By Fatskills Exam Guides Team — the exam nerds behind 28,500+ quizzes and 2.1M practice questions across 500+ global exams.
Basic Features of Microsoft Windows Editions 220-1102: Objective 1.1: Identify basic features of Microsoft Windows Editions. Windows 11 was launched in the second half of 2021 as a way for Windows users to access Microsoft services and products with a higher level of general performance. Although the user experience is visually different and the network experience is more seamless, most of the core functions settings are similar, if not the same. Knowing the Windows 10 OS is key to understanding the foundations of Windows 11.
Windows 10 Editions Windows 10 and 11 are the current standard for Microsoft operating systems. Four versions of Windows 10 are described in this section: - Windows 10 Home: This is the most basic desktop version, with features that most home users need. It is capable of joining a small home workgroup and sharing resources such as printers, but it is not able to join large workplace-managed domains. Windows 10 Home is most commonly found preinstalled through an Original Equipment Manufacturer (OEM), such as Dell or HP. - Windows 10 Pro: Pro is the most different version of the many Windows versions. Pro has all the features of Home, along with added security and management features found on institutional networks. These include Active Directory for network management, BitLocker, and Remote Desktop. As with Home, Windows 10 Pro can be shipped through OEMs. - Windows 10 Pro for Workstations: The key differences between Pro and Pro for Workstations lie in robustness and licensing. Pro for Workstations is designed to work with high-powered computers with advanced chipsets that can handle heavy processing loads. Instead of using an OEM install, licensing must be purchased from Microsoft. - Windows 10 Enterprise: This version of Windows 10 has all the features of the other versions, along with added network management and security tools designed for IT professionals managing enterprise class networks. Table: Windows 10 Editions and Features
Feature Differences Domain Access vs. Workgroup The key difference between domain access and workgroup computers is how they are managed. In Windows 10, all computers default to a workgroup until they join a domain. Domain computers are usually workplace computers managed by a network administrator. Workgroup computers are usually home computers that are peers to other computers on a small home network that can share files and printers.
Desktop Styles/User Interface Windows 10 versions come with similar interface features, including the Task View option (Windows+Tab, or selecting it from the taskbar). Desktops and wallpaper can be enhanced with Bing Wallpaper, and disability access features are found in both. When the computer comes under the control of a domain, the experience might differ because an administrator can use policies to limit desktops and other features.
Remote Desktop Connection and Remote Assistance To facilitate connections to remote computers and allow full remote control, Microsoft uses the Remote Desktop Connection program, which is based on the Remote Desktop Protocol (RDP). Remote Desktop also includes Remote Assistance, which allows users to invite a technician to view their desktop, in the hopes that the technician can fix any encountered problems. Random Access Memory (RAM) Windows 10 requires 1GB of RAM for a 32-bit installation and 2GB for a 64-bit install. These are minimums; depending on the software installed and the purpose of the computer, more RAM is recommended.
BitLocker BitLocker is a data encryption utility that encrypts hard drives for added security. It encrypts all data, including personal and system files. A companion program, BitLocker To Go, encrypts removable disks and USB drives.
Group Policy Editor Group Policy is a tool for controlling the settings on a standalone computer or a group of networked computers. A network administrator can set and control almost all settings in a network using Active Directory. Figure 6-1 depicts the output from the gpedit.msc command, showing the Local Group Policy Editor on a networked computer. Group Policy Editor is not normally available to the Windows 10 Home user; the command normally returns a “gpedit.msc not found” response. However, users can download unofficial products from non-Microsoft sources and then configure settings management. Local Group Policy Editor Upgrade Paths In-place upgrades involve upgrading Windows editions while keeping user data, applications, and preferences intact. Table 6-3 shows Windows 10 editions and upgrade methods. The older version of Windows 10 OS remains in place, and its installer is used to replace all the OS files for the new edition, leaving applications and other settings. Table: Windows 10 Editions and Supported Upgrade Methods
Microsoft Command-Line Tools 220-1102: Objective 1.2: Given a scenario, use the appropriate Microsoft command-line tool. Windows has a number of command-line tools for system operation and management. Although it also has many administrative tools that offer graphical interfaces for managing performance and troubleshooting, mastering these commands makes the common tasks much more efficient. In the last few years, Microsoft had gently nudged the command prompt (cmd.exe) into maintenance mode and replaced it with the more powerful Windows PowerShell command-line environment. CMD.exe is not gone, but it is no longer the default. All the commands in this section work the same in either environment, so if you want to experiment with the CMD prompt, you can simply enter CMD into the search bar and it will appear. Starting a Command Prompt Session with Windows PowerShell Most computer users don’t use a command-line prompt often. However, technicians use it to do the following: - Recover data from systems that cannot boot normally - Reinstall lost or corrupted system files - Print file listings (which cannot be done in File Explorer or This PC) - Copy, move, and delete data - Display or configure certain operating system settings You can start a command prompt session in Windows by clicking the Windows PowerShell option in the Start menu; however, other methods can be faster. Here are a few easy ones to get started: - In Windows 10, press Windows+X and then click or tap Windows PowerShell to run in standard mode. An option to run as an administrator is also available. - Type PowerShell in the search bar. The app will appear before you are finished typing. - Hold the Shift key while right-clicking on the desktop. The PowerShell option appears. Commands Available with Standard Privileges vs. Administrative Privileges Most of the commands in Table 6-4 can be run with standard privileges (by any user). However, some commands can be run only with administrative privileges in what is known as elevated mode or administrative mode. Elevated commands can make more operational changes to the PC than basic commands. Table: Windows Command Prompt Commands
To run in Administrator mode, select Windows PowerShell (Admin) from the Windows+X menu. The Administrator Command Prompt window opens. Figure 6-2 shows an example of both. Windows PowerShell in Normal (Top) and Administrator Mode (Bottom)—Note that the ping Command Was Successful in Normal Mode, but the chkdsk Command Runs Only in Administrator Mode Windows Command-Line Commands Table: lists the basic commands and their uses. Commands are listed here in all caps, but Windows allows you to enter them in lower case, upper case, or mixed case. Open a command prompt and try out these commands in preparation for the exam. Further command details are provided after the table. The first set of commands refers to navigation commands that take the user to different directories in the drive. They are followed by the command-line tools that provide information or perform tasks for the user. Commands listed with an asterisk (*) must be run in Administrator mode. Try these commands on your PC to become familiar with the input and output information. format In Windows, the format command is used primarily to create or re-create the specified file system on recordable or rewritable storage (magnetic, flash, or optical media). In the process, the contents of the drive are overwritten. format appears to “destroy” the previous contents of magnetic storage (such as a hard disk), but if format is used on a hard disk by mistake, third-party data recovery programs can be used to retrieve data from the drive. This is possible because most of the disk surface is not changed by format when a quick format option is selected. Windows overwrites the entire surface of a disk with zeros if the Quick Format option is not selected. If the Quick Format or Safe Format option is used, the contents of the disk are marked for deletion but can be retrieved with third-party data recovery software. Note: The hard-disk format process that the format command performs (which creates the file system) is sometimes referred to as a standard format, to distinguish it from the low-level format that hard drive manufacturers use to set up magnetic structures on the hard drive. Using format with USB Flash and Removable-Media Drives Although USB flash memory drives and removable-media drives are preformatted at the factory, format is still useful to quickly erase the contents of a disk, especially if it contains many files or folders. It also places new sector markings across the disk. Formatting Drives with File Explorer Use Windows File Explorer/This PC to format all types of drives. Right-click the drive you want to format, and select Format. The Format options for Windows appear (see Figure 6-3). The Format tool is also available in Disk Management; for most users, this is the preferred method of formatting disks. The Format Menu for a Flash Drive (Left) and for a Hard Disk (Right) Using format from the Command Prompt The format command overwrites the current contents of the target drive unless the /Q (Quick Format) option is used. When /Q is used, only the file allocation table and root folder are overwritten. To retrieve data from a drive that has been formatted, you must use third-party data recovery software. The format command includes a variety of options for use with hard disks, removable media and optical drives, and USB flash memory drives. The most useful examples follow: - format F: /FS:exFAT formats drive F: using the exFAT file system. - format F: /Q performs a quick format on drive F:. To see the additional options for format, use format /?. Note that the FAT and FAT32 file systems impose the following restrictions on the number of clusters on a volume: - FAT: Number of clusters ≤ 65,526 - FAT32: 65,526 < Number of clusters < 4,177,918 format immediately stops processing if it decides that the preceding requirements cannot be met using the specified cluster size. NTFS compression is not supported for allocation unit sizes above 4,096. copy The copy command copies files from one drive and folder to another folder and drive. The folder specified by copy must already exist on the target drive. copy does not work with files that have the system or hidden file attributes; to copy these files, use xcopy or robocopy instead. The syntax for copy in Windows follows: - copy [/D] [/V] [/N] [/Y | /-Y] [/Z] [/L] [/A | /B ] source [/A | /B] - [+ source [/A | /B] [+ ...]] [destination [/A | /B]] The following are some examples: - copy*.