RAM limitations

All operating systems have a minimum amount of RAM required to operate. It’s not just a matter of functioning well; if you don’t have that minimum memory, it won’t install! Always consult the documentation to ensure that you meet this requirement.

There is also a maximum amount of memory that an operating system can use, which is also useful to know. There is no use wasting memory in a device in which the operating system simply ignores it. The documentation that comes with the operating system will tell how much memory the system can support.

Software compatibility

Software is written to operate on a specific operating system or systems. For example, if it’s written for Windows, it may not work on MacOS. If you intend to use an application, always check to see the operating system(s) it supports, which will be in the documentation. This may even influence the operating system you install.

Microsoft Windows

While there are many Windows operating systems available, this exam asks that you know the intricacies of only four that run on the personal computer: Windows 7, Windows 8, Windows 8.1, and Windows 10. Each will be covered in its own section in this chapter.

Apple Macintosh OS

In your career, you are almost certain to come in contact with the MacOS operating systems (since 2001 the MacOS system has been called OS X, so you may consider those terms interchangeable). Even though these systems constitute only a small percentage of the total number of devices found in enterprise environments, there are certain environments where they dominate and excel such as music and graphics.

Linux

Linux is probably used more often than MacOS in enterprise networks, in part because many proprietary operating systems that reside on devices such as access points, switches, routers, and firewalls are Linux-based. Linux systems also predominate in the software development area.

In this section of the chapter, you will be introduced to some of the common features and functions in these operating systems.

Microsoft Windows

The Windows operating system, which is the most widely used for desktops and laptops, may also be found on some mobile devices such as smartphones and tablets, but it is not used as widely for these device types as iOS and Android. This is one of the best examples of closed source software.

Android

The Android operating system from Google is built on a Linux kernel with a core set of libraries that are written in Java. It is an open source operating system, which means that developers have full access to the same framework application programming interfaces (APIs) used by the core applications.

iOS

Apple iOS is a vendor-specific system made by Mac for mobile devices. Developers must use the software development kit (SDK) from Apple and register as Apple developers.

Chrome OS

Chrome is another operating system by Google that runs on its Chrome laptop. Based on the Linux kernel, it uses the Chrome browser as an interface. Originally it ran Chrome apps, but now Android apps have been made to run on it.

End-of-life

Whenever a vendor sets an end-of-life date, it means that after that date they will no longer offer help and support for that product. After that you are on your own regarding errors and troubleshooting.

Update limitations

When Microsoft and possibly other vendors release operating system updates, they sometimes make the update package available only to those who purchased a full copy of the previous version. For example, you can install Windows 10 as an update only if you have a full installation of Windows 8.1; going from Windows 7 to 10, you would pay for a full install. In cases like this, the update package will be cheaper than the full operating system, the idea being to give the customer credit for the purchase of the previous system. Those without the previous system must pay full price for a new installation of the updated operating system.

Domain access

Not all editions of Windows can join a domain. Home editions cannot, while Professional and Enterprise editions can. To join a Windows 7/8/10 computer to a domain, do the following:

1. Navigate to Start ➢ Control Panel ➢ System And Security ➢ System ➢ Advanced System Settings. In the Control Panel’s Category view, you can simply select System.
2. Click the Computer Name tab and click the Change button.
3. Select the Domain radio button and enter the name of the domain.
4. Click OK, and the join process will start.

Bitlocker

BitLocker allows you to use drive encryption to protect files—including those needed for startup and logon. This is available with the Ultimate and Enterprise editions of Windows 7 and the Pro and Enterprise editions of Windows 8, 8.1, and 10. For removable drives, BitLocker To Go provides the same encryption technology to help prevent unauthorized access to the files stored on them.

Media center

Media Center is one of the features that will probably be used more at home. It is a digital video recorder and media player created by Microsoft. Media Center was first introduced to Windows in 2002. It was discontinued after Windows 7 and available as a paid add-on in Windows 8 and 8.1. It is not available in Windows 10.

Branchcache

BranchCache is a bandwidth-optimization feature that started with Windows 7. Each client has a cache and acts as an alternate source for content requested by devices on its own network. There are two modes, Hosted Cache and Distributed. In Hosted Cache mode, designated servers act as a cache for files requested by clients in its area. In Distributed mode, each client contains a cached version of the BranchCache-enabled files it has requested and received, and it acts as a distributed cache for other clients requesting that same file.

EFS

The Encrypting File System (EFS) is an encryption tool built into Windows 7, and Windows 8 or 8.1 Professional or Enterprise. (EFS is not fully supported on Windows 7 Starter, Windows 7 Home Basic, and Windows 7 Home Premium or Windows 10 editions.) It allows a user to encrypt files that can be decrypted only by the user who encrypted the files. It can be used only on NTFS volumes but is simple to use.

To encrypt a file in Windows 8.1, simply right-click the file, access the file’s properties, and on the General tab click the Advanced button. That will open the Advanced Attributes dialog box, as shown in Figure 6.1. On this page, select the Encrypt Contents To Secure Data box.

Aero

The Aero interface offers a glass design that includes translucent windows. It was new with Windows Vista. It requires a graphics card with DirectX 9 graphics with 128 MB RAM to functions and can be enabled in Control Panel.

Gadgets

These are mini programs, introduced with Windows Vista, that can be placed on the desktop (Windows 7), allowing them to run quickly and letting you personalize the PC (clock, weather, and so on). Windows 7 renamed these Windows Desktop Gadgets (right-click the desktop and click Gadgets in the context menu; then double-click the one you want to add). In 2011, Microsoft announced it is no longer supporting the development or uploading of new gadgets. No operating system after Windows 7 supports Gadgets.

Side-by-side apps

Windows 8.1 and 10 allow you to run a Metro application (also called at various times Tileworld apps and modern apps; these are apps you get at the Windows Store) and a desktop application at the same time, or up to four Metro apps at the same time, which on other devices such as a smartphone may not be possible.

To do this, you must split the screen into two parts, which can be done in two ways.

• If you have a keyboard, you can press Windows+< or Windows+>. The current app’s window is now shoved to the left or right side. When you open a second app (from the Start screen or the app switcher), it fills the newly opened space.
• You can also drag the left edge of an open app and divide the screen.

Metro UI

In Windows 8.1, the user interface is different from earlier versions of Windows. The Start menu was removed, and the desktop replaced with a new look called Metro. This look resembles the interface of a smartphone or tablet and represents the Microsoft vision of a common interface on all devices. Information, settings, and applications are housed in tiles. Figure 6.2 shows this look.

This look received negative reactions from most desktop and laptop users and more positive reactions from those raised on the smartphone interface. Microsoft reacted by changing the name of the look to the Microsoft design language. While there were rumors of a return to the Start menu, Microsoft made the classic Start menu available in Windows 8.1 but by default stuck to its guns and continued to use a Start screen rather than a Start menu. (The Start screen is covered in the “Start screen” section.)

Pinning

Pinning is the process of configuring an icon for a program on the taskbar so that it is easier to locate. It was introduced in Windows 7 and continued in Windows 8, 8.1, and 10, and for frequently used applications, it saves navigating through the Start menu or Start screen to locate the application.

To pin the program to the taskbar in Windows 7, do one of the following:

• If the program is running, right-click the program’s button on the taskbar (or drag the button toward the desktop) to open the program’s Jump List and then click Pin This Program To Taskbar.
• If the program is not running, click Start, find the program’s icon, right-click the icon, and then click Pin To Taskbar.

To pin the program to the taskbar in Windows 8, 8.1, and 10, follow these steps:

1. Point to the lower-right corner of the screen, move the mouse pointer up, and then click Search. On a touchscreen device, swipe in from the right edge of the screen and then tap Search.
2. Enter the name of the program in the search box.
3. In the search results, right-click Internet Explorer and then click Pin To Taskbar.

Prior to Windows 8, if you set up multiple monitors, you could have the taskbar only on the primary monitor, which meant you had to go back to that monitor (which may not be where you are currently engaged) to access the taskbar. In Windows 8 and 8.1, you can now have your taskbar on all monitors by selecting the option in the properties of the taskbar, as shown in Figure 6.3.

Charms

Charms are a bit like icons and were introduced with Windows 8 and the Metro UI. They are organized on a Charms bar that will appear on the right side of the screen when invoked. With the mouse you bring up the bar by moving the cursor into the right corner of the desktop; on a touchscreen, you swipe from the right edge toward the center.

There are five charms there that are like doors to other lists of options. The five charms are Search, Share, Start, Devices, and Settings. The Start charm simply opens the Start screen, which replaces the Start menu. Figure 6.4 shows the Charms bar.

Start screen

One of the more controversial changes to the user interface with Windows 8 and 8.1 was removing the Start menu and replacing it with the Start screen. Shown in Figure 6.2 earlier, this is the screen that appears to be the future of all Windows operating systems, despite the resistance of many desktop and laptop users.

Differences between in-place upgrades

One Windows operating system can often be upgraded to another, if compatible. With the case of Windows 7, it is even possible to upgrade from one edition of the operating system to another. When you are faced with a scenario in which you cannot upgrade, you can always do a clean installation. There’s one more thing to consider when evaluating installation methods. Some methods work only if you’re performing a clean installation and not an upgrade.

