2. Managing Windows Flashcards
Purpose of Device Manager (devmgmt.msc)?
Manage installed hardware properties
Where can you change config. settings, update drivers, & remove/disable devices?
Device Manager
What are common causes for a yellow exclamation mark in device manager?
Driver issues.
What to check if a device fails to connect to the OS?
Check if it (or the installed driver) is compatible with the OS
What is the first step to manually update or troubleshoot a device?
Find device in Device Manager
What is the Safely Remove Hardware icon used for?
To safely stop or eject a device
What is the procedure to remove a driver before unplugging a device?
Uninstall device in Device Manager
What does disabling a device in Device Manager do?
Makes it inaccessible to users
Usually used if it is not working with the current driver and you want to make it inaccessible to users while you find a replacement.
What disk subsystem stores the OS, software, & user data?
The disk subsystem consists of storage devices, interfaces, file systems, and OS mechanisms for managing data storage and access.
Primary disk subsystem
Ensuring reliability and performance of the disk subsystem is critical for management.
What is a ‘volume’?
Logical storage unit for the OS
A volume can have a 1:1 mapping with a partition or be created using RAID.
How does Windows refer to a mapped storage unit?
Drive
‘Drive’ can also refer to a physical hardware storage device.
What is the role of Disk 0?
To hold the OS
This disk will have at least three volumes: system, boot, and recovery.
3 volumes that Disk 0 has?
- System
- Boot
- Recovery
What files does the system volume contain?
The system volume is stored in Disk 0
OS files
It is usually allocated the drive letter C:.
What files does the boot volume contain?
The boot volume is stored in disk 0
Boot files
Files used to boot the OS
Typically utilizes an extensible firmware interface (EFI) and is not assigned a drive letter.
What can unformatted drives be initilalized to?
MBR or GPT
MBR & GPT refer to the way the partition info is stored on the disk.
What file system is typically used for new partitions in Windows?
NTFS
FAT32 may be used for smaller, removable drives.
What is one advantage of using smaller clusters?
Clusters are the smallest units of storage on a disk that the OS can manage
Better use of disk capacity.
What must be the format of the boot partition during setup?
The boot volume is stored in disk 0
NTFS.
What must be the format of the system partition during setup?
The system volume is stored in disk 0
FAT32.
Can you format/delete system/boot partitions?
The system & boot volumes are stored in disk 0
No.
What can existing partitions do if there is unpartitioned space available?
Expanded or removed/shrunk.
What is the purpose of dynamic disks?
To create dynamic volumes.
Dynamic volumes allows to combine multiple drives into a single virtual volume. This setups can also enable software RAID
What feature has deprecated the dynamic disks feature?
Storage Spaces.
What does defragmentation do on an HDD?
Rewrites file data into contiguous clusters
Contiguous clusters are neighboring sections of storage on a hard drive where file data is stored. This reduces the time the controller takes to seek over the disk to read a file.
How does data storage differ between HDDs and SSDs?
HDDs use contiguous clusters; SSDs use OS-independent blocks
Those blocks aren’t directly managed by the OS
The drive controller manages block usage according to wear-leveling routines.
What is the main purpose of the optimizer tool for SSDs?
To run a TRIM operation
TRIM identifies deletable data and tags corresponding blocks as writable.
What does the TRIM operation do on an SSD?
Tags deletable data as writable
This helps in managing the SSD’s storage efficiently.
When does the optimizer defragment an SSD?
If it holds the OS & Volume Shadow Copy is enabled
This allows for some level of optimization in SSDs. Volume Shadow Copy is a Windows feature that creates backup copies or snapshots of files or volumes, even when they are in use.
3 types of files the Disk Clean-up tool identifies for deletion?
- Files in Recycle Bin
- Temporary files
- Caches
What data can be reclaimed when using the Clean up system files option?
Via the Disk Clean-up tool
Cache Data
Like Windows Update and Defender
2 scheduling options for tasks in Task Scheduler?
- Run once at a future date or time
- Run on a recurring schedule
tasks can also be run based on a trigger (an event)
How can tasks be organized in Task Scheduler?
Via folders
What happens if a user account lacks permissions in Task Scheduler?
Task won’t run
Purpose of the Local Users and Groups console (lusrmgr.msc)?
Manage user accounts & reset account passwords
What are security groups in the Local Users and Groups console (lusrmgr.msc) used for?