* F: copies all files in the current folder to the current folder on the F: drive. - copy*.TXT C:\Users\Username copies all .txt files in the current folder to the Username folder on the C: drive. - copyC:\WINDOWS\TEMP\*.BAK copies all *.bak files in the \Windows\Temp folder on drive C: to the current folder. - copyC:\WINDOWS\*.BMP D: copies all .bmp files in the \Windows folder on drive C: to the current folder on drive D:. To see a list of all the options for copy, use copy/?. xcopy In most cases, the xcopy command can be used in place of copy. It has the following advantages: - Provides faster operation on a group of files: xcopy reads the specified files into conventional RAM before copying them to their destination. - Creates folders as needed: If you specify the destination folder name in the xcopy command line, the destination folder will be created if needed. - Operates as a backup utility: xcopy can be used to change the archive bit on files from on to off, to allow it to be used in place of commercial backup programs. - Copies files changed or created on or after a specified date: This is useful when using xcopy as a substitute for commercial backup programs. xcopy can be used to “clone” an entire drive’s contents to another drive. For example, the following command copies the entire contents of the D: drive to the H: drive: - xcopyD:\ H:\ /H /S /E /K /C /R This command copies all files from the root folder (root directory) and subfolders in drive D: to the root folder and subfolder in drive H:, including system and hidden files, empty folders and subfolders, and file attributes. This process continues even if errors are detected, and it overwrites read-only files. To see a list of all the options for xcopy, use xcopy/?,Table 6-4. robocopy robocopy is a robust file-copying Windows utility that can be used in place of xcopy. robocopy offers several advantages over xcopy, including the capability to tolerate pauses in network connections, to mirror the contents of the source and destination folders by removing files as well as copying files, to perform multithreaded copies for faster copying on multicore PCs, to log copy processes, and to list or copy files that match specified criteria (including minimum file size). The syntax for robocopy for Windows is available from https://technet.microsoft.com/en-us/library/cc733145.aspx. Let’s look at two examples of what you can do with robocopy. To copy files in sourcefolder that are at least 16MB (16,777,216 bytes) in size to a targetfolder, use - robocopy C:\SOURCEFOLDER D:\TARGETFOLDER /MIN:16777216 Add the /L option to the end of this command to list the files to be copied. To mirror a local folder to a network folder with tweaks for more reliable operation and omit hidden files (/XA:H), use: - robocopy\\SOURCESERVER\SHARE \\DESTINATIONSERVER\SHARE /MIR /FFT /Z /XA:H /W:5 /FFT uses the 2-second rule for comparing files, which can prevent the recopying of files that are unchanged but that have a time stamp that is off by a second or two from the destination’s version. /W:5 changes the wait time between retries from the default of 30 seconds to 5 seconds. These examples were adapted from the excellent TechNet Wiki posting “Robocopy and a Few Examples,” available at https://social.technet.microsoft.com/wiki/contents/articles/1073.robocopy-and-a-few-examples.aspx. As you can see from these examples, robocopy uses much different syntax than xcopy. If you used robocopy in Windows XP or older versions, keep in mind that robocopy has had syntax changes over its different versions. For these reasons, you might prefer to run it by means of a GUI, such as the robocopy GUI available at https://docs.microsoft.com/en-us/previous-versions/technet-magazine/cc160891(v=msdn.10) or third-party GUIs available online. diskpart diskpart is a disk-management program included in Windows. It can be used to perform disk partitioning and management commands that are not included in Computer Management’s Disk Management module. When you run diskpart, a new window opens with a diskpart prompt. Only diskpartdiskpart/?. Figure 6-4 demonstrates two diskpart commands: select disk X and detail disk. In this example, diskpart shows that the selected disk drive is the boot drive, contains the pagefile, and is used to store crashdump information. Using diskpart to Determine Details About the Selected Disk sfc System File Checker (sfc) is a Windows utility that checks protected system files (such as .dll, .sys, .ocx, and .exe files, as well as some font files used by the Windows desktop) and replaces incorrect versions or missing files with the correct files. Use sfc to fix problems with built-in Windows programs caused by the installation of obsolete Windows system files, user error, deliberate erasure, virus or Trojan horse infections, and similar problems. To run sfc, open the command prompt in elevated mode (that is, run as administrator), and type sfc with the appropriate switch. A typical option is sfc/scannow, which immediately scans all protected files (see Figure 6-5). sfc /scannow Reports That Corrupt Files Were Repaired Another option is sfc /scanonce, which scans all protected files at the next boot. If SFC finds that some files are missing and replacement files are not available on your system, you are prompted to reinsert your Windows distribution disc so that the files can be copied to the DLL cache. Other options include /scanboot, which scans all protected files every time the system starts; /revert, which returns the scan setting to the default; and /purgecache and /cachesize=x, which enable a user to delete the file cache and modify its size. If errors are detected, they are logged in the CBS.log file, found in %WinDir%\Logs\CBS\. To read the contents of CBS.log, you can use the findstr command, which sends the details to a separate file called sfcdetails.txt. For more information about using sfc and findstr, and to learn how to replace corrupted system files manually if sfc cannot do it, see https://support.microsoft.com/en-us/kb/929833. chkdsk chkdsk is a command-line tool for checking disk drives for errors and, optionally, repairing those errors. It must be run in elevated/administrator mode. Note that some commands differ, depending on the file system (FAT/FAT32 or NTFS) of the target drive. The syntax of the chkdsk command follows: - chkdsk [volume[[path]filename]]] [/F] [/V] [/R] [/X] [/I] [/C] [/L[:size]] [/B] Consider these examples: - chkdsk/F scans for and fixes errors on the current drive. - chkdskF: /F scans for and fixes errors on drive F:. If chkdsk/F is run on the system drive, the following message appears: Click here to view code image
The type of the file system is NTFS. Cannot lock current drive. Chkdsk cannot run because the volume is in use by another process. Would you like to schedule this volume to be checked the next time the system restarts? (Y/N)
If you answer Y, chkdskchkdsk/F is run on a nonsystem drive, it runs immediately. For a complete list of chkdskchkdsk/?. gpupdate gpupdate is used to update the Group Policy on a local or remote computer. Its syntax follows: - gpupdate [/Target:{Computer | User}] [/Force] [/Wait:<value] - [/Logoff] [/Boot] [/Sync] For example, you can use this command to refresh the Group Policy on a specified computer called AccountingPC and then reboot that computer after processing is complete: - gpupdate/target:accountingpc /boot For a complete list of options for the gpupdate command, use gpupdate/?. gpresult Use gpresult to display the current policy for a specified user and computer. Its syntax follows: - gpresult [/S system [/U username [/P [password]]]] [/SCOPE scope] - [/USER targetusername] [/R | /V | /Z] [(/X | /H) <filename [/F]] For a complete list of options for the gpresult command, use gpresult/?. Consider these examples: - gpresult/R displays summary data. - gpresult/H GPReport.xhtml saves a report as GPReport.xhtml. - gpresult/USER targetusername /V provides verbose information for the specified username. pathping pathping is a PowerShell command for gathering information on routes and latency (or delay) in communications across a network or the Internet. The ping command simply tests an address’s availability, whereas pathping gathers statistics about the journey of the IP packets. Microsoft Windows 10 Operating System (OS) Features and Tools 220-1102: Objective 1.3: Given a scenario, use features and tools of the Microsoft Windows 10 operating system (OS). Many administrative Windows tools provide graphical interfaces for managing performance and troubleshooting. Mastering these tools makes common tasks much more efficient. Task Manager The Task Manager utility provides a useful real-time look into the inner workings of Windows and the programs that are running. Task Manager is displayed in several ways: - Right-click the taskbar and select Task Manager. - Press Ctrl+Shift+Esc. - Type Task Manager in the search box. - Press Ctrl+Alt+Del and select Task Manager from the Windows Security dialog. Any of the preceding approaches opens Task Manager, shown in Figure 6-6. The Windows Task Manager’s Process Tab in Windows 10 The Windows 10 Task Manager includes the following tabs: - Processes: Displays apps and background processes in memory - Performance: Displays CPU, memory, disk drives, Bluetooth, Ethernet, and Wi-Fi stats - App history: Displays app resource usage in the current system session - Startup: Displays startup programs and their impact on system performance - Users: Lists current users - Details: Displays PID, status, username, CPU, and memory usage by app or service - Services: Lists services and their status One of the most common uses of Task Manager is to end programs (processes) that are malfunctioning. To end a program, click the Processes tab, right-click the process of the nonresponsive program, and select End Task. It is also possible to right-click a process and choose additional details about the status. Microsoft Management Console (MMC) Snap-in Instead of hunting for different utilities