Table 6.3 lists the minimum system requirements, which are the same for the various editions of Windows 7.

Table 6.4 lists the minimum system requirements for Windows 8, and Table 6.5 lists the minimum system requirements for Windows 8.1. Table 6.6 lists the minimum system requirements for Windows 10.

If there is one thing to be learned from Tables 6.3 through 6.6, it is that Microsoft is nothing if not optimistic. For your own sanity, though, I strongly suggest you always take the minimum requirements with a grain of salt. They are minimums. Even the recommended requirements should be considered minimums. Bottom line: Make sure you have a good margin between your system’s performance and the minimum requirements listed. Always run Windows on more hardware rather than less!

Windows Upgrade OS Advisor

The Windows Upgrade Advisor from Microsoft can be useful in any upgrade process. It will check your system, verify that it can run the desired operating system, and give you a report of any identified compatibility issues. There are versions under various names for Windows 7, Windows 8, Windows 8.1, and Windows 10.

Compatibility tools

Several features are available to enhance the compatibility of the operating system with the applications you are running. First there is the Windows Compatibility Center, a site you can access that will scan your device for compatible device drivers, app updates, and downloads. You just enter the name of the program, and it will tell you whether it is supported; if you need a driver or an update, it will provide it.

Running the application in a compatibility mode that supports it can make the application work. Simply right-click the program file and choose Run In Compatibility Mode and then select an operating system that supports the application.

In some cases, it may not be possible to use an application without creating a shim, which is a small piece of software that communicates between the unsupported application and the operating system. This is done with an Application Compatibility toolkit. There are such toolkits for Windows 7, Windows 8, Windows 8.1, and Windows 10. Their use is beyond the scope of this book.

USB

Most systems will allow you to boot from a USB device, but you must often change the BIOS settings to look for USB first. Using a large USB drive, you can store all the necessary installation files on the one device and save the time needed to swap media.

CD-ROM

The option most commonly used for an attended installation is the CD-ROM/DVD boot (they are identical). Since Windows 7 and newer come only on DVD, though, CD-ROM applies to older operating systems and not this one.

DVD

A DVD boot is the most common method of starting an installation.

PXE

Booting the computer from the network without using a local device creates a Preboot Execution Environment (PXE). Once it is up, it is common to load the Windows Preinstallation Environment (WinPE) into RAM as a stub operating system and install the operating system image to the hard drive.

WinPE can be installed onto a bootable CD, USB, or network drive using the copype.cmd command. This environment can be used in conjunction with a Windows deployment from a server for unattended installations.

Solid state/flash drives

If boot files and installation files are located on a solid-state drive or flash drive and the device is set to look on those drives for boot files, you can boot from these devices and install the operating system in the same way that you boot from a CD or DVD drive.

Netboot

NetBoot is a method developed by Apple that allows an Apple device to boot from a network location rather than from the hard drive. The device uses Dynamic Host Configuration Protocol (DHCP) to receive a network configuration and to receive the IP address of a Trivial File Transport protocol (TFTP) server from which the device will download an operating system image from a server. This entire process is similar to the way an IP phone learns through DHCP the IP address of the server from which it downloads its configuration file.

External/hot-swappable drive

Just as boot files can be located on a USB drive, CD, DVD, and flash drive, they can also be located on an external hard drive. Most of these drives are also hot-swappable (you can connect and remove them with the devices on). As always, you will probably have to alter the boot order of the device so that it looks on the external drive before the other drives if boot files are also located in these locations.

Internal hard drive (partition)

Finally, the most common location of boot files is on the internal hard drive. These files are placed there during the installation and will be executed as long as the device is set to look for them there. By default most systems are set to look on the internal hard drive first, and even if the device is not set to look there first, it will eventually boot to those files if there are no boot files located on any of the other drives or boot sources.

Unattended installation

Answering the myriad of questions posed by Windows Setup doesn’t qualify as exciting work for most people. Fortunately, there is a way to answer the questions automatically: through an unattended installation. In this type of installation, an answer file is supplied with all the correct parameters (time zone, regional settings, administrator username, and so on), so no one needs to be there to tell the computer what to choose or to hit Next 500 times.

Unattended installations are great because they can be used to upgrade operating systems. The first step is to create an answer file. This XML file, which must be named unattend.xml, contains configuration settings specific to the computer on which you are installing the OS, which means that for every installation the answer file will be unique. See the following for details on these settings:

https://docs.microsoft.com/en-us/windows-hardware/manufacture/desktop/update-windows-settings-and-scripts-create-your-own-answer-file-sxs

Generally speaking, you’ll want to run a test installation using that answer file first before deploying it on a large scale because you’ll probably need to make some tweaks to it. After you create your answer file, place it on a network share that will be accessible from the target computer. (Most people put it in the same place as the Windows installation files for convenience.)

Boot the computer that you want to install on using a boot disk or CD, and establish the network connection. Once you start the setup process, everything should run automatically.

In-place upgrade

An upgrade involves moving from one operating system to another and keeping as many of the settings as possible. An example of an upgrade would be changing the operating system on a laptop computer from Windows Vista to Windows 7 and keeping the user accounts that existed.

It is also possible to upgrade from one edition of an operating system to another—for example, from Windows 7 Professional to Windows 7 Ultimate. This is known as a Windows 7 Anytime Upgrade.

To begin the upgrade, insert the DVD, and the Setup program should automatically begin (if it doesn’t, run setup.exe from the root folder). From the menu that appears, choose Install Now and then select Upgrade when the Which type Of Installation Do You Want? screen appears. Answer the prompts to walk through the upgrade.

Booting from the DVD is also possible but recommended only if the method just described does not work. When you boot, you will get a message upon startup that says Press Any Key To Boot From CD, and at this point you simply press a key. (Don’t worry that it is a DVD and not a CD.)

Clean install

With a clean installation, you delete the volume where the old operating system existed and place a new one there. An example of a clean installation would be changing the operating system on a laptop from Windows 8 to Windows 10. The user accounts and other settings that existed with Windows 8 would be removed in the process and need to be re-created under Windows 10.

Repair installation

A repair installation overwrites system files with a copy of new ones from the same operating system version and edition. For example, a laptop running Windows 7 is hanging on boot, and the cause is traced to a corrupted system file. A repair installation can replace that corrupted file with a new one (from the DVD or other source) without changing the operating system or settings (for configuration, accounts, and so on).

Multiboot

Multiple operating systems can exist on the same machine in one of two popular formats: in a multiboot configuration or in virtual machines. With a multiboot configuration, when you boot the machine, you choose which operating system you want to load of those that are installed. You could, for example, boot into Windows 10, reboot and bring up Windows 7, reboot and bring up Windows 8, and test a software application you’ve created in each OS. It is possible in this scenario to have multiple editions of the same OS installed (Professional, Ultimate, and so forth) and choose which to boot into in order to test your application. The key to this configuration, however, is that you can have only one operating system running at a time.

Each installation should have its own folder. Make sure you don’t install into a folder that already contains an OS or you will overwrite it.

An alternative to multiboot that has become more popular in recent years is to run virtual machines. You could boot into Windows 7, for example, and run a virtual machine of Windows 10 and one of Windows 8 and test your application in the three environments that are all running at the same time.

Remote network installation

Older Windows Server operating systems have a feature called Remote Installation Service (RIS), which allows you to perform several network installations at one time. Beginning with Windows Server 2003 SP2, RIS was replaced by Windows Deployment Service (WDS). This utility offers the same functionality as RIS.

A network installation is handy when you have many installs to do and installing by CD is too much work. In a network installation, the installation CD is copied to a shared location on the network. Then individual workstations boot and access the network share. The workstations can boot either through a boot disk or through a built-in network boot device known as a PXE ROM. Boot ROMs essentially download a small file that contains an OS and network drivers and has enough information to boot the computer in a limited fashion. At the least, it can boot the computer so it can access the network share and begin the installation.

Creating an image

Creating an image isn’t actually an objective, but it is something important that you’ll need to know how to do in the real world. Creating an image involves taking a snapshot of a model system (often called a reference computer) and then applying it to other systems (see the section “Image deployment” later). A number of third-party vendors offer packages that can be used to create images, and you can use the system preparation tool, or Sysprep. The Sysprep utility works by making an exact image or replica of the reference computer (sometimes also called the master computer) to be installed on other computers. Sysprep removes the master computer’s security ID (a process sometimes called generalization) and will generate new IDs for each computer where the image is used to install.

Perhaps the biggest caveat to using Sysprep is that because you are making an exact image of an installed computer (including drivers and settings), all the computers that you will be installing the image on need to be identical (or close) to the configuration of the master computer. Otherwise, you would have to go through and fix driver problems on every installed computer. Sysprep images can be installed across a network or copied to a CD or DVD for local installation. Sysprep cannot be used to upgrade a system; plan on all data on the system (if there is any) being lost after a format.

Several third-party vendors provide similar services, and you’ll often hear the process referred to as disk imaging or drive imaging. The third-party utility makes the image, and then the image file is transferred to the computer without an OS. You boot the new system with the imaging software and start the image download. The new system’s disk drive is made into an exact sector-by-sector copy of the original system.

