MCTS 70-620 Exam Prep: Microsoft Windows Vista Client Configuring [Exam Prep Series]

MCTS 70-620 Microsoft Windows Vista™, Configuring ® Donald Poulton MCTS 70-620 Exam Prep: Microsoft® Windows Vista™,...

Author: Don Poulton

91 downloads 980 Views 15MB Size Report

This content was uploaded by our users and we assume good faith they have the permission to share this book. If you own the copyright to this book and it is wrongfully on our website, we offer a simple DMCA procedure to remove your content from our site. Start by pressing the button below!

Report copyright / DMCA form

DOWNLOAD PDF

MCTS 70-620 Microsoft Windows Vista™, Configuring ®

Donald Poulton

MCTS 70-620 Exam Prep: Microsoft® Windows Vista™, Configuring Copyright © 2008 by Que Publishing All rights reserved. No part of this book shall be reproduced, stored in a retrieval system, or transmitted by any means, electronic, mechanical, photocopying, recording, or otherwise, without written permission from the publisher. No patent liability is assumed with respect to the use of the information contained herein. Although every precaution has been taken in the preparation of this book, the publisher and author assume no responsibility for errors or omissions. Nor is any liability assumed for damages resulting from the use of the information contained herein. ISBN-13: 978-0-7897-3687-1 ISBN-10: 0-7897-3687-x Library of Congress Cataloging-in-Publication Data Poulton, Don. MCTS 70-620 exam prep : Microsoft Windows Vista client, configuring / Donald Poulton. — 1st ed. p. cm. ISBN 978-0-7897-3687-1 (pbk. w/cd) 1. Electronic data processing personnel—Certification. 2. Microsoft software—Examinations— Study guides. 3. Microsoft Windows (Computer file) I. Title. QA76.3.P665 2008 005.4’46—dc22 2007035980 Printed in the United States of America First Printing: October 2007

Trademarks All terms mentioned in this book that are known to be trademarks or service marks have been appropriately capitalized. Que Publishing cannot attest to the accuracy of this information. Use of a term in this book should not be regarded as affecting the validity of any trademark or service mark. Microsoft is a registered trademark of Microsoft Corporation. Windows Vista is a trademark of Microsoft Corporation.

Warning and Disclaimer Every effort has been made to make this book as complete and as accurate as possible, but no warranty or fitness is implied. The information provided is on an “as is” basis. The author and the publisher shall have neither liability nor responsibility to any person or entity with respect to any loss or damages arising from the information contained in this book or from the use of the CD or programs accompanying it.

Bulk Sales Que Publishing offers excellent discounts on this book when ordered in quantity for bulk purchases or special sales. For more information, please contact U.S. Corporate and Government Sales 1-800-382-3419 [email protected] For sales outside the United States, please contact International Sales [email protected]

Publisher Paul Boger Associate Publisher David Dusthimer Acquisitions Editor Betsy Brown Development Editor Dayna Isley Managing Editor Patrick Kanouse Senior Project Editor Tonya Simpson Copy Editor Language Logistics, LLC Indexer JBIndexing Proofreader Paula Lowell Technical Editor Chris Crayton Publishing Coordinator Vanessa Evans Book Designer Gary Adair

