MCSA 70-698 Installing and Configuring Windows 10

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Configure when Windows updates are installed

- Automatic (recommended) - Notify to schedule restart

GPO for Windows Update: Windows Update node

- Configure automatic updates - Defer Upgrades and Updates (delay upgrades up to 8 months and updates up to four weeks)

Key stages during Windows 10 upgrade

- Copying files - Installing features and drivers - Configuring settings

Provisioning packages perform a number of management tasks, including:

- Deploy apps - Enroll devices into MDM - Distribute certificates - Configure and deploy connectivity profiles - Apply device policies

GPO for Windows Update: Delivery optimization node

- Download Mode (configure mode for downloads of Windows apps and updates) - Group ID - Max Cache Age - Max Cache Size - Max Upload Bandwidth

Features not supported on Windows 10 booted from a VHD

- Hibernation - Upgrading to newer version - BitLocker - Cannot boot from VHD stored on a remote share or USB flash drive

Ways to install desktop apps

- Install app using .exe or .msi installer - Using automatic app deployment methods such as Microsoft Deployment Toolkit (MDT) or System Center 2012 R2 Configuration Manager - AD DS GPO based deployment - Building the required apps into a desktop computer image for deployment

GPO for Windows Update: Data collection and preview builds node

- Toggle User Control Over Insider Builds - Allow Telemetry (determines amount of diagnostics and usage data related to Microsoft software is sent) - Disable Pre-release Features or Settings - Do Not Show Feedback Notifications

Possible solutions if you discover compatibility issues with any of your existing applications?

- Use ACT to apply an application compatibility fix - Determine whether updates exist - Determine whether more recent version of the application might resolve the issue - Build VM based on an OS environment in which the application works

USMT user data and settings components

- User settings: contains all configuration settings specific to a particular user - User registry: HKEY_CURRENT_USER hive of the registry contains user-specific settings - Application data: AppData folder contains the application-related settings that are not part of the registry - User data: All user-specific folders and files are stored in subfolders beneath Documents, Favorites, Downloads, etc.

Provisioning packages enables you to configure:

- devices quickly without needing new deployment images - user-owned devices without needing to implement Multiple Device Management (MDM) - multiple devices simultaneously - devices that are not connected to the corporate network

.msi installer

-Superior app removal than .exe installer -Windows Installer service manages the app installation and configuration. Install apps locally, or use automatic deployment to add, repair, or uninstall an app using the installer package

Troubleshooting name resolution steps

1. Clear the DNS resolver cache 2. Attempt to verify basic connectivity by using an IP address 3. Attempt to verify connectivity to a host name 4. If the test is not successful, edit the hosts files 5. Display the resolver cache 6. Test the name server

Apply provisioning packages in one of two ways

1. Deployment time - you can apply any provisioning packages as part of a Windows image. You can then distribute the image to target devices. 2. Runtime - Use this option to distribute the package to devices already running Windows 10.

Troubleshoot network issues steps

1. Determine the scope of your problem 2. Determine the IP configuration 3. Determine the network's hardware configuration 4. Test communication

Stages of name resolution for Windows 10

1. Determine whether the queried host name is the same as the local host name 2. Search the local DNS resolver cache for the queried host name. The cache is updated when records are successfully resolved. In addition, the contents of the local Hosts file are added to the resolver cache. 3. Petition a DNS server for the required host name.

3 Types of Windows 10 network locations

1. Domain networks 2. Private networks 3. Guest or public networks

GPO Start Menu

1. Edit start menu to liking 2. PowerShell -> export-StartLayout filename.xml 3. Move to shared folder 4. GPO path: User Configuration\Policies\Administrative Templates\Start Menu and Taskbar\Start Layout 5. Set Start Layout value as file path 6. OK

Two levels of adoption of preview builds for Windows Insider program

1. Fast ring makes builds available as soon as Microsoft releases them 2. Slow ring delays the availability of the build until it has been exposed to the Fast ring members and most if not all the bugs have been addressed by interim incremental updates

Windows 10 installation strategies

1. High-touch retail media deployment 2. Low-touch deployment 3. Zero-touch deployment

3 methods for upgrading to Windows 10

1. In-place upgrade 2. Side-by-side migration 3. Wipe-and-load migration

5 levels of events (IAEWC)

1. Information: provide info about changes related to a component or system process, usually a successful outcome 2. Audit Success/Failure: If you have enabled auditing, these log entries appear in the security log 3. Error: warn you that a problem has occurred 4. Warning: Not critical, although they could lead to more serious problems and should be investigated 5. Critical: most severe and could lead to failure or loss of function.

UAC Settings

1. Never notify me when 2. Notify me only when apps try to make changes to my computer 3. Notify me only when apps try to make changes to my computer (DEFAULT) 4. Always Notify

Turn off upgrade to latest version of Windows through Windows Update steps

1. Regedit.exe 2. HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate 3. New DWORD (32-bit) value 4. Name it DisableOSUpgrade 5. Set value as 1 6. Restart

Sharing folders by using File Explorer 3 options

1. Share button on Share tab 2. Advanced Security from Share tab 3. Sharing tab in Properties

What to do when you suffer a single disk failure in a mirrored volume?

1. Shut down PC 2. Connect new disk of equal or larger size 3. Open Disk Management 4. right click old, Remove Mirror 5. right click new, Add Mirror

Restore full redundancy of two-way or three-way mirror storage space in Storage Spaces how?

1. Shut down PC 2. Connect new disk of equal or larger size 3. Open Storage Spaces -> Manage Storage Spaces 4. Change Settings 5. Add new disk to storage pool 6. Remove failed disk from storage pool 7. Mirror is rebuilt in background

Allowing apps through the firewall methods

1. System and security -> Windows Firewall -> Allowed apps 2. Netsh.exe 3. PowerShell

802.11ac

1.7 Gb/s - 5GHz

802.11b

11 Mbps - 2.4 GHz

Adding and removing languages in Windows 10

111 Languages Settings app or Lpksetup command, cmd command to perform unattended or silent-mode language pack operations

Default accounts

3 user accounts exist by default: Administrator account DefaultAccount Guest account

802.11n

300/600 Mbps - 2.4 to 5 GHz

Subnet mask

32-bit binary string, entered as four decimal digits, and is used to indicate the client's unique identity, known as the host ID, and the subnet where the client resides, known as the network ID. Often represented as /#, with # being the number of sequential binary 1s in the subnet mask

802.11g

54 Mbps - 2.4 GHz For use over short distances

802.11a

54 Mbps - 5 GHz

802.11 standards

802.11a 802.11b 802.11e 802.11g 802.11n 802.11ac

IPv4 address

A 32-bit binary address, which is divided into four octets (or groups of eight digits), each of which is converted to a decimal number.

Group Policy Management Console

A Microsoft Management Console (MMC) snap-in that you use to create GPOs and manage their deployment to AD DS objects.

Secure Boot

A UEFI feature that prevents a system from booting up with drivers or an OS that are not digitally signed and trusted by the motherboard or computer manufacturer.

LoadState

A User State Migration Tool (USMT) command used to copy information to the new computer.

ScanState

A User State Migration Tool (USMT) command used to scan and collect files and settings from the old computer to a server or removable media.