Imaging has major upsides. The biggest one is speed. In larger networks with multiple new computers, you can configure tens to hundreds of computers by using imaging in just hours, rather than the days it would take to individually install the OS, applications, and drivers.

Image deployment

System images created with Sysprep and other tools can be deployed for installation on hosts across the network. The Windows Automated Installation Kit (AIK) can be useful for this purpose (http://technet.microsoft.com/library/dd349348.aspx).

Recovery partition

In the past, many devices that were purchased with the operating system installed by the OEM came with recovery media that could be used to boot the device and recover or replace the operating system if needed. Now many come with an additional partition on the drive called a recovery partition. The users could use a specific key sequence during bootup that would cause the device to boot to the recovery partition and make available tools to either recover the installation or replace it. The downside of this approach is that if the hard drive fails or if the partition is overwritten, the recovery partition is useless. In an effort to address this concern, many OEMs now make available recovery media if requested by the user.

Refresh/restore/reset

Windows 8, 8.1, and 10 offer three methods of dealing with a device that either won’t boot, is corrupted, or is simply performing badly. These three options are refresh, restore, and reset; and it is critical that you understand the consequences of each. When a refresh is performed, the user’s data is unaffected, while the operating system is returned to the factory default state. Although the data remains intact, any applications or programs that the user installed will be gone. All default applications that come with the system will remain, and any purchased from the Windows Store will remain as well. When a restore is performed, the system is restored to a point in time in the past. It removes no user data, but any configuration changes made or programs and service packs installed since that point in time will be gone. Finally, the third and most drastic option is the reset, which removes all data and programs and reinstalls a fresh copy of the operating system.

Dynamic

Partitions can be made dynamic, which—as the name implies—means they can be configured and reconfigured on the fly. The big benefits they offer are that they can increase in size (without reformatting) and can span multiple physical disks. Dynamic partitions can be simple, spanned, or striped.

Dynamic partitions that are simple are similar to primary partitions and logical drives (which exist on basic partitions, discussed next). This is often the route you choose when you have only one dynamic disk and want the ability to change allocated space as needed.

Choosing spanned partitions means that you want space from a number of disks (up to 32) to appear as a single logical volume to users. A minimum of two disks must be used, and no fault tolerance is provided by this option.

Striped partitions are similar to spanned in that multiple disks are used, but the big difference is that data is written (in fixed-size stripes) across the disk set in order to increase I/O performance. Although read operations are faster, a concern is that if one disk fails, none of the data is retrievable (like Spanned, the Striped option provides no fault tolerance).

Basic

With basic storage, Windows drives can be partitioned with primary or logical partitions. Basic partitions are a fixed size and are always on a single physical disk. This is the simplest storage solution and has been the traditional method of storing data for many years.

You can change the size of primary and logical drives by extending them into additional space on the same disk. You can create up to four partitions on a basic disk, either four primary or three primary and one extended.

Primary

A primary partition contains the boot files for an operating system. In older days, the operating system had to also be on that partition, but with the Windows versions you need to know for this exam, the OS files can be elsewhere as long as the boot files are in that primary partition.

Primary partitions cannot be further subdivided.

Extended

Extended partitions differ from primary in that they can be divided into one or more logical drives, each of which can be assigned a drive letter.

Logical

In reality, all partitions are logical in the sense that they don’t necessarily correspond to one physical disk. One disk can have several logical divisions (partitions). A logical partition is any partition that has a drive letter.

GPT

Devices that use the Unified Extensible Firmware Interface (UEFI) specification (discussed in the section “BIOS/UEFI settings” in Chapter 3,“Hardware”) instead of a BIOS also use a partitioning standard called GUID Partition Table (GPT). Since 2010, most operating systems support this and using a master boot record (MBR), which is the alternative method of booting to a legacy BIOS firmware interface. Today, almost all operating systems support it, and many only support booting from a GPT rather than from an MBR.

Moreover, GPT is also used on some BIOS systems because of the limitations of MBR partition tables, which was the original driver for the development of UEFI and GPT. MBR works with disks up to 2 TB in size, but it can’t handle larger disks. MBR also supports only up to four primary partitions, so to have more than four, you had to make one of your primary partitions an “extended partition” and create logical partitions inside it. GPT removes both of these limitations. It allows up to 128 partitions on a GPT drive.

ExFAT

Extended File Allocation Table (exFAT) is a Microsoft file system optimized for flash drives. It is proprietary and has also been adopted by the SD Card Association as the default file system for SDXC cards larger than 32 GB. The proprietary nature and licensing requirements make this file system difficult to use in any open source or commercial software. This file system is supported in Windows 7, Windows 8, Windows 8.1, and Windows 10.

FAT32

FAT, which stands for File Allocation Table, is an acronym for the file on a file system used to keep track of where files are. It’s also the name given to this type of file system, introduced in 1981. The largest FAT disk partition that could be created was approximately 2 GB. FAT32 was introduced along with Windows 95 OEM Service Release 2. As disk sizes grew, so did the need to be able to format a partition larger than 2 GB. FAT32 was based more on VFAT than on FAT16. It allowed for 32-bit cluster addressing, which in turn provided for a maximum partition size of 2 TB (2048 GB). It also included smaller cluster sizes to avoid wasted space. FAT32 support is included in current Windows versions.

NTFS

Introduced along with Windows NT (and available on Windows 7, Windows 8, Windows 8.1, and Windows 10), NT File System (NTFS) is a much more advanced file system in almost every way than all versions of the FAT file system. It includes such features as individual file security and compression, RAID support, and support for extremely large file and partition sizes and disk transaction monitoring. It is the file system of choice for higher-performance computing. Finally, it supports both file compression and file encryption.

CDFS

While not a file system that can be used on a hard drive, CD-ROM File System (CDFS) is the file system of choice for CD media and has been used with 32-bit Windows versions since Windows 95. A CD mounted with the CDFS driver appears as a collection.

NFS

Network File System (NFS) is a distributed file system protocol originally developed by Sun Microsystems. While it is supported on some Windows systems, it is primarily used on Unix-based systems; the SMB-based Common Internet File System (CIFS) is more common on Windows systems for access to resources on other devices. To support NFS, Windows systems make available the client for NFS. While the client for NFS is available in Windows 7, the Services for the Network File System (NFS) feature is available only in the Windows 8 Enterprise edition. This feature is not available in Windows 8 and Windows 8 Pro editions. It is available in Windows 10.

ext3, ext4

ext3 and ext4 are Linux file systems. While ext4 has the following advantages, it should be noted that it is not compatible with Windows, while ext3 is. The following are the strengths of ext4:

• It supports individual file sizes up to 16 TB (16 GB for ext3).
• The overall maximum ext4 file system size is 1 EB (exabyte); 1 EB = 1024 PB (petabyte), and 1 PB = 1024 TB (terabyte) (32 TB limit for ext3).
• The directory can contain 64,000 subdirectories as opposed to 32,000 in ext3.
• You can mount an existing ext3 fs as ext4 fs (without having to upgrade it).
• It improves the performance and reliability of the file system when compared to ext3.
• In ext4, you also have the option of turning off the journaling feature. A journaling file system is a file system that keeps track of changes not yet committed to the file system.

HFS

Hierarchical File System (HFS) is a file system developed by Apple for use in computer systems running MacOS. Designed for floppy and hard disks, it can also be found on read-only media such as CD-ROMs. With the introduction of MacOS X 10.6, Apple dropped support for formatting or writing HFS disks and images, which remain supported as read-only volumes.

REFS

Resilient File System (ReFS) was created for Windows 8 and was built on NTFS technology. Its main contribution is the resilience to data corruption and maintenance of integrity.

Swap partition

The swap partition is used by the Linux kernel in order to implement the memory-swap mechanism. Whenever there is a memory shortage, the system moves some information out of memory temporarily to the swap portion of the hard drive. When the memory crunch is over, the information is moved back to memory. Swap files in Linux are the equivalent of page files in Windows.

Quick format vs. full format

When you’re installing any Windows OS, you will be asked first to format the drive using one of the disk technologies just discussed. Choose the disk technology based on what the computer will be doing and which OS you are installing. For recent versions of Windows, nearly all users should choose NTFS.

To format a partition, you can use the FORMAT command. FORMAT.EXE is available with all versions of Windows. You can run FORMAT by using the command prompt or by right-clicking a drive in Windows Explorer and selecting Format if Windows is already installed. However, when you install Windows, it performs the process of partitioning and formatting for you if a partitioned and formatted drive does not already exist. You can usually choose between a quick format or a full format. With both formats, files are removed from the partition; the difference is that a quick format does not then check for bad sectors (a time-consuming process).

dir

The DIR command is simply used to view a listing of the files and folders that exist within a directory, subdirectory, or folder. The following is the syntax:

dir [Drive:][Path][FileName] [...] [/p] [/q] [/w] [/d]
[/a[[:]attributes]][/o[[:]SortOrder]] [/t[[:]TimeField]] [/s] [/b]
[/l] [/n] [/x] [/c] [/4]

The parameters are as follows:

cd and ..