Contents at a Glance Introduction

1

Objectives Quick Reference

5

Study and Exam Preparation Tips

7

Part I: Exam Preparation CHAPTER 1 Introducing Windows Vista

29

CHAPTER 2 Installing Windows Vista

55

CHAPTER 3 Upgrading to Windows Vista

127

CHAPTER 4 Configuring and Troubleshooting Post-Installation System Settings

155

CHAPTER 5 Configuring Windows Security Features

225

CHAPTER 6 Configuring Network Connectivity

301

CHAPTER 7 Configuring Applications Included with Windows Vista

385

CHAPTER 8 Maintaining and Optimizing Systems That Run Windows Vista

465

CHAPTER 9 Configuring and Troubleshooting Mobile Computing

541

Part II: Final Review Fast Facts

601

Practice Exam

651

Practice Exam Answers

677

Part III: Appendixes What’s on the CD-ROM

691

Glossary

695

Index

715

Table of Contents Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 How This Book Helps You . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 Organization. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 Instructional Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 Extensive Practice Test Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 Final Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 Microsoft 70-620 Exam Objectives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 TS: Microsoft Windows Vista Client, Configuring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Exam Description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Exam Objectives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Study and Exam Preparation Tips . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 Learning Styles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 Study Tips . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 Study Strategies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 Pretesting Yourself. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 Exam Prep Tips . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 MCP Exam Design . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 Exam Formats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 Question Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 Putting It All Together . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 Final Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25 Part I: Exam Preparation CHAPTER 1

Introducing Windows Vista. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31 About Windows Vista . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31 The History of Windows . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31 Windows Vista Editions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33 Features. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35

A Quick Tour of Windows Vista . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39 Patches, Hotfixes, and Service Packs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52 Summary. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53 Key Terms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53 Suggested Readings and Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53 CHAPTER 2

Installing Windows Vista . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58 Preparing for Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58 Identifying Hardware Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60 Hardware Compatibility. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61 Software Compatibility. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62 Network Requirements. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64 File System Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69 Product Activation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70 Performing a Clean Installation of Windows Vista . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71 Performing an Attended Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72 Performing an Unattended Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78 Installing Windows Vista by Using the System Preparation Tool (Sysprep) . . . 85 Deploying an Image with Sysprep . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87 Installing Windows Vista by Using Windows Deployment Services (WDS) . . . 90 Troubleshooting Windows Vista Installation Issues. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92 Troubleshooting Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93 Troubleshooting an Attended Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95 Troubleshooting an Unattended Installation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104 Troubleshooting Failed Installations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 108 Installing and Configuring Windows Vista Drivers . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111 Managing and Troubleshooting Drivers and Driver Signing . . . . . . . . . . . . . . . 111 Using Windows Vista Rollback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114 Summary. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115 Key Terms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116 Apply Your Knowledge. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116 Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117 Exam Questions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118 Answers to Exam Questions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122 Suggested Readings and Resources. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125

vi

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring CHAPTER 3

Upgrading to Windows Vista . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130 Upgrading to Windows Vista from a Previous Version of Windows . . . . . . . . . . . . . 130 Preparing a Computer to Meet Upgrade Requirements . . . . . . . . . . . . . . . . . . . 131 Upgrading the Computer to Windows Vista . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135 Dual-Booting Windows Vista . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138 Upgrading from One Edition of Windows Vista to Another . . . . . . . . . . . . . . . . . . . . 140 Windows Anytime Upgrade. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141 Upgrading Windows Vista . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141 Performing Post-Installation Updates and Product Activation . . . . . . . . . . . . . . . . . . 143 Installing Updates and Hotfixes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145 Managing Automatic Updates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146 Summary. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148 Key Terms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148 Apply Your Knowledge. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148 Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149 Exam Questions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150 Answers to Exam Questions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 152 Suggested Readings and Resources. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153 CHAPTER 4

Configuring and Troubleshooting Post-Installation System Settings . . . . . . . . . . . . . . . . . . . . . 155 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 158 Troubleshooting Post-Installation Configuration Issues . . . . . . . . . . . . . . . . . . . . . . . . 158 Troubleshooting Startup Issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 158 Using Alternative Startup Strategies. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162 Troubleshooting Hardware Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167 Configuring Application Compatibility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 178 Windows Easy Transfer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 180 Configuring and Troubleshooting Windows Aero . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 184 Understanding Windows Presentation Foundation . . . . . . . . . . . . . . . . . . . . . . . 186 Understanding Hardware Requirements for Running Aero . . . . . . . . . . . . . . . . 186 Configuring Desktop Schemes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 187 Troubleshooting Aero . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188 Configuring Windows Vista Start Menu and Taskbar . . . . . . . . . . . . . . . . . . . . . 191