Group user accounts that need similar permissions
i.e. the right to edit files in a shared folder
3 examples of default security groups?
- Administrators
- Users
- Guests
These groups implement the account types that can be selected via the settings interface.
What is a digital certificate?
Proof of a subject’s identity
the subject can be something like a user, computer, service, etc.
Who guarantees the validity of each digital certificate?
The certification authority (CA).
What tool is used to manage certificates on a Windows system?
Certificate Manager console (certmgr.msc).
What is stored in the Personal folder of Certificate Manager?
Certificates issued to the user account.
Theyr’e used for authenticating to a network, encrypting data, & adding a signature to a document/message
What does the Trusted Root Certification Authorities folder contain?
this is found in Certificate Manager
Certificates from trusted issuers
3 types of CAs included in here is Microsoft’s CA root, Local enterprise CAs, & Third-party CAs
Purpose of trusted root certificates?
Validate certificates issued by their CAs
What certificates does certmgr.msc and certlm.msc manage?
certmgr.msc: User certificates
certlm.msc: Computer certificates
What risk does a rogue CA certificate pose?
Could let a website impersonate a legit service
This can trick the user into revealing a password
What may be necessary if a certificate is compromised?
Remove it via Certificate Manager
How can vendors enhance Group Policy Editor for their software?
By creating templates to configure software with policies
Why is Group Policy more efficient on networks with many computers?
Imposes settings without manual configuration
All machines are configured at once
What does the HKEY_LOCAL_MACHINE (HKLM) database govern?
This is one of the Windows registry’s root keys
Root keys are the top-level containers in the Windows registry that store all configuration settings for the operating system and applications.
System-wide settings
HKLM is crucial for system configurations.
What types of settings does the HKEY_USERS database include?
This is one of the Windows registry’s root keys
Root keys are the top-level containers in the Windows registry that store all configuration settings for the operating system and applications.
User Settings (They apply to individual user profiles)
This includes desktop personalization.
What is the HKEY_CURRENT_USER (HKCU) database?
This is one of the Windows registry’s root keys
Root keys are the top-level containers in the Windows registry that store all configuration settings for the operating system and applications.
A subset of HKEY_USERS with settings for the logged in user
HKCU reflects user-specific configurations.
Where are most registry hive files stored?
The Windows registry database is stored in binary files called hives
C:\Windows\System32\Config folder
User profile hives are stored in the user’s profile folder.
Purpose of the .LOG file in a registry hive?
The Windows registry database is stored in binary files called hives
Contains a transaction log
It helps in tracking changes made to the registry.
What is a .SAV file in a registry hive?
The Windows registry database is stored in binary files called hives
Snapshot of the key after setup
This file aids in restoring settings if needed.
What is the filename for each user profile hive?
The Windows registry database is stored in binary files called hives
NTUSER.DAT
This file stores user-specific registry settings.
How can you copy portions of the registry database?
Select File > Export Registry File
The file is saved in a registry-compatible format
How can the exported registry file be used on another computer?
Merged into the other PC’s registry by double-clicking the file or calling it from a script
When you export a registry file, you’re saving the settings or keys from the Windows registry into a file (usually with a .reg extension). This file can then be transferred to another computer.
Device Manager, Disk Management, Group Policy Editor, & Certificate Managers are examples of ___.
MMC snap-ins
an MMC is a container for one or more snap-ins
What does the mmc command allow you to do?
the command is run via Run
Customize MMC by adding chosen snap-ins
MMC stands for Microsoft Management Console.
What file extension is used for saving a custom MMC console?
.MSC
This file can be saved to the Administrative Tools folder.
What can a custom MMC console manage?
Personal and computer certificates on the local host
This enhances the ability to administer certificates effectively.
Can most MMC snap-ins be used for remote management?
Yes
Most snap-ins can manage either the local computer or a remote computer on the network.
Purpose of the System Information (msinfo32.exe) tool?
Report the system’s hardware & software components
i.e. system resources, firmware & OS versions, driver file locations, environemtn variables, network status, etc.
What type of events does the System log in the Windows Logs folder contain?
This is located in Event Viewer
Events that affect the core OS
i.e. service load failures, hardware conflicts, driver load failures,
This log is essential for diagnosing system-level problems.
3 things recorded in the Application log in the Windows Logs folder contain?
This is located in Event Viewer
- Non-core processes
- Utilities
- Third-party apps
App installers typically write events to this log.