DiskPart

A Windows command to manage hard drives, partitions, and volumes.

Windows 10 Mobile

A Windows operating system designed for mobile devices.

BitLocker To Go

A Windows utility that can encrypt data on a USB flash drive and restrict access by requiring a password.

User State Migration Tool (USMT)

A Windows utility that helps you migrate user files and preferences from one computer to another to help a user make a smooth transition from one computer to another.

Task manager

A Windows utility that shows programs currently running and permits you to exit nonresponsive programs when you click End Task.

Network Location Server (NLS)

A basic Web server used by DirectAccess client computers to determine whether they're on the main network or a remote network.

Group Policy

A centralized configuration management feature available for Active Directory on Windows Server systems.

Deployment Image Servicing and Management (DISM)

A command-line tool that can be used to service Windows 10 images offline or online and perform imaging operations.

WBAdmin

A command-line utility that provides a comprehensive system backup function in a scriptable form. Only available on Windows RE Wbadmin get versions Wbadmin enable backup Wbadmin start backup Wbadmin get items Wbadmin start recover

Shadow copy

A copy of open files made so that open files are included in a backup.

AD Global catalog servers

A domain controller that stores a full copy of all AD objects in the host domain directory and a partial copy of all objects for all other domains in the forest.

Connection Manager Administration Kit (CMAK)

A feature that can be installed on Windows clients or servers to create VPN deployment packages.

Device Guard

A feature that helps protect a system by locking a device so that it can only run trusted applications. Requires 64bit Enterprise, Secure Boot, Virtualization features, TPM, Firmware lock. Must first digitally sign all trusted apps that you want to allow to run on your devices

Virtual Hard Disk (VHD)

A file format created by Microsoft that enables you to create a simulated hard disk, which you can mount into an operating system and access like a physical disk drive.

Resilient File System (ReFS)

A file system that offers excellent fault tolerance and compatibility with virtualization and data redundancy in a RAID system. Designed to respond to the increased scale, access speed, and distributed nature of storage currently available. Self-healing capabilities

Extensible Authentication Protocol (EAP)

A framework for transporting authentication protocols that defines the format of the messages. A point-to-point (P2P) wireless and local area network (LAN) data communication framework providing a variety of authentication mechanisms.

AD Site

A group of TCP/IP subnets

Event subscription terms: subscription

A group of events you configure based on specific criteria you create. Enables you to receive events from other computers, called sources

Access Control List (ACL)

A list of users and groups with permissions on the object

Thin provisioning

A method for creating virtual disks, whereby the virtual disk expands dynamically and uses space from the storage pool as needed until it reaches the specified maximum size.

Universal Naming Convention (UNC)

A naming system used by Windows computers to locate network file shares and network printers. The format is \\servername\sharename

Server Message Block (SMB)

A network protocol used by Windows to share files and printers on a network.

Subnet

A network segment. Each subnet on an Internet has a unique ID, just as each host within a subnet has a unique ID

Automatic Private IP Addressing (APIPA)

A networking feature in Windows that enables DHCP clients to self-configure an IP address and subnet mask automatically when a DHCP server isn't available. The IP address range is 169.254.0.1 through 169.254.255.254. The client also configures itself with a default class B subnet mask of 255.255.0.0.

Virtual Private Network (VPN)

A private data network that creates secure connections, or "tunnels," over regular Internet lines

Windows Insider program

A program that allowed users to sign up for early builds of the Windows operating system which has been expanded to include enterprise testers and advanced users Quests give short tutorials that guide you through how to use new features

Protector key

A public-private key pair on the device that is generated by Microsoft Passport after a user has completed the registration process.

AD Forest

A security boundary providing a security scope of authority for administrators who share a common AD DS domain. The first domain created is referred to as the forest root domain.

Windows Hardware Quality Labs (WHQL)

A service provided by Microsoft to hardware developers and vendors to test their hardware with different versions of Windows. This testing only validates that a device works with Windows; it does not compare devices. Provides device drivers

Windows Internet Name Service (WINS)

A service that resolves NetBIOS names to IP addresses, older name resolution service

Storage Spaces

A software RAID solution that enables users to group multiple drives into a single storage pool. Uses ReFS file format to configure volumes, which provides greater file resilience through ReFS self-healing capabilities

Virtual switch

A software-based switch that provides functionality similar to physical switches, and is used for connecting virtual systems to form a network. Types: Private, internal, external

Compatibility Administrator

A tool which helps resolve potential application compatibility issues before they are used by a new version of Windows OS

Simple volume

A type of dynamic volume used on a single hard drive that corresponds to a primary partition on a basic disk. Contiguous, unallocated, area of a physical disk that you format with one of the supported file types: NTFS, ReFS, exFat, FAT32, or FAT

Wipe-and-load migration

A type of migration in which user settings and data from a computer running and older Windows operating system are collected, and then the same computer is upgraded to Windows 10 and the user settings and data are restored to this computer.

Side-by-side migration

A type of migration in which user settings and data from an old computer are transferred to a new Windows 10 computer.

HomeGroup

A type of peer-to-peer network where each computer shares files, folders, libraries, and printers with other computers in the Homegroup. Access to the Homegroup is secured using a Homegroup password. No longer in Windows 10.

Homegroup

A type of peer-to-peer network where each computer shares files, folders, libraries, and printers with other computers in the homegroup. access to the homegroup is secured using a homegroup password.

Windows Imaging and Configuration Designer (ICD)

A utility that is used to create provisioning packages for Windows 10. Can also create bootable media that includes a Windows 10 installation image and a provisioning package. .ppkg file extension

External virtual switch

A virtual switch in which one of the host's physical network adapters is bound to the virtual network switch, allowing virtual machines to access a LAN connected to the host.

Internal virtual switch

A virtual switch that isn't bound to any of the host's physical NICs. However, a host virtual NIC is bound to the internal virtual switch, which allows virtual machines and the host computer to communicate with one another, but VMs can't access the physical network.

Private virtual switch

A virtual switch with no host connection to the virtual network, thereby allowing VMs to communicate with one another. However, there's no communication between the private virtual network and the host.

Continuum

A way for the operating system to adapt to the way a device is being used at the moment—as a PC with a keyboard or as a tablet with touch input

Classless Inter-Domain Routing (CIDR)

A way of allocating IP addresses and routing Internet Protocol packets. It was intended to replace the prior classful IP addressing architecture in an attempt to slow the exhaustion of IPv4 addresses.

Multiple Activation Key (MAK)

Activation key used for a one-time activation with Microsoft's hosted activation service. This method is ideal for isolated client computers.

Key Management Service (KMS)

Activation service that allows organizations to activate systems within their own network, eliminating the need for individual computers to connect to Microsoft for product activation

3 modes of wireless networking

Ad-hoc Wi-Fi Direct Infrastructure

DISM for packages

Add packages using DISM to save you from having to rebuild the whole image Use DISM to cleaup old device driver packages

Unsolicited remote assistance

Administrator can offer assistance when a user might not be in a position to request assistance

Windows Hardware Developer Center Dashboard portal

All Windows 10 kernel mode drivers must be digitally signed by this, Windows 10 will prevent the loading of new kernel mode drivers that are not signed by the portal

WinSxS

All driver packages that were installed during the Windows 10 setup process are stored in this directory, the side-by-side component store

Multibooting

Allow two or more operating systems to inhabit one hard drive. Allows user to reboot and select an alternate version of Windows for testing purposes or multiple users

DirectAccess

Allows connectivity for remote users to organization network resources without the need for traditional Virtual Private Network (VPN) connections. With DirectAccess connections, remote client computers are always connected to your organization - there is no need for remote users to start and stop connections, as is required with VPN connections. In addition, your IT administrators can manage DirectAccess client computers whenever they are running and Internet connected.