vii

Contents

Configuring and Troubleshooting Parental Controls . . . . . . . . . . . . . . . . . . . . . . . . . . 194 Configuring Various Types of Restrictions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 195 Configuring Activity Reports. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 199 Configuring Windows Internet Explorer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 200 Configuring Tabbed Browsing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 201 Blocking Pop-ups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 204 Customizing Internet Explorer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 206 Summary. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 213 Key Terms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 213 Apply Your Knowledge. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 214 Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 214 Exam Questions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 217 Answers to Exam Questions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 220 Suggested Readings and Resources. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 223 CHAPTER 5

Configuring Windows Security Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 225 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 228 Local User and Group Accounts. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 229 Managing User Accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 230 Managing Local Group Accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 234 Belonging to a Windows Server Domain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 236 Configuring and Troubleshooting User Account Control . . . . . . . . . . . . . . . . . . . . . . 238 Features of User Account Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 239 Configuring User Account Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 244 User Account Control Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 246 Configuring Windows Defender . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 250 Scanning for Malicious Software. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 251 Configuring Dynamic Security for Internet Explorer 7 . . . . . . . . . . . . . . . . . . . . . . . . 259 Configuring Internet Explorer Zones . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 259 Configuring Protected Mode in Internet Explorer . . . . . . . . . . . . . . . . . . . . . . . 261 Configuring Content Advisor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 262 Configuring the Phishing Filter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 266 Understanding Advanced Security Options. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 268

viii

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring

Configuring Security Settings in Windows Firewall . . . . . . . . . . . . . . . . . . . . . . . . . . . 273 Configuring Windows Firewall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 274 Configuring Group Policy and Windows Firewall. . . . . . . . . . . . . . . . . . . . . . . . 282 Summary. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 284 Key Terms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 284 Apply Your Knowledge. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 285 Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 285 Exam Questions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 288 Answers to Exam Questions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 295 Suggested Readings and Resources. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 298 CHAPTER 6

Configuring Network Connectivity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 301 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 305 Understanding the TCP/IP Protocol. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 305 Features of TCP/IP Version 4. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 307 Features of TCP/IP Version 6. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 313 Configuring Networking by Using the Network and Sharing Center . . . . . . . . . . . . 316 Using the Network and Sharing Center to Configure TCP/IP. . . . . . . . . . . . . 317 Using the Network and Sharing Center to Configure File Sharing . . . . . . . . . 325 Managing Wireless Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 332 Configuring and Troubleshooting Internet Connection Sharing . . . . . . . . . . . 340 Troubleshooting Connectivity Issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 343 Troubleshooting LAN Connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 343 Using TCP/IP Utilities to Troubleshoot TCP/IP . . . . . . . . . . . . . . . . . . . . . . . . 345 Troubleshooting Wireless Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 350 Troubleshooting Hardware and Modem Problems . . . . . . . . . . . . . . . . . . . . . . . 351 Configuring Remote Access. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 354 Understanding Remote Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 355 Using a VPN Connection to Connect to Computers . . . . . . . . . . . . . . . . . . . . . 359 Connecting to the Internet by Using Dial-Up Networking . . . . . . . . . . . . . . . 361 Remote Desktop . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 362 Remote Assistance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 365 Summary. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 368

ix

Contents

Key Terms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 368 Apply Your Knowledge. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 368 Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 370 Exam Questions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 373 Answers to Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 379 Answers to Exam Questions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 379 Suggested Readings and Resources. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 382 CHAPTER 7