in different places in Windows, it’s simpler to use the Computer Management console window. It has most of the tools you need in one organized window system. How you open Computer Management depends on the Windows version. Computer Management is an example of the Microsoft Management Console (MMC), which is a blank console that uses various snap-in console windows. MMC saves the consoles that you snap in and remembers the last place you were working, which makes it a valuable and time-saving tool. To open the MMC, enter MMC in the Run box. A new blank MMC appears. To add the console windows, go to File Add/Remove Snap-in (or press Ctrl+M). From there, click the Add button to select the desired console, such as Computer Management, Performance Logs and Alerts, or ActiveX Controls. When you are finished using it, save the MMC and consider adding it as a shortcut within the desktop or in the Quick Launch area, and maybe add a keyboard shortcut to open it. The MMC remembers all the console windows added and starts you at the location used when the program was closed. MMC version 3.0 is used with Windows 10. Event Viewer The Event Viewer (eventvwr.msc) enables an administrator to track and log event logins, security actions, crashes, and other events that have happened in the computer. Figure 6-7 shows an example of the events tracked in the Event Viewer for Windows 10. Event Viewer Disk Management The Disk Management (diskmgmt.msc) snap-in of the MMC is a GUI-based application for analyzing and configuring hard drives. Try some of the configurations listed in the following sections on a test computer with one or two drives of unpartitioned space. Disk Management is also accessible by right-clicking the Windows icon (start) and selecting Disk Management from the menu that appears. Warning: Some operations wipe out all drive contents. Make sure you back up any data that you want to keep before you try any of these tasks. Drive Status Disk Management displays the status of connected drives with Drive Status. Figure 6-8 displays the disks and their status at the top of the window. For example, the C: partition is healthy. This window also shows the percentage of the disk used and other information, such as whether the disk is currently being formatted, whether it is basic or dynamic, and whether it has failed. Using Disk Management In some cases, you might see a “foreign” status. This means that a dynamic disk has been moved from another computer (with another Windows operating system) to the local computer, and it cannot be accessed properly. To fix this and enable access to the disk, add the disk to your computer’s system configuration. To add a disk to your computer’s system configuration, right-click the disk and then click Import Foreign Disks. Any existing volumes on the foreign disk become visible and accessible when you import the disk. Task Scheduler Windows uses Task Scheduler (taskschd.msc) to run a task on a specified schedule. To create a basic task in Windows, follow this procedure: Step 1. Type Task Scheduler (or taskschd.msc) in the search bar or Run box. Step 2. Click Create Basic Task in the Actions menu. Step 3. Enter a name and a description for the task, and click Next. Step 4. Select an interval (for example, Daily, Weekly, Monthly, One-Time Only, When My Computer Starts, When I Log On, or When a Specific Event Is Logged), and click Next. Step 5. Specify when to start the task and the recurrence, and whether to synchronize across time zones; then click Next. Step 6. Specify to start a program (or send an email or display a message), and click Next. Step 7. Select a program or script to run, add options (arguments), and specify where to start the program or script. Click Next. Step 8. Review the settings for the task (see Figure 6-9) and click Finish. Reviewing a Disk Check Task Created with the Task Scheduler The task is saved in the Task Scheduler library (see Figure 6-10). Tasks can be edited or deleted in this folder as needed. The Task Scheduler Library After a New Task Is Added (the New Task Is Listed First, in This Example) Device Manager Windows Device Manager (devmgmt.msc) is used to display installed device categories and specific installed devices, as well as to troubleshoot problems with devices. To start Device Manager in Windows 10, follow these steps: Step 1. In the search bar, type Device Manager, or enter devmgmt.msc in the Run box. Step 2. Open the Device Manager. Step 3. Click or tap the Device Manager link. Alternatively: Step 1. Press Windows+X. Step 2. Select Device Manager. To view the devices in a specific category, click the plus (+) sign next to the category name, as shown in Figure 6-11. If a particular category contains a device with problems, the category automatically opens when you start Device Manager. Device Manager with Selected Categories Expanded Note: Different systems have different categories listed in Device Manager because Device Manager lists only categories for installed hardware. For example, the system shown in Figure 6-11 is a laptop, so it has a Batteries category. If a computer has devices that are malfunctioning in a way that Device Manager can detect, or if it has devices that are disabled, they are displayed as soon as you open Device Manager. For example, in Figure 6-11, the Imaging Devices category lists a disabled device, indicated by a down-arrow icon. The Other Devices category lists a device that cannot run, indicated by an exclamation point (!) in a yellow triangle. If a malfunctioning or disabled device is an I/O port, such as a serial, parallel, or USB port, any device attached to that port cannot work until the device is working properly. To see more information about a specific device, double-click the device to open its properties sheet. Device properties sheets have a General tab and some combination of other tabs, including the following: - General: Displays device type, manufacturer, location, status, a troubleshooting button, and usage. Applies to all devices. - Properties: Displays device-specific settings. Applies to multimedia devices. - Driver: Displays driver details and version information. Applies to all devices. - Details: Displays technical details about the device. Applies to all devices. - Policies: Optimizes external drives for quick removal or performance. Applies to USB, FireWire (IEEE 1394), and eSATA drives. - Resources: Displays hardware resources such as IRQ, DMA, memory, and I/O port address. Applies to I/O devices. - Volumes: Displays drive information such as status, type, and capacity. Click Populate to retrieve information. Applies to hard disk drives. - Power: Displays the power available per port. Applies to USB root hubs and generic hubs. - Power Management: Specifies device-specific power management settings. Applies to USB, network, keyboard, and mouse devices. Figure 6-12 illustrates some of these tabs. Selected Device Manager Tabs: the General Tab for a Disabled Device (A), the Driver Tab for a Network Storage Device (B), and the Power Tab for a USB Hub (C) To troubleshoot problems with a device in Device Manager, open its properties sheet by double-clicking the device. Use the General tab (shown in Figure 6-12) to display the device’s status and to troubleshoot the disabled or malfunctioning device. When you have a malfunctioning device such as the one shown on the left in Figure 6-12, you have several options for resolving the problem: - Look up the Device Manager code to determine the problem and its solution. (See Table 6-5 for a few examples of device manager codes and solutions.) - Click the troubleshooting button (if any) shown on the device’s General Properties tab; the button’s name and usage depend on the problem. Table 6-5 lists a few examples, their meanings, and the solution button (if any). - Manually change resources (primarily in older systems that do not use ACPI power management). If the nature of the problem is a resource conflict, you can click the Resources tab, change the settings, and try to eliminate the conflict. - Manually update drivers. If the problem is a driver issue, but an Update Driver button isn’t available, open the Driver tab and install a new driver for the device. Table: Examples of Some Device Manager Codes and Solutions
You can also use Device Manager to disable a device that is conflicting with another device. To disable a device, follow these steps: Step 1. Click the plus (+) sign next to the device category containing the device. Step 2. Double-click the device, click the Driver tab, and select Disable. Depending on the device, you might need to physically remove it from the system to resolve a conflict. To use Device Manager to remove a device, follow these steps: Step 1. Click the plus (+) sign next to the device category containing the device. Step 2. Double-click the device and select Uninstall. Step 3. Shut down the system and remove the physical device. Or: Step 1. Double-click the device and select Properties. Step 2. Click the Driver tab and click the Uninstall button. Step 3. Shut down the system and remove the physical device. If a device malfunctions after a driver update, roll back the driver. Click the Roll Back Driver button on the Driver tab to return to the preceding driver version. Certificate Manager The Certificate Manager (certmgr.msc) enables the import, export, modification, or deletion of root certificates. These digital certificates are how Windows manages authentication when sending and receiving information. This includes personal user authentication, as well as trusted certificates for an enterprise. The information for each certificate issued includes the following: - Issued to - Issued by - Expiration date - Intended purpose (for example, server authentication) - Friendly name - Status You can view your security certificates by accessing the tool and typing Certificate (or certmgr.msc) in the search bar. Figure 6-13 shows an example of the different types of securities. Certificate Manager Local Users and Groups Local Users and Groups (lusrmgr.msc) is a snap-in console for managing local users and groups. The local user or group settings enable the administrator to assign permissions that regulate access and activities on the local machine. You can access Local Users and Groups in several ways. Try these on a local machine: - Press Windows+R to access the Run app; then enter lusrmgr.msc. - Open the Computer Management App and select Users and Groups. This tool enables you to see all the accounts, visible and hidden, on the computer, as well as to create and manage new users and groups. By default, Windows uses some built-in accounts, such as Administrator, DefaultAccount, and Guest. The Windows Defender antivirus uses the WDAGUtility account. Performance