610 likes | 814 Views
Chapter 16. Managing and Supporting Windows XP. You Will Learn…. How to use Windows XP features to secure the PC and protect users and their data About the Windows NT/2000/XP registry About tools for troubleshooting and maintaining Windows XP How to troubleshoot the Windows XP boot process.
E N D
Chapter 16 Managing and SupportingWindows XP
You Will Learn… • How to use Windows XP features to secure the PC and protect users and their data • About the Windows NT/2000/XP registry • About tools for troubleshooting and maintaining Windows XP • How to troubleshoot the Windows XP boot process
Security Using Windows NT/2000/XP • Two goals • Secure system resources, including hardware and software, from improper use • Secure users’ data from improper access • Concept of user accounts is key to understanding Windows XP
User Accounts • Define users to Windows • Record information about users (eg, user name, password used to access the account, groups the account belongs to, and rights and permissions assigned to the account) • Three types • Global user accounts • Local user accounts • Built-in user accounts
User Profiles • Created by the system after administrator creates a local user account and user logs on for first time • Types • Roaming user profile • Mandatory user profile • Group profile
Administering Local User Accounts • Password guidelines for users and administrators • Usernames can consist of up to 15 characters • Passwords can be up to 127 characters • Do not use a password that is easy to guess • Use combination of letters, numbers, and non-alphanumeric characters for greatest security • Always set a password for the Administrator account • Passwords can be controlled by administrator, but generally users should be allowed to change their own • Each user should create a forgotten password floppy disk
Options for Controlling How a User Logs On • Use the Welcome screen (default) • Press Ctrl+Alt+Del to get to a logon window similar to Windows NT/2000 • Use Fast User Switching
User Groups • Efficient way for administrator to manage multiple user accounts that require same privileges and similar profiles • Choices • Administrators • Backup Operators • Power Users • Limited Users • Guests
Group Policy • Another way to control how the system can be used • Normally intended to be used on a domain, but can also be used on a standalone or computer in a workgroup • Can be applied to the computer or can be applied to each user who logs on • MMC snap-in that can be accessed by typing gpedit.msc in the Run dialog box
Disk Quotas • Limit how much disk space a user can access • Does not specify location of files, just total space allowed • Can be set only if you are using NTFS
EFS (Encrypted File System) • Process of putting readable data into code that must be translated before it can be accessed (usually done using a key) • Protects encrypted data even when someone who is not authorized to view files or folders has full access to computer’s data storage • Applies only to Windows 2000/XP NTFS file system
How to Use Encryption • Can be implemented at either the folder or file level • Folder level is encouraged and considered a “best practice” strategy
The Cipher Command • For use when encrypting a large number of files or folders from a command prompt or using a batch file • CIPHER [/E, /D] [/S:dir] [pathname[…]] • /E encrypts specified files or folders • /D decrypts specified files or folders • /S:dir applies the action to the specified folder (directory) and all its subfolders • Pathname is the name of the file/folder and its path that is to be encrypted/decrypted
Internet Connection Firewall (ICF) • Designed to protect a PC from unauthorized access from the Internet when the PC is connected directly to the Internet • Examines every communication that comes to the PC to determine if it: • Has been initiated by the PC (permitted) • Is being initiated by an outside device/computer (refused)
The Windows NT/2000/XP Registry • Hierarchical database containing information about all hardware, software, device drivers, network protocols, and user configuration needed by the OS and applications • Provides a secure and stable location for the information
How the Registry Is Organized • Logical organization • Upside-down tree structure of keys, subkeys, and values • Physical organization • Stored in five files called hives
Editing the Registry • Modified automatically when you make a change (eg, in Control Panel or Device Manager) • Rare occasions when you might need to edit manually • Changes take effect immediately and are permanent • Registry editors • Regedt.32exe (Windows NT/2000) shows each key in a separate window • Regedit.exe (Windows NT/2000/XP) shows all keys in the same window
Other Maintenance and Troubleshooting Tools • Executed from a command line (.exe file extension); some can be executed from the Run dialog box • Microsoft Management Console snap-ins (.msc file extension) • Executed from the Run dialog box or can sometimes be accessed using Windows menus • Built-in graphical tools (eg, Device Manager)
Help on the Web • Windows Update feature • Automated process • Windows XP newsgroups • Post a question in a forum or read questions and answers posted by other users
Troubleshooting theBoot Process (Hierarchical List) • Last Known Good Configuration (and sometimes Driver Rollback) • Safe mode from Advanced Options menu • System Restore (new) • Does not affect user data on hard drive • Recovery Console • Automated System Recovery (new) • Affects user data on hard drive • Reinstall Windows XP using Windows XP CD