Configuring Applications Included with Windows Vista. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 385 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 389 Configuring and Troubleshooting Media Applications . . . . . . . . . . . . . . . . . . . . . . . . . 389 Windows Media Center . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 389 Windows Media Player. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 394 Windows Photo Gallery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 408 Windows Movie Maker and Windows DVD Maker . . . . . . . . . . . . . . . . . . . . . . 412 Configuring Windows Mail. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 414 Configuring Mail Accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 415 Managing Email Accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 417 Configuring Mail Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 419 Configuring Mail Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 425 Configuring Windows Meeting Space . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 430 Setting Up Windows Meeting Space . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 431 Running Meetings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 433 Sharing Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 435 Configuring Windows Calendar . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 437 Navigating Windows Calendar . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 438 Managing Tasks and Appointments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 439 Using Multiple Calendars . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 441 Sharing Calendars . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 443 Configuring Windows Fax and Scan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 444 Fax Accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 445 Sending and Receiving Faxes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 446 Scanning Documents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 448 Configuring Windows Sidebar . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 448 Windows Sidebar Gadgets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 449

x

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring

Summary. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 452 Key Terms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 452 Apply Your Knowledge. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 453 Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 453 Exam Questions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 457 Answers to Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 461 Answers to Exam Questions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 462 Suggested Readings and Resources. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 464 CHAPTER 8

Maintaining and Optimizing Systems That Run Windows Vista . . . . . . . . . . . . . . . . . . . . . . . . . 465 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 468 Troubleshooting Performance Issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 468 Reliability and Performance Monitor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 468 Command-Line Utilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 485 New Vista Technologies for Enhancing System Performance . . . . . . . . . . . . . . 486 Troubleshooting Reliability Issues by Using Built-in Diagnostic Tools . . . . . . . . . . . 489 System Configuration Utility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 489 Task Manager. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 492 Event Viewer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 496 Configuring Windows Update . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 501 Working with Windows Update . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 502 Using a WSUS Server with Windows Vista . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 504 Windows Update Group Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 504 Configuring Data Protection. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 507 Using Windows Backup to Protect Your Data . . . . . . . . . . . . . . . . . . . . . . . . . . . 508 Data Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 515 BitLocker Drive Encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 521 Summary. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 527 Key Terms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 528 Apply Your Knowledge. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 528 Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 529 Exam Questions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 530 Answers to Exam Questions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 536 Suggested Readings and Resources. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 539

xi

Contents CHAPTER 9

Configuring and Troubleshooting Mobile Computing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 541 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 544 Configuring Mobile Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 544 Mobile PC Control Panel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 544 Windows Mobility Center . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 545 Networking with Mobile Computers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 547 Configuring Infrared Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 555 Configuring Mobile Display Settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 556 Presentation Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 556 Using a Networked Projector . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 558 External Monitors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 560 Windows SideShow. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 561 Configuring Tablet PC Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 564 Tablet PC Settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 565 Tablet PC Input Panel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 567 The Snipping Tool . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 575 Touch Screen Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 575 Configuring Power Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 576 Power Plans . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 577 Battery Meter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 581 Power Management and Group Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 583 Summary. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 586 Key Terms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 587 Apply Your Knowledge. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 587 Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 588 Exam Questions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 590 Answers to Exam Questions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 594 Suggested Readings and Resources. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 596 Part II: Final Review Fast Facts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 601 Introducing Windows Vista . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 602 Installing Windows Vista . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 604 Upgrading to Windows Vista . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 608 Configuring and Troubleshooting Post-Installation System Settings . . . . . . . . . . . . . 610

xii

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring

Configuring Windows Security Features. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 618 Configuring Network Connectivity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 625 Configuring Applications Included with Windows Vista . . . . . . . . . . . . . . . . . . . . . . . 635 Monitoring and Optimizing System Performance and Reliability. . . . . . . . . . . . . . . . 641 Configuring and Troubleshooting Mobile Computing . . . . . . . . . . . . . . . . . . . . . . . . . 648 Practice Exam . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 651 Answers to Practice Exam . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 677 Part III: Appendixes What’s on the CD-ROM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 691 Multiple Test Modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 691 Study Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 691 Certification Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 691 Custom Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 692 Attention to Exam Objectives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 692 Installing the CD. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 692 Creating a Shortcut to the MeasureUp Practice Tests. . . . . . . . . . . . . . . . . . . . . . . . . . 693 Technical Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 694 Glossary. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 695 Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 715