What does the Security log in the Windows Logs folder hold?
This is located in Event Viewer
Audit data for the system.
This log is important for security monitoring and compliance.
What events does the Setup log in the Windows Logs folder record?
This is located in Event Viewer
Events during installation.
Useful for troubleshooting installation issues.
What is the default maximum size for each log file in Windows Logs?
This is located in Event Viewer
About 20 MB.
This size can be adjusted in the log properties.
3 options available for log file management?
- Overwrite
- Do not overwrite
- Archive
Archiving closes the current file and starts a new one.
True or False: It is important to monitor archive logs to prevent them from growing very large.
True
Unmonitored archive logs can consume significant disk space.
Where can additional logs be found for troubleshooting in Windows?
Under the Applications and Services Logs node.
These logs are useful for investigating specific Windows features or third-party applications.
What tool provides more in-depth monitoring than Task Manager?
Resource Monitor (resmon.exe)
Purpose of Windows Performance Monitor (perfmon.msc)?
Show real-time resource charts & log data for analysis
It helps in identifying system bottlenecks and performance issues.
3 potential causes of an app freezing?
- Slow processor
- Slow hard disk
- Faulty/congested network link
Each of these factors can delay requests and affect performance.
What are Data Collector Sets in Performance Monitor (perfmon.msc)?
Log files
They’re created to record info for later viewing
They help generate a library of performance measurements over time (used for long-term view of system performance)
What are the two types of logs in Performance Monitor (perfmon.msc)?
Counter logs and trace logs
Each type serves different monitoring purposes.
What do counter logs collect in Performance Monitor (perfmon.msc)?
Resource statistics
Resources like memory, disk, & processor
Used to determine system health and performance.
What does trace logs in Performance Monitor (perfmon.msc) log?
Resource behavior
They log data that would otherwise be inaccessible.
How can saved log files be utilized in Performance Monitor?
Used for analysis or exported to other programs
(DELETE) What is the purpose of configuring a counter log in Performance Monitor?
To select what to monitor in the report.
What are the objects collected in Performance Monitor?
In Performance Monitor, an object is a group of related counters, and a counter measures a specific system performance metric.
Memory and disk.
What do objects contain in Performance Monitor?
Counters (Performance statistics)
An example of a performance counter is Average Queue Length
counters are metrics used to measure specific aspects of system performance
What does the Processor % Processor Time counter indicate?
Processor is the object; % Processor Time is the counter
In Performance Monitor, an object is a group of related counters, and a counter measures a specific system performance metric.
CPU utilization
The percentage of time the processor runs a non-idle thread
What indicates a potential processor bottleneck in Performance Monitor?
If % Processor Time is over 85% for a sustained period.
a counter measures a specific system performance metric
What does the Processor % Privileged Time counter represent?
Processor is the object; % Privileged Time is the counter
In Performance Monitor, an object is a group of related counters, and a counter measures a specific system performance metric.
System CPU usage
Percentage of time spent on system processes.
What does the Processor % User Time counter represent?
Processor is the object; % User Time is the counter
In Performance Monitor, an object is a group of related counters, and a counter measures a specific system performance metric.
User CPU usage
Percentage of time spent on apps
What does the Physical Disk % Disk Time counter measure?
Physical Disk is the object; % Disk Time is the counter
In Performance Monitor, an object is a group of related counters, and a counter measures a specific system performance metric.
Disk utilization
Percentage of time the disk is busy with read/write requests
What indicates a disk problem when monitoring % Disk Time?
a counter measures a specific system performance metric
If average is over 85% for a sustained period.
(DELETE) What does the Average Disk Queue Length counter represent?
a counter measures a specific system performance metric
The number of pending disk requests during data collection
What should the Available Bytes counter not fall below?
a counter measures a specific system performance metric
10% of total system RAM.
What does a continuous fall in Available Bytes indicate?
a counter measures a specific system performance metric
Memory leak.
What does the Pages/sec counter measure?
a counter measures a specific system performance metric
Page file I/O for hard faults
Number of pages read/written to disk for hard page faults
Hard page faults occur when data needed by a program is not in RAM and must be retrieved from the disk (paging file).
What is the threshold for excessive paging indicated by Pages/sec counter?
a counter measures a specific system performance metric
Averaging above about 50.
[DELETE] What does the Paging File % Usage counter represent?
Paging File is the object; % Usage is the counter
In Performance Monitor, an object is a group of related counters, and a counter measures a specific system performance metric.