Dynamic Access Control (DAC)

Allows you to identify data by using data classifications (both automatic and manual) and then to control access to these files based on these classifications. Helps organizations control and audit data access by enabling you to set access controls on files and folders, based on conditions that are retrieved from Active Directory

Virtual Smart Card

An authentication method similar to a smart card, but the certificate is stored in a TPM on the motherboard rather than on a physical card.

PowerShell ISE

An integrated scripting environment that includes a text editor.

Microsoft Active Protection Service (MAPS)

An online community that can help you decide how to respond to certain threat types and it serves as a resource to help stop the spread of new viruses and malware.

Driver Rollback

An option in Windows that allows you to restore a previously used driver after a driver has been upgraded. This option provides an easy mechanism for restoring a driver if the upgraded driver does not work properly. Access in Device Manager

RAW file format

An unformatted drive is considered this; can still contain data

Windows Defender

Anti-malware software embedded in Windows 10 that can detect, prevent, and clean up a system infected with viruses and other malware.

Active Directory-based activation

Any device running Windows 10 that is connected to your organization's domain network is using a generic volume license key (VLK) can use Active Directory-based activation.

DirectAccess clients

Any domain-joined computer that is running the Enterprise edition of Windows 10, 8.1, 8, or 7

DirectAccess server

Any server computer that is a member of an AD DS domain that is running Windows Server 2012 or later. This server establishes communication with intranet resources for remote Direct Access

Backup of OS before upgrade

As part of the upgrade process, a backup of the current OS is made and stored in Windows.old folder on the system drive. Windows retains it for 30 days after the upgrade

App deployment types when considering GPOs

Assign: assigned apps are automatically installed. Assign to user (installs when sign in) or assign to computer (installs when boot up)

IPsec: Server-to-server rules

Authenticate and secure communications between specific computers

Infrastructure

Based on wireless APs, consist of wireless local area networks to enable communications between wireless client devices

Windows Hello

Biometric authentication mechanism to address the requirements that users must be able to prove who they are by something they uniquely have. Facial recognition, fingerprint scanning

Windows Firewall

Blocks or allows network traffic based on the properties of that traffic. Controls the flow of network traffic by using configurable rules.

ADAC UI features

Breadcrumb bar: enables you to navigate to any container within AD quickly by specifying the container's path Navigation pane: enables you to browse for objects in AD by using either the list or the tree view Management list: displays contents of the currently selected container Preview pane: previews information about the object or container selected in the management list Tasks pane: enables you to perform different actions on the selected items

OneDrive For Business

Business-oriented service that provides 1 TB of free space

Update Windows Store apps

By default, Windows 10 checks for app updates daily. Automatically updates any apps for which updates are available.

Share folders

By default, everyone on the network is given read access to the share folder. Share folders available on the network are no different from normal folders, and they can contain applications, corporate data, or private data.

Default AD database file location is?

C:\Windows\NTDS\Ntds.dit

Bad sectors

Can be either logical or physical sectors on the disk. If damage is minor, often no data is lost. Replace if number of bad sectors become to high

Device Health Attestation

Can help you determine the health of devices connecting to your corporate network. Hardware components, startup components, Windows 10 kernel, boot start drivers all measured Uses measured boot data to help perform organization's security and compliance requirement verification

In-place upgrade vs Migration

Can only upgrade to same edition of Windows for in-place, migration can upgrade to any Windows 10 editions. Upgrading is major advantage because all applications, settings, and data are retained; much quicker process

OneDrive Group policy settings

Cannot implement policies to restrict or control what data is copied to or from OneDrive, so solution is to block all OneDrive access Computer Configuration\Policies\Administrative Templates\Windows Components\OneDrive

AD DS

Centralize administration, security, and application policies and provide a more managed approach to sharing and accessing resources

Default IPv4 address classes

Class A - 1 to 127 Class B - 128 to 191 Class C - 192 to 223 Class D - used for multicasting Class E - reserved

Delete restore points

Click Delete in the System Protection dialog box Disk Cleanup removes all restore points except the most recently created one

Ways to create/manage VHD

Client Hyper-V manager Disk Management Windows PowerShell Familiarize with using each

OneDrive

Cloud-based service designed for storing files and synchronizing settings aimed at the consumer market. 5 GB of free storage

AD Domain trees

Collection of domains that are grouped in hierarchical structures and share a common root domain

Windows Assessment and Deployment Kit (ADK)

Collection of tools and technologies produced by Microsoft designed to help deploy Microsoft Windows operating system images to target computers or to a virtual hard disk image in VHD format.

Group Policy Objects (GPOs)

Collections of user and computer settings, including system settings, security settings, software installation settings, scripts settings, and folder redirection settings.

netsh.exe

Command-line tool used to configure IPv4 and IPv6 settings

USMTUtils

Compresses, encrypts, and validates the migration storage files

GPO two sections

Computer Configuration User Configuration

UAC GPO in AD DS

Computer Configuration \ Policies \ Windows Settings \ Security Settings \ Local Policies \ Security Options

GPO for Windows Update

Computer Configuration\Administrative Templates/Windows Components Windows Update Data Collection and Preview Builds Delivery Optimization

GPO location for securing removable devices

Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Removable Data Drives Computer Configuration\Administrative Templates\System\Removable Storage Access

Credential Guard GPO

Computer Configuration\Policies\Administrative Templates\System\Device Guard

Configure remote assistance GPO

Computer Configuration\Policies\Administrative Templates\System\Remote Assistance

Microsoft Passport GPO

Computer Configuration\Policies\Administrative Templates\Windows Components\Microsoft Passport For Work

File History GPO

Computer Configurations\Administrative Templates\Windows Components\File History\

Ways to create shared folder

Computer Management -Shared Folders snap-in File Explorer Command prompt PowerShell cmdlets

Miracast

Connect your Windows device wirelessly to an external monitor or projector

IPsec: Isolation rules

Connections between computers are restricted based on authentication criteria

Boot Configuration Data (BCD)

Contains the system's boot menu information, and provides the user with access to the boot menu.

