of the Local Policies setting area of a Group Policy Object that includes settings for items that pertain to rights needed by users to perform system-related tasks. Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment
Low-touch deployment
Suitable for larger organizations. Relies on use of image deployment and additional services, some specialist IT skills are required
High-touch deployment
Suitable for small organizations. Requires no specialist IT skills or additional services or components. Use Windows 10 installation media to install Windows 10
Sync your settings
Sync Windows settings to your Microsoft account to sync settings across all devices signed into that account
Main features of Reliability monitor
System stability chart Records key events in a timeline Installation failure reports
Using GPOs to deploy apps
Target PCs must be members of an AD DS domain, apps must be available in .msi installer packages Use GPO filtering to deploy apps to specific users or computers
Sideloading
Technique by which the app is installed without requiring access to the Windows Store. When sideloading, you must have an .appx installer file for your app.
Refresh/Recycle
Term used to refer to speedy and reliable system recovery
Default gateway address
The IP address of the networking device used to forward data that needs to leave the LAN
Active Directory (AD)
The Windows Server standard used to manage large and small network systems. It uses a hierarchical directory structure that is designed as a database containing information about objects belonging to the entire network.
Network discovery
The ability for your computer to locate devices and resources on the networks to which it is connected, and for other devices to discover your device and resources
GUID Partition Table (GPT)
The area of a large hard disk (> 2TB) outside a partition that stores partition information and boot loaders. Used by modern systems that use x64-bit OS and UEFI-based hardware
Cortana
The digital personal assistant that comes with Windows 10 and Windows phones; can search, give you reminders, alarms, directions, news, weather, and more.
Event subscription terms: Collector
The event collector is the computer on which you view the collected events. The collector computer can be a PC or a server
Event subscription terms: Source
The event source computer is the computer that provides you with events on your network. The source computer can be a PC or a server
Master Boot Record (MBR)
The first sector on a hard drive, which contains the partition table and a program the BIOS uses to boot an OS from the drive. Offer no redundancy, used by older OS and BIOS
Internet Assigned Numbers Authority (IANA)
The international organization responsible for allocation of IP addresses.
Driver store
The location where Windows stores a copy of the driver software when first installing a device.
Wi-Fi Protected Access (WPA)
The original set of protections from the Wi-Fi Alliance designed to address both encryption and authentication.
Servicing
The process of continually bringing your computer up to date
Fixed provisioning
The size of the new virtual disk is allocated using the same amount of storage from the storage pool. Although this may "waste" space, you can always guarantee the you won't over commit your storage and allocate more than your pool has available.
Source computer-initiated subscription
The source computer transmits local events to the collector computer. This is a push type of arrangement, often configured using GP
Collector-initiated subscription
The subscription must contain a list of all the event sources that need to be added one at a time. This is used on small networks because each must be configured manually
Plug and Play (PnP)
The technology that enables the operating system, once it is booted up, to recognize automatically any new peripherals and to configure them to work with the system.
Inbound/outbound rules: custom rules
These rules enable you to create very specific firewall settings based on one or several factors
Ad-hoc
This setting enables you to configure wireless connection between devices in a peer-to-peer manner without requiring a wireless access point
Indexing
To maintain the performance of Windows 10 search, the system automatically indexes data on your computer in the background. This data includes user-generated files, folders, and documents
Type 4 Print Class Driver
To protect the system from rogue drivers and to aid simplified sharing, Windows 10 uses the new Type 4 Print Class Driver for each printer device model; an administrator only needs to install a Type 4 printer driver rather than multiple drivers, such as 32-bit and 64-bit drivers, to support both types of client architecture. Type 4 drivers can support multiple print models and often install faster than the older Type 3 drivers. The security of Windows 10 is enhanced because Type 4 printer drivers can only be updated by using Windows Update or Windows Update Services (WSUS).
Signed PowerShell scripts
To protect you from unsafe scripts, Windows 10 prohibits running unsigned scripts. Unless you can sign your scripts, you must enable your PC to run unsigned Windows PowerShell scripts: Set-ExecutionPolicy RemoteSigned
Driver Verifier Manager
Tool that can help you troubleshoot, identify, and resolve common device driver problems, and you can then remove, reinstall, or roll back the offending driver with Device Manager verifier.exe
PCmover Express
Tool that provides functionality similar to Windows Easy Transfer and assists the transfer of selected files from your old Windows-based PC to your new PC running Windows 10
Remote Desktop
Tool that you can use to access a computer remotely over the Remote Desktop Protocol (RDP). Does not provide for user interaction and requires the user of the computer to sign out before you can access the computer remotely. Mstsc.exe
Spyware
Tracking software that reports to the third party how a computer is used.
BitLocker
Trusted Platform Module (TMP) works with BitLocker to help protect against data theft and offline tampering by providing whole-drive encryption
Device installation settings
Turn on or off automatic device driver installation from Devices and Printers
Host names
Up to 255 characters in length, contains only alphanumeric characters, periods, and hyphens.