Percentage of pagefile instance in use
A pagefile instance refers to a specific paging file on a disk. The paging file is a portion of disk space used as virtual memory when the physical RAM is full
If your paging file is 1000 MB and % Usage averages 50%, what does that imply?
You might benefit from adding 500 MB of memory.
If the paging file is using 50% of its capacity, adding more RAM (500MB in this case) would reduce reliance on the slower paging file, improving system performance.
What can low system memory indicate about disk performance?
Disk may slow from high paging
What can you adjust in the System Configuration Utility (msconfig.exe)?
Adjust boot settings & startup files
It is often used for diagnostic purposes rather than permanent configuration changes.
What does the Boot tab in System Configuration Utility allow you to configure?
Basic settings in the Boot Configuration Data (BCD) store
Including changing the default OS & adding boot options
Boot options like Safe Mode can be configured here. The BCD store is a Windows database that holds boot configuration settings, including OS details, boot options, and recovery settings, used by the Boot Manager to start the system.
How can you add boot paths in the Boot tab (System Configuration Utility)?
Boot paths are the file system locations and configurations used by an OS to locate and load essential files during the startup process
via bcdedit command.
This is run via cmd prompt; cmd prompt needs to be run as admin
What should you check if a system keeps using safe boot or boots to a command prompt?
Verify System Configuration settings to ensure options aren’t permanent.
What does the Services tab (System Configuration Utility) allow to do?
Choose which services run at startup
It alos shows the date a service was disabled
What does the Tools tab in the System Configuration Utility contain?
Shortcuts to admin utilities
i.e. System Information, Registry Editor, & Performance Monitor
True or False: The boot log file created by msconfig is shown in Event Viewer.
False
What do frequent page faults indicate during performance monitoring
The system relies heavily on the pagefile & may need more RAM
is it a problem if the CPU usage often jumps to 100% & then falls back?
(in task manager)
No
CPU spikes are normal, but sustained 80-90% usage may need a faster CPU or signal a faulty app
What does it mean if a program runs at startup, but is not in the Startup folder?
Program has added a registry entry to run at startup
Can be disabled via Task Manager
What tool is this?
System Information tool
This tool procudes a hardware & software inventory report
What is the command to open the Sytem Information tool?
msinfo32.exe
This tool procudes a hardware & software inventory report
2 Ways to access Task Manager?
- Ctrl+Alt+Del
- Ctrl+Shift+Esc
How to run a command that requires elevated privileges?
Open command prompt as administrator.
You can do this by right-clicking command prompt & selecting Run as administrator
What is the default folder when the command prompt is run as administrator?
C:\Windows\System32
What command can be used to clear the command prompt screen?
cls
What should you do if an argument includes a space?
Enter it within quotes.
i.e. cd "C:\Program Files\My Application"
What command is used to exit an interactive program?
interactive programs like telnet, etc.
exit or quit
what command lists available commands in the command prompt?
help
2 ways to list the syntax & switches for a command?
help [command][command] /?
i.e. help cd & cd /?
True or False: You can continue using the same command prompt window if you need to run a command that requires elevation.
False
What is the effect of using the forward slash escape character in command syntax?
i.e. dir /s
Precedes switches.
What command is used to list the files and subdirectories?
dir
The dir command can be used to list files from the working drive or a specified path.
What switch is used with the dir command to present files in a particular order?
/o:x
i.e. dir /o:n
The x can be n (name), s (size), e (extension), or d (date).
Which switch is used to set the date field for the dir command?
/t:x
i.e. dir /t:x
The x can be c (created on), a (last access), or w (last modified).
What does the /a:x switch do in the dir command?
Displays files with the attribute indicated by x
The attributes can be r (Read-only), h (hidden), s (system), or a (archive).
What wildcard character represents a single unspecified character?
?
For example, dir ????????.log displays all .log files with eight characters in the file name.
How do you change to a specific directory using the cd command?
Enter the full path
Example: cd C:\Users\David
What command would you use to move up to the parent directory?
cd ..
This command moves you one level up in the directory structure.
How do you change to the root directory of the drive?
cd \
This command takes you to the root directory.
What command is used to change the working drive?
Enter the drive letter followed by a colon
Example: D: changes to the D drive.
What is the syntax for the move and copy commands?