About the Author Don Poulton (A+, Network+, Security+, MCSA, MCSE) is an independent consultant who has been involved with computers since the days of 80-column punch cards. After a career of more than 20 years in environmental science, Don switched careers and trained as a Windows NT 4.0 MCSE. He has been involved in consulting with a couple of small training providers as a technical writer, during which time he wrote training and exam prep materials for Windows NT 4.0, Windows 2000, and Windows XP. Don has written or contributed to several titles, including Security+ Lab Manual (Que, 2004), MCSA/MCSE 70-299 Exam Cram 2: Implementing and Administering Security in a Windows 2003 Network (Exam Cram 2) (Que, 2004), and MCSE 70-294 Exam Prep: Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure (Que, 2006). In addition, he has worked on programming projects, both in his days as an environmental scientist and, more recently, with Visual Basic to update an older statistical package used for multivariate analysis of sediment contaminants. When not working on computers, Don is an avid amateur photographer who has had his photos displayed in international competitions and published in magazines such as Michigan Natural Resources Magazine and National Geographic Traveler. Don also enjoys traveling and keeping fit. Don lives in Burlington, Ontario, with his wife Terry.

About the Technical Reviewer Chris Crayton is a technical consultant, security consultant, and trainer. Formerly he worked as a networking instructor at Keiser College and as a network administrator for Protocol, an electronic customer relationship management (eCRM) company. Chris has authored several print and online books, including Microsoft Windows Vista 70-620 Exam Guide Short Cut (O’Reilly, 2007), CompTIA A+ Essentials 220-601 Exam Guide Short Cut (O’Reilly, 2007), A+ Adaptive Exams (Charles River Media, 2002), and The Security+ Exam Guide (Charles River Media, 2003). He holds MCSE, MCP+I, A+ and Network+ certifications.

Dedication I would like to dedicate this work to my grandson, Nolan, whose great smile and “always-happy” disposition will carry him far in his life’s journeys. —Don Poulton

Acknowledgments I would like to thank the staff at Que Publishing, in particular, Betsy Brown, who guided me throughout the progress of the work, Dayna Isley, who provided many helpful suggestions for improving the manuscript, and Tonya Simpson, who guided the manuscript through the production process. I am also indebted to Chris Crayton for his technical comments, which proved very helpful in completing this project. I would also like to thank my wife, Terry, for standing by me during the hours I had to devote to completing this work.

We Want to Hear from You! As the reader of this book, you are our most important critic and commentator. We value your opinion and want to know what we’re doing right, what we could do better, what areas you’d like to see us publish in, and any other words of wisdom you’re willing to pass our way. As an acquisitions editor for Que Publishing, I welcome your comments. You can email or write me directly to let me know what you did or didn’t like about this book—as well as what we can do to make our books better. Please note that I cannot help you with technical problems related to the topic of this book. We do have a User Services group, however, where I will forward specific technical questions related to the book. When you write, please be sure to include this book’s title and author as well as your name, email address, and phone number. I will carefully review your comments and share them with the author and editors who worked on the book. Email: [email protected] Mail:

Betsy Brown Acquisitions Editor Que Publishing 800 East 96th Street Indianapolis, IN 46240 USA

Reader Services Visit our website and register this book at www.examcram.com/title/9780789736871 for convenient access to any updates, downloads, or errata that might be available for this book.

This page intentionally left blank

Introduction MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring is designed for network administrators, network engineers, and consultants who are pursuing the Microsoft Certified Technology Specialist (MCTS) or Microsoft Certified IT Professional (MCITP) certifications for Windows Vista. This book covers the “TS: Microsoft Windows Vista, Configuring” exam (70-620), which earns you the Microsoft Certified Technology Specialist: Windows Vista, Configuration certification. The exam is designed to measure your skill and ability to implement, administer, and troubleshoot computers running all editions of Windows Vista. Microsoft not only tests you on your knowledge of the desktop operating system, but it has purposefully developed questions on the exam to force you to problem-solve in the same way that you would when presented with a real-life error. Passing this exam demonstrates your competency in administration. This book covers all the objectives that Microsoft has established for exam 70-620. It doesn’t offer end-to-end coverage of the Windows Vista system; instead, it helps you develop the specific core competencies that you need to master as a desktop support specialist. You should be able to pass the exam by learning the material in this book, without taking a class.