Using Windows Update for driver updates
Update to newer drivers or prevent new/updated drivers from downloading over metered connections, or disable individual driver updates
Local account management
Use Computer Management, Settings app, Control Panel, and PowerShell
Enable or disable Windows features
Use DISM or PowerShell or Control Panel Dism /online /Get-Features Get-WindowsOptionalFeature -Online
Creating provisioning packages
Use Windows Imaging and Configuration Designer (ICD) tool in Windows ADK. Follow the Wizard instructions
WDS deployment
Use this method to deploy multiple images to multiple computers at the same time by using multicast
Microsoft Application Compatibility Toolkit
Use to help determine whether your organization's installed applications will work correctly in Windows 10. - Database of known application issues and possible mitigation - Compatibility Administrator - Setup analysis tool that helps identify issues with the installation process of your applications - Standard User Analyzer
Performance Monitor Microsoft Management Console snap-in
Use to monitor and track your device for the default set of performance parameters or a custom set you select for display, called counters. System Diagnostics -> Data Collector Set collects the status of local hardware resources and configuration data, together with data from the System Information tool System Performance -> Data Collector Set reports the status of local hardware resources, system response times, and processes
Backup and Restore
Use to restore files and folders, create backups of files contained in folders, libraries, and whole disk volumes. Backups cannot be saved on same disk that Windows 10 is installed on Uses Volume Shadow Copy Service (VSS) to create the backups. Initial backup creates backup of the files using the virtual hard disk (.vhdx) file format Can only be used to back up data that is stored on file system volumes formatted as NTFS
Task Scheduler
Use to schedule simple or complex tasks, either on the local computer or on a remote computer
Link-Layer Topology Discovery (LLTD)
Used for network discovery feature; Allows Windows to identify other devices present on the local subnet and, when possible, establish the quality of service (QoS) bandwidth capabilities of the network
Domain controller
Used to maintain a copy of the Active Directory database securely for the domain that stores a vast amount of information, including details of user accounts in the form of objects
File Sharing Wizard
Used to share files. Files typically cannot be shared without first sharing the parent folder. 2 basic sharing permissions: Read Read/Write
Windows PE
Used to start a computer that is being deployed with Windows 10. It enables access to Windows file systems and is a partial Windows OS
Config.xml
Used with /genconfig to exclude data from a migration
System Restore
Useful when computer becomes unstable and you need to restore the operating system to one of the restore points created during a period of stability. System Properties => System Protection => System Restore Requires drives that are formatted with the NTFS and uses the Volume Shadow Copy Service (VSS) in the background
Offline domain join
Useful when you are adding computers to a domain from a regional data center that has limited connectivity to the main data center where domain controllers reside. Djoin.exe command-line tool
Mirrored volume
Uses two disks and presents them to OS as a single logical volume. Data on each disk is mirrored, provides redundancy and fault tolerance if one disk fails. Also referred to as RAID-1 . Equal-sized unallocated space, cannot modify after establishing
Microsoft Passport
Uses two-factor authentication based on Windows Hello-based biometric authentication (or a PIN) together with the ownership of a specific device. Provides user convenience and security
Multifactor authentication
Using more than one type of authentication credential. Have knowledge of something + be in possession of something
VHD formats
VHD VHDX VHDS
VID
Vender ID
Configure app startup behavior with registry edit
View startup information for apps in the system registry. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run - contains the apps configured to start for a particular signed-in user HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run - contains the apps configured to start for any signed-in user
Differencing disk
Virtual hard disk that you can use to hold changes to a VHD or the guest operating system by storing the changes in a separate VHD file
User Account Control (UAC)
When you sign in using admin account, UAC limits the account's access to that of a standard user, only elevating the account's privileges to administrative level when required, and only after prompting the user for permission to do so.
Windows 10 editions
Windows 10 Home Windows 10 Pro Windows 10 Enterprise Windows 10 Enterprise LTSB Windows 10 Education Windows 10 Mobile Windows 10 Mobile Enterprise
Choose how Windows updates are delivered
Windows 10 includes a new feature that enables you to choose how updates are delivered and enables Windows Update to obtain updates through peer-to-peer file sharing
BitLocker during Windows 10 upgrade
Windows 10 upgrade process automatically suspends and resumes BitLocker Drive Encryption. You do not need to manually disable
Import driver packages
Windows Settings App, Access work or school, Add or remove a provisioning package, Add a package
Two types of event log files
Windows logs: include application, security, setup, system, and forwarded events Application and service logs: include other logs from applications and services to record application-specific or service-specific events
Background Intelligent Transfer Service (BITS)
Windows service that optimizes network downloads by using idle network bandwidth
Windows Easy Transfer
Windows tool used to migrate user data and settings between the source and destination computer.
Wi-Fi Direct
Wireless networking standard that you can use to connect your wireless devices without a wireless AP. Typically used to connect to peripherals such as printers and media players
Event subscriptions
You can automate the collection of event logs from other computers by creating event subscriptions. All computers participating in a subscription must be configured to allow remote administration. Enable Windows Remote Management service on the source computer. On the collector computer, start the Windows Event Collector service, which enables the computer to collect events from remote devices.
Parity bit
a bit that acts as a check on a set of binary values, calculated in such a way that the number of 1s in the set plus the parity bit should always be even (even parity) or should always be odd (odd parity).
RacTask
background process that collects reliability data
Dynamic disks
can contain simple, spanned, striped, and mirrored volumes
Windows PowerShell
cmdlets are constructed of verbs and nouns, nouns are always singular Text file extension name .ps1 to create scripts
exFAT
created to be used on flash drives like USB memory sticks and SD cards larger than 32 GB
Local Group Policy Editor
gpedit.msc Manage local settings
NTFS and ReFS security permissions are ________from their ______.
inherited parent folder
System Configuration
msconfig.exe Configure computer's startup behavior
Logical failure
occurs when a hard drive cannot access due to non-mechanical issues
Event ID
provides an ID for the specific event type that occurred
Two-factor authentication
requires the user to provide two means of authentication, what the user knows (password) and what the user has (security token)
Client resolver
resolves names into IPv4 or IPv6 addresses
Windows Event Viewer
shows a log of application and system messages, including errors, information messages, and warnings. It's a useful tool for troubleshooting all kinds of different Windows problems eventvwr.msc
signature verification
sigverif.exe Use to verify if files are digitally signed
Trojan horses
tricks the user into providing an attacker with remote access to the infected computer
Types of malware
virus, worm, trojan horse, ransomware, spyware
Restore points on command prompt
vssadmin