Monitor The Windows Performance Monitor (perfmon.msc) can be used for real-time performance monitoring or to record performance over time. To access Performance Monitor, open the Run prompt and search for Performance Monitor (or just type perfmon) in the search box, and then click the Performance Monitor node. Many different types of performance factors can be measured. You can measure objects, including physical devices such as the processor and memory, and software, such as protocols and services. These objects are measured with counters. For example, a common counter for the processor is % Processor Time. To see whether additional RAM is needed in a system, for example, select the object called Paging File; then select the counters % Usage and Pages/Sec, as described in the following steps: Step 1. Click the + sign or right-click in the table beneath the graph, and select Add Counters. Step 2. Select Paging File as the performance object and then choose % Usage. Step 3. Click Add. Step 4. Select Memory as the performance object and then choose Pages/Sec from the drop-down menu. Step 5. Click Add. Step 6. Click OK and then run normal applications for this computer. If Performance Monitor indicates that the Paging File % Usage counter is consistently near 100 percent or the Memory Pages/Sec counter is consistently higher than 5, add RAM to improve performance. Additional Tools A technician needs to know information about a machine and then perform routine tasks such as disk maintenance and other adjustments. The following tools can quickly provide information and maintenance options. Simply typing the name of the tool into the Windows search bar provides quick access to the apps. System Information (msinfo32) The System Information (msinfo32.exe) tool displays a great deal of information about the computer hardware and Windows installation in a system. To access the tool, type msinfo32 in the search bar or run msinfo.exe. The System Summary (see Figure 6-14) provides basic information about the Windows installation and hardware configuration. Simply click a subnode (left pane) for more detailed information about system hardware, components, or software environment. To dig deeper, open the nodes in the left pane. Figure 6-15 shows the loaded program modules listed. msinfo32 System Summary msinfo32 Loaded Program Modules Display (Right Pane) Use the Find What window to locate specific information. Use the File menu to save a report or to export it as a text file. Resource Monitor The Resource Monitor (resmon.exe) is similar to the Performance Monitor, mentioned earlier in this section. Both track the performance of the CPU, memory, and so on. For most users, the Performance Monitor is enough to find most problems and disable processes, but sometimes a deeper understanding of resources is needed: That is where the Resource Monitor comes in. The Resource Monitor allows for more detailed tracking of resources. The following figures show the deeper detail offered in the Resource Monitor. Figure 6-16 depicts the overview provided when the monitor is opened; Figure 6-17 details the network information, with additional information on activity, connections, and ports. The graphs on the right provide a visual context for the data on the left. Resource Monitor Window (resmon.exe) Resource Monitor with the Network Tab Selected System Configuration Utility Use the System Configuration (msconfig.exe) utility to configure how Windows starts, to choose startup programs and services, and to change the boot procedure. The Microsoft System Configuration utility (msconfig.exe) enables the selective disabling of programs and services that run at startup. If a computer is unstable, runs more slowly than usual, or has problems starting up or shutting down, using msconfig can help you determine whether a program or service running when the system starts is at fault. To start msconfig.exe, press Windows+R, type msconfig, and press Enter. msconfig has a multitabbed interface used to control startup options. The General tab (see Figure 6-18) offers Normal, Diagnostic (clean boot), or Selective Startup. (You choose which items and services to load.) Use the Boot tab to specify how to boot a Windows system. System Configuration Utility (msconfig) Tools Tab in Windows 10 Use the Services tab to disable or reenable system services. Use the Tools tab to launch System Restore, Computer Management, and other management tasks. When trying this, note that the Startup tab, once used to manage startup programs, now links to the Task Manager for those changes. Figure 6-18 shows the System Configuration dialog’s Tools tab in Windows 10. Note that many of the tools listed in this section are accessible from this utility. Tip: When you select a tool from the Tools tab, msconfig displays the command line needed to run it. Add any options desired before you start the tool. Disk Cleanup Disk Cleanup (cleanmgr.exe) is a utility for optimizing drives by removing unnecessary files and freeing space for better disk performance. Running cleanmgr.exe brings up a window to choose a disk to clean. When a disk is selected, another window opens and presents check boxes to select file types that can be removed. These files include temporary Internet files, the Recycle Bin, and other temporary files. If still more space is needed, select Clean Up System Files in Disk Cleanup and choose the file types you no longer need. Storage Sense is a convenient tool on Windows 10 and 11 that facilitates automatically maintaining storage use on a PC. Access Storage Sense by opening Settings System Storage. From here, you can enable or disable Storage Sense. If it is enabled, further settings determine how to handle temporary files and preferences for running the utility. Disk Defragment/Optimize Drives Defragging a hard disk drive can help improve system performance, especially if the drive is frequently changed. With heavy use, the data on a disk can be spread around the drive, which slows access. Defragmentation is the process of reorganizing the data into contiguous blocks. Defragmenting SSD storage is not as necessary as on HDDs, but Windows can still defrag SSDs on a schedule with the Optimize Drives (dfrgui.exe) app in Windows 10. Defragmentation is set by default and can also be scheduled. Figure 6-19 shows the Optimize Drives app in Windows 10. The Optimize Drives App in Windows 10 Registry Editor The Windows Registry is a hierarchical database that contains all the configurations and settings Windows uses. The Registry Editor is the application you use to view or edit settings and configurations. Advanced users can modify and create configurations in the Registry database. Under most normal circumstances, the Registry does not need to be edited or even viewed. However, Registry editing might be necessary under the following circumstances: - To view a system setting that cannot be viewed through other interfaces. - To add, modify (by changing values or data), or remove a Registry key that cannot be changed through normal Windows menus or application settings. This might be necessary, for example, to remove traces of a program or hardware device that was not uninstalled properly or to allow a new device or program to be installed. - To back up the Registry to a file. To access the Registry Editor (regedit.exe), either press Windows+R, enter the command regedit, and press Enter; or use the search bar and type regedit. Changes made using regedit are automatically saved upon exit. However, you might need to log off and then log back on or restart the system for changes to take effect. Warning: The Registry should never be edited unless a backup copy has been made first. No Undo option exists for individual edits, and there is no way to discard all changes when exiting regedit. Editing the Windows Registry can be difficult because Registry keys can be expressed in decimal, hexadecimal, or text. When editing the Registry, be sure to carefully follow the vendor instructions. Figure 6-20 shows the Registry with a modification being made to the MenuShowDelay Registry key, which is not accessible within normal Windows display menus. Using regedit Always back up the Registry before editing it. Follow these steps to back up part or all of the Registry to a text file: Step 1. Start regedit. Step 2. To make a partial backup, highlight the section of the Registry to be backed up. Step 3. Click File and select Export. Step 4. Select a location to store the Registry backup. Step 5. Enter a name for the backup. Step 6. Click All to back up the entire Registry. Click Selected Branch to back up only the Registry branch you selected in step 2. Step 7. Click Save. Windows 10 Control Panel Utilities 220-1102: Objective 1.4: Given a scenario, use the appropriate Microsoft Windows 10 Control Panel utility. The Control Panel is the major starting point for adjusting the hardware and user interface settings in Windows. Although Windows 10 includes Settings, many configurations in Windows are performed through the Control Panel. Note: Just as there are often different ways to access information in the Windows OS, this section repeats some content from other guides, but in the context of the Control Panel. This repetition is done to help readers who are tracking the CompTIA A+ Core 2 objectives, which themselves have elements of redundancy.
Starting Control Panel To start Control Panel in Windows 10, type Control Panel in the search box and then select the Control Panel link. Another option is to press Windows+R, type control, and press Enter. Internet Options Access the Internet Options menu via the Control Panel. Figure 6-21 shows the Internet Properties dialog that appears, with the Security tab selected. Note that these choices differ from the options available in the Network and Sharing Center. Internet Options in the Control Panel The Internet Properties dialog accessed from the Control Panel has seven tabs, which Table 6-6 describes. Table: Internet Properties Dialog Tabs
Many of the Control Panel utilities in the A+ objectives are discussed in other guides. Table 6-7 briefly summarizes them. Table: Control Panel Utilities and Their Settings
The following sections discuss some less intuitive Control Panel utilities. User Accounts From the Control Panel, if you select Accounts, you can manage the user account and access to other users. Figure below shows the Windows 10 account options from the Control Panel. User Accounts in the Control Panel
Device Manager The Device Manager accessed in the Control Panel is the same one discussed under the MMC, in the earlier section, “Microsoft Windows 10 Operating System (OS).” It is a good place to start for adding and removing devices and troubleshooting device problems.