How This Book Helps You When anyone embarks on a certification track, the first thought is to get certified, put some letters after your name, strengthen your resume, and move on to the next step. Selecting a method of study for that certification often is a choice between a hands-on laboratory class of a few days or a self-study method pieced together with books and your own lab environment that is not bound by any time limits. Your choice depends on how you study best and what type of reference material you want available to you after you have passed the exam. This book gives you a self-guided tour of all the areas that are covered by the “TS: Microsoft Windows Vista, Configuring” exam. The goal is to teach you the specific skills you need to achieve your MCTS certification. You’ll also find helpful hints, tips, examples, exercises, and references to additional study materials.

Organization This book is organized around the individual objectives from Microsoft’s preparation guide for the “TS: Microsoft Windows Vista, Configuring” exam. Every objective is covered in this book. The objectives are not covered in exactly the same order in which you’ll find them in

2

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring

the official preparation guide (which you can download from www.microsoft.com/ learning/exams/70-620.asp), but they are reorganized for more logical teaching. We have also tried to make the information more accessible in several ways: . This introduction includes the full list of exam topics and objectives. . The “Study and Exam Preparation Tips” section helps you develop study strategies. It

also provides you with valuable exam-day tips and information. You should read it early on. . Each chapter starts with a list of objectives that are covered in that chapter. . Each chapter also begins with an outline that provides an overview of the material for

that chapter as well as the page numbers where specific topics can be found. . Each objective is repeated in the text, where it is covered in detail.

Instructional Features This book is designed to provide you with multiple ways to learn and reinforce the exam material. Here are some of the instructional features you’ll find inside: . Objective explanations—As mentioned previously, each chapter begins with a list of the

objectives covered in the chapter. In addition, immediately following each objective is a detailed explanation that puts the objective in the context of the product. . Study strategies—Each chapter offers a selected list of study strategies: exercises to try

or additional material to read that will help you learn and retain the material in the chapter. . Exam alerts—Exam alerts appear in the chapters and provide specific exam-related

advice. Exam alerts address what material is likely to be covered (or not covered) on the exam, how to remember it, or particular exam quirks. . Review breaks and chapter summaries—Crucial information is summarized at various

points in the book, in lists of key points you need to remember. Each chapter ends with an overall summary of the material covered in that chapter as well. . Challenge exercises—Challenge exercises offer additional opportunities to practice the

material within a chapter and to learn additional facets of the topic at hand. . Key terms—A list of key terms appears at the end of each chapter. . Step by Steps—These are hands-on, tutorial instructions that lead you through a partic-

ular task or function related to the exam objectives.

3

Introduction . Exercises—Found at the end of each chapter in the “Apply Your Knowledge” section,

the exercises include additional tutorial material and more chances to practice the skills that you learned in the chapter.

Extensive Practice Test Options The book provides numerous opportunities for you to assess your knowledge and practice for the exam. The practice options include the following: . Exam questions—These questions appear in the “Apply Your Knowledge” section. They

reflect the kinds of multiple-choice questions that appear on the Microsoft exams. You should use them to practice for the exam and to help determine what you know and what you might need to review or study further. Answers and explanations are provided later in the section. . Practice Exam—The “Final Review” section includes a complete exam that you can use

to practice for the real thing. The “Final Review” and the Practice Exam are discussed in more detail in the next section. . MeasureUp—The MeasureUp software included on the CD-ROM provides additional

practice questions.