Inbound/outbound rules: Program rules

Control connections that a specified app uses

Inbound/outbound rules: port rules

Control connections that use a particular TCP or UDP port

Component manifests

Controls which OS settings are to be migrated. These manifests are specific to the OS and are not modifiable

VPN profiles

Create vpn profiles with specific settings to distribute to users

Tasks to perform on ADAC

Create: - new users - new groups - new organizational units (OUs) - computer accounts - InetOrgPerson objects Change the focus of the tool to another domain or domain controller Raise the forest or domain functional level Enable the AD recycle bin Configure fine-grained password policies Configure Dynamic Access Control

Spanned volume

Creates a join across unallocated space on at least two, and at most, 32 disks and presents this to the operating system as a single logical disk. Provides no protection against a disk failure; no performance benefit but is used to increase storage space

Ways you can deploy custom images

DVD installation USB installation WDS deployment Image-based installation Shared network folder installation Windows SIM Windows PE

IPsec: Authentication exemption rules

Define when authentication is not required between computers

GPO settings for securing removable devices

Deny write access to removable drives not protected by Bitlocker Control use of bitlocker on removable drives Enforce drive encryption type on removable data drives Prevent installation of removable devices Allow installation of devices that match any of these device IDs

ICD Image configuration tabs

Deployment Assets: add applications and drivers to your image, specify available features and language packs, and configure and deploy updates Image Time Settings: Control behavior of OS components, including audio settings, BitLocker, devices such as Bluetooth and cameras, power settings, etc. Runtime Settings: Apply customizations to OS after the image is applied, like regional settings, certificates, user accounts, desktop personalization settings, etc.

Windows 10 Home

Designed primarily for home users. Comes with basic Windows applications

Driver signing

Digital signature for drivers used by Windows to protect against potentially bad drivers. New Universal Windows driver introduced, more robust security

Ways to manage disks

Disk Management MCC Snap-in PowerShell DiskPart

Task manager Services tab

Displays all running and stopped system services

Resource Monitor

Displays more info and activity statistics relating to your system resources in real time. Similar to task manager, but enables you to dive deeper into the actual processes and see how they affect the performance on your CPU, disk, network, and memory subcomponents. Useful for troubleshooting performance issues that relate to high resource usage

Physical components of Active Directory

Domain controllers Global catalog servers Operations masters Read-only domain controllers (RODC)

Page Description Language (PDL)

Driver that tells a printer how to lay out the contents of a printed page.

Dynamic Host Configuration Protocol (DHCP)

Dynamically assigns IP address information (for example, IP address, subnet mask, DNS server's IP address, and default gateway's IP address) to network devices.

IPsec: Custom rules

Enable you to create specific connection security settings based on one or several features

Volume Activation Management Tool (VAMT)

Enables Administrators to manage the activation of product keys for Microsoft products, obtained through retail and volume channels

Disable Driver Signature Enforcement

Enables drivers containing improper signatures to be installed, disable in Advanced Boot Options

Volume Activation Services

Enables the automation and management of volume licenses for your organization. Key management services (KMS) as well as Active Directory-based activation further simplify the management of license activations across the organization.

Microsoft User Experience Virtualization(UE-V)

Enables the capture and centralization of users' application settings and Windows 10 settings

Windows Recovery Environment (Windows RE)

Enables you to boot Windows 10 into safe mode or use other advanced troubleshooting tools. Boot from Recovery Drive System Restore System Image Recovery Startup Repair Command Prompt Startup Settings Go Back To The Previous Build

ICACLS command-line utility

Enables you to configure and view permissions on files and folders on a local computer

Windows PowerShell remoting

Enables you to connect to one or several remote computers and execute one or more cmdlets or scripts on those remote computers and return to your local computer

Taskpad Views

Enables you to create a task-focused version of your console. Particularly useful for when you want to designate a particular subset of management tasks to a user

Client Hyper-V

Enables you to create and manage virtual machines (VMs) using a virtual switch. Requirements: 64-bit Windows 10 Pro or Enterprise edition, SLAT support, minimum of 2 GB memory

Windows SIM

Enables you to create installation answer files for use in automated deployments. These answer files contain the configuration options used to install Windows 10

Device Registration

Enables you to facilitate single sing-on (SSO) experience, negating the need to enter credentials repeatedly or add the device to the domain

Remote Server Administration Tools (RSAT)

Enables you to manage roles and features in Windows Server 2016 remotely, including Group Policy Management

Configure Recovery Drive

Enables you to recover your system in case Windows 10 becomes corrupted. Minimum 8 GB USB drive

Reliability monitor

Enables you to review a computer's reliability and problem history and offers both the held desk and you the ability to explore the detailed reports and recommendations that can help you identify and resolve reliability issues

Hyper-V

Enables you to run virtual machines for: - running multiple operating systems on a single computer - Supporting older applications that do not work properly on Win10 - Creating a test or training environment

Shared Folders snap-in

Enables you to view existing shares and modify their properties, including settings such as offline file status, share permissions, and even the NTFS security permissions

BitLocker To Go: Encrypt used disk space only

Encrypts only the part of the drive that currently has data stored on it. This is quicker and appropriate in most cases

BitLocker To Go: Encrypt entire drive

Encrypts the full volume, including areas that contain no data, which takes longer to complete

Three stages to consider when deploying Windows 10 in an enterprise

Evaluate - Windows Insider Preview ➡ Pilot - Deploy the CB ➡ Deploy - CBB for the main deployment

Local accounts

Exist in the local accounts database on your Windows 10 device; it can only be granted access to local resources and, where granted, exercise administrative rights and privileges on the local computer

LTSB example uses

Factory production, manufacturing control systems, hospital emergency room computers, ATM, Kiosk devices, pharmaceutical firms

Fast Startup

Feature in Windows 10 that enables quicker startup. Combines features of hibernation with standard shutdown features. Go to UEFI firmware settings to edit.

Creating a Homegroup

File Explorer Control Panel Network and Internet Settings app

FAT16

File allocation table that uses 16 bits to address and index clusters. Used as the primary hard drive format on DOS and early Windows 95 machines; currently used with smaller-capacity (2 GB or less) flash media devices.

FAT32

File allocation table that uses 32 bits to address and index clusters. Commonly used with USB flash-media drives and versions of Windows prior to XP. - volume limit 32 GB - file size limit 4 GB - for smaller drives

Connection security rules

Filter and secure network traffic by using IPsec. Used to require authentication or encryption of connections between two computers

Zero-touch deployment

For large organizations. Requires a considerable investment in IT skills. Requires the use of MDT and Microsoft System Center Configuration Manager to deploy Windows 10.

Configuration manager to deploy apps

For very large organizations or those with complex and diverse operating system and app deployment requirements. Benefits: -Schedule deployments -Collections (groups) -Multiple deployment methods -Reporting (feedback) -Wake on LAN -Software inventory

Microsoft Management Console (MMC)

Framework into which you can plug management tools. Add management tools, snap-ins

Creating a VPN on Windows 10

From the Network and Sharing Center, under Change Your Network Settings, click Set Up a New Connection or Network and then click Connect to a Workplace

Block Windows Store App

GPO: User Configuration\Administrative Templates\Windows Components\Store\Turn off the Store application

Media creation tool (MCT)

Generates a ready-to-use, bootable USB flash drive or an ISO file

PnP Powershell cmdlets

Get-PnpDevice Get-PnpDeviceProperty Enable-PnpDevice Disable-PnpDevice

OneDrive: Fetch Files On Your PC

Go to settings on OneDrive and click "Let me use OneDrive to fetch any of my files on this PC" to retrieve any file remotely from the computer

AD Organizational units

Group objects for management, organization, and resources for easier administration, including delegation

Electronic failure

Hard disk's electronic circuit controller board can fail with age or become damaged by electrical power surges. Might be able to recover some data

Ransomware

Harms the user by encrypting user data. A ransom (fee) needs to be paid to the malware authors to recover the data

Standard User Analyzer

Help identify issues relating to running your application as a standard user

System protection for drives

Helps prevent permanent data loss when you accidentally change or delete files, or files become corrupted. Computer regularly creates and saves restore points containing your computer's system files and settings. Adjust max disk space for restore points; older restore points are deleted when space is full

IPv6 and types

Hexadecimal 128-bit addressing scheme -Unicast addresses -Multicast addresses -Anycast addresses

Power plan: High Performance

High power consumption 100% brightness Keeps drives, memory, and processors continuously supplied with power

HID

Human Interface Device

Classful addressing

IP addresses that are split between the network and host portions set on the boundaries between the bytes. Do not send subnet mask information with their routing updates.

