Guide - Part 3: File Systems Flashcards
How are disks, partitions, and volumes different from one another?
Disks are the actual storage hardware; partitions are logical divisions of a disk used to define the storage space; and volumes, contained inside partitions, are used to define how the individual files and folders are saved to the storage.
What are the two primary partition schemes for Mac- formatted disks? What are their differences?
GUID Partition Table is the default partition scheme on Intel- based Mac computers, and Apple Partition Map is the default partition scheme on PowerPC-based Mac computers.
What two volume formats are supported for an OS X system volume?
The volume formats supported as system volumes for OS X are Mac OS Extended (Journaled) and Mac OS Extended (Journaled, Encrypted).
How does file system journaling work?
File system journaling records which file operations are in progress at any given moment. This way, if a power failure or system crash occurs, after the system restarts, it will be able to quickly verify the integrity of the volume by “replaying” the journal.
What is Core Storage, and what two major OS X features are implemented via Core Storage?
Core Storage is a file system management layer that’s used by OS X to provide disk encryption as used by FileVault, and combine separate disks as used by Fusion Drive.
What are the four erase options available in Disk Utility? How are they all different?
The four erase options in Disk Utility are:
• Fastest, which simply replaces the volume’s directory
structure
• A second choice, which provides good security by writing zeroes on top of all the previous disk data
• A third choice, which provides even better security by writing three separate passes of information on top of the previous disk data
• Most Secure, which provides the best security by writing seven separate passes of information on top of the previous disk data
How does the Secure Empty Trash feature in Finder work?
Secure Empty Trash will perform a 7-pass erase on the contents of the Trash folder.
How can you ensure that previously deleted items are securely erased?
From the Erase tab in Disk Utility, you can choose to securely erase the free space of a disk or volume. This securely erases any previously deleted files on the selected disk or volume.
How can you encrypt a disk without losing its contents?
From the Finder, you can encrypt a disk without losing its contents by secondary (or Control-) clicking the disk and choosing Encrypt from the shortcut menu.
What four methods can be used to eject a volume or disk
from the Finder?
The four methods used to eject a volume or disk from the Finder are:
• Drag the disk icon to the Trash in the Dock
• Press and hold the Eject key for a few moments to
unmount and eject optical media
• Select the volume you want to eject and choose Eject from the File menu
• In the Finder sidebar, click the small Eject button next to the volume you want to unmount and eject
What’s the potential side effect of improperly unmounting or ejecting a disk or volume?
Improperly unmounting or ejecting a drive or volume may cause data corruption. The system automatically verifies and repairs an improperly unmounted or ejected volume the next time it becomes available to the Mac.
How does FileVault protect a user’s data?
FileVault protects the entire system volume and all its data by using strong XTS-AES 128 encryption. During system startup, a FileVault-enabled user must enter a password to decrypt the system volume.
What are the system requirements for using FileVault?
To enable FileVault, OS X systems must have the hidden OS X Recovery HD volume on the system disk. Also, any Legacy FileVault accounts must be decrypted and returned to normal accounts before FileVault can be enabled.
Which users are allowed to unlock a FileVault-protected system?
Any user who’s FileVault enabled is allowed to unlock a FileVault-protected system. This includes any local or cached network user account that was enabled when FileVault 2 was set up or created after FileVault 2 was enabled. Further, administrators may return to Security & Privacy preferences to enable additional accounts.
How can you unlock a FileVault-protected system when all user accounts have lost their passwords?
A FileVault-protected system can be unlocked using the recovery key that was generated during the FileVault setup
process. This key can be entered during system startup and will allow you to reset the user’s account password.