The change directory (cd) command is used to move to another folder or directory. It is used in both UNIX and Windows. Parameters are shown below.

Event Viewer

Windows employs comprehensive error and informational logging routines. Every program and process theoretically could have its own logging utility, but Microsoft has come up with a rather slick utility, Event Viewer, which, through log files, tracks all events on a particular Windows computer. Normally, though, you must be an administrator or a member of the Administrators group to have access to Event Viewer.

The process for starting Event Viewer differs based on the operating system you are running, but always log in as an administrator (or equivalent). With Windows 7, using Small or Large icons view, choose Start Control Panel Administrative Tools Event Viewer; on earlier systems, choose Start Programs Administrative Tools Event Viewer (or you can always right-click the Computer desktop icon and choose Manage Event Viewer). In the resulting window (shown in Figure 6.12), you can view the System, Application, and Security log files. If you are running Windows 7, Windows 8, Windows 8.1, or Windows 10, you will also see log files available for Setup and Forwarded Events.

• The System log file displays alerts that pertain to the general operation of Windows.
• The Application log file logs application errors.
• The Security log file logs security events such as login successes and failures.
• The Setup log will appear on domain controllers and will contain events specific to them.
• The Forwarded Events log contains events that have been forwarded to this log by other computers.

These log files can give a general indication of a Windows computer’s health.

To access Event Viewer in Windows 8 and Windows 8.1, just enter event viewer in the desktop Search box, and when the option for opening Event Viewer appears, select it.

One situation that does occur with Event Viewer is that the log files get full. Although this isn’t really a problem, it can make viewing log files confusing because there are so many entries. Even though each event is time- and date-stamped, you should clear Event Viewer every so often. To do this, open Event Viewer, and in Windows 7, right-click the log, choose Properties, and click the Clear Log button; in earlier OS versions, choose Clear All Events from the Log menu. Doing so erases all events in the current log file, allowing you to see new events more easily when they occur. You can set maximum log size by right-clicking the log and choosing Properties. By default, when a log fills to its maximum size, old entries are deleted in first in, first out (FIFO) order. Clearing the log, setting maximum log size, and setting how the log is handled when full are done in the Log Properties dialog box, as shown in Figure 6.13.

In addition to just erasing logs, you can configure three different settings for what you want to occur when the file does reach its maximum size. The first option is Overwrite Events As Needed (Oldest Events First), which replaces the older events with the new entries. The second option is Archive The Log When Full, Do Not Overwrite Events, which will create another log file as soon as the current one runs out of space. The third option, Do Not Overwrite Events (Clear Logs Manually), will not record any additional events once the file is full.

A scenario for using Event Viewer would be in the case of an attempted improper login. You could use the log to identity the time, machine, and other information concerning the attempt.

General

On the General tab, you can choose the startup type. There are three sets of options: Normal, Diagnostic, and Selective. A normal startup loads all drivers and services, whereas a diagnostic startup loads only the basic drivers and services. Between the two extremes is the selective startup that gives you limited options on what to load. Figure 6.14 shows the General tab.

Boot

The Boot tab shows the boot menu and allows you to configure parameters such as the number of seconds the menu should appear before the default option is chosen and whether you want go to safe boot. You can toggle on/off the display of drivers as they load during startup and choose to log the boot, go with basic video settings, and similar options. Figure 6.15 shows the Boot tab.

Services

The Services tab shows the services configured and their current status. From here, you can enable or disable all and hide Microsoft services from the display (which greatly reduces the display in most cases). Figure 6.16 shows the Services tab.

Startup

The Startup tab shows the items scheduled to begin at startup, the command associated with them, and the location where the configuration is done (usually, but not always, in the Registry). From here, you can enable or disable all. If a particular startup item has been disabled in Windows 7, the date and time it was disabled will appear in the display. Figure 6.17 shows the Startup tab for Windows 7 and earlier.

This functionality has been moved to Task Manager in Windows 8, Windows 8.1, and Windows 10; Figure 6.18 shows the Startup tab.

Tools

The Tools tab contains quick access to some of the most useful diagnostic tools in Windows. You can launch such items as the Registry Editor as well as many Control Panel applets, and you can enable or disable User Account Control (UAC). Figure 6.19 shows the Tools tab.

A scenario for using MSConfig would be when a device is performing slowly; you can check to see what applications and services are starting at boot, and you may find spyware and other software loading that is causing the performance hit.

Applications

The Applications tab (shown in Figure 6.20) lets you see which tasks are open on the machine. You also see the status of each task, which can be either Running or Not Responding. If a task or application has stopped responding (that is, it’s hung), you can select the task in the list and click End Task. Doing so closes the program, and you can try to open it again. Often, although certainly not always, if an application hangs, you have to reboot the computer to prevent the same thing from happening again shortly after you restart the application. You can also use the Applications tab to switch to a different task or create new tasks.

App History (Windows 8, 8.1, and 10 Only)

The App History tab in Windows 8, Windows 8.1, and Windows 10 (shown in Figure 6.21) displays the history of the usage of Metro apps only.

Processes

The Processes tab (shown in Figure 6.22) lets you see the names of all the processes running on the machine. You also see the user account that’s running the process, as well as how much CPU and RAM resources each process is using. To end a process, select it in the list and click End Process. Be careful with this choice, since ending some processes can cause Windows to shut down. If you don’t know what a particular process does, you can look for it in any search engine and find a number of sites that will explain it.

You can also change the priority of a process in Task Manager’s Processes display by right-clicking the name of the process and choosing Set Priority.

The six priorities, from lowest to highest, are as follows:

Low For applications that need to complete sometime but that you don’t want interfering with other applications. On a numerical scale from 0 to 31, this equates to a base priority of 4.

Below Normal For applications that don’t need to drop all the way down to Low. This equates to a base priority of 6.

Normal The default priority for most applications. This equates to a base priority of 8.

Above Normal For applications that don’t need to boost all the way to High. This equates to a base priority of 10.

High For applications that must complete soon, when you don’t want other applications to interfere with the application’s performance. This equates to a base priority of 13.

Realtime For applications that must have the processor’s attention to handle time-critical tasks. Applications can be run at this priority only by a member of the Administrators group. This equates to a base priority of 24.

If you decide to change the priority of an application, you’ll be warned that changing the priority of an application may make it unstable. You can generally ignore this warning when changing the priority to Low, Below Normal, Above Normal, or High, but you should heed it when changing applications to the Realtime priority. Realtime means that the processor gives precedence to this process over all others—over security processes, over spooling, over everything—and is sure to make the system unstable.

Task Manager changes the priority only for that instance of the running application. The next time the process is started, priorities revert to that of the base (typically Normal).

Services

The Services tab (shown in Figure 6.23) lists the name of each running service, as well as the process ID associated with it, its description, its status, and its group. A button labeled Services appears on this tab, and clicking it will open the MMC console for Services, where you can configure each service. Within Task Manager, right-clicking a service will open a context menu listing three choices: Start Service, Stop Service, and Go To Process (which takes you to the Processes tab).

Performance

The Performance tab (shown in Figure 6.24) contains a variety of information, including overall CPU usage percentage, a graphical display of CPU usage history, page-file usage in megabytes, and a graphical display of page-file usage.

This tab also provides you with additional memory-related information such as physical and kernel memory usage, as well as the total number of handles, threads, and processes. Total, limit, and peak commit-charge information also displays. Some of the items are beyond the scope of this book, but it’s good to know that you can use the Performance tab to keep track of system performance. Note that the number of processes, CPU usage percentage, and commit charge always display at the bottom of the Task Manager window, regardless of which tab you have currently selected.

Networking

The Networking tab (shown in Figure 6.25) provides you with a graphical display of the performance of your network connection. It also tells you the network adapter name, link speed, and state. If you have more than one network adapter installed in the machine, you can select the appropriate adapter to see graphical usage data for that adapter.

Users

The Users tab (shown in Figure 6.26) provides you with information about the users connected to the local machine. You’ll see the username, ID, status, client name, and session type. You can right-click any connected user to perform a variety of functions, including sending the user a message, disconnecting the user, logging off the user, and initiating a remote-control session to the user’s machine.

Use Task Manager whenever the system seems bogged down by an unresponsive application.

Details (Windows 8, 8.1, and 10 Only)

The Details tab (shown in Figure 6.27) displays information about the processes that are running on the computer. A process can be an application that you start or subsystems and services that are managed by the operating system.

A scenario for using Task Manager is when you have a performance issue and you want to determine which compute resource (memory, disk, network, CPU) is overtaxed. By observing the percentage of use of each resource, you can first determine which resource is the problem and then locate the process that is using most of that resource.

Drive status

The status of a drive can have a number of variables associated with it (System, Boot, and so on), but what really matters is whether it falls into the category of healthy or unhealthy. As the title implies, if it is healthy, it is properly working, and if it is unhealthy, you need to attend to it and correct problems. In Figure 6.28 you can see in the Status column of Disk Management that all drives are healthy.

You can find a list of status states that are possible and require action at https://technet.microsoft.com/en-us/library/cc771775.aspx.