SRV Record

Identifies computers that host specific services.

Firmware failure

If the hard disk firmware code is corrupt or unreadable, your computer will be unable to communicate with the drive. Either attempt to re-flash the firmware or reset it to factory defaults

Resetting NTFS settings

If you simply cannot decipher which NTFS settings are creating problems, you could try to reset the file and folder permissions by using the ICACLs command-line utility icacls* /reset /t /c /q

Credential Guard

Implements technology known as virtualization-assisted security, enables Credential Guard to block access to credentials stored in the Local Security Authority, which contains Kerberos tickets and related security tokens

WPA2

Improved version of WPA that is the de facto Wi-Fi security standard. Employs larger encryption key sizes than WPA

Install hardware not supported by PnP

In Device Manager, use the Add Hardware Wizard

Creating a VHD

In Disk Management, click Create VHD; Provide parameters; Click OK

AD Objects

In addition to user objects, there are also objects for computers, printers, groups, and other logical components

802.11e

Incorporates Quality of Service to improve telephone service over wireless connections

original equipment manufacturers (OEMs)

Individuals and organizations that buy business goods and incorporate them into the products they produce for eventual sale to other producers or to consumers

PnPUtil.exe

Install a driver manually before connecting the device to pre-stage the installation of specific hardware device. Can use this tool to manage the Driver store, adding, deleting, and listing driver packages

Domain Name System (DNS)

Internet service that translates domain names into IP addresses.

Configure Remote Assistance

Invite someone you trust to help you Help someone who has invited you Invitation files are .msrclincident file extension

Types of connection security rules

Isolation rules Authentication exemption rules Server-to-server rules Tunnel rules Custom rules

System Recovery

Keep My Files - remove all apps and settings but retain your personal files Remove Everything - restores operating system to the initial state; all files, settings, and personal files removed

Task manager Startup tab

List all the apps that startup when the computer boots

Task manager Users tab

Lists all the users currently logged on to the computer locally and remotely

Microsoft Deployment Toolkit (MDT)

Lite-touch installation (LTI) process to enable you to deploy Window 10 and associated apps. You need management computer and a reference computer that provides a source image that is used during the deployment process.

AD Domain

Logical administrative, security, and replication boundary for users and computers that are stored in a common directory database

Power plan: Power Saver

Low power consumption Screen off after 5 minutes inactivity Saves energy

Print Management

Manage your device printers from a single management console. printmanagement.msc Use to manage both local and remote printers

Private IPv4 address ranges Class A

Mask: 10.0.0.0/8 Range: 10.0.0.0-10.255.255.255

Private IPv4 address ranges Class B

Mask: 10.0.0.0/8 Range: 172.16.0.0-172.31.255.255

Private IPv4 address ranges Class C

Mask: 192.168.0.0/16 Range: 192.168.0.0-192.168.255.255

Power plan: Balanced

Medium power consumption Full power to system components currently in use

32-bit vs 64-bit Windows

Memory: 32-bit limited to 4 GB or RAM, 64-bit has much higher limit Security: 64-bit more secure Client Hyper-V: Only available on 64-bit Performance: 64-bit versions can handle more data

Windows Update

Microsoft application used to keep Windows operating systems up to date with the latest patches or enhancements.

OneDrive security

Microsoft has upgraded the level of security and encryption to protect data held on the OneDrive service. Data is now protected with Perfect Forward Security (PFS) encryption when you access OneDrive through the web portal.

Patch Tuesday

Microsoft routinely releases security updates on the second Tuesday of each month.

Migration XML files

MigApp.xml, MigUser.xml, or MigDocs.xml files, and custon XML files USMT uses to configure the process

Inbound rules

Monitor inbound network traffic and allow/block traffic.

Outbound rules

Monitor outbound network traffic and allow or block outbound traffic that meets the criteria of the rule.

PowerShell to manage remote computers

Must first establish a connection with the remote computer, then you can run any cmdlet or script against the remote machine, displayed on your computer. Invoke-Command Enter-PSSession

Sharing folders from the command prompt

Net Share MyShareName=C:\Location /remark:"text" - Will not create a folder and share it. You can only share folders that already exist on the computer

Joining a Homegroup

Network and Sharing Center, enter password

Guest or public networks

Network discovery is disabled, helping to keep your computer from being visible to other computers on the network

Inbound/outbound rules: predefined rules

Network-aware apps often create these types of rules so that you can enable or disable the app as a group setting

Domain networks

Networks that are connected to an AD DS domain. Assigning this option ensures proper communication with AD DS domain controllers. Network discovery is enabled

NTFS

New Technology File System used in Win10 and is widely used across most Windows OS, offers advanced functionality such as file compression, permissions on individual files and folders, and file encryption using EFS

Electronic Software Download (ESD)

New file format for Windows 10. Is a compressed and encrypted version of the traditional WIM file format. In a protected container to ensure that it is not tampered with during delivery

Sharing folders by using PowerShell

New-SmbShare -Name MyShareName -Path C:\Location Most appropriate choice for scripting the creation of shares

Drawbacks of GPO app deployment

No scheduling capability and no reporting function, meaning that it's not easy to verify successful deployment of or updates to your apps. Harder to maintain apps in more complex organizations

NetBIOS names

Non-hierarchical structure based on a 16-character name. The 16th character identifies a particular service running on the computer named by the preceding 15 characters.

Private networks

Nondomain or home networks, where you trust the people using the network and the devices connected to the network. Network discovery is enabled

Requirements for Hyper-V

OS: 64-bit Win10 Pro, Enterprise, or Education CPU: x64 CPU with hardware-assisted virtualization, Data Execution Prevention (DEP), Second-level address translation (SLAT) RAM: 4 GB Storage: SSD is preferred

What is Upgrade

Often generically used term to explain the licensing process of obtaining a version of Windows 10 that replaces an existing and supported upgradeable OS.

Wired Equivalent Privacy (WEP)

Old security standard with a number of documented security issues. Use WEP only if there is no choice

VHD vs VHDX

One of the biggest advantages of VHDX compared with the legacy VHD format is virtual disk storage capacity. Before Windows Server 2012, Hyper-V virtual hard disks had a 2 TB limit. VHDX files have a 64 TB capacity. The advantages of VHDX aren't limited to improved capacity, however; VHDX files were designed to work with today's modern hardware and have a 4 KB logical sector size that improves performance compared with VHD files.

OneDrive web portal

Online version has slightly more functionality than from file explorer.