Final Review The “Final Review” section of the book provides two valuable tools for preparing for the exam: . Fast Facts—This condensed version of the information contained in the book is

extremely useful for last-minute review. . Practice Exam—A full practice test for the exam is included in this book. Questions are

written in the style and format used on the actual exams. You should use the Practice Exam to assess your readiness for the real thing. Appendix A includes details about the content of the CD-ROM, and a glossary defines terms used throughout the book. These and all the other book features mentioned previously will provide you with thorough preparation for the exam.

4

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring

For more information about the exam or the certification process, you should contact Microsoft directly: By email: [email protected] By regular mail, telephone, or fax, contact the Microsoft Regional Service Center (RSC) nearest you. You can find lists of RSCs at www.microsoft.com/learning/support/northamerica.asp (for North America) and www.microsoft.com/learning/support/worldsites.mspx (worldwide). On the Internet: www.microsoft.com/learning/default.asp

TIP There’s no substitute for experience The single best study tip that anyone can give you is to actually work with the product that you’re learning! Even if you could become a “paper MCSE” simply by reading books, you wouldn’t get the real-world skills that you need to experience success with Windows Vista.

Microsoft 70-620 Exam Objectives TS: Microsoft Windows Vista, Configuring Exam Number: 70-620 Associated Certifications: MCTS: Windows Vista, Configuration Length: 50 questions, including simulations

Exam Description The TS: Microsoft Windows Vista, Configuring exam is designed to measure your skill in supporting all editions of Windows Vista on home and enterprise networks. Each top-level exam objective is related to a job skill that the candidate is expected to have and demonstrate.

Exam Objectives Exam 70-620 consists of the following seven objectives, each with several subobjectives.

NOTE The exam objectives are taken verbatim from the Microsoft Web page titled “Preparation Guide for Exam 70-620,” at http://www.microsoft.com/learning/exams/70-620.asp.

Installing and Upgrading Windows Vista

Troubleshoot Windows Vista installation

Identify hardware requirements.

Install and configure Windows Vista drivers.

Perform a clean installation.

Configuring and Troubleshooting Post-Installation System Settings

Upgrade to Windows Vista from previous versions of Windows. Upgrade from one edition of Windows Vista to another edition.

issues.

Troubleshoot post-installation configuration issues. Configure and troubleshoot Windows Aero.

Continues on Following Page

Exam Objectives Continued

Configure and troubleshoot parental controls. Configure Windows Internet Explorer.

Maintaining and Optimizing Systems That Run Windows Vista

Configuring Windows Security Features

Troubleshoot performance issues.

Configure and troubleshoot User Account

in diagnostic tools.

Control.

Configure Windows Update.

Configure Windows Defender.

Configure Data Protection.

Configure Dynamic Security for Internet Explorer 7.

Configuring and Troubleshooting Mobile Computing

Configure security settings in Windows

Configure Mobile Display Settings.

Firewall.

Configuring Network Connectivity Configuring networking by using the Network and Sharing Center. Troubleshoot connectivity issues. Configure Remote Access.

Configuring Applications Included with Windows Vista Configure and troubleshoot media applications. Configure Windows Mail. Configure Windows Meeting Space. Configure Windows Calendar. Configure Windows Fax and Scan. Configure Windows Sidebar.

Troubleshoot reliability issues by using built-

Configure Mobile Devices. Configure Tablet PC. Configure Power Options.