Mounting

Drives must be mounted before they can be used. Within Windows, most removable media (flash drives, CDs, and so forth) are recognized when attached and mounted. Volumes on basic disks, however, are not automatically mounted and assigned drive letters by default. To mount them, you must manually assign them drive letters or create mount points in Disk Management.

Initializing

Initializing a disk makes it available to the disk management system, and in most cases the drive will not show up until you do this. Once the drive has been connected or installed, it should be initialized. Initializing the drive can be done at the command line using diskpart or in the Disk Management tool. You need to know that initialization will wipe out any drive contents! To use diskpart to perform the initialization on 2 TB drives and smaller, follow these steps:

1. Open the Start menu and enter diskpart.
2. Enter list disk.
3. Enter select disk X (where X is the number your drive shows up as).
4. Enter clean.
5. Enter create partition primary.
6. Enter format quick fs=ntfs.
7. Enter assign.
8. Enter exit.

To use diskpart to perform the initialization on drives that are 2.5 TB or larger, follow these steps:

1. Open the Start menu and enter diskpart.
2. Enter list disk.
3. Enter select disk X (where X is the number your drive shows up as)
4. Enter clean.
5. Enter convert gpt.
6. Enter create partition primary.
7. Enter format quick fs=ntfs.
8. Enter assign.
9. Enter exit.

To use Disk Management, follow this procedure:

1. Install the drive and reboot the device.
2. In the search line, enter Disk Management. With the drive connected, you will get the pop-up box shown in Figure 6.29.

   

3. If you got the pop-up, choose either MBR or GPT and click OK.

If you didn’t get the pop-up, right-click and select to initialize the newly added drive under where it says Disk 1, as shown in Figure 6.30.

Extending partitions

It is possible to add more space to partitions (and logical drives) by extending them into unallocated space. This is done in Disk Management by right-clicking and choosing Extend or using the Diskpart utility.

Splitting partitions

Just as you can extend a partition, you can also reduce the size of it. While this operation is generically known as splitting the partition, the menu option in Disk Management is Shrink. By shrinking an existing partition, you are creating another with unallocated space that can then be used for other purposes. You can shrink only basic volumes that use the NTFS file system (and space exists) or that do not have a file system.

Shrinking partitions

It is also possible to shrink a volume from its size at creation. To do so in Disk Management, access the volume in question, right-click the volume, and select Shrink Volume, as shown in Figure 6.31.

This will open another box that will allow you to control how much you want to shrink the volume, as shown in Figure 6.32.

Assigning/changing drive letters

Mounting drives and assigning drive letters are two tasks that go hand-in-hand. When you mount a drive, you typically assign it a drive letter to be able to access it. Right-clicking a volume in Disk Management gives the option Change Drive Letter And Paths, as shown in Figure 6.33.

Adding drives

When removable drives are added, the Windows operating system is configured, by default, to identify them and assign a drive letter. When nonremovable drives are added, you must mount them and assign a drive letter, as mentioned earlier.

Adding arrays

Arrays are added to increase fault tolerance (using RAID) or performance (striping). Disk Management allows you to create and modify arrays as needed.

Storage spaces

Configuring storage spaces is a fault tolerance and capacity expansion technique that can be used as an alternative to the techniques described earlier when discussing dynamic volume types. It enables you to virtualize storage by grouping industry-standard disks into storage pools and then creating virtual disks called storage spaces from the available capacity in the storage pools. This means that, at a high level, you have to do three tasks to use storage spaces.

1. Create a storage pool, which is a collection of physical disks.
2. From the storage pool, create a storage space, which can also be thought of as a virtual disk.
3. Create one or more volumes on the storage space.

First let’s look at creating the pool from several physical disks. Each of the disks must be at least 4 GB in size and should not have any volumes in it. The number of disks required depends on the type of resiliency you want to provide to the resulting storage space. Resiliency refers to the type of fault tolerance desired. Use the following guidelines:

• For simple resiliency (no fault tolerance), only a single disk is required for the pool.
• For mirror resiliency, two drives are required.
• For parity resiliency (RAID 5), three drives are required.

To create the pool, access the Control Panel using any of the methods discussed so far and click the applet Storage Spaces. On the resulting page, select the option Create A New Pool And Storage Space. On the Select Drives To Create Storage Pools page, the drives that are available and supported for storage pools will appear, as shown in Figure 6.34.

In this case, only one drive is eligible, so you can create only a simple type pool. Check the drive and click the Create Pool button at the bottom of the page. On the next page, give the space a name, select a drive letter, and choose the file system (NTFS or REFS), the resiliency type (in this case you can select only Simple), and the size of the pool. Figure 6.35 shows the pool as Myspace, with a drive letter of F, an NTFS file system, simple resiliency, and a maximum size of 100 GB. When you click Create Storage Space, the space will be created. Be aware that any data on the physical drive will be erased in this process!

When the process is finished, the new space will appear on the Manage Storage Spaces page. Now you have a pool and a space derived from the pool. The last step is to create a volume in the storage space. If you now access Disk Management, you will see a new virtual disk called Myspace. It will be a basic disk, but you can convert it to dynamic by right-clicking it and selecting Convert To Dynamic Disk. This will allow to you shrink or delete the existing volume if you desire.

A scenario for using diskpart is to extend a partition that is getting full.

1. In the command prompt, enter diskpart.
2. At the Diskpart prompt, enter list disk.
3. Then enter select disk n where n is the partition you want to extend.
4. Enter list partition.
5. Select the partition which you want to extend. Enter partition n, where n is the partition you want to extend.
6. Enter extend size=n, where n is the size in megabytes you want to add to the partition.

Connections

As the name implies, from this tab you can configure connections for an Internet connection, a dial-up or VPN connection, and LAN settings, as shown in Figure 6.36.

A scenario for using this tool would be when a user needs you to configure his laptop with a VPN connection to the office.

Security

On the Security tab, as shown in Figure 6.37, you can choose both a zone and a security level for the zone. The zones include Internet, Local Intranet, Trusted Sites, and Restricted Sites. The default security level for most of the zones is between High and Medium-High, but you can also select lower levels.

A scenario in which you would use this tool is when a user wants more secure settings on his Internet connection while loosening the settings somewhat for his home network.

General

On the General tab, as shown in Figure 6.38, you can configure the home page that appears when the browser starts or a new tab is opened. You can also configure the history settings, search defaults, what happens by default when new tabs are opened, and the appearance of the browser (colors, languages, fonts, and accessibility).

A scenario for using this tool is when a user would like to change his home page to the company intranet site.

Privacy

Privacy settings, as shown in Figure 6.39, allow you to configure the privacy level, choose whether you want to provide location information, use Pop-up Blocker, and disable toolbars (and extensions) when InPrivate Browsing starts.

A scenario for using this tool would be when a user needs to disable pop-ups for a site that requires them to function properly.

Programs

On the Programs tab, as shown in Figure 6.40, you specify which browser you want to be the default browser, what editor to use if HTML needs editing, and what programs to associate with various file types. You can also manage add-ons from here.

A scenario for using this tool is when a user has an unusual file type that his system doesn’t recognize. You could use this tool to associate the file type with the application that opens it.

Advanced

On the Advanced tab, as shown in Figure 6.41, you can reset settings to their default options. You can also toggle configuration settings for granular settings not found on other tabs.

A scenario for using this tab would be when a user has played with the settings and would like to get them back to the default; this tool will do it.

Resolution

The resolution settings vary based on the OS, but when you need to set the resolution, this is the place to do it. The documentation that comes with the computer will prescribe a Recommended setting that you should not exceed.

Color depth

Color depth is either the number of bits used to indicate the color of a single pixel, in a bitmapped image or video frame buffer, or the number of bits used for each color component of a single pixel. In Windows 7, this can be set on the Monitor tab of the properties of the adapter, as shown in Figure 6.42.

In Windows 8, 8.1 and Windows 10, color depth, resolution, and refresh rate are all the same drop-down box and are found after clicking the List All Modes button on the Adapter tab of the display, as shown in Figure 6.43.

Refresh rate

The refresh rate is the number of times in a second that a display updates its buffer and is expressed in hertz. In Windows 7, the refresh rate is set using a drop-down box just above the setting for color depth (see Figure 6.42). In Windows 8, 8.1, and 10, the setting is located as described in the previous section, “Color depth.”

View hidden files

On the View tab, shown in Figure 6.44, beneath Advanced Settings, you can choose the option Show Hidden Files, Folders, And Drives, and this will allow you to see those items. The opposite of this—the default setting—is Don’t Show Hidden Files, Folders, Or Drives. Radio buttons allow you to choose only one of these options.

A related check box that you should also clear in order to see all files is Hide Protected Operating System Files (Recommended) (Not shown in Figure 6.44.) When this check box is cleared, those files will also appear in the view you are seeing.

Hiding these files is recommended so that users do not inadvertently delete or change these critical files. Hiding them is the default setting.

Hide extensions

On the View tab, shown in Figure 6.44, you must clear the check box Hide Extensions For Known File Types in order for the extensions to be shown with the files.

General options

You can configure the layout on the General tab of Folder Options (shown in Figure 6.45). Browsing options allow you to choose whether each folder will open in its own folder or the same folder. The Navigation Pane setting allows you to control what items are included in the tree structure that appears to the left when using File Explorer.