Current Branch for Business (CBB)

Only Pro, Enterprise, and Education editions. Microsoft re-releases the feature upgrade a second time, approximately 4-6 months after the initial release, and at this time, all devices using CBB begin downloading and installing the upgrade

Unicast addresses

Packets are delivered to a single interface. Data is sent from one computer to another computer. Unicast is a one-to-one type of network communication. Examples) Browsing a website, downloading file from FTP server

Anycast addresses

Packets are delivered to multiple interfaces that are the closest in routing distance. IPv6 datagrams from a source are routed to the nearest device (in terms of routing distance) from a group servers which provide the same service. Every nodes which provide the same service are configured with same Anycast destination address.

Multicast addresses

Packets are delivered to multiple interfaces. Multicast traffic addressed for a group of devices on the network. IPv6 multicast traffic are sent to a group and only members of that group receive the Multicast traffic. The sender transmit only one copy of data and it is delivered to many devices who are interested in that traffic.

Previous Versions

Part of System Protection that keeps copies (previous versions) of user data. It's also called shadow copy. Enables users to view, revert, or recover files and folders that have been modified or deleted

Three items to monitor on Performance Monitor

Performance objects: system components such as physical, logical, software Performance object instances: represent single occurrences of performance objects. Performance counters: measurable properties of performance objects, such as bytes sent/sec

Requirements for creating a virtual disk with Storage Spaces

Physical disk - minimum of one unformatted disk Storage pool - collection of one or more physical disks Storage space - logical disk created from one or more physical disks Disk drive - drive letter allocated to the logical virtual disk and accessed through File Explorer

Mechanical failures

Physical failure of the hard disk. Even if drive motor failure causes the drive to stop working, the data might still be intact

Type of VPN

Point-to-Point Tunneling Protocol (PPTP), Layer Two Tunneling Protocol with IPsec (L2TP/IPsec), Secure Socket Tunneling Protocol (SSTP), or Internet Key Exchange version 2 (IKEv2)

3 Power plans

Power Saver Balanced High Performance

Active Directory Administrative Center (ADAC)

Primary GUI-based tool that you use for object-related tasks that need to be performed occasionally, typically for the administration of AD in smaller environments

Authentication

Process of verifying the identity of a security principal: a user, a group, a computer or other device, a service or process

Minimum hardware requirements for Windows 10

Processor: 1 GHz or faster Memory: 1 GB for 32-bit, 2 GB for 64-bit Hard disk space: 16 GB for 32-bit, 20 GB for 64-bit Graphics card: DirectX 9 or later with a Windows Display Driver Model (WDDM) 1.0 driver Display resolution: 800x600 px

PID

Product ID

Types of inbound and outbound rules

Program rules Port rules Predefined rules Custom rules

Enable/Disable Windows Features

Programs and features PowerShell Dism.exe command-line tool

Uninstall Windows update

Programs and features Settings -Windows Update CMD- wusa.exe

Types of UAC Prompts

Prompt for consent: appears to administrators in Admin Approval Mode when they attempt to perform an administrative task. Prompt for credentials: appears to standard users when they attempt to perform an administrative task

File History

Protects your data by backing it up periodically to a local or network drive. You can easily recover files that have been accidentally deleted or modified, in a simple and user-friendly method

Windows Store

Provides a single point of access for your users to browse, download, and install their apps, including both kinds of desktop apps, such as Office and Windows Store Apps

Windows PowerShell ISE

Provides command-completion functionality. Create and edit scripts in ISE and then run the scripts step by step in the script window. Can help you debug your scripts

Remote Assistance

Provides for interaction with the remote user. You can view or take remote control of the user's computer and perform remote management of it. Can also use a text-based chat facility to interact with the user

Device Manager

Provides information about each device, such as the device type, device status, manufacturer, device-specific properties, and device driver information

Windows 10 Education

Provides same features as Windows 10 Enterprise, but does not offer support for LTSB

Windows Store for Business

Provides you with a means to distribute LOB apps more easily and consistently to users' devices within your organization. This enables you to manage and maintain these custom apps in the same way as you do commercially available apps from the Windows Store. You can also create a private store so that users in your organization can easily view, download, and install your LOB apps

Windows Defender scan options

Quick Full Custom

Shared folders permissions

Read Change Full

Baseline performance vs. real-time monitoring

Real-time monitoring information is useful for instant diagnosis, whereas creating a baseline for your computer's performance can generate a system-specific report that can be useful to show what your performance statistics look like during normal or heavy use

Recover files from OneDrive

Recover from Recycle Bin, automatically deleted from Recycle Bin after 30 days

Optimize Drive Usage

Redistributes data across all the drives and makes best use of the pool's new capacity and increased resiliency

Computer worms

Replicate, without direct intervention, across networks

Computer virus

Replicating malware, normally with email attachments or files

RAID-5

Requires at least three disks and provides striped volumes with fault tolerance by adding parity information to each volume

Striping

Requires two or more disks, user could stripe data between two volumes on separate hard drives to achieve improved write performance by writing data in stripes cyclically across the disks. RAID-0

File History file recovery

Restore a folder or files that have been deleted Navigate through each restore point

3 Types of Advanced Security rules with Windows Firewall

Rules are criteria that define what network traffic is filtered and what action is taken on that filtered traffic. 1. Inbound rules 2. Outbound rules 3. Connection security rules

Windows 10 Pro

Same as Windows 10 Home, but includes additional features such as Domain Join and GPM, Azure, BitLocker, Hyper-V, etc.

Windows 10 Mobile Enterprise

Same as Windows 10 Mobile, but provides security updates more quickly

Windows 10 Enterprise

Same features as Windows 10 Pro, with additional features of relevance to larger organizations, such as DirectAccess, Windows To Go Creator, AppLocker, etc.

USMT Tools

ScanState LoadState USMTUtils Migraiton XML files Config.xml Components manifest

Slmgr.vbs

Script for Windows Software Licensing Management Tool to view Windows activation status

IPsec: Tunnel rules

Secure communications between two computers by using tunnel mode in IPsec instead of transport mode

Virtual Secure Mode

Security feature that moves some sensitive elements of the operating system to trustlets that run in a Hyper-V container that Windows cannot access. This helps the operating system more secure. This feature is only available in the Windows 10 Enterprise Edition.

Using Event Viewer to see services

See service startup information in the System log -> Service Control Manager

Internal resources

Server-based resources that users want to connect to, for example, file servers, web servers, etc

AD Domain controllers

Servers that contain the AD databases. Stores only the information about objects located in its domain.

Current Branch (CB) servicing

Servicing option that ensures that devices are kept up to date with the latest Windows 10 features through the upgrades that are released two to three times a year. When Microsoft releases a new build, all devices that have the default configuration begin downloading and installing the upgrade

Two types of Windows updates

Servicing updates - regular security updates and software updates; every second Tuesday of each month Feature updates - New features and functionality * To enhance the security protection delivered in Windows 10, the consumer can no longer turn off security updates or upgrades

User Configuration

Set policies that apply to users, regardless of which computer they log on to.

Computer Configuration

Sets policies that are applied to the computer regardless of who logs on to it.

