Home > Flashcards > Print Preview
The flashcards below were created by user
on FreezingBlue Flashcards. What would you like to do?
- Usernames are not case sensitive.
- Password Policy settings in the Local Security Policy control password characteristics.
- Network-based firewall inspect traffic between networks.
- Host-based firewall inspects traffic received by a host.
- Firewalls use ACLs (access control lists)
Windows Firewall types of exceptions
- Program - opens ports while program is running and closes it when it stops, automatically detects ports/protocal used.
- Port - Opens port perminantly, must know protocal to use TCP/UDP
Dynamically opens incoming ports based on outgoing trafic
Allow incoming traffic directed to a specific port through the firewall.
- Acts as an intermediary between host and Internet
- Specific implementation of a firewall that uses filter rules to allow or deny Internet traffic
- Every packet is inspected at the firewall (proxy) level
- Viruses that attach to legitimate files and spread when the files are opened.
- Worms that infect systems and spread automatically through the network.
- Trojan horse programs that appear to be useful programs but which perform secret or malicious acts.
- Spyware that tracks your computer or browser activity.
- Adware that displays pop-up advertisements based on your browser activity.
- Spam that is unwanted, unsolicited e-mail, often carrying viruses or advertisements for questionable or illegal products.
Security Center is available in?
- Network Access Control
- Prevents unprotected computers from connecting to the network.
- Remediation - provides resources to correct any problems that are found
- Network Access Protection
- Microsoft's implementation of NAC.
Hard disk password
- Password must be given at system startup
- Part of ATA specifications not dependent on manufacturer
- cannot read the passwords from the disk.
- cannot move the drive to another system
- cannot format the disk to remove
- Trusted Platform Module
- Chip on motherboard that creates hash keys for known hardware.
- Used for hardware system identification
- Can be used by applications
File encryption EFS
- Encrypting File Service - encrypts individual files. Windows automatically decrypts
- Can add users who can decrypt
- Only on NTFS
- Cannot be used with compression
- At startup key required to unlock drive
- BitLocker is a Microsoft solution that provides whole disk encryption.
- Can use with or without TPMWith TPM, key stored in TPM, optional require PIN
- W/O TPM key stored on USB
Data transmission encryption
- VPNs use IPSec, PPTP, and L2TP protocols
- SSL can be added to other protocals to provide encryption
- Availible in Vista/7 but not home versions
- window glass effects
- window animations
- live thumbnail previews
- Flip 3D
- Windows Experience Index discribes Aero perfomance, 3 or higher to use Aero
Should be less then 40%
Specify that a specific process use a certain processor in a multi-processor system.
% Disk Time
Percentage of time that the disk subsystem is busy reading from and writing to disk.
Average Disk Queue Length
- Tells you the number of read and write requests that are typically waiting to be processed.
- Sould be below 2 times the number of disk spindles
- Identifies how much memory has been assigned to running processes.
- The total value identifies the amount actually assigned.
- The peak value identifies the highest value assigned since the system has been running.
- The limit value is the amount of physical RAM plus the page file size.
addresses assigned by the operation system to shield the process from the details of the physical memory storage system.
Memory pages per second
- Identifies the number of hard faults that occur each second
- Operating system allocates memory to processes in 4,096 KB blocks called pages.
A process that maintains a table that correlates virtual memory addresses with the actual physical memory locations.
- identifies the amount of traffic sent and received by a network connection.
- listed as a percentage of the total available theoretical bandwidth.
definition and port/protocal
- plain-text, unsecured, remote console connection
- TCP port 23
Secure Shell (SSH)
definition and port/protocal
- Same capabilities as Telnet, but encrypts data.
- TCP port 22
Automated System Recovery (ASR)
- Availivle in 2000/XP
- Use Windows Backup to create the ASR backup.
- ASR backs up the system state data but does not back up user data.
- During the backup, you create a floppy disk that is used along with the backup files and the Windows installation disc during the restore procedure.
- In Windows 2000, this feature is called the Emergency Repair Disk (ERD).
- Availible in Vista/7
- Only backs up user files
- Select files by type not folder
- Only for NTFS
- Windows 7 will let you select individual folders and files, as well as include system files in the backup.
