Table 6-14 Recommended Preventive Maintenance Tasks in Windows

↑

▷ Содержание

⇐ ПредыдущаяСтр 32 из 54Следующая ⇒

Patch manage- Roll out new updates only ment after testing on a variety of supported systems in your

organization.

Use the Windows Server Update Service (WSUS) on Windows Server 2003 SP2 or later to manage rollout of patch updates.

Image backup Guard against loss of a

bootable system.

In Windows XP, use a third-party utility; Windows Vista Business and Ultimate can use Complete PC Backup; Windows 7 uses Backup and Restore.

System restore Revert to a previous (and

hopefully more stable)

environment if the current

environment is unstable.

Run from Control Panel; in Windows Vista and 7, can also be run from Windows Recovery Environment (Windows RE) bootable CD or disk partition.

128 CompTIA A+ Quick Reference

Operating System Security Settings

Windows includes several types of security settings, including users and groups, NTFS permis-sions, share (networking) permissions, system files and folders, and user authentication methods. To review the essentials, see the following sections.

Users and Groups

Windows XP, Vista, and 7 enable you to assign access rights to users by placing each user into one of the following groups:

Administrator —The most powerful group, administrators have complete access to allsystem functions and access to any user’s data on an NTFS volume. In Windows Vista and 7, administrators can bypass User Account Control (UAC) prompts by clicking through the prompts.

Power Users —Power Users can modify computerwide settings, run legacy apps, installprograms that don’t change OS files or install system services, customize systemwide resources, create and manage local users and accounts, and stop and start system services not started by default. Windows Vista and 7 do not include this group, and are treated as standard users unless you create a custom security template for their use.

Standard Users —For security, it is recommended to have all users who don’t need admin-istrator-level access in this group (known as Users in Windows XP). These users are not allowed to make systemwide changes to the computer’s configuration (but they can modify their own account settings). In Windows Vista and 7, standard users can provide the pass-word of the computer’s administrator to bypass UAC and make changes needed.

Guest Account —The guest account is designed to permit guests (temporary users) accessto the system, but they can’t install software or hardware, change settings, or create a pass-word.

NTFS Permissions

Windows XP, Vista, and 7 support two types of access control to files and folders: NTFS permis-sions (enabled through the Security tab on a folder or file’s properties sheet) and Share permis-sions for networking. NTFS permissions are available only on drives formatted with NTFS, and (on Windows XP) only if Simple File Sharing has been disabled.

The Security tab (Figure 6-13) enables you to control access to the selected file or folder by allow-ing or denying permissions shown to selected users or groups:

Full Control —Enables any and all changes to a file, including deletion. Modify —File can be modified.

Read & Execute —File can be read and executed. Read —File can be read.

Chapter 6: Operating Systems 129

Write —File can be overwritten.

List Folder Contents —When viewing the permissions of a folder, this additional permis-sion is listed. It allows the user to view what is inside the folder.

Figure 6-13 The Security tab for a folder.

The Security tab has two sections. The top section shows the users and groups that have access to the selected file or folder. You can add or remove groups or users. The bottom section lets you specify the permissions available for the selected user or group.

To be able to copy a file or folder from one NTFS folder to another, you must have read permis-sion for the source folder and write permission for the destination folder. The copy inherits the permissions of the destination file or folder.

To be able to move a file or folder from one NTFS folder to another, you must have write and modify permissions for both source and destination folders. The moved item inherits the permis-sions of the source file or folder.

File attributes also control file access, and work with both drives formatted with either NTFS or FAT. Table 6-15 outlines the four file attributes, which can be seen on the General tab for a file or folder’s properties or by using the command prompt command dir /a followed by the letter listed below in Table 6-15 (dir /ar and so forth).

130 CompTIA A+ Quick Reference

Table 6-15 File Attributes

Share Permissions

You can specify share permissions for networking via the Sharing tab on the file or folder’s prop-erties sheet. Click Share to specify users and permission levels:

Owner is the creator of the file.

Read/write permission allows file read, change, delete. Read allows file read and copying.

Share permissions supersede NTFS permissions.

System Files and Folders

System files and folders are those essential to Windows startup. By default, Windows XP and later editions do not display system files and folders in Windows Explorer or from the command line. You can change the default file-viewing options for Windows Explorer to display system files and folders.

User Authentication

Windows supports single sign on network user authentication using Kerberos user authentication, but it is not enabled by default. It must be enabled through security policies by running gpedit.msc. Many different encryption options are available for Kerberos user authentication, and the server and client must be configured to use the same options.

Chapter 6: Operating Systems 131

Client-Side Virtualization

Virtual machines enable computers to run more than one operating system at the same time. For example, you can run Windows XP inside a window from a host computer running Windows 7 Professional or Ultimate editions. Benefits of virtualization include the following:

The ability to run older programs inside their intended operating system

Running different tasks at the same time on a computer to accomplish more in a given time-frame

Using more computing power in the same space

Reducing costs by replacing separate computers with virtual machines, eliminating duplica-tion of peripheral devices (mice, keyboards, displays) VMs do not need, and reducing cool-ing requirements (fewer PCs put out less heat)

Creating a safe “sandbox” for testing applications and procedures

Познавательные статьи:



Где возникла философия и почему?

Относительная высота сжатой зоны бетона

Сущность проекции Гаусса-Крюгера и использование ее в геодезии

Тарифы на перевозку пассажиров