1 / 51

Managing and Supporting XP

Managing and Supporting XP. Security Using Windows NT/2000/XP. Two goals of security Secure system resources, including hardware and software, from improper use Secure users’ data from improper access Concept of user accounts is key to understanding Windows XP. User Accounts and Profiles.

gizela
Download Presentation

Managing and Supporting XP

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Managing and Supporting XP

  2. Security Using Windows NT/2000/XP • Two goals of security • Secure system resources, including hardware and software, from improper use • Secure users’ data from improper access • Concept of user accounts is key to understanding Windows XP

  3. User Accounts and Profiles • Defines a user to Windows • Records information about the user (e.g., user name, account password, group memberships, rights and permissions assigned to the account) • Three types • Global (domain) user accounts • Local user accounts • Built-in user accounts

  4. User Profiles • Created by the system after user logs on for first time • Types • Roaming user profile • Mandatory user profile • Group profile

  5. Viewing Profiles

  6. Administering Local User Accounts Password guidelines for users and administrators: • Usernames can consist of up to 15 characters • Passwords can be up to 127 characters • Do not use a password that is easy to guess

  7. Administering Local User Accounts (continued) • Use combination of letters, numbers, and non-alphanumeric characters for greatest security • Always set a password for the Administrator account • Passwords can be controlled by administrator, but generally, users should be allowed to change their own

  8. Creating a User Account • Log on as the Administrator • Open Computer Management • Expand Local Users and Groups, right-click Users, select New User, enter user data, click Create

  9. To Change User Account Type • Click Change an account, click the account to be changed • Select account data to be changed and click Change the account type • Select account type, click Change Account Type, click Back twice

  10. Creating a User Account(continued)

  11. User Groups • Efficient way for administrator to manage multiple user accounts that require same privileges and similar profiles • Groups installed by Windows XP • Administrators • Backup Operators • Power Users • Limited Users • Guests

  12. Creating a New User Group • Click Start, right-click My Computer, select Manage • Expand Local Users and Groups • Right-click Groups folder, select New Group • Enter group name, description, click Add to add users, click Create

  13. Creating a New User Group(continued)

  14. Disk Quotas • Limit how much disk space user has access to • Does not specify location of files, just total space allowed on a volume • Can be set only if you are using NTFS

  15. Setting Disk Quotas • Log on as Administrator, open My Computer • Right-click disk, select Properties • Click Quota tab, check Enable quota management

  16. Setting Disk Quotas(continued) • Click Limit disk space to, enter limit • Enter size for Set warning level to • Click Deny disk space to users exceeding quota, click OK

  17. EFS (Encrypted File System) • Encryption is the process of putting readable data into code that must be translated before it can be accessed • Protects data even when someone not authorized to view files or folders has full access to computer’s data storage • Applies only to Windows 2000/XP NTFS file system

  18. How to Use Encryption • Can be implemented at either the folder or file level • Folder level is encouraged and considered a “best practice” strategy

  19. Encrypting Folder Contents • Locate the folder to be encrypted • Right-click the folder, choose Properties • On the General tab, click Advanced • Check Encrypt contents to secure data and click OK

  20. Encrypting Folder Contents (continued)

  21. Encrypting Folder Contents (continued) • Click Apply • If necessary, click Apply changes to this folder, subfolders, and files, click OK • A file saved in this folder is automatically encrypted

  22. The Cipher Command • For use when encrypting a large number of files or folders from a command prompt or using a batch file • CIPHER [/E, /D] [/S:dir] [pathname[…]] • /E encrypts specified files or folders • /D decrypts specified files or folders • /S:dir applies the action to the specified folder (directory) and all its subfolders • Pathname is the name of the file/folder and its path that is to be encrypted/decrypted

  23. The Windows NT/2000/XP Registry • Hierarchical database containing information about all hardware, software, device drivers, network protocols, and user configuration needed by the OS and applications • Organization • Viewing contents • Back up and recovery • Making changes

  24. How the Registry Is Organized • Logical organization • Upside-down tree structure of keys, subkeys, and values • Physical organization • Stored in five files called hives

  25. Logical Organization of the Registry

  26. Windows Registry Editor

  27. Five Subtrees of the Registry

  28. Physical Organization of the Registry • Registry is stored in five files called hives

  29. Editing the Registry • Modified automatically when you make a change (e.g., in Control Panel or Device Manager) • Rare occasions when you might need to edit manually • Changes take effect immediately and are permanent

  30. Registry Editors • Two versions under Windows NT/2000 • Regedt32.exe • Security menu allows you to apply permissions to keys and subkeys • Option to work in read-only mode • Regedit.exe • Used to search and view the registry • Under Windows XP, typing Regedit or Regedt32 starts Regedit

  31. Editing a Registry Subkey Value

  32. Other Maintenance and Troubleshooting Tools • Executed from a command line (.exe file extension) • Microsoft Management Console snap-ins (.msc file extension) • Built into Windows XP (e.g., Safe Mode)

  33. System Information Window

  34. Windows Update • An automated way to update the OS, applications, and device drivers • If no user interaction required, any user can perform an update • If decisions must be made, only a user with administrative rights can update

  35. Windows Update(continued)

  36. Windows Update(continued)

  37. Troubleshooting the Boot Process • Last Known Good Configuration (and sometimes Driver Rollback) • Safe Mode from Advanced Options menu • System Restore • Windows XP/2000 Boot disk • Recovery Console • Automated System Recovery • Reinstall Windows XP using Windows CD

  38. Advanced Options: Safe Mode and Last Known Good Configuration

  39. System Restore • Similar to ScanReg, but cannot be executed from command prompt • Process does not affect user data on hard drive but can affect: • Installed software and hardware • User settings • OS configuration settings • Restores system state using a restore point

  40. System Restore(continued) To revert the system to a restore point • Click Start, All Programs, Accessories, System Tools, and System Restore • Click Restore my computer to an earlier time, then click Next • Select a restore point, click Next twice • Windows XP reboots and restores the system state

  41. System Restore(continued)

  42. Create using Windows Explorer Can access the drive and recover data files (if the hard drive is not using NTFS) Cannot launch Windows XP or be used to recover from a failed installation MS-DOS Startup Disk

  43. Creating a Startup Disk

  44. Files on the Startup Disk

  45. Boot sector Master boot record Partition table Ntldr Ntdetect.com Boot.ini Ntbootdd.sys Windows XP Boot Disk Can bypass missing or damaged:

  46. Windows XP Boot Disk(continued) • Format a floppy using Windows 2000/XP and copy the following files to it • Ntldr and Ntdetect.com • If the system boots from a SCSI hard drive, copy the SCSI device driver to the floppy and rename it Ntbootdd.sys • Boot.ini • Write-protect the floppy disk

  47. Automated System Recovery • Restores system partition to its state when the backup was made • Changes made since last backup are lost • Periodically make fresh copies of ASR disk set

  48. Using ASR to Restore System • Boot the PC from the Windows XP CD • Press any key to boot from CD • If necessary, Press F6 to load RAID or SCSI drivers • Press F2 to run Automated System Recovery Process • Insert ASR floppy disk

  49. Using ASR to Restore System(continued)

  50. Using ASR to Restore System(continued) • Loads files it needs to run • Repartitions and reformats the drive • Installs Windows from Windows XP CD • Launches the Automated System Recovery Wizard to restore the system state, applications, and data

More Related