[command] [Source] [Destination]
i.e. (move file.txt C:\Documents) (`copy file.txt C:\Backup)
‘Source’ is the drive name, path, and name of the files, while ‘Destination’ is the drive name and path of the new location.
What utility allows you to copy multiple directories while retaining the directory structure?
xcopy
i.e. xcopy C:\SourceFolder D:\DestinationFolder /E /I
The syntax for xcopy is: xcopy Source [Destination] [Switches].
What is the primary advantage of using robocopy over xcopy?
robocopy works better with long file names and NTFS attributes
Microsoft now recommends using robocopy rather than xcopy.
What is the command to create a new directory?
md or mkdir
Example: To create a directory called Data, type md Data.
Which command is used to delete an empty directory?
rd [Directory] or rmdir [Directory]
Use /s switch to remove non-empty directories.
What is the purpose of the /s switch in the rmdir command?
i.e. rmdir C:\TestFolder /s
To remove files and subdirectories from a directory
Also, the /q switch can be used to suppress confirmation messages.
What characters can’t folders/files contain?
\ /:*?"< >|
These characters are not allowed in folder and file names.
What switch can be used to move files using robocopy?
/mov
i.e. robocopy C:\SourceFolder D:\DestinationFolder /mov
Despite its name, robocopy can also move files.
What does the xcopy command allow you to do?
i.e. xcopy C:\SourceFolder D:\DestinationFolder /e /i
Copy the contents of more than one directory at a time
It retains the directory structure.
True or False: The robocopy command is primarily used for copying files only.
False
robocopy can also move files using the /mov switch.
How to inspect disks using diskpart?
Run the diskpart utility and enter select disk 0
What command displays configuration info for a selected disk in diskpart?
detail disk
What does diskpart report if the hard disk has no partitions?
The partition table may have become corrupted
What command do you use to select a partition in diskpart?
select partition 0 or select volume 0.
What command is used to view information about a selected partition or volume in diskpart?
detail partition or detail volume
3 commands you can use after selecting a partition or volume in diskpart?
- assign
- delete
- extend
assign changes the drive letter, delete destroyes the volume, extend extends the size
What does the format command do?
i.e. format D: /fs:NTFS
Writes a new file system to a drive, deleting existing data.
What is the basic syntax of the format command?
format X: /fs:SYS
X is the drive letter; SYS is the file system
i.e. format D: /fs:NTFS
What does the /q switch do in the format command?
i.e. format D: /fs:NTFS /q
Skips the scan for bad sectors.
This makes the process faster
Sectors are the smallest physical storage units on a disk
What happens during both standard and quick format operations?
Removes references to existing files in the volume boot record.
During a format, the system removes the file references in the file system (like NTFS or FAT32), which are pointers to where data is stored on the disk. The data itself isn’t immediately erased, but the space is marked as available for reuse.
Can data be recovered from a formatted disk?
Yes, using third-party tools.
What is a secure format utility?
Tool that overwrites sectors with a zero value, preventing data recovery
A sector is the smallest data unit on a disk, where written data is stored. Secure format utilities like the Cipher command (Windows) and third-party tools overwrite data to prevent recovery.
What does the chkdsk command do?
Scans the file system and/or disk sectors for faults and attempts repairs.
A sector is the smallest data unit on a disk, where written data is stored.
What is the command to run chkdsk in read-only mode?
chkdsk X:.
chkdsk C:
What does the chkdsk X: /f command do?
chkdsk C: /f
Attempts to fix file system errors.
What does the chkdsk X: /r command do?
chkdsk C: /r
Fixes file system errors and attempts recovery of bad sectors.
A sector is the smallest data unit on a disk, where written data is stored.
What happens if chkdsk detects recoverable data?
It is copied to the root directory as filennnn.chk files.
True or False: Check Disk tool can fix open files.
(meaning files in use)
False.
What is recommended before running chkdsk /f or chkdsk /r?
Run a read-only scan first.
Which is done via chkdsk C:
What is the command to safely halt the system?
shutdown /s
This command closes all open programs and services before powering off the computer.
What does the command shutdown /h do?
Saves current session to disk before powering off PC
This is known as hibernation.
What is the purpose of the shutdown /l command?
Logs off the user account while leaving the computer running
This closes all programs and services started under the user account.
What does shutdown /r do?
Restarts PC without powering it down
This is also referred to as a soft reset.
What does the shutdown /s /t nn command do?