View options

Along with the setting that allows you to hide or show file extensions and to show hidden files are a number of other settings that affect what you see when you use File Explorer (as shown in Figure 6.44 earlier).

Always Show Icons, Never Thumbnails Always show icons, rather than thumbnail previews of files. Use this setting if thumbnail previews are slowing down your computer.

Always Show Menus Always show menus above the toolbar. Use this setting if you want access to the classic menus, which are hidden by default.

Display File Icon On Thumbnails Always shows the icon for a file in addition to the thumbnail (for easier access to the related program).

Display File Size Information In Folder Tips See the size of a folder in a tip when you point to the folder.

Hide Protected Operating System Files See all system files that are usually hidden from view.

Hide Empty Drives In The Computer Folder Show removable media drives (such as card readers) in the Computer folder even if they currently don’t have media inserted.

Launch Folder Windows In A Separate Process Increase the stability of Windows by opening every folder in a separate part of memory.

Restore Previous Folder Windows At Logon Automatically open the folders that you were using when you last shut down Windows whenever you start your computer.

Show Drive Letters Hide or show the drive letter of each drive or device in the Computer folder.

Show Encrypted Or Compressed NTFS Files In Color Display encrypted or compressed NTFS files with unique color coding to identify them.

Show Pop-Up Description For Folder And Desktop Items Turn off the tips that display file information when you point to files.

Show Preview Handlers In Preview Pane Never show or always show the contents of files in the preview pane. Use this setting to improve the performance of your computer or if you don’t want to use the preview pane.

Use Check Boxes To Select Items Add check boxes to file views for easier selection of several files at once. This can be useful if it’s difficult for you to hold down the Ctrl key while clicking to select multiple files.

When typing into list view, there are two radio buttons.

Automatically Type Into The Search Box Automatically puts the cursor in the search box when you start typing.

Select The Type Item In The View Does not automatically put the cursor in the search box when you start typing.

Performance (virtual memory)

Performance settings are configured on the Advanced tab, as shown in Figure 6.46. Clicking the Settings button allows you to change the visual effects used on the system and configure Data Execution Prevention (DEP). Data execution prevention is a security feature that prevents the execution of certain processes in key files. You can also configure virtual memory on the Advanced tab. Virtual memory is the paging file used by Windows as RAM.

In most cases you should never change the virtual memory section but in cases where performance is lagging you can try to dedicate more disk space for this function.

Remote settings

On the Remote tab, as shown in Figure 6.47, you can choose whether to allow Remote Assistance to be enabled.

System protection

On the System Protection tab, as shown in Figure 6.48, you can choose to do a system restore as well as create a manual restore point and see the date and time associated with the most recent automatic restore point.

Power plans

Power plans are collections of power settings that determine when various components in the device are shut down. There are some built-in plans available, or you can create your own. There are three default plans: Balanced, which strikes a balance between performance and saving power; Power Saver, which errs on the side of saving power at the expense of performance; and High Performance, which errs on the side of performance over power saving. These options appear on the opening page when you open Power Options, as shown in Figure 6.50. To create a power, select Create A Power Plan from the tree menu on the left.

Drive space

Consult the documentation of the software to determine the minimum amount of disk space required to hold the installation. These minimums are not suggestions; the software will simply not install if they are not met.

RAM

The minimum of RAM required should be viewed as just that, a minimum. Make sure you have more than required for satisfactory performance.

Compatibility

As mentioned earlier, applications are written to be compatible with various operating systems and the compatibility with your system must be ensured.

Local (CD/USB)

Outside of the enterprise, most installations are done by using the CD that came with the software or by placing these same files on a USB stick and accessing them from the USB drive.

Network-based

In most enterprises, installations are done by placing the installation files in a network location and accessing and running them from the network location. This saves administrative effort involved in visiting each machine manually with the installation CD.

Folder/file access for installation

When a network location has been configured as an installation point, ensure that users that will be accessing the share have the proper permissions to the folder holding the installation files. They must be able to execute the files in the folder.

Impact to device

Some software can be compromised in such a way as to potentially allow compromise of the entire device. Consider the application’s reputation in the industry with regard to such weaknesses.

Impact to network

While it’s bad enough that a software compromise can lead to device compromise, it can also lead to a compromise of multiple devices on the network.

Exceptions

Exceptions are configured as variations from the rules. Windows Firewall will block incoming network connections except for the programs and services that you choose to allow through. For example, you can make an exception for Remote Assistance to allow communication from other computers when you need help (the scope of the exception can be set to allow any computer, only those on the network, or a custom list of allowed addresses you create). Exceptions can include programs as well as individual ports.

A scenario for using exceptions would be when you want to block all traffic with the exception of only required traffic. You define each allowed traffic type as an exception and disallow all others by default.

Configuration

Most of the configuration is done as network connection settings. You can configure both ICMP and Services settings. Examples of ICMP settings include allowing incoming echo requests, allowing incoming router requests, and allowing redirects. Examples of services often configured include an FTP server, Post-Office Protocol Version 3 (POP3), and web server (HTTP).

A scenario for using this setting is to disallow ICMP traffic to prevent ping sweeps. This type of network probing is used to discover the devices in your network.

Enabling/disabling Windows Firewall

On the General tab of Windows Firewall, it is possible to choose the radio button Off (Not Recommended). As the name implies, this turns Windows Firewall completely off. The other radio button option, On (Recommended), enables the firewall. You can also toggle the check box Don’t Allow Exceptions. This option should be enabled when you’re connecting to a public network in an unsecure location (such as an airport or library), and it will then ignore any exceptions that were configured.

A scenario where you might choose to turn the firewall off is when you are using another firewall product instead. You want to use only one firewall.

IP Addressing

Two radio buttons appear on the Alternate Configuration tab, as shown in Figure 6.69 Automatic Private IP Address and User Configured. The default is the first, meaning that the alternate address used is one in the APIPA range (169.254.x.x). Selecting User Configured requires you to enter a static IP address to be used in the IP address field. The entry entered must be valid for your network for it to be usable.

Subnet Mask

When you select the User Configured radio button on the Alternate Configuration tab, you must enter a value in the Subnet Mask field. This value must correspond with the subnet values in use on your network and work with the IP address you enter in the field above (see Chapter 2, “Networking” for more information on subnet addresses).

DNS

When you select the User Configured radio button on the Alternate Configuration tab, you should also enter values in the fields Preferred DNS Server and Alternate DNS Server. These entries are needed in order to translate domain names into IP addresses (see Chapter 2 for more information on DNS).

Gateway

When you select the User Configured radio button on the Alternate Configuration tab, you must enter a value in the Default Gateway field. This value must correspond with the subnet values and the IP address you enter in the fields above. This address identifies the router to be used to communicate outside the local network (see Chapter 2 for more information on default gateways).

Half duplex/full duplex/auto

Duplexing is the means by which communication takes place.

• With full duplexing, everyone can send and receive at the same time. The main advantage of full-duplex over half-duplex communication is performance. NICs can operate twice as fast in full-duplex mode as they do normally in half-duplex mode.
• With half duplexing, communications travel in both directions, but in only one direction at any given time. Think of a road where construction is being done on one lane—traffic can go in both directions but in only one direction at a time at that location.
• With auto duplexing, the mode is set to the lowest common denominator. If a card senses another card is manually configured to half duplex, then it also sets itself at that.

Duplexing is set using the Advanced tab on the Properties of the network card, as shown in Figure 6.70.

Speed

The speed setting allows you to configure whether the card should run at its highest possible setting. You often need to be compatible with the network on which the host resides. If, for example, you are connecting a workstation with a 10/100BaseT card to a legacy network, you will need to operate at 10 MBps to match the rest of the network. Speed is set along with duplex, as shown in Figure 6.70.

Wake-on-LAN

Wake-on-LAN (WoL) is an Ethernet standard implemented via a card that allows a “sleeping” machine to awaken when it receives a wakeup signal from across the network.

QoS

Quality of Service (QoS) implements packet scheduling to control the flow of traffic and help with network transmission speeds. No properties can be configured for the service itself.

BIOS (Onboard NIC)

While some older devices may have network cards installed in slots, most devices now have integrated or built-in network interfaces on the motherboard. While these interfaces will be recognized and set up automatically, if you find you do not see an integrated interface when you go to Network And Sharing, you may need to enable the interface in the BIOS. The steps to locate this setting are specific to the BIOS on the machine, but if you identify the BIOS vendor and the version, you should be able to look up the steps on the BIOS vendor website.

Scheduled backups

In Linux, backups of data can be scheduled using the rsync utility from the command line. While there is another utility, cp, that can be used, rsync prevents unnecessary copying when the destination file has not been changed. It also can operate both locally and remotely. It also encrypts the transfer. The basic syntax is as follows, where the -a switch tells rsync to work in “archive” mode:

rsync -a [source dir] [destination dir]

As with any command-line utility, you can create batch files and schedule these backups.

In MacOS, you can also use rsync, but another tool is available. With Time Machine, you can back up your entire Mac, including system files, apps, music, photos, emails, and documents. When Time Machine is enabled, it automatically backs up your Mac and performs hourly, daily, and weekly backups of your files.

