Chapter 2: Operating System Administration

Question 1

Date and Time Applet

Answer 1

Configure system time, date and time zone settings

Starting in windows 8 “Internet Time” tab was added to configure settings with internet time server

TIMEDATE.CPL

Question 2

Region applet

Answer 2

Region and language settings

Choose format for numbers, layout of keyoard, geographic location, and language for non-unicode programs

INTL.CPL

Question 3

Internet options applet

Answer 3

Configure internet options

INETCPL.CPL

Question 4

The System applet

Answer 4

SYSDM.CPL

Question 5

Action Center Applet

Answer 5

WSCUI.CPL

Known as “System Center” in Vista

Manage firewall, automatica updates, and virus protection

Question 6

Windows Firewall Applet

Answer 6

FIREWALL.CPL

Question 7

Power Options Applet

Answer 7

POWERCFG.CPL

Configure when devices (eg display) will turn off or be put to sleep

Question 8

Taskkill

/S

/PID

/F (signal specifier)

SIGTERM and SIGKILL

Answer 8

Used to terminate process (by name or process ID)

use the /S switch to indicate another machine

/IM switch used to specify a (image) name of process to kill and can include wildcard

/PID switch needed to kill process ID

SIGTERM is soft kill signal (code 15)

/F switch issues SIGKILL (terminate at all costs) code 9

Question 9

BOOTREC cmd

Answer 9

interact with MBR, boot sector, or Boot Configuration Data (BCD) store

To run tool: Must boot from installation disk, choose repair computer, and enter system recovery options, and choose command prompt

Then you can type bootrec.exe

/fixboot (write a new boot sector)

/Fixmbr (write new MBR)

/RebuildBCD (Rebuild BCD store)

/ScanOS (scan all disks for installation s the boot manager menu is not listing)

Question 10

Shutdown command

Answer 10

Used to schedule shutdown (complete or restart)

Question 11

Tasklist command

Answer 11

view all running processes and process ID numbers

/S switch used to see processes on remote machine

/SVC switch shows services hosted in each process

/U if need to run command as another user

/P allows to specify password of that user

Question 12

CD, MD, and RD commands

Answer 12

CD change to specified directory

MD makes a directory in specified path

RD removed specified directory

RD /S removed all directories and files in specified directory, including specified directory

RD /Q: Quite mode: will not be asked if you are sure you want to delete

Question 13

DEL

ERASE

Answer 13

used to delete files and directories

Question 14

Format command

Answer 14

Wipe data of disks and prepare them for new use

Syntax: FORMAT [volume] [switches

/FS specifies filesystem to use (FAT, FAT32, NTFS)

/V specifies new volume label

/Q quick format

EG: Format D: drive as NTFS with name of HDD2

FORMAT D: /FS NTFS /V: HDD2

Question 15

Copy / Move command

Answer 15

Copy: makes copy of file in new location

Move makes copy of file in new location and deletes original

/A indicates an ASCII text file

/V verifies that files are written correctly after copy

/Y suppresses prompt asking if you are sure you want to overwrite files that exist in new location

CANNOT copy directories: need XCOPY for that

Question 16

XCOPY

/A /E /F /G /H /K /O /R /S /U /V

Answer 16

Coppies directories and has following switches

/A copies files that have the Archive attribute set and does not clear the attribute

/E Copies directories and subdirectories, including empty directories

/F displays full source and destination filenames when copying

/G allows copying of encrypted files to non-encryption supporting destination

/H copies hidden and system files as well

/K Copies attributes (by default XCOPY resets read only)

/O Copies file ownership and ACL info (NTFS permissions)

/R overwrites read-only files

/S copies directories and subdirectories but not empty ones

/U Copies only files that already exist in destination

/V verifies size of each new file

Question 17

ROBOCOPY

Answer 17

Robust File Copy

Advantage over XCOPY is that it can accept plethora of specifications and keep NTFS permissions intact

/MIR switch can mirror complete directory tree

Question 18

Diskpart

Answer 18

Shows partitions and lets you manage them

Must be part of admin group to run

Question 19

SFC command

Answer 19

System File Checker checks and verifies versions of system files on computer

If it detects corrupted files, it will replace them with the correct version

Must be logged in as administrator

Syntax: SFC [switch]

/scanfile scans file and fixes problems if found

/scannow immediately scans all protected system fles

/verifyonly scans protected system files and does not make changes

/offbootdir repairs offline boot directory

/offwindir repairs offline windows directory

Question 20

CHKCSK command

Answer 20

Display status reports for hard disk

can also correct filesystem problems

Question 21

GPUPDATE

Answer 21

Used to update group policy settings

Refresh/change local and active directory based policies

Replaces functionality that previously exited with SECEDIT

Question 22

GPRESULT

Answer 22

Shows Resultant Set of Policy (RSoP) report/values for remote user and computer

Question 23

DIR

Answer 23

Displays files and folders (can use wildcards)

/A allows you to specify attributes of files you are seeking (hiden, system, ect)

/O specify different display order

/L returns results unsorted and in lowercase format

/S Recursively searches through subdirectories as well as current dir

/T sorts files according to time order

/P Displays results one page/screen at a time

/Q shows file ownership

Question 24

HELP

Answer 24

Displays all commands or gives info about specific command

can also type /?

Question 25

EXIT

Answer 25

Exits out of what you are currently in

Question 26

Expand

Answer 26

Expands one or more compressed files

• R lets you rename the files that are expanded
• D just displays list of files in source file

Question 28

Registry Hives

HKEY_CLASSES_ROOT

HKEY_CURRENT_USER

HKEY_LOCAL_MACHINE

HKEY_USERS

HKEY_CURRENT_CONFIG

Answer 28

HKCR: Info about which filename extensions map to particular applications

HKCU: Hods configuration info specific to a prticular user, such as desktop settings and history info

HKLM: Configuration information about actual coputer handware and software

HKU: Info about all users who hae logged into system (HKCU is subkey of this hive)

HKCC: provides quick access to commonly needed keys

Question 29

Virtual Memory

(Swap file or Paging file)

Answer 29

Windows moves data to SSD or HHD but treats it like RAM

File is called “Pagefile.sys” and is located in root directory of drive where OS files are installed

Question 30

File Allocation Table (FAT)

Answer 30

Uses 8.3 naming convention

8 letters for name then a “.” and then 3 letter file identifier

Uses 16 bit binary number to hold cluster-numbering info

largest FAT disk partiont that can be created using this system is 2GB

Question 31

Virtual FAT (VFAT)

Answer 31

augmented 8.3 file naming convention and allowed file names with up to 255 characters

Creates “long name” and an 8.3 compatible name for interoperability with FAT

Uses 32 bit code and 16 bit for backward compatibility

Also has 2GB partiont limit

Question 32

FAT32

Answer 32

Allowed 32 bit cluster addressing

This provided a 2TB maximum partition size

Question 33

NTFS

Answer 33

New Technology File System

Provides new features such as individual file security, compression, RAID support, and support for extremely large file and partition sizes/disk transaction monitoring

Question 34

CD-ROM file system (CDFS)

Answer 34

Used for CDs

Question 35

Extended File Allocation Table (ExFAT)

Answer 35

Proprietary file system for flash drives where NTFS and FAT32 cannot be used

Ideal for SD cards that hold a lot of info

Question 36

Network File Systems (NFS)

Answer 36

Widely used in Unix and Linux

Question 37

Extended File System (ext)

Answer 37

Default file system for many distributions of linux

ext4 is file system used for Android

Question 38

Extended vs Primary partitions

Answer 38

Extended can be divided into one or more logical drives

Primary partiions cannot be further subdivided