How to sideload an app

Settings -> Update & Security For Developers -> Sideload Apps PowerShell - add-appxpackage PATH\your_app.appx Make sure app is signed with a certificate that is trusted

Task manager Processes tab

Shows all running apps and background processes

Task manager Details tab

Shows detailed statistics on all running and suspended processes

Task manager App History tab

Shows historical data for universal and modern apps usage for the previous month

Task manager Performance tab

Shows real-time statistics for CPU, memory, disk, Ethernet, Bluetooth, and Wi-Fi usage

Windows Update History

Shows you updates that have been applied and those that failed to be applied. Each update contains a unique name and reference number and a summary of the effect the update will have on the system.

Storage Space storage layouts

Simple Two-way or three-way mirrors Parity

In-place upgrade

Simplest option, small group of computers. Data files, applications, and user and application settings are retained. Determine whether PC meets minimum hardware requirements, back up files, run installation file

Logical components of Active Directory

Site Forest Domain Domain Trees Organizational Units

Workgroup

Small collection of computers that can share resources. No centralization of user accounts and related security policies and settings. Peer-to-peer network, in which each device has its own set of user and group accounts, its own security policy, and its own resources that can be shared with others PC can only belong to one Workgroup, and either Workgroup or domain, not both.

Disk Management

Snap-in available with the Microsoft Management Console that enables techs to configure the various disks installed in a system; available in the Computer Management Administrative Tool.

Checkpoints

Snapshots of a virtual machine at a point in time. Right-click the appropriate virtual machine in Hyper-V Manager and then click Checkpoint

Service

Software component that interacts at one level with devices drivers and, at another level, with app-level components. In a sense, services sit between apps and hardware devices and are considered a core part of the OS, controlling user requests, through apps, to hardware resources. Use Services management console snap-in

Microsoft Assessment and Planning (MAP) Toolkit

Software that can be used by a system administrator from a network location to query hundreds of computers in a single scan to determine if a computer qualifies for a Windows upgrade.

Why use IPv6?

Some services require IPv6 like DirectAccess Larger address space, with 128-bits Hierarchical addressing which uses a structured address space, which is more efficient for routers, helping to optimize network communications Support for stateless and stateful autoconfiguration

Long-Term Servicing Branch (LTSB)

Special branch of Windows 10 aimed at businesses that have computers that need to run in a known (and fixed) environment that does not change. Not included: Edge, Windows Store, Cortana, Outlook, OneNote Receives security and other updates, but no upgrades

Windows 10 Enterprise Long-Term Servicing Branch

Specialized edition of Win10 that receives security and other important updates, but does not receive feature updates so that environment does not change over time.

Credential Manager

Stores credentials when users access a website, online service, or server computer on a network in secure areas known as vaults. Access via control panel

User rights assignment

Subcategory of the Local Policies setting area of a Group Policy Object that includes settings for items that pertain to rights needed by users to perform system-related tasks. Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment

Low-touch deployment

Suitable for larger organizations. Relies on use of image deployment and additional services, some specialist IT skills are required

High-touch deployment

Suitable for small organizations. Requires no specialist IT skills or additional services or components. Use Windows 10 installation media to install Windows 10

Sync your settings

Sync Windows settings to your Microsoft account to sync settings across all devices signed into that account

Main features of Reliability monitor

System stability chart Records key events in a timeline Installation failure reports

Using GPOs to deploy apps

Target PCs must be members of an AD DS domain, apps must be available in .msi installer packages Use GPO filtering to deploy apps to specific users or computers

Sideloading

Technique by which the app is installed without requiring access to the Windows Store. When sideloading, you must have an .appx installer file for your app.

Refresh/Recycle

Term used to refer to speedy and reliable system recovery

Default gateway address

The IP address of the networking device used to forward data that needs to leave the LAN

Active Directory (AD)

The Windows Server standard used to manage large and small network systems. It uses a hierarchical directory structure that is designed as a database containing information about objects belonging to the entire network.

Network discovery

The ability for your computer to locate devices and resources on the networks to which it is connected, and for other devices to discover your device and resources

GUID Partition Table (GPT)

The area of a large hard disk (> 2TB) outside a partition that stores partition information and boot loaders. Used by modern systems that use x64-bit OS and UEFI-based hardware

Cortana

The digital personal assistant that comes with Windows 10 and Windows phones; can search, give you reminders, alarms, directions, news, weather, and more.

Event subscription terms: Collector

The event collector is the computer on which you view the collected events. The collector computer can be a PC or a server

Event subscription terms: Source

The event source computer is the computer that provides you with events on your network. The source computer can be a PC or a server

Master Boot Record (MBR)

The first sector on a hard drive, which contains the partition table and a program the BIOS uses to boot an OS from the drive. Offer no redundancy, used by older OS and BIOS

Internet Assigned Numbers Authority (IANA)

The international organization responsible for allocation of IP addresses.

Driver store

The location where Windows stores a copy of the driver software when first installing a device.

Wi-Fi Protected Access (WPA)

The original set of protections from the Wi-Fi Alliance designed to address both encryption and authentication.

Servicing

The process of continually bringing your computer up to date

Fixed provisioning

The size of the new virtual disk is allocated using the same amount of storage from the storage pool. Although this may "waste" space, you can always guarantee the you won't over commit your storage and allocate more than your pool has available.

Source computer-initiated subscription

The source computer transmits local events to the collector computer. This is a push type of arrangement, often configured using GP

Collector-initiated subscription

The subscription must contain a list of all the event sources that need to be added one at a time. This is used on small networks because each must be configured manually

Plug and Play (PnP)

The technology that enables the operating system, once it is booted up, to recognize automatically any new peripherals and to configure them to work with the system.

Inbound/outbound rules: custom rules

These rules enable you to create very specific firewall settings based on one or several factors

Ad-hoc

This setting enables you to configure wireless connection between devices in a peer-to-peer manner without requiring a wireless access point

Indexing

To maintain the performance of Windows 10 search, the system automatically indexes data on your computer in the background. This data includes user-generated files, folders, and documents

Type 4 Print Class Driver

To protect the system from rogue drivers and to aid simplified sharing, Windows 10 uses the new Type 4 Print Class Driver for each printer device model; an administrator only needs to install a Type 4 printer driver rather than multiple drivers, such as 32-bit and 64-bit drivers, to support both types of client architecture. Type 4 drivers can support multiple print models and often install faster than the older Type 3 drivers. The security of Windows 10 is enhanced because Type 4 printer drivers can only be updated by using Windows Update or Windows Update Services (WSUS).

Signed PowerShell scripts

To protect you from unsafe scripts, Windows 10 prohibits running unsigned scripts. Unless you can sign your scripts, you must enable your PC to run unsigned Windows PowerShell scripts: Set-ExecutionPolicy RemoteSigned

Driver Verifier Manager

Tool that can help you troubleshoot, identify, and resolve common device driver problems, and you can then remove, reinstall, or roll back the offending driver with Device Manager verifier.exe

PCmover Express

Tool that provides functionality similar to Windows Easy Transfer and assists the transfer of selected files from your old Windows-based PC to your new PC running Windows 10

Remote Desktop

Tool that you can use to access a computer remotely over the Remote Desktop Protocol (RDP). Does not provide for user interaction and requires the user of the computer to sign out before you can access the computer remotely. Mstsc.exe

Spyware

Tracking software that reports to the third party how a computer is used.

