Chapter 12 - Windows under the hood
Open Database Connectivity (ODBC) is a coding standard that enables programmers to write databases and the applications that use them in a way that they can query ODBC to see how to locate and access a database without any concern about what application or operating system is used.
What is the function of Open Database Connectivity (ODBC)?
Data Source Administrator enables you to create and manage entries called Data Source Names (DSNs) that point OBDC to a database. DSNs are used by ODBC-aware applications to query ODBC to find their databases. You will rarely use Data Source Administrator unless you're making your own shared databases.
What is the function of the ODBC Data Source Administrator?
Winload.exe readies your system to load the operating system kernel.
What is the function of the winload.exe file?
Task Manager
What is the one-stop place for anything you need to do with applications, processes, or services?
The reg command is a full Registry editing tool. You can view Registry keys and values, import and export some or all of a Registry, and even compare two different versions of a Registry—plus a lot more.
What is the reg command?
Always make a backup of the Registry before you change any entries.
What should you always do before making manual changes in the Registry?
Component Services
What tool is provided in Windows to facilitate sharing data objects between applications and computers?
Every version of Windows stores the numerous Registry files (called hives) in the \%SystemRoot%\System32\config folder and each user account folder.
Where is the Registry stored?
HKEY_LOCAL_MACHINE
Which Registry root key contains all the data for a system's non-user-specific configurations?
HKEY_CLASSES_ROOT
Which Registry root key defines the standard class objects used by Windows?
HKEY_CURRENT_CONFIG
Which Registry root key root key defines which option is being used currently, assuming that more than one is specified in HKEY_LOCAL_MACHINE
Performance Monitor
Which Windows 7 tool gives you an overview of how a PC has behaved over time, showing important events such as application or OS crashes?
Regsvr32
Which command can modify the Registry by adding (or registering) dynamic link library (DLL) files as command components?
tasklist
Which command enables you to view running processes on a local or remote system?
Reg
Which command is a full-featured command-line Registry editor?
Boot Configuration Data (BCD) file
Which file contains information about the various operating systems installed on the system?
Bootmgr
Which file is the Windows Boot Manager?
String
Which key value data type can be used for any form of data?
DWORD
Which key value data type is limited to exactly 32 bits?
QWORD
Which key value data type is limited to exactly 64 bits?
DSN
Which kind of entries point OBDC to a database and are created and managed by the user through the Data Source Administrator
The Networking tab shows network traffic activity and can help troubleshoot network performance problems.
Which tab in Task Manager allows you to troubleshoot network performance issues?
Applications
Which tab in Task Manager can be used to stop an application?
Performance
Which tab in the Task Manager shows information about CPU usage, available physical memory, and the size of the disk cache?
User
Which tab in the Task Manager would you use to find out what programs are running under a certain user's account?
Processes
Which tab shows you every running process on your computer?
Entering either regedit or regedt32 at a command prompt (or in the Start | Run dialog box or Start | Search bar) brings up the Registry editor.
Which two executable files start the Registry editor?
System
Which user name is associated with a process started by Windows?
multitasking
Windows runs many processes simultaneously, a feature known as ______________.
taskkill
You can kill a process using the _______________ command, using either the name or the PID.
QWORD
___________ values are like binary values but are limited to exactly 64 bits
DWORD
______________ values are like binary values but are limited to exactly 32 bits.
Component Service
_______________ assists in object sharing between applications and computers on a network.
string value
_______________ data types are very common and offer the most flexible type of value.
open database connectivity (ODBC)
_______________ is a coding standard that enables programmers to write databases and applications to be able to locate and access a database without any concern about what application or operating system is used.
Binary values
_______________ store nothing more than long strings of ones and zeros.
process Explorer
_______________, a free tool, gives you the ability to see which processes depend on others.
UEFI
(n) _______________ system, the MBR/GUID partition table (GPT) nor the file system boot code is run.
Object
A counter tracks specific information about a(n) ________________.
class object
A named group of functions that defines what you can do with an object is called a ________________.
System
A process started by Windows has the user name _______________.
object
A(n) _______________ is a system component that is given a set of characteristics and can be managed by the operating system as a single entity.
counter
A(n) _______________ tracks specific information about an object.
Boot Configurastion Data (BCD)
Bootmgrstarts and reads data from a(n) _______________ file that contains information about the various operating systems installed on the system.
current
By default, the Task Manager shows only processes associated with the _______________.
BIOS,UEFI or UEFI,BIOS
Current Windows versions support both _______________ and _______________ boot processes
bootmgr
Current Windows versions support both _______________ and _______________ boot processes
ODBC data Source Administrator
Microsoft's tool to configure ODBC is called the _______________.
DATA source names (DSNs)
ODBC Data Source Administrator enables you to create and manage _______________ that point ODBC to a database.
Task Manager
Pressing ctrl-shift-esc will open Windows _______________.
process identifier (PID)
Processes are usually referred to by their _______________.
hives
Registry files are called _______________.
subkeys
Root keys are composed of _______________.
current user
The HKEY_CURRENT_USER root key stores the _______________ settings.
JPG
The Registry uses HKEY_CLASSES_ROOT\.jpg and HKEY_CURRENT_USER\Software\Classes\.jpg to cover user-specific associations for _______________ files.
regsvrt32
The _______________ command can modify the Registry in only one way, adding (or registering) dynamic link library (DLL) files as command components.
tasklist
The _______________ command enables you to view running processes on a local or remote system.
reg
The _______________ command is a full Registry editing tool.
Registry
The _______________ is a huge database that stores everything about your PC.
Performance Monitor
The _______________ opens to a screen with some text about Performance Monitor and a System Summary
HKEY CLASSES ROOT
The _______________ root key defines the standard class objects used by Windows (i.e., file types and associations).