Indexing Options The Indexing Options page in the Control Panel manages the indexing of data on a computer. Using these options can help increase the ease and speed for finding information. Just as the index in the back of this book helps you locate a specific topic, indexing the computer makes it easy for the search tool and selected apps to find useful information. Files and their text content are indexed by default. If a user is searching for a specific document and remembers key words but not the name of the document, typing in the words returns documents that use those words. Indexing can be administered. If enabled, it automatically indexes new documents and files as they are created. Administrative Tools The Administrative Tools page in the Control Panel is an easy way to access tools to manage the computer. Some of these tools are familiar from the previous section, such as the System Information, Resource Monitor, System Configuration, Disk Cleanup, Disk Defragment, Registry Editor, and Event Viewer utilities. Several of the tools in this panel are discussed in other sections. File Explorer Options The File Explorer Options properties sheet affects how Explorer does the following: - Displays file and folder information (View tab) - Selects folders to index for searching (Search tab) - Opens folders (General options tab) By default, File Explorer hides the following file information: - File extensions for registered file types. For example, a file called letter.docx displays as letter because Microsoft Word is associated with .docx files. - The full path to the current folder. - Files or folders with hidden or system attributes, such as the AppData folder. - The Windows folder. Concealing this information is intended to make it harder for users to “break” Windows, but having this information hidden also makes management and troubleshooting more difficult. The default hidden settings can be changed using the File Explorer Options applet in Control Panel. To change defaults, follow these steps: Step 1. Open File Explorer. Step 2. Click or tap the View tab. Select the Options drop-down and then choose Change Folder and Search Options. Step 3. Select the options you want (see Figure 6-23). The following changes are recommended for experienced end users: - Enable the Display the Full Path in the Title Bar option - To see all file extensions, disable the Hide Extensions for Known File Types option. - If you are maintaining or troubleshooting a system, change the following: - To view hidden files, enable the Show Hidden Files, Folders, and Drives setting. - Disable the Hide Protected Operating System Files setting. Step 4. Click OK to close the Folder Options window. The View Tab of the Folder Options Dialog in Windows with Recommended Options Set Power Options You can manage power options from the Control Panel Power Options applet. If a Power Options icon is available in the notification area of the Windows taskbar, use it to view the current power option setting and, if desired, select a different one. Hibernate The Hibernate option, which was originally available in Windows 7, creates a special disk file (hiberfil.sys) that records open apps, memory contents, and the apps’ positions onscreen. In effect, it “pauses” the system so that you can return to right where you left off. In Windows 10, Hibernate is not a listed option for the shutdown menu; however, it can be added by modifying a power plan: Select the Choose What the Power Buttons Do link under Power & Sleep Settings Additional Power Settings. Hibernate is an available option when you are choosing what happens when you press the power button, press the sleep button, or close the lid. To awaken a system from hibernation, press the power button on the computer. If the system has a password set for access, you are prompted to enter the password to restart the system. Note: The options of sleep and hibernate are available. They are similar power-saving options but differ in where they store active programs. Sleep mode stores running programs in RAM and uses little power. Hibernate stores them in the hard drive and allows the power to turn off. Power Plans Standard Windows versions offer three standard power plans (with a fourth power plan available only in Windows Pro): - Balanced: Default plan. Balances performance with energy consumption. - Power Saver: Reduces CPU performance and screen brightness more than the Balanced plan, for longest battery life. - High Performance: Offers the fastest CPU performance, brightest screen, and shortest battery life. - Ultimate Performance: Limited to Windows 10 Pro Workstation edition for high-end computers. Note: If your computer supports Modern Standby, a power management plan in Windows, it may be that the only option available is Balanced. However, you can still create a custom plan. Desktop computers hide Power Saver by default; laptop computers hide High Performance by default. Note: Some portable device vendors offer additional plans in systems with Windows preinstalled. Tablets offer only the Balanced power plan. To change a plan, click or tap Change Plan Settings. You can change the sleep or hibernate settings for sleep times, display times, and battery levels. Figure 6-24 shows the Power Options Advanced Settings menu. Advanced Power Options To create a new power plan, click Create a Power Plan in the Power Options dialog. Then in the Create a Power Plan dialog, follow these steps: Step 1. Select a plan to use as the basis for your plan. Step 2. Enter a plan name and click Next. Step 3. Specify timings for the display and sleep, and then click Create. Sleep/Suspend Sleep/Suspend mode is supported in Windows 10. If the system does not correctly enter Sleep/Standby mode, startup programs might be interfering with this mode. Use msconfig to selectively disable startup programs until you discover the offending app. With most laptops and many desktops, you can put the computer into sleep mode by pressing a special sleep key or by pressing the power key and releasing it right away. To change how the sleep or power key works, modify your power plan. Standby, Lid, and Fast Startup Options Settings for power, sleep, and lid closure are managed in the Power Options by choosing the link What Closing the Lid Does. This brings up System Settings for power options. Note that options are set with both check box and drop-down menus, as shown in Figure 6-25. This figure shows options for doing nothing, sleeping, hibernating, and shutting down. Advanced Power Options Universal Serial Bus (USB) Selective Suspend USB selective suspend is a power management setting that allows a computer to awaken from sleep with a signal via the USB port, such as a USB mouse. The setting is necessary because if all USB ports went to sleep, wiggling a mouse would not wake the computer; selective USB ports are set to respond to a signal from an attached device. Occasionally, this feature, which is enabled by default, can cause problems with USB devices. Disabling the setting can help because sleep mode no longer powers off USB devices. To disable USB selective suspend from the Power Options menu, click the link to Change Plan settings then click the link for Change Advanced Power Settings. This brings up the menu in Figure 6-26. Open the USB settings and select Disable, and then select OK to save the change. Advanced USB Selective Suspend Settings Note: For Sleep/Standby mode to work correctly, the system needs to support the S3 power setting in the system BIOS/UEFI. Ease of Access Ease of access settings are used to customize settings to the user’s needs and tastes. Search for Ease of Access and select the app. Note that the column on the left has groups of settings for Vision, Hearing, and Interaction. These settings help users of varying abilities more easily interact with the computer. Figure 6-27 shows settings available from the keyboard section of the Interaction group. Explore all the settings to become familiar with all the options available. Keyboard Settings in the Ease of Access Settings Menu Windows Settings 220-1102: Objective 1.5: Given a scenario, use the appropriate Windows Settings. A thorough understanding of the Settings menu is essential for an IT support technician. This section provides a basic overview of key Windows settings. It is recommended that you explore all the options in the Settings menu as sections are highlighted and described. Access the Settings menu by using the Windows+X shortcut and then selecting Settings by entering n. With a mouse, select the Windows icon and click the Settings gear from the menu. The settings options have their own search bar, which is the easiest way to find unfamiliar settings. The previous section looked at the Ease of Access settings, but there are many more to explore. Note: Some settings are from view if a computer is on a managed network. Time and Language The menu for Time and Language includes the following settings: - Date and Time: Setting time and date formats and automatic time settings - Region: Setting the country or region and the local format of date and time - Language: Adding languages and changing keyboard language options - Speech: Enabling voice recognition and choosing the computer’s voice
Update and Security You should be familiar with the security settings here. Be sure to visit and familiarize yourself with the links listed on the left under Windows Update and Security in the Settings menu.
Personalization The menu for Personalization includes settings for the following: - Background: Choosing a background color, picture, or slideshow - Colors: Light and dark colors for menus (such as the Windows menu) - Lock Screen: Settings for locking an idle computer and the locked display - Themes: Choices for background sounds, colors, or images - Fonts: Font choices for Windows text and tools for importing fonts - Start (Windows key) Menu: The Windows key hints at which keyboard key is being configured - Taskbar: Preference settings for badge display, showing or hiding the taskbar, and setting the command prompt/PowerShell default when right-clicking the taskbar Apps The menu for Apps includes the following settings: - Apps & Features: Installing new apps or removing old ones - Default Apps: Determining the apps chosen for music, pictures, mail, browser, and so on - Offline Maps: Downloading maps to use when offline - Apps for Websites: Setting opening sites with an app or the browser - Video Playback: Setting video resolution and battery power settings - Startup: Managing which apps will start when logging in Privacy Privacy settings are generally about sharing your usage information and data history with Microsoft for research purposes. These settings determine what is shared and what is not: - General: Sharing web activity and app launches, managing web advertising settings - Speech: Collecting speech patterns - Inking & Typing Personalization: Collecting user handwriting and typing patterns - Diagnostic and Feedback: Sharing software problems and crashes with Microsoft - Activity History: Managing settings for local storage and external sharing of activity - App Permissions: Managing privacy settings for each app or device System This is likely the most important app to study. System settings are used throughout the A+ content in this book, and many will be familiar by now. Many of the settings impact the performance of the computer. Devices The menu for Devices includes the following settings: - Bluetooth & Other Devices: Managing settings for keyboard, mouse, audio, and so on - Printers and Scanners: Adding and removing printers and scanners - Mouse: Managing mouse settings such as the primary button, scrolling, and pointer options - Touchpad: Managing settings for sensitivity, scrolling, zoom, and so on - Typing: Managing