“nn” would be replaced with a number
Specifies a timer before shutdown starts
The default delay is 30 seconds if no number is provided
What command aborts a shutdown in progress?
shutdown /a
This command must be used quickly enough to be effective.
What is the function of the System File Checker (sfc)?
Verifies & restores corrupt system files from cache
It provides a manual interface for this process.
What does the command sfc /scannow do?
Runs a scan immediately
This checks for corrupt system files right away.
What does sfc /scanonce do?
Schedules a scan for the next computer restart
This allows for a one-time scan at the next boot.
What does sfc /scanboot do?
Schedules a scan to run at each PC boot
This ensures continuous monitoring of system files.
Where are system files maintained in Windows?
WINSxS system folder
This folder is version-controlled and can consume significant disk space.
What does the winver command report?
Version information of Windows
This is often needed for support purposes.
What does the Version refer to in Windows version information?
Examples include 1607 (July 2016) or 21H1 (first half of 2021).
A feature update via a year/month code
What is the OS Build in Windows version information?
Code showing brand & update status
The rev number can be used to look up changes and known issues.
Which is more informative for Windows version details, winver or the About settings page?
The About settings page
It lists edition and license information in addition to version details.
How do you perform a scan to idetify file system errors in read-only mode?
run chkdsk in command prompt
Which Windows command is ideal for scripting file backups?
Scripting file backups means using a command-line tool or script to automate the process of copying or archiving files for backup purposes
robocopy
What console monitors live CPU, memory, disk, and network usage?
A. certmgr.msc
B. taskschd.msc
C. resmon.exe
D. gpedit.msc
C. resmon.exe
An incident handler is reviewing a possible cryptomining infection on one of the corporate servers. What should the handler use first to investigate?
A. eventvwr.msc
B. taskmgr.exe
C. regedit.exe
D. taskschd.msc
B. taskmgr.exe
Which command helps investigate malware replacing system files?
A. sfc
B. chkdsk
C. winver
D. shutdown
A. sfc
Windows Resource Protection safeguards system files and registry keys. The System File Checker (sfc) verifies and restores corrupt system files from cache.
Which option helps improve system security after patching is improved?
A. msinfo32.exe
B. resmon.exe
C. services.msc
D. dfrgui.exe
C. services.msc
From Task Manager, the Open Services button links to the Services (services.msc) console. This can disable nonessential services to improve performance or security.
How can a user change the default OS in a dual-boot setup?
A. msconfig.exe
B. resmon.exe
C. taskschd.msc
D. gpedit.msc
A. msconfig.exe
The System Configuration Utility (msconfig.exe) modifies boot settings, like changing the default OS, adding boot options, and setting the timeout value.
Which cmmand should a Windows server use to transfer logs to a central security platform via a script?
A. xcopy Source [Destination] [Switches]
B. md Source [Destination] [Switches]
C. robocopy Source [Destination] [Switches]
D. rmdir Source [Destination] [Switches]
C. robocopy Source [Destination] [Switches]
Robocopy is a file copy utility recommended by Microsoft over xcopy, as it handles long file names and NTFS attributes better.
What tool should a server administrator use for resource performance graphs and statistics?
A. taskmgr.exe
B. services.msc
C. msconfig.exe
D. resmon.exe
D. resmon.exe
Resource Monitor (resmon.exe) shows an enhanced version of the type of snapshot monitoring provided by the Task Manager.
Which command should a user run to diagnose issues with large files?
A. format
B. diskpart
C. chkdsk
D. winver
C. chkdsk
What should a technician use to optimize HDD input/output operations performance?
A. devmgmt.msc
B. dfrgui.exe
C. resmon.exe
D. secpol.msc
B. dfrgui.exe
The Defragment and Optimize Drives tool (dfrgui.exe) runs various operations to speed up the performance of hard disk drives (HDDs).
What is the best way for a security admin. to push configuration changes to users?
A. regedit.exe
B. services.msc
C. lusrmgr.msc
D. gpedit.msc
D. gpedit.msc
The Group Policy Editor (gpedit.msc) provides a more robust means of configuring many of these Windows settings than editing the registry directly.
Where should a user check for changes after experiencing a BSoD on startup?
A. WSL
B. devmgmt.msc
C. taskschd.msc
D. services.msc
B. devmgmt.msc
Most BSoDs, especially during startup, are caused by faulty hardware or drivers. Device Manager (devmgmt.msc) lets users view and edit hardware properties.
