Table 6-14 Recommended Preventive Maintenance Tasks in Windows
| Task | Benefit | How to Perform |
| Scheduled disk | Find and correct drive | Use Check Now on the Tools tab for |
| check | problems before they cor- | drive properties; select option to schedule |
| rupt data. | on next startup or use Task Scheduler. | |
| Scheduled | Fragmented files take lon- | Use Defragment Now on Tools tab |
| defragmentation | ger to load and slow down | of drive properties; click Configure |
| the system. | Schedule. | |
| Windows | Updates to Windows and | Run Windows Update from the Control |
| update | Microsoft applications | Panel and select Change Settings to con- |
| solve problems and might | figure. | |
| add new features. |
Patch manage- Roll out new updates only ment after testing on a variety of supported systems in your
organization.
Use the Windows Server Update Service (WSUS) on Windows Server 2003 SP2 or later to manage rollout of patch updates.
| Driver/firmware | Updates fix bugs and might | Driver updates can come through Windows |
| updates | improve performance; | Update or by manual download; firmware |
| firmware updates can also | updates can be downloaded manually or | |
| add support for new tech- | installed through Windows System Center | |
| nologies. | Configuration Manager 2007 or later. | |
| Antivirus | Updates improve virus | Updates for Microsoft antivirus programs |
| updates | detection and removal. | can be installed via Windows Update; for |
| third-party programs, use the programs’ | ||
| own update routes. | ||
| File backup | Guard against loss of | In Windows XP, use NTBackup or |
| important files. | the Backup Wizard for file backup; in | |
| Windows Vista, use File Backup; in | ||
| Windows 7, use Backup and Restore. |
Image backup Guard against loss of a
bootable system.
In Windows XP, use a third-party utility; Windows Vista Business and Ultimate can use Complete PC Backup; Windows 7 uses Backup and Restore.
System restore Revert to a previous (and
hopefully more stable)
environment if the current
environment is unstable.
Run from Control Panel; in Windows Vista and 7, can also be run from Windows Recovery Environment (Windows RE) bootable CD or disk partition.
128 CompTIA A+ Quick Reference
Operating System Security Settings
Windows includes several types of security settings, including users and groups, NTFS permis-sions, share (networking) permissions, system files and folders, and user authentication methods. To review the essentials, see the following sections.
Users and Groups
Windows XP, Vista, and 7 enable you to assign access rights to users by placing each user into one of the following groups:
Administrator—The most powerful group, administrators have complete access to allsystem functions and access to any user’s data on an NTFS volume. In Windows Vista and 7, administrators can bypass User Account Control (UAC) prompts by clicking through the prompts.
Power Users—Power Users can modify computerwide settings, run legacy apps, installprograms that don’t change OS files or install system services, customize systemwide resources, create and manage local users and accounts, and stop and start system services not started by default. Windows Vista and 7 do not include this group, and are treated as standard users unless you create a custom security template for their use.
Standard Users—For security, it is recommended to have all users who don’t need admin-istrator-level access in this group (known as Users in Windows XP). These users are not allowed to make systemwide changes to the computer’s configuration (but they can modify their own account settings). In Windows Vista and 7, standard users can provide the pass-word of the computer’s administrator to bypass UAC and make changes needed.
Guest Account—The guest account is designed to permit guests (temporary users) accessto the system, but they can’t install software or hardware, change settings, or create a pass-word.
NTFS Permissions
Windows XP, Vista, and 7 support two types of access control to files and folders: NTFS permis-sions (enabled through the Security tab on a folder or file’s properties sheet) and Share permis-sions for networking. NTFS permissions are available only on drives formatted with NTFS, and (on Windows XP) only if Simple File Sharing has been disabled.
The Security tab (Figure 6-13) enables you to control access to the selected file or folder by allow-ing or denying permissions shown to selected users or groups:
Full Control—Enables any and all changes to a file, including deletion.Modify—File can be modified.
Read & Execute—File can be read and executed.Read—File can be read.
Chapter 6: Operating Systems 129
Write—File can be overwritten.
List Folder Contents—When viewing the permissions of a folder, this additional permis-sion is listed. It allows the user to view what is inside the folder.
Figure 6-13 The Security tab for a folder.
The Security tab has two sections. The top section shows the users and groups that have access to the selected file or folder. You can add or remove groups or users. The bottom section lets you specify the permissions available for the selected user or group.
To be able to copy a file or folder from one NTFS folder to another, you must have read permis-sion for the source folder and write permission for the destination folder. The copy inherits the permissions of the destination file or folder.
To be able to move a file or folder from one NTFS folder to another, you must have write and modify permissions for both source and destination folders. The moved item inherits the permis-sions of the source file or folder.
File attributes also control file access, and work with both drives formatted with either NTFS or FAT. Table 6-15 outlines the four file attributes, which can be seen on the General tab for a file or folder’s properties or by using the command prompt command dir /a followed by the letter listed below in Table 6-15 (dir /ar and so forth).
130 CompTIA A+ Quick Reference