Scheduled disk maintenance

Because Linux systems manage the disk differently than Windows, they need no defragmentation. There is a maintenance task you may want to schedule in Linux. From time to time you should run a file system checker called fsck. This is a logical file system checker.

The MacOS needs defragmentation in only a small number of cases. If the user creates large numbers of multimedia files and the drive has been filling for quite some time, the system may benefit from defragmentation. However, in most cases, this is not required.

One task that is beneficial to execute from time to time is to check the health of the disk using the Disk Utility’s Verify Disk functionality. While many disk operations (including the use of Time Machine) require booting to a different drive to perform the operation on the drive in question, Disk Utility can perform a live verification without doing this.

System updates/App Store

Many of the versions of Linux now make updates much easier than in the past. Both Ubuntu and Fedora offer a GUI tool (shocking!) for this. In Ubuntu, for example, choosing System ➢ Administration and then selecting the Update Manager entry will open Update Manager. When it opens, click the Check button to see whether there are updates available. Figure 6.71 shows a list of available updates.

Of course, you can still do this from the command line. Follow these steps:

1. Open a terminal window.
2. Issue the command sudo apt-get upgrade.
3. Enter your user’s password.
4. Look over the list of available updates and decide whether you want to go through with the entire upgrade.
5. When the desired updates have been selected, click the Install Updates button.
6. Watch as the update happens.

In MacOS, updates can come either directly from Apple or from the Apple Store. To make updates automatic, access Software Update preferences, where you can set it to daily, monthly, or weekly, as shown in Figure 6.72.

Patch management

While in the past patch management in Linux and MacOS presented more of a challenge than with Windows, today the same tool used to manage patches with Windows (System Center Configuration Manager) can now be used to patch additional systems such as Linux and Mac. There are also third-party tools such as Spacewalk that can manage updates.

Driver/firmware updates

Updating drivers and firmware in Linux can be done either during the installation or afterward. Some versions, such as Red Hat, recommend installing first and then performing the upgrade. While the upgrade process varies from version to version, in Ubuntu either you can wait until a new version of the OS is released (which is once every six months) and get the update from the Software Update Center, or you can access what is called a personal package archive (PPA). These PPAs are repositories containing drivers that can be easily made available to the Ubuntu Update Manager by adding the PPA to the local system. Once added, the drivers will appear as available when you access the local Ubuntu Update Manager, as shown in Figure 6.73.

In Red Hat, driver and firmware updates, download the driver update RPM package from the location specified by Red Hat or your hardware vendor. Then locate and double-click the file that you downloaded. The system might prompt you for the root password, after which it will present the Installing packages box, shown in Figure 6.74. Then click Apply.

On MacOS, firmware and driver updates are obtained from the Apple Support site. After the update finishes downloading, the system will restart, and while a gray screen appears, the update will be applied.

Antivirus/Anti-malware Updates

All the major antivirus and antimalware vendors create products for both Mac and commercial versions of Linux. Updates to the engines and definitions for these applications are done in a similar fashion to Windows. Checks for updates can be scheduled just as is done in Windows.

Backup/Time Machine

For all Linux versions, backup tools are available for free and for a fee. You can also use the tar and cpio command-line utilities to construct full or partial backups of the system. Each utility constructs a large file that contains, or archives, other files. In addition to file contents, an archive includes header information for each file it holds. Table 6.24 lists the parameters of the tar command.

On MacOS you can use Time Machine, discussed earlier in the section “Scheduled Backups.” Figure 6.75 shows this tool and some of its options.

Restore/Snapshot

In Linux, the snapshot feature provides the ability to create a volume image of a device at a particular instant without causing a service interruption. When a change is made to the original device (the origin) after a snapshot is taken, the snapshot feature makes a copy of the changed data area as it was prior to the change so that it can reconstruct the state of the device. You can use the -s argument of the lvcreate command to create a snapshot volume.

To restore a snapshot, first change the directory to where the snapshots are located. Once there, change to the hidden subdirectory called .snapshot. There you will find directories such as nightly.0, nightly.1, nightly.2, hourly.0, hourly.1, ..., and hourly.10 (use the ls to command to see them). Change to the directory that still contains your file and copy it to its original location.

You can use the Time Machine tool to restore files in Mac. The steps are as follows:

1. Select the Time Machine icon from the menu.
2. Select Enter Time Machine.
3. You’ll be taken to the Time Machine window. Here you can navigate to the file or folder you need to retrieve.
4. Locate the file or folder and click the Restore button.
5. Time Machine will copy that file to its original location on your hard disk.

Image Recovery

Recovering an entire image in either system is not different from restoring a single file. In Linux, you can use the rsync utility to restore a snapshot. On Mac you use Disk Utility in conjunction with a backup of the system and the OS media. To do this, follow these steps:

1. Connect the external hard drive that contains the backup to the Mac to which you are restoring.
2. Insert the OS X CD and restart it.
3. Hold down the C key while booting to boot to the MacOS X CD and select your language.
4. From the Utilities menu, select Disk Utility.
5. Select the drive the backup is stored on.
6. Select the Restore tab. Select that disk and drag that to the Source window. If you created a .dmg image, you’ll need to click the drive you saved the image to (do not drag it), click Image, and select the disk image from the drive you stored it on.
7. In the left pane of Disk Utility, click your hard drive and drag it to the Destination window.
8. Check the Erase Destination check box to erase your old hard drive and replace it with the disk image you’ve selected as the source.
9. Click Restore. Click OK to verify.

Disk maintenance utilities

While I covered the disk maintenance utilities in the various sections earlier, Table 6.25 summarizes the tools discussed.

Shell/Terminal

In Linux, a shell is a command-line interface, of which there are several types. A terminal is a window that appears when you press Ctrl+Alt+T. They both accept commands, but they are two separate programs. The following are some differences:

• A terminal window can run different shells depending on what you have configured.
• Certain interactive applications can be run in the terminal emulator, and they will run in the same window.
• Remote logins, using a program like SSH, can be run from inside a terminal window.

MacOS calls the shell Terminal, and you can find it under Applications ➢ Utilities ➢ Terminal, as shown in Figure 6.76.

Screen sharing

In Linux, you can share a screen with others by using third-party tools, but you can also do it using the following procedure as a root user: change permissions to allow users to be added to the session by typing chmod u+s /usr/bin/screen (which allows a user to run an executable file of the specific owner who is launching the screen).

1. Change the access permission of the screen mode by typing chmod 755 /var/run/screen.
2. Log out from SSH as a root user.
3. Enter the command Screen to start the new screen.
4. Change the screen mode from single user to multiuser. Press Ctrl+A and then Enter ':multiuser on' //.
5. Add the user into the screen, press Ctrl+A, and then enter ':acladd acl name' //. For example, use :acladd jack -.
6. The user joins the screen so that both can work in the same terminal by typing screen -x name_of_screen_session.

In Mac, a screen-sharing tool is built in. In OS X Yosemite, the process is as follows:

1. Open Sharing preferences (choose Apple menu ➢ System Preferences and then click Sharing).
2. Select the Screen Sharing check box. If Remote Management is selected, you must deselect it before you can select Screen Sharing.
3. To specify who can share your screen, select one of the following:
   • All users: Anyone with a user account on your Mac can share your screen.
   • Only these users: Screen sharing is restricted to specific users.
4. If you selected Only These Users, click Add at the bottom of the users list and then do one of the following:
   • Select a user from Users & Groups, which includes all the users of your Mac.
   • Select a user from Network Users or Network Groups, which includes everyone on your network.
5. To let others share your screen without having a user account on your Mac, click Computer Settings, and then select one or both of the following:
   • Anyone may request permission to control screen: Before other computer users begin screen sharing your Mac, they can ask for permission instead of entering a username and password.
   • VNC viewers may control screen with password: Other users can share your screen using a VNC viewer app—on iPad or a Windows PC, for example—by entering the password you specify here.

Force Quit

Force Quit can be used on a Mac to stop an unresponsive application. To use this function, follow these steps:

1. Choose Force Quit from the Apple menu or press Command+Option+Esc.
2. Select the unresponsive app in the Force Quit Applications window, as shown in Figure 6.77, and then click Force Quit.

In Linux you can use the xkill feature to kill a program you click. To do this, follow these steps:

1. Press Alt+F2 and enter gnome-terminal to open a terminal session.
2. Inside the terminal, enter sudo xkill, and then click any window to kill it.

Multiple Desktops/Mission Control

In Apple, Mission Control provides a quick way to see everything that’s currently open on your Mac. To use Mission Control, do one of the following:

• Swipe up with three or four fingers on your trackpad.
• Double-tap the surface of your Magic Mouse with two fingers.
• Click the Mission Control icon in the Dock or Launchpad.
• On an Apple keyboard, press the Mission Control key.

Regardless of how you invoke Mission Control, all your open windows and spaces are visible, grouped by app. You can also use the tool to create desktops that are called spaces and place certain apps in certain spaces. Moreover, you can switch between the spaces in the same session.

When you enter Mission Control, all your spaces appear along the top of your screen. The desktop you’re currently using is shown below the row of spaces. To move an app window to another space, drag it from your current desktop to the space at the top of the screen.