Complete PC Backup and Restore
- Complete PC Backup and Restore replaces the ASR/ERD feature of 2000/XP
- Image-based snapshot of the entire computer.
- Vista/7 Business, Enterprise, and Ultimate editions.
Previous Versions/Shadow Copies
Available in the Business, Ultimate, and Enterprise editions of Windows Vista/7.
An application is a computer program that is typically started by a user. The program has a user interface for interacting with the application.
A service is a special type of computer program that runs in the background performing tasks, but which may have little or no direct interaction with the end user. Services typically do not have a user interface, but perform important tasks related to the operating system, networking, or other functions used by multiple applications.
- A process is a running instance of a computer program. When an application or service starts, the programming code is loaded into memory creating a process.
- Processes can launch sub-processes (also called daughter processes).
Allow service to interact with desktop
The Allow service to interact with desktop setting allows the service to present user interface components within Windows to let users control or configure the service.
laser printer roller types
- The first BIOS process to run
- Verifies the integrity of the BIOS code.
- Looks for the BIOS on the video card and loads it.
- Looks for BIOS programs on other devices (i.e. hard disk)
- Tests system devices, such as verifying the amount of memory on the system
Segment of code in a system’s BIOS that scans for an operating system, looks specifically for a valid boot sector, and, when one is found, hands control over to the boot sector; then the bootstrap loader removes itself from memory.
Volume Boot Sector
First sector of the first cylinder of each partition; stores information important to its partition, such as the location of the operating system boot files.
Operating system startup after MBR point to the boot sector
- Vista/7 uses BOOTMGR to load WINLOAD.EXE registry, Drivers and HAL for OS load
- 2000/XP uses NTLDR to read BOOT.INI and load OS
Logon and user configuration
- 2000/XP - WINLOGON
- Vista/7 - WININIT and then WINLOGON run
- Following logon, the currently-running hardware configuration is copied to the Last Known Good configuration in the registry.
Ways you can select an alternate boot mode:
- F8 (during start up)
- Msconfig.exe (by selecting startup options)
Enable Boot Logging
Enable Boot Logging creates a log file named Ntbtlog.txt which records each driver loaded during the boot process. If the system does not complete a regular boot, you can look at this file to see the last driver to load before the failure occurred.
How to fix a corrupt MBR
Boot into the recovery console and use the fixmbr command.
How to fix a corrupt boot sector
Use the fixboot
command to fix the VBR
(Volume Boot Record).
- Files needed for boot
- 2000/XP = NTLDR, BOOT.INI, NTDETECT.COM
- Vista/7 = BOOTMGR and the BCD database
How to fix Inaccessible boot disk errors
"Windows could not start because of a computer disk hardware configuration problem." "Could not read from the selected boot disk. Check boot path and disk hardware."
- XP, run the bootcfg /rebuild command.
- Vista/7, run the bootrec /rebuildbcd command
How to fix boot error "Missing or corrupt file"
- Run chkdsk in the recovery console to verify the disk integrity.
- If the missing file is the Ntoskrnl, try rebuilding the boot file database.
How to fix a corrupt system hive
Windows XP could not start because the following file is missing or corrupt: \WINDOWS\SYSTEM32\CONFIG\SYSTEM
- Run chkdsk in the recovery console to verify the disk integrity.
- Restore the system to a previous restore point.
- sfc /scannow - scan the system and replace altered files.
- sfc /scanonce - start SFC on reboot
- sfc /scanboot - start SFC every boot
- sfc /revert - reset SFC to default (to turn off /scanboot)
Error code 4
This error indicates that a device is not found in the registry
System Restore as a recovery option
- Availble on XP/Vista/7Undoes changes, apps, drivers, and patches
- user data not effected
Repair installation/Startup Repair
- Repairs the boot sector
- Verifies windows boot file integrity
- Checks all system files
Recovery Console (Repair command prompt)
- Command line utility to allow recovery tasks such as repair MBR and rebuild BOOT.INI
- 2000/XP install with winnt32.exe /cmdcons
ERD/ASR Vs. Complete PC Restore
- ERD/ASR only restore the OS, could result in data loss on all disks
- Complere PC Restore recovers all data that was back up including user data.