BitLocker

Trusted Platform Module (TMP) works with BitLocker to help protect against data theft and offline tampering by providing whole-drive encryption

Device installation settings

Turn on or off automatic device driver installation from Devices and Printers

Host names

Up to 255 characters in length, contains only alphanumeric characters, periods, and hyphens.

Using Windows Update for driver updates

Update to newer drivers or prevent new/updated drivers from downloading over metered connections, or disable individual driver updates

Local account management

Use Computer Management, Settings app, Control Panel, and PowerShell

Enable or disable Windows features

Use DISM or PowerShell or Control Panel Dism /online /Get-Features Get-WindowsOptionalFeature -Online

Creating provisioning packages

Use Windows Imaging and Configuration Designer (ICD) tool in Windows ADK. Follow the Wizard instructions

WDS deployment

Use this method to deploy multiple images to multiple computers at the same time by using multicast

Microsoft Application Compatibility Toolkit

Use to help determine whether your organization's installed applications will work correctly in Windows 10. - Database of known application issues and possible mitigation - Compatibility Administrator - Setup analysis tool that helps identify issues with the installation process of your applications - Standard User Analyzer

Performance Monitor Microsoft Management Console snap-in

Use to monitor and track your device for the default set of performance parameters or a custom set you select for display, called counters. System Diagnostics -> Data Collector Set collects the status of local hardware resources and configuration data, together with data from the System Information tool System Performance -> Data Collector Set reports the status of local hardware resources, system response times, and processes

Backup and Restore

Use to restore files and folders, create backups of files contained in folders, libraries, and whole disk volumes. Backups cannot be saved on same disk that Windows 10 is installed on Uses Volume Shadow Copy Service (VSS) to create the backups. Initial backup creates backup of the files using the virtual hard disk (.vhdx) file format Can only be used to back up data that is stored on file system volumes formatted as NTFS

Task Scheduler

Use to schedule simple or complex tasks, either on the local computer or on a remote computer

Link-Layer Topology Discovery (LLTD)

Used for network discovery feature; Allows Windows to identify other devices present on the local subnet and, when possible, establish the quality of service (QoS) bandwidth capabilities of the network

Domain controller

Used to maintain a copy of the Active Directory database securely for the domain that stores a vast amount of information, including details of user accounts in the form of objects

File Sharing Wizard

Used to share files. Files typically cannot be shared without first sharing the parent folder. 2 basic sharing permissions: Read Read/Write

Windows PE

Used to start a computer that is being deployed with Windows 10. It enables access to Windows file systems and is a partial Windows OS

Config.xml

Used with /genconfig to exclude data from a migration

System Restore

Useful when computer becomes unstable and you need to restore the operating system to one of the restore points created during a period of stability. System Properties => System Protection => System Restore Requires drives that are formatted with the NTFS and uses the Volume Shadow Copy Service (VSS) in the background

Offline domain join

Useful when you are adding computers to a domain from a regional data center that has limited connectivity to the main data center where domain controllers reside. Djoin.exe command-line tool

Mirrored volume

Uses two disks and presents them to OS as a single logical volume. Data on each disk is mirrored, provides redundancy and fault tolerance if one disk fails. Also referred to as RAID-1 . Equal-sized unallocated space, cannot modify after establishing

Microsoft Passport

Uses two-factor authentication based on Windows Hello-based biometric authentication (or a PIN) together with the ownership of a specific device. Provides user convenience and security

Multifactor authentication

Using more than one type of authentication credential. Have knowledge of something + be in possession of something

VHD formats

VHD VHDX VHDS

VID

Vender ID

Configure app startup behavior with registry edit

View startup information for apps in the system registry. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run - contains the apps configured to start for a particular signed-in user HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run - contains the apps configured to start for any signed-in user

Differencing disk

Virtual hard disk that you can use to hold changes to a VHD or the guest operating system by storing the changes in a separate VHD file

User Account Control (UAC)

When you sign in using admin account, UAC limits the account's access to that of a standard user, only elevating the account's privileges to administrative level when required, and only after prompting the user for permission to do so.

Windows 10 editions

Windows 10 Home Windows 10 Pro Windows 10 Enterprise Windows 10 Enterprise LTSB Windows 10 Education Windows 10 Mobile Windows 10 Mobile Enterprise

Choose how Windows updates are delivered

Windows 10 includes a new feature that enables you to choose how updates are delivered and enables Windows Update to obtain updates through peer-to-peer file sharing

BitLocker during Windows 10 upgrade

Windows 10 upgrade process automatically suspends and resumes BitLocker Drive Encryption. You do not need to manually disable

Import driver packages

Windows Settings App, Access work or school, Add or remove a provisioning package, Add a package

Two types of event log files

Windows logs: include application, security, setup, system, and forwarded events Application and service logs: include other logs from applications and services to record application-specific or service-specific events

Background Intelligent Transfer Service (BITS)

Windows service that optimizes network downloads by using idle network bandwidth

Windows Easy Transfer

Windows tool used to migrate user data and settings between the source and destination computer.

Wi-Fi Direct

Wireless networking standard that you can use to connect your wireless devices without a wireless AP. Typically used to connect to peripherals such as printers and media players

Event subscriptions

You can automate the collection of event logs from other computers by creating event subscriptions. All computers participating in a subscription must be configured to allow remote administration. Enable Windows Remote Management service on the source computer. On the collector computer, start the Windows Event Collector service, which enables the computer to collect events from remote devices.

Parity bit

a bit that acts as a check on a set of binary values, calculated in such a way that the number of 1s in the set plus the parity bit should always be even (even parity) or should always be odd (odd parity).

RacTask

background process that collects reliability data

Dynamic disks

can contain simple, spanned, striped, and mirrored volumes

Windows PowerShell

cmdlets are constructed of verbs and nouns, nouns are always singular Text file extension name .ps1 to create scripts

exFAT

created to be used on flash drives like USB memory sticks and SD cards larger than 32 GB

Local Group Policy Editor

gpedit.msc Manage local settings

NTFS and ReFS security permissions are ________from their ______.

inherited parent folder

System Configuration

msconfig.exe Configure computer's startup behavior

Logical failure

occurs when a hard drive cannot access due to non-mechanical issues

Event ID

provides an ID for the specific event type that occurred

Two-factor authentication

requires the user to provide two means of authentication, what the user knows (password) and what the user has (security token)

Client resolver

resolves names into IPv4 or IPv6 addresses

Windows Event Viewer

shows a log of application and system messages, including errors, information messages, and warnings. It's a useful tool for troubleshooting all kinds of different Windows problems eventvwr.msc

signature verification

sigverif.exe Use to verify if files are digitally signed

Trojan horses

tricks the user into providing an attacker with remote access to the infected computer

Types of malware

virus, worm, trojan horse, ransomware, spyware

Restore points on command prompt

vssadmin


Ensembles d'études connexes

Exercise 7 - The Federal Reserve, Money Supply, and Fiscal Policy

View Set

Gateway 2 Business Knowledge Check (Ch. 2)

View Set

residential wiring quarter 1 final

View Set

CH.7- Revising & Presenting Your Writing, Giving Feedback

View Set

Ch. 7 Membrane Structure and Function Dynamic

View Set