HKEY USERS
The _______________ root key stores all of the personalized information for all users on a PC.
Performance
The _______________ tab is a great tool for investigating how hard your RAM and CPU are working at any given moment and why.
USERS
The _______________ tab of Task Manager enables you to log off or log off other users if you have the proper permissions.
Service Control Panel
The best way to work with services is to use the _______________ applet.
regedit
The go-to command to open up the Registry editor is ________________.
".exe"
The name of a process usually ends with what file extension?
five or 5
There are _______________ main subgroups, or root keys.
process identifier (PID)
To identify a process, use the _______________, not the process name.
A process is named after its executable file, which usually ends in .exe but can also end with other extensions. All processes have a user name to identify who started the process. A process started by Windows has the user name System. All processes have a process identifier (PID). To identify a process, you use the PID, not the process name.
Describe how a "process" is named and identified in Windows.
To configure a service, right-click on the service name. The context menu enables you to start, stop, pause, resume, or restart any service. Click on Properties to see a dialog box.
How are services controlled?
The regsvr32 command, in contrast with reg, can modify the Registry in only one way, adding (or registering) dynamic link library (DLL) files as command components in the Registry.
How does regsvr32 differ from reg?
As a tree structure
How is the Registry organized?
By percentage
How is the amount of CPU time used by a process measured in Task Manager?
Five
How many root keys are in the Registry?
master boot record or MBR
In a BIOS-based system, the BIOS uses its boot order to scan a hard drive for a(n) _______________
Microsoft included Data Collector Sets in Reliability and Performance Monitor and Performance Monitor, groupings of counters you can use to make reports. You can make your own Data Collector Sets (User Defined) or you can just grab one of the predefined system sets. Data Collector Sets not only enable you to choose counter objects to track, but also enable you to schedule when you want them to run.
What are Data Collector Sets?
Data Source Names are used by ODBC-aware applications to query ODBC to find their databases.
What are Data Source Names (DSNs)?
Hives (urticaria)
What are Registry files called?
Common reasons to manually edit the Registry include deleting autostarting programs (HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run) and removing Registry keys left behind by programs that do not completely uninstall.
What are some common reasons to manually edit the Registry?
Root keys are composed of subkeys. A subkey also can have other subkeys, or values.
What are subkeys and values?
The five main subgroups, or root keys, are HKEY_CLASSES_ROOT, HKEY_CURRENT_USER, HKEY_USERS, HKEY_LOCAL_MACHINE, and HKEY_CURRENT_CONFIG.
What are the five root keys of the Registry?
The four most common types of key values are String, Binary, DWORD, and QWORD.
What are the four most common types of key values?
Manually editing the Registry can be risky and result in malfunctions in Windows: applications might not start, utilities might not work, or worst of all, the computer might not boot.
What are the risks of manually editing a Registry?
Here are three ways to start Task Manager: 1) Pressing ctrl-shift-esc; 2) going to Start | Run or Start | Search, typing taskmgr, and pressing enter; and 3) pressing ctrl-alt-delete and selecting Task Manager.
What are three ways to start Task Manager?
Perfmon.msc
What can be typed in the Windows Search bar to open the Windows performance tool?
Services.msc
What can be typed in the Windows Search to open the Services Control Panel applet?
ODBC
What coding standard allows programmers to write databases and applications to locate and access a database without worrying about the application or operating system in use?
Tasklist
What command enables you to view running processes on a local or remote system?
The performance tab will show CPU usage, available physical memory, size of the disk cache, and other details about memory and processes.
What does the "Performance" tab in Task Manager show?
The Users tab enables you to log off or log off other users if you have the proper permissions.
What does the "Users" tab in Task Manager allow you to do?
The Applications tab shows all the running applications on your system.
What does the Applications tab in Task Manager display
Binary values store long strings of ones and zeros.
What does the Binary value store?
DWORD values are like Binary values but are limited to exactly 32 bits.
What does the DWORD value store?
HKEY_LOCAL_MACHINE contains all the data for a system's non-user-specific configurations. This encompasses every device and program in your PC.
What does the HKEY_LOCAL_MACHINE root key contain?
QWORD values are like Binary values but are limited to exactly 64 bits.
What does the QWORD value store?
Registry Editor's Export feature enables you to save either the full Registry or only a single root key or subkey (with all subkeys and values under it) before you edit it. If you need to restore that key, use the File | Import command, or just right-click on the icon and click Merge.
What does the Registry Editor's Export feature do?
The String value are the most flexible type of value and are very common. You can put any form of data in this type.
What does the String value store?
The MBR holds a small bit of file system boot code that scans the partition table for the system partition and then loads its boot sector.
What does the master boot record (MBR) hold?
Merge
What feature allows you to import a new or backup subkey
If you select a process and click the End Process button, you'll instantly end that process. If the process is an application, that application will close.
What happens if you select the End Process button in Task Manager?
To delete autostarting programs
What is a common reason to edit this Registry key: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Applications not starting up
What is one major risk of editing the Registry?
Press ctrl-alt-delete and select Task Manager.
What is one way to start Task Manager?
The Registry
What is stored in the \%SystemRoot%\System32\config folder?
The Registry is a huge database that stores everything about your PC. This includes hardware information, network information, user preferences, file types, and application information.
What is the Registry?
HKEY_CLASSES_ROOT defines the standard class objects used by Windows.
What is the function of HKEY_CLASSES_ROOT?
HKEY_CURRENT_CONFIG stores the current user settings.
What is the function of HKEY_CURRENT_CONFIG?
which one is being used currently.
What is the function of HKEY_CURRENT_USER?
HKEY_USERS stores all of the personalized information for each user.
What is the function of HKEY_USERS?