To switch between spaces, do one of the following:

• Enter Mission Control and click the space you want at the top of the Mission Control window.
• Swipe three or four fingers left or right across your trackpad to move to the previous or next space.
• Press Ctrl+Right Arrow or Ctrl+Left Arrow on your keyboard to move through your current spaces. Then click a window to bring it to the front of your view.

In Linux you can do this using what are called workspace switchers, which must be activated. For example, Figure 6.78 shows the activation window in Ubuntu Unity. Once it’s activated, you can create and populate workspaces and use Workspace Switcher to move from one to another, much like you do in Mac.

Keychain

Keychain is the password management system in OS X. It can contain private keys, certificates, and secure notes. In MacOS X, keychain files are stored in ∼/Library/Keychains/, /Library/Keychains/, and /Network/Library/Keychains/. Keychain Access is a MacOS X application that allows a user to access the Keychain and configure its contents.

Spot Light

Spot Light is a search tool built into Mac systems. To open Spot Light, click the magnifying glass icon in the upper-right corner of the menu bar, or press Command+spacebar from any app. Spot Light results can include dictionary definitions, currency conversions, and quick calculations. It will search the Web as well, but you can limit its scope to just search the local computer.

iCloud

iCloud is Apple’s cloud storage solution, much like OneDrive in Windows. It also allows for the automatic synchronization of information across all devices of the user. In addition, it can be used to locate an iPhone and can be a location to which a backup can be stored. All Mac users are provided with 5 GB of free storage and then can purchase additional storage for a monthly fee.

Gestures

Gestures are used in Mac to interact with a touchscreen. The system is based on using multitouch, which allows you to touch the screen in more than one place and initiate specific subroutines called gestures such as when expanding or reducing a photo.

Finder

While Finder can also be used on a Mac to search for files, its main function is a file system navigation tool, much like Windows Explorer. To open a new Finder window, click the Finder icon in the Dock and then select File ➢ New Window. Figure 6.79 shows a Finder window.

Remote Disk

Remote Disk is an icon that appears under Devices as well as under Computer that allows you to see which computers on the same network have drives available to share with your Mac. When computers on the same network have disk sharing enabled and are online, you can highlight that icon to see a list of them. To share optical discs from a Mac that has a built-in or external optical drive, use these steps:

1. On the Mac that has an optical drive, choose System Preferences from the Apple menu.
2. Click the Sharing icon in the System Preferences window.
3. Enter a name in the Computer Name field.
4. Enable the check box DVD Or CD Sharing.
5. You can also restrict who has access to your optical drive by selecting Ask Me Before Allowing Others To Use My DVD Drive.

Dock

The Dock is the series of icons that appear usually on the bottom of the screen on a Mac. It provides quick access to applications that come with the Mac, and you can add your own items to the Dock as well. In many ways, it is like the taskbar in Windows. It keeps apps on its left side. Folders, documents, and minimized windows are kept on the right side of the Dock. Figure 6.80 shows the Dock.

Boot Camp

Boot Camp is a utility on a Mac that allows you to create a multiboot environment. While Apple only supports using the tool to install a version of Windows, it has been used to also create a bootable version of Linux. The Boot Camp Assistant, shown in Figure 6.81, guides the user through the process of setting up the system.

ls

The ls command lists information about the files in the current directory. Its syntax is as follows:

ls [OPTION]... [FILE]...

While the file options are too numerous to mention here, they mostly specify the format of the output. For a complete listing and their use, see http://linuxcommand.org/man_pages/ls1.html.

grep

The grep command is used to search text or to search the given file for lines containing a match to the given strings or words. Its syntax is as follows, where PATTERN is the pattern you are trying to match:

grep [OPTIONS] PATTERN [FILE...]

It has options that govern the matching process as well as options that specify the output. For more information on the options and their use, see www.computerhope.com/unix/ugrep.htm.

cd

The cd command is used to change the current directory just as it does at the Windows command line. Its syntax is as follows:

cd [option] [directory]

The parameters that can be used with this command are as follows:

shutdown

The shutdown command brings the system down in a secure way. Its syntax is as follows:

shutdown [-akrhPHfFnc] [-t sec] time [message]

There are too many parameters to list here. For more information, see www.computerhope.com/unix/ushutdow.htm.

pwd vs. passwd

While the passwd command changes passwords for user accounts, the pwd command prints the full path name of the current working directory. The syntax for the passwd command is as follows:

passwd [options] [LOGIN]

For information on the numerous options that can be used, see www.computerhope.com/unix/upasswor.htm.

The syntax for the pwd command is as follows:

pwd [OPTION]...

The options that can be used are as follows:

mv

While the mv command can be used to move or rename a file in Linux, it’s usually used to move a file. In that scenario, the syntax is as follows:

mv [OPTION]... [-T] SOURCE DEST

For information on the parameters that can be used, see www.computerhope.com/unix/umv.htm.

cp

The cp command is used to copy files and directories. Its syntax is as follows:

cp [OPTION]... SOURCE... DIRECTORY

For information on the parameters that can be used, see www.computerhope.com/unix/ucp.htm.

rm

The rm command removes (deletes) files or directories when it is combined with the -r option. The syntax is as follows:

rm [OPTION]... FILE...

For information on using parameters, see www.computerhope.com/unix/urm.htm.

chmod

The chmod command is used to change the permissions of files or directories. Its syntax is as follows:

chmod options permissions filename

For information on using parameters, see www.computerhope.com/unix/uchmod.htm.

cmkdir

The cmkdir command is used to create a Cryptographic File System (CFS) directory. These directories are stored in encrypted format. The command will prompt you for a password that will be used to encrypt the directory. The syntax of the command is as follows:

cmkdir [option] directory

For information concerning possible options, see www.linuxcertif.com/man/1/cmkdir/.

chown

The chown command is used to change the ownership of a file. The syntax is as follows, where new_owner is the username or the numeric user ID (UID) of the new owner and object is the name of the target file, directory, or link:

chown [options] new_owner object(s)

The ownership of any number of objects can be changed simultaneously.

The options are as follows:

• -R operates on file system objects recursively.
• -v (verbose) provides information about every object processed.
• -c reports only when a change is made.

iwconfig/ifconfig

The ifconfig and iwconfig commands are used to configure network interfaces. While the ifconfig command is dedicated to wired connections, the iwconfig command is used on wireless interfaces. Here is the syntax of the two commands:

iwconfig interface [essid X] [nwid N] [mode M] [freq F] [channel C]
[sens S ] [ap A ] [nick NN ] [rate R] [rts RT] [frag FT] [txpower T]
[enc E] [key K] [power P] [retry R] [commit]

and

ifconfig interface [aftype] options | address ...

For information on the options, see

www.linuxcommand.org/man_pages/iwconfig8.html

and

http://linux.die.net/man/8/ifconfig.

ps

The ps command displays information about a selection of the active processes. Its syntax is as follows:

ps [options]

For information on the use of the options, see http://linuxcommand.org/man_pages/ps1.html.

q

The q command is used to quit the Unix full-screen editor called vi. It can be used in two ways:

su/sudo

The sudo command can be added at the front of a command to execute the command using root privileges. For example, to remove a package with root privileges, the command is as follows:

sudo apt-get remove {package-name}

The su command is used to change from one user account to another. When the command is executed, you will be prompted for the password of the account to which you are switching, as shown here:

$ su mact
password:
mact@sandy:∼$

apt-get

apt-get is the command-line tool for working with Advanced Packaging Tool (APT) software packages. These tools install packages on your system. The syntax of the command is as follows:

apt-get [-asqdyfmubV] [-o=config_string] [-c=config_file]
[-t=target_release][-=architecture] {update | upgrade |
dselect-upgrade | dist-upgrade |install pkg [{=pkg_version_number |
/target_release}]... | remove pkg... | purge pkg... | source pkg
[{=pkg_version_number | /target_release}]... | build-dep pkg
[{=pkg_version_number | /target_release}]... | download pkg
[{=pkg_version_number | /target_release}]... | check | clean |
autoclean | autoremove | {-v | –version} | {-h | –help}}

For additional information on its use and the options, see www.computerhope.com/unix/apt-get.htm.

vi

The vi command is used to invoke the vi editor (mentioned in the section about the q command), which is a full-screen editor with two modes of operation: command mode that causes action to be taken on the file and insert mode in which entered text is inserted into the file. To enter vi, you use vi filename. If the file named filename exists, then the first page (or screen) of the file will be displayed; if the file does not exist, then an empty file and screen are created into which you may enter text. To exit this mode when done, use one of the following commands, based on your intentions:

dd

The dd command copies a file, converting the format of the data in the process, according to the operands specified. Its syntax is as follows:

dd [OPERAND]...

or as follows:

dd OPTION

Kill

To send any signal to a process from the command line, use kill.

To list all available signals, use the -l option. Frequently used signals include HUP, INT, KILL, STOP, CONT, and 0. Signals may be specified in three ways.

• By number (for example, -9, where the process ID is 9)
• With the SIG prefix (for example, -SIGKILL)
• Without the SIG prefix (for example, -KILL)

For information on the available operands and options, see www.computerhope.com/unix/dd.htm.