settings for spell checking, text suggestions, and spacebar options - Pen and Window Ink: Handling settings for the handwriting font - AutoPlay: Determining default settings for playing videos or music from apps - USB: Issuing charging notifications and managing battery settings Network and Internet The menu for Network and Internet includes the following settings: - Status: Managing general information on current network settings and activity - Wi-Fi: Setting specific Wi-Fi settings, handling IP and hardware information - Ethernet: Granting access to physical and virtual Ethernet interface settings - Dial-up: Granting access to dial-up settings if phone line and modem are available - VPN: Allowing and adding virtual private network access - Airplane Mode: Enabling and disabling wireless, Bluetooth, and cellular data - Mobile Hotspot: Sharing and Internet connection over Bluetooth or Wi-Fi - Proxy: Managing settings for using a proxy server (not applicable to VPNs) Gaming The menu for Gaming includes the following settings: - Xbox Game Bar: Setting shortcuts on an Xbox game bar - Captures: Managing settings to capture game play audio and video - Game Mode: Optimizing the PC for gaming - Xbox Networking: Monitoring status and performance, handling Xbox Live connectivity Accounts The menu for Accounts includes the following settings: - Your Info: Managing profile settings for the user - Email & Accounts: Adding accounts used by other apps for easier sign-in - Sign-in Options: Setting sign-in procedures with security settings and requirements - Access Work or School: Handling connection settings for managed computers on a domain - Other Users: Adding other accounts to the computer - Sync Your Settings: Allowing settings to sync across devices on a Microsoft account Microsoft Windows Networking Features on a Client/Desktop 220-1102: Objective 1.6: Given a scenario, configure Microsoft Windows networking features on a client/desktop. Windows networking includes three different types of networks, remote control and assistance options, a built-in firewall, and much more. The following sections can help you master networking concepts. Workgroup vs. Domain Setup Windows 10 supports both two different types of networks: workgroups and domains. The following sections describe how they differ from each other. Workgroup Networking Windows 10 supports workgroup networks. In a workgroup network, the following applies: - All computers can share folders and devices with other computers in a peer-to-peer arrangement. File and printer sharing (which is configured by default) is required for any computer that will share resources. - All computers must be part of the same local network or subnet. For example, computers in the IP address range 192.168.1.100–192.168.1.120 with the subnet 255.255.255.0 can share resources with each other but not with computers in the IP address range 192.168.2.100–192.168.2.120. - The workgroup does not have a password; however, each computer must have a user account for each user who will access that computer (unless password-protected sharing is disabled). For example, a computer can have an account for Mark and an account for Mary, and another computer could have an account for Mark and an account for Jerry. Mark might be able to connect to both computers, but Mary and Jerry might be able to connect to only one computer. In this situation, Mark could use one of the computers and log in via the network to another computer. The workgroup is identified in the Device Specification section of the System About sheet. Go to Settings, select System, and select About from the links menu on the left. The easiest way to view your computer’s name is to type the name in the search box; the option to view your device name links to the About page above. Creating a Workgroup To create a workgroup in Windows, follow these steps: Step 1. Configure all devices in the workgroup to use the same range of IP addresses and the same subnet. If the devices obtain their IP addresses from a router, this step has already been done for you. Step 2. Confirm that each device has a unique computer name. The name is generated automatically when Windows is installed on a device. To verify the name, press Windows+R, type the command sysdm.cpl in the Run dialog box, and press Enter. Alternatively, simply right-click Start Settings and select System to bring up the Setting About screen. An easy way to access System Properties is to open File Explorer, right-click This PC, and select Properties. Step 3. Confirm that each device is in the same workgroup. (The default workgroup name is WORKGROUP.) Domain Setup Larger networks, including networks with users in multiple locations, use domain networking. Some of the special features of domain networking include the following: - Shared resources (files, folders, printers, and devices) and user accounts are stored on servers. An Active Directory server is used to authenticate users, and other servers can be used for print, file, email, and other services. - User accounts are not tied to a particular computer. A user on a domain can use any computer or computers on the domain and have access to their files and shared resources. - Group Policy can limit resources available to a particular user. For example, Group Policy settings can prevent a user from connecting a USB flash drive. - Group Policy can also limit configuration settings that are available to a user. For example, Group Policy can be used to turn off AutoPlay for removable-media devices. - Different local networks with hundreds to thousands of users can be part of a single domain. The domain setup for a computer is performed from the Computer Name section of the System properties sheet. To join a domain, follow these steps: Step 1. Open the System Properties sheet. Step 2. Click or tap Change Settings. Step 3. On the Computer Name tab, click or tap Network ID. Step 4. Confirm that This Computer Is Part of a Business NetworkNext. Step 5. Confirm that My Company Uses a Network with a Domain is selected. Click or tap Next. Step 6. Review the information needed to connect to a domain, and click Next. Step 7. Enter the username, password, and domain name, and click Next. Step 8. Click OK on the “Welcome to the Domain” message. Network Shares A shared folder or drive can be accessed by other computers on the network. Shares can be provided in three ways: - On a client/server-based network or on a peer-to-peer network with peer servers that support user/group permissions, shares are protected by lists of authorized users or groups. Windows 10 supports user/group access control. - A workgroup network can offer unlimited sharing (full control or read-only) for any user who connects to a system if password-protected sharing is disabled. (This is not recommended.) - A network share can be accessed by either its mapped drive letters or its folder names in File Explorer. When user/group-based permissions are used, only members who belong to a specific group or who are listed separately on the access list for a particular share can access that share. After users log on to the network, they have access to all shares they have been authorized to use, without needing to provide additional passwords. Access levels include full and read-only; on NTFS drives, other access levels include write, create, and delete. Administrative Shares Administrative sharesComputer Management System Tools Shared Folders Shares. Note that every volume within the hard drive (C: or D:, for example) has an administrative share; for example, C$ is the administrative share for the C: drive. Although it is possible to remove these by editing the Registry, this is not recommended because it can cause other networking issues. Only administrators should have access to these shares. Sharing a Folder To share a folder with Windows 10, follow these steps: Step 1. Ensure that file sharing is enabled by opening the Control Panel and double-clicking the Network and Sharing Center icon. Step 2. Open Windows File Explorer on the taskbar and click This PC. Step 3. In the This PC window, navigate to a folder that you want to share. Step 4. Right-click the folder that you want to share and choose Share With. Step 5. If password-protected sharing is enabled, click Selected People; select which users will have access to the shared folder and select their permission levels. To allow all users, select the Everyone group within the list of users. Step 6. When you have finished configuring permissions, click Share and then click Done. Mapped Drives Windows enables shared folders and shared drives to be mapped to drive letters on clients. In File Explorer/This PC, these mapped drive letters show up in the list along with the local drive letters. A shared resource can be accessed either through Network (using the share name) or through a mapped drive letter. Drive mapping offers the following benefits: - A shared folder mapped as a drive can be referred to by the drive name instead of by using a long Universal Naming Convention (UNC) path. - When using MS-DOS programs, keep in mind that using mapped drives is the only way for those programs to access shared folders. Mapping drives and folders is a rather straightforward procedure: Step 1. Launch the File Explorer from the taskbar and right-click This PC. Step 2. Select Map Network Drive from the right-click drop menu to display the window in Figure 6-28. The Map Network Drive Dialog for Creating a Temporary or Permanent Drive Mapping Step 3. Select a drive letter from the list of available drive letters; only drive letters not used by local drives are listed. Drive letters already in use for other shared folders display the UNC name of the shared folder. Step 4. Click the Reconnect at Login box if you want to use the mapped drive every time you connect to the network. This option should be used only if the server will be available at all times; otherwise, the client will receive error messages when it tries to access the shared resource. Step 5. Click the Connect Using Different Credentials box if you want to use a different username/password to connect to the shared resource. Step 6. Click Finish. Printer Sharing vs. Network Printer Mapping Printers connected to network computers can be shared or printers can be connected directly to a network with Ethernet or wireless Ethernet (Wi-Fi) connections. To perform printer sharing, follow these steps: Step 1. In the Settings menu, open Devices and click Printers & Scanners on the left. Step 2. Click the printer to be shared. Step 3. Click the Manage button. Step 4. Click the Printer Properties option. Step 5. Click the Sharing tab. Step 6. Check the Share This Printer option. Local OS Firewall Settings Windows Defender Firewall provides protection against unwanted inbound connections and can also be configured to filter outbound connections. Use one of the following methods to open Windows Defender Firewall: - Click or tap the Windows Defender Firewall link in the Control Panel. - Search for Windows Defender Firewall and start it. When Windows Defender Firewall starts, it displays Firewall settings for the current connection (see Figure 6-29). Viewing the Firewall Settings for the Current Connection To change notification settings or turn the firewall on or off, click or tap the Change Notification Settings link or the Turn Windows Firewall On or Off link in the left pane (see Figure 6-29), to open the Customize dialog box (see Figure 6-30). Either selection opens the Customize dialog box for settings in a private and public network. Viewing the Customize Settings Dialog Box In this dialog box, the default settings are the same: - Windows Defender Firewall is turned on. - The user is notified when Windows Defender Firewall blocks a new app. - To block all incoming connections on a public network, click or tap the first check box in the Public Network Settings section. - If malware or user error has turned off Windows Defender Firewall and no other firewall is present, click or tap Turn On Windows Defender Firewall in both sections. - If the computer uses a third-party firewall, click or tap Turn Off Windows Defender Firewall in both sections. - If an app’s installer recommends or requires that firewalls be turned off, turn off Windows Defender Firewall and then turn it on again when the app installation process is complete. Client Network Configuration Computers that are members of a local network must be configured so that they can communicate with each other. This is most often done with an Internet Protocol (IP) addressing scheme. Figure 6-31 shows the settings that are necessary to attach a device to a network. You configure these address settings by accessing the active network interface in the Network and Sharing Center. Current network address settings can be viewed by accessing the active network interface in Settings. Some of the key settings are described next. (Most of these can be quickly accessed by clicking the network connection icon on the taskbar and selecting Properties.) Local IP Settings Networking is a broad topic worthy of its own certification, and many books have been written on the topic. An IT support technician will encounter the basic settings described here, so knowing what those settings involve is important. This section discusses the basic inputs to have a device join an IPv4 network. Computers on a network have two types of addresses. The MAC address is permanent and does not change; it identifies devices physically on their own network. Administrators also can assign an IP address, which helps them communicate with devices on other networks beyond their local network and out to the Internet. Routers are the devices that keep track of network addresses and forward communication between networks. This is done using IP addressing. This section describes both IPv4 and IPv6 addresses within the scope of the A+ exam objectives. As you read the following sections, refer to Figure 6-31 to locate the settings in the Network Connection Details output. Internet Protocol (IP) Addressing Scheme An IPv4 address is input using a decimal notation scheme with four 8-bit parts to an address. These parts are called octets because the number represents 8 bits. For example, many home routers and devices have an IPv4 network address similar to 192.168.1.0. In this case, the first three octets describe the network; the last octet, when assigned to a device, has a nonzero number to identify it on the network. A device on a network can be assigned any number from 1 to 254, which is the highest allowed number in this 8-bit addressing scheme. Subnet Mask The number of bits representing networks and the number representing the host can change. Just looking at an address, there is no way to tell which bits or part of a bit describes the network address and which describes the host address. This is where the subnet mask comes in. The purpose of a subnet mask is to help routers and devices distinguish network bits from host bits. The subnet mask is also 32 bits long and noted in groups of 8 bits. When a subnet mask bit is “on,” or a binary 1, the router does some calculating with the address to determine which is the network and which is the host. An IPv4 address is meaningless to a router (and to humans, for that matter) unless a subnet mask is configured. For example, an IPv4 address of 192.168.1.1 with a subnet mask of 255.255.255.0 has the first three octets as the network and the last octet as the host. For a subnet mask of 255.255.0.0, the first three octets define the network and the last two define the hosts. The number here is 255 because it represents all 8 bits of the octet being set to 1. Remember that the router is also a device on the network, and the interface connecting the router needs an IP address on the network. It is common practice to reserve the first host address, -x.x.x.1, for the router. This is not required, but it can make network management troubleshooting easier. Domain Name System (DNS) Settings A domain name server usually belongs to an Internet service provider (ISP). Domain Name System (DNS) servers are special computers that keep track of the IP addresses of domain names, such as Microsoft.com, IRS.gov, and NYT.com. People use domain names in their browsers because they are much easier to remember than IP addresses (but you can type IP addresses into browsers, too). Each domain name has a specific IP address for locating the server on the Internet. The job of a DNS server is to match the domain name with the correct IP address so that packets can be delivered. For the network in Figure 6-31, DNS information can be found in the Network Connection Details window. In this example, the local router sends the domain name to the DNS server, whose IPv4 address is 75.75.75.75. The server responds to the router with an IP address for Microsoft.com and uses it to forward the information across the Web. This is a very fast process that lasts milliseconds, so a user will not notice the DNS conversation taking place. Gateway Devices on a local network know about only other devices on the local network. They rely on a more sophisticated device (the router) for any communication outside. Setting a gateway address, also known as a default gateway, ensures that when a computer is sending communication out of the local network, it goes to the router. The default gateway is most likely the local router’s local interface. In Figure 6-31, the router interface is 10.0.0.1. Static vs. Dynamic An IP address is assigned to a device on the network in two ways. Static IP addresses are configured by a network administrator and do not change over time. Dynamic addresses are assigned, or leased, temporarily and need to be renewed after a period of time. The network administrator can adjust how much time applies for the lease. The vast majority of user IP addresses are assigned dynamically using the Dynamic Host Configuration Protocol (DHCP). A pool of network addresses is made available to the DHCP server; whenever a new device joins the network, it can be assigned a temporary, or leased, address. Not all addresses should be dynamic, however. A network administrator can reserve some network addresses and not allow DHCP to use them. Those addresses can be statically assigned to servers, printers, and other important resources that need IP addresses that never change in the network. Note that in Figure 6-31, the default gateway (which is the router) is also assigned to be the DHCP server. Most routers can be configured to run the DHCP protocol. Establish Networking Connections The Network and Internet page in the Control Panel is where options and wizards are found for the following connection types: - Wi-Fi - Ethernet (for wired connections) - Virtual private networking - Dial-up networking - Hotspot - Proxy VPN Connections A virtual private network (VPN) connection creates a secure tunnel over a public network, such as the Internet, between two computers. Most domain VPNs have separate client software available for VPN access, but this can also be set up from Windows in the Control Panel or Settings. A VPN can be configured in both the Control Panel and in Windows Settings. To configure a new VPN connection in Windows Settings, follow these steps: Step 1. On the Settings Network and Internet page, select VPN from the left. This opens the dialog box in Figure 6-32. Starting the VPN Connection Creation Process in Windows 10 Step 2. Click Add VPN Connection. Step 3. Complete the VPN connection in Figure 6-33. Setting Up a VPN Connection Wireless Connections A wireless connection can be configured when the user clicks on the SSID from the taskbar or Settings menu. However, if you use the Wireless Connection option in the Network and Sharing Center in the Control Panel window, you can specify more options, including security types: Step 1. In the Set Up a Connection or Network dialog box, click or tap Connect to a Wireless Network and click or tap Next. Step 2. Enter the network name. Select the security type and enter the security key. To start the connection automatically, check the Start This Connection Automatically box. Click or tap Next. Step 3. Click or tap Close. The connection is added to the list of connections. Wired Connections Use the option to configure a wired connection if you are setting up a Point-to-Point Protocol over Ethernet (PPPoE) connection. This type of connection is used by cable or DSL ISPs that require the user to log in to the connection: Step 1. In the Set Up a Connection or Network dialog box, click or tap Connect to the Internet and click or tap Next. Step 2. Click or tap Broadband (PPPoE) and click or tap Next. Step 3. Enter the username and password. Enter the domain. Check the Remember This Password box if the user does not want to enter the password again. Click or tap Connect. The connection is stored along with other network connections. WWAN (Cellular) Connections A wireless wide area network (WWAN) (cellular) connection shows up in the list of network connections after a SIM card is installed and activated by a mobile provider. To use this type of connection, select it from the list of network connections displayed when selecting the network icon in the taskbar or Settings. If the access point name (APN), username, password, or other information has not yet been stored for the WWAN, the user must provide this information during the first use of the connection. Proxy Settings A corporate network can use a proxy server as an intermediary between a network client and the destination of the request (such as a web page) from the network client. If a proxy server is used for Internet access and a configuration script or automatic detection are not available, the proxy server must be specified by server name and port number. To configure manual proxy settings for a LAN connection in Windows: Step 1. Open the Network and Internet settings from the Control Panel. Step 2. Click Proxy. Step 3. If a script is provided, turn on the Use Setup Script option and enter the address. If configuring manually, turn on the Use Proxy Server option and add the address and port (see Figure 6-34). Setting Up Proxy Servers Step 4. Click Save to save changes in each dialog box until you return to the browser display. Public Network vs. Private Network When joining a Wi-Fi network, it is possible to choose whether to be seen by other users or to be undiscoverable by them. For security reasons, it might be wise to remain undiscoverable on a public network, such as a coffee shop or other public venue, to avoid unwanted attention from unknown users. If the computer is being used in a known, private network environment, it could be desirable to be discovered by others for the purposes of sharing files and printing resources. In that case, selecting a private network option is preferred. It is possible to toggle the status of the network privacy setting by going to the wireless icon on the taskbar and clicking the Properties button. From there, simply choose Public or Private (see Figure 6-35). Public/Private Network and Metered Connections Settings
File Explorer Navigation: Network Paths Earlier in this guide, the File Explorer (the folder icon on the taskbar) was used to map a network drive. Similarly, network information can be mapped using File Explorer by selecting the Network icon from the menu on the left. To trace a path to a network, and for other information, click the Network tab in the top left to see the ribbon of network options. From here, you can view network paths and add devices to the network.
Metered Connections and Limitations Many ISPs and mobile companies have data plans with usage thresholds that, when passed, can lead to increased costs and unpleasant surprises in a billing statement. One way to avoid accidental overages is to manage usage in the Metered Connection settings. When the Metered Connection setting is turned on, details can be managed by clicking the Set a Data Limit to Help Control Data Usage on This Network link below the setting. Figure 6-36 shows the result. In this example, Windows enforces a monthly use of 1.5GB of data on the Reyner network, refreshing on the 5th of each month. Setting Data Limits for a Metered Connection Installation and Configuration Concepts 220-1102: Objective 1.7: Given a scenario, apply application installation and configuration concepts. System Requirements for Applications Before you make any changes to a computer by installing hardware or software, it is essential to understand what hardware will work on the computer and what software will work with the hardware in place. This section is a basic review of considerations when upgrading hardware or installing software. 32-Bit vs. 64-Bit File Systems A key purpose of operating systems is to keep track of all the files that are used on a computer. A file system describes how data and drives are organized. In Windows, the file system you choose for a hard drive affects the following: - The rules for how large a logical drive (drive letter) can be and whether the hard drive can be used as one big drive letter or several smaller drive letters, or whether it must be multiple drive letters - The efficiency of data storage (the less wasted space, the better) - The security of a system against tampering - Whether a drive can be accessed by more than one operating system The term file system is a general term for how an operating system stores various types of files. Windows supports three different file systems for hard drives and USB flash drives: FAT32, NTFS, and exFAT. For CD storage, it uses CDFS. FAT32 FAT32 was introduced in 1995 and has the following characteristics: - It has a 32-bit file allocation table, which allows for 268,435,456 entries (232) per drive. An entry can be a folder or an allocation unit used by a file. - The root directory can be located anywhere on the drive and can have an unlimited number of entries, which is a big improvement over FAT. - FAT32 uses an 8KB allocation unit size for drives as large as 16GB. The maximum logical partition size allowed is 2TB (that is, more than 2 trillion bytes). Note: Windows cannot create a FAT32 partition larger than 32GB. However, if a larger partition already exists, Windows can use it. FAT32 does have some limitations: It can support individual files only up to 4GB in size, it cannot use file permissions, and it does not support journaling systems that can fix file corruption issues. These three limitations moved the industry beyond FAT32, although it is still possible to use FAT32 to format hard drives. Because the limitations do not apply to most USB flash and SD cards, FAT32 is still used to format flash memory cards and USB flash drives for use in not only workstations, but also media players, smart TVs, printers, cameras, and anything else that has a USB port. FAT32 is still compatible with macOS and Linux as well, so FAT32 is far from legacy. Even as the capacity of USB flash drives is increasing and 4GB files will need to be supported, FAT32 will likely stay around to support other devices. Note: In a 32-bit machine, the maximum amount of memory that can be used is around 4GB. On a 64-bit machine, the maximum amount of memory is 264 bytes. exFAT (FAT64) exFAT (also known as FAT64) is a file system designed to enable mobile personal storage media to be used seamlessly on mobile and desktop computers. exFAT is designed to be as simple as FAT32, but with many improvements in capacity and scalability. exFAT is also called FAT64 because it supports 64-bit addressing. The main features of exFAT include the following: - It supports volumes (drive letters) larger than 32GB. 512TB is the recommended maximum volume size, but the theoretical volume size is 64ZB (zettabytes; 1ZB = 1 billion terabytes). - The recommended and maximum file sizes increase to 512TB and 64ZB, respectively. - Improvements in file system structure enable better performance with flash media and for movie recording. - It supports Universal Time Coordinate (UTC) date stamps. Figure 6-37 illustrates exFAT as a formatting option for a USB thumb drive in Windows. File System Formatting Options for a 16GB USB Thumb Drive in Windows, Including FAT32, NTFS, and exFAT
32-Bit vs. 64-Bit Dependent Application Requirements Remember that 32-bit apps date back to the X-86 days of processors (see “Hardware”) and, by current standards, were inefficient to run. 64-bit apps can take advantage of more computing resources in the CPU and RAM. Windows 10 running on a 64-bit machine can support 32-bit programs, but 32-bit processors on smaller mobile devices cannot support 64-bit apps. Be sure of what the computer is running and what the software requires before you install an app. Most software running on desktops today is 64 bit, but plenty of 32-bit applications are still in use. To see what kind of software is running in Windows, open the Task Manager (Ctrl+Alt+Esc); the list of running 32-bit programs is identified (see Figure 6-38). In this example, note that the AGS Service and the Bing Wallpaper are 32 bit. Task Manager Showing 32-Bit Software Dedicated Graphics Card vs. Integrated Graphics Card An integrated graphics card refers to the graphics chip embedded into the motherboard. It is smaller and more energy efficient, and current integrated cards provide sufficient quality for the average user. Integrated cards count on system RAM for their processing, so they take a toll on overall system performance. However, the integrated graphics card does not match the quality of a dedicated card. Dedicated cards are designed for different purposes, such as gaming or crypto currency mining, but they all have a graphics processing unit (GPU), onboard RAM, and a cooling fan for the processor. Most new dedicated cards can work with the embedded graphics for better efficiency. Video Random Access Memory (VRAM) Requirements Video random access memory (VRAM) is RAM dedicated to processing graphics displays. VRAM can be an assigned part of the system RAM, for an integrated graphics card. For example, a computer might have 4GB of RAM, with 1GB dedicated to the onboard graphics chip. VRAM also refers to the RAM mounted on a dedicated card to support the GPU. This RAM is next to the GPU and does not draw on system resources for high-quality display. For most users, the integrated VRAM is sufficient. For software and applications that need powerful processing, extra VRAM for a dedicated card is a good solution. RAM Requirements Before installing software on a computer, make sure that the current amount of RAM will support the application. Use the Task Manager (refer to Figure 6-38) to see how the computer is currently using available RAM resources. It is wise to assume that machines and devices run best up to the middle of their range of capability, so if RAM is above 50 percent, consult the software developer’s RAM requirements to make sure the computer can handle it. When RAM is installed and running, return to the Task Manager with the software running (along with other normal applications) and check the memory performance. If it is above 60 percent, consider installing more RAM, if possible. Fewer improvements aid a computer’s performance more than adding RAM. See this guide for a more detailed discussion of RAM.
Central Processing Unit (CPU) Requirements Choosing the CPU should happen while shopping for a computer or other device. Upgrading CPUs is fairly uncommon because they are designed to work with the motherboard they are installed on. Knowing the expected purpose and demands of the user can guide the CPU selection. For a more detailed discussion of CPUs, see this guide. External Hardware Tokens Multifactor authentication is in much higher use now than in years past, but the need for high levels of computer security has been around for decades. One early method for authenticating into a network was using an external hardware token to access a code or password to enter into a computer or network for access. The token (also known as a dongle—see Figure 6-39), along with the authentication server, generated a random code every minute or so to validate a user who had entered a password. The two factors working together to protect the network were knowing the password and providing a physically present code. Hardware Token The prevalence of smartphones that have their own security allows for tokens to be pushed out to users in an authentication app. Users can now log into their phones or other devices to approve multifactor authentication. Storage Requirements When installing software, it is important to consider what resources besides RAM and CPU will be required for use. For example, video editing software might require added resources for graphics and VRAM, but editing can generate massive files that need to be readily accessible. Make sure sufficient storage is available in the local disks and external drives, or on network attached storage (NAS). See this guide for a detailed discussion of these storage options. OS Requirements for Applications Not every application will run on every OS. Applications need to be specifically adapted to work on Windows, Apple, or Linux Platforms. Compatibility within the platform is a concern as well; whenever an OS is updated, the application might also need updating. Application-to-OS Compatibility It seems pretty fundamental to say that it is important to ensure that the software version selected will run with the operating system. However, that task can get complicated. Operating system updates happen regularly, and software manufacturers do not always keep up. When installing software, be sure to check for the latest updates at the vendor’s website. 32-Bit vs 64-Bit OS As mentioned earlier in this section, Windows 32-bit software can run on a 64-bit machine, but a 64-bit machine cannot run on a 32-bit machine. The difference might not be noticeable to the user, but a 64-bit machine provides a much more powerful environment to work in. Any current machine designed to run Windows 10 or 11 is a 64-bit machine. Many 32-bit machines are still in use, but as of 2020, new machines running Windows 10 have 64-bit processors. Microsoft will continue to offer 32-bit support, but security and other features will not be as robust as with the 64-bit versions. macOS, starting with the Catalina version 10.15 of the macOS in 2019, dropped support for 32-bit apps. Running legacy apps on macOS can be tricky, so be sure that legacy apps are updated if you are migrating an older macOS to a newer version. The older macOS versions list whether an app is 64-bit compatible. To find the list, go to Finder Apple icon Overview System Report Software Applications. The upper window lists all applications and denotes whether they are 64 bit. Distribution Methods Physical Media vs. Downloadable The days of getting physical media versions of software are nearly over. Creating physical media to install Windows now involves downloading an image file (.iso) to a USB/eSATA boot (booting from USB thumb drive) or optical disc (CD-ROM/DVD/Blu-ray). Use this method to install Windows to an individual PC and to create a master PC from which disk images can be created. The Windows USB/DVD Download Tool available from www.microsoft.com/en-us/download/windows-usb-dvd-download-tool can create a bootable USB drive from a Windows ISO (.iso) image that you have downloaded. If necessary, change the boot order in the system BIOS/UEFI firmware to permit booting from USB. Other Considerations for New Applications A good rule in managing computer networks is that every benefit to a network has a cost. Some costs are money, but other costs can be a sacrifice of performance or capability. Sometimes the costs are unknown until it is too late and come in the form of unintended consequences—these can be the most expensive and can even lead to system failures. Determining the cost or impact of a technical change is an important skill to develop. Making changes should be done not in a vacuum, but rather through an established change control process agreed upon by the users of the machines and the network. These change control processes let all users review any changes or upgrades to assess any negative impact they might have on their work environment. The following are just a few examples of considerations the committee should have when determining the impact of a change to a computer network environment.
Feel free to brainstorm and add your own questions to the examples. - Impact to device: - Will adding hardware or software for one user degrade the user experience for another user? - Will updating the OS cause legacy software to stop working? - Impact to network: - Will adding new users and devices degrade the current network performance? - How will adding network storage improve or degrade network capabilities? - Impact to operation: - Will new software updates take down the network for significant periods? - Will moving to the cloud impact the processing time of sales transactions? - Impact to business: - Will adding security software lock out business partners? - Can the business financially afford upgrades, and do they make economic sense in the long run?
Join 4M+ learners. Unlock unlimited quizzes, wrong-answer tracking, flashcards + reminders, study guides, and 1-on-1 challenges.