Study and Exam Preparation Tips It’s a rush of adrenaline during the final day before an exam. If you’ve scheduled the exam on a workday, or following a workday, you will find yourself cursing the tasks you normally cheerfully perform because the back of your mind is telling you to read just a bit more, study another scenario, practice another skill so that you will be able to get this exam out of the way successfully. The way that Microsoft has designed its tests lately does not help. I remember taking Microsoft exams many years ago and thoroughly understanding the term “paper certified.” Nowadays, you can’t get through a Microsoft exam without knowing the material so well that when confronted with a problem, whether a scenario or real-life situation, you can handle the challenge. Instead of trying to show the world how many MCSEs are out there, Microsoft is trying to prove how difficult it is to achieve a certification, including the newly created Microsoft Certified Technology Specialist (MCTS) and Microsoft Certified IT Professional (MCITP) as well as the MCSE and MCSA, thereby making those who are certified more valuable to their organizations. This element of the book provides you with some general guidelines for preparing for any certification exam, including Exam 70-620, TS: Microsoft Windows Vista, Configuring. It is organized into four sections. The first section addresses learning styles and how they affect preparation for the exam. The second section covers exam-preparation activities and general study tips. This is followed by an extended look at the Microsoft certification exams, including a number of specific tips that apply to the various Microsoft exam formats and question types. Finally, changes in Microsoft’s testing policies and how they might affect you are discussed.

8

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring

Learning Styles To best understand the nature of preparation for the test, it is important to understand learning as a process. You are probably aware of how you best learn new material. You might find that outlining works best for you, or as a visual learner, you might need to “see” things. Or as a person who studies kinesthetically, the hands-on approach might serve you best. Whether you need models or examples or just like exploring the interface, or whatever your learning style, solid test preparation works best when it takes place over time. Obviously, you shouldn’t start studying for a certification exam the night before you take it; it is very important to understand that learning is a developmental process. Understanding learning as a process helps you focus on what you know and what you have yet to learn. People study in a combination of different ways—by doing, by seeing, and by hearing and writing. This book’s design fulfills all three of these study methods. For the kinesthetic, there are hands-on study strategies listed at the beginning of each chapter. You will also discover “Challenge” exercises and “Step by Step” instructions that walk you through the skills you need to master in Windows Vista. The visual learner can find plenty of screen shots explaining the concepts described in the text. The auditory learner can reinforce skills by reading out loud and copying down key concepts and exam tips scattered throughout the book. Finally, the Fast Facts section enables everyone to brush up on the essentials and be wholly prepared when walking into the test center to take the exam. While reading this book, you will realize that it stands the test of time. You will be able to turn to it over and over again. Thinking about how you learn should help you recognize that learning takes place when you are able to match new information to old. You have some previous experience with computers and networking. Now you are preparing for this certification exam. Using this book, software, and supplementary materials will not just add incrementally to what you know; as you study, the organization of your knowledge actually restructures as you integrate new information into your existing knowledge base. This leads you to a more comprehensive understanding of the tasks and concepts outlined in the objectives and of computing in general. Again, this happens as a result of a repetitive process rather than a singular event. If you keep this model of learning in mind as you prepare for the exam, you will make better decisions concerning what to study and how much more studying you need to do.

Study Tips There are many ways to approach studying, just as there are many different types of material to study. However, the tips that follow should work well for the type of material covered on Microsoft certification exams.

9

Study and Exam Preparation Tips

Study Strategies Although individuals vary in the ways they learn information, some basic principles of learning apply to everyone. You should adopt some study strategies that take advantage of these principles. One of these principles is that learning can be broken into various depths. Recognition (of terms, for example) exemplifies a rather surface level of learning in which you rely on a prompt of some sort to elicit recall. Comprehension or understanding (of the concepts behind the terms, for example) represents a deeper level of learning than recognition. The ability to analyze a concept and apply your understanding of it in a new way represents further depth of learning. Your learning strategy should enable you to know the material at a level or two deeper than mere recognition. This will help you perform well on the exams. You will know the material so thoroughly that you can go beyond the recognition-level types of questions commonly used in fact-based multiple-choice testing. You will be able to apply your knowledge to solve new problems.

Macro and Micro Study Strategies One strategy that can lead to deep learning includes preparing an outline that covers all the objectives and subobjectives for the particular exam you are planning to take. You should delve a bit further into the material and include a level or two of detail beyond the stated objectives and subobjectives for the exam. Then you should expand the outline by coming up with a statement of definition or a summary for each point in the outline. An outline provides two approaches to studying. First, you can study the outline by focusing on the organization of the material. You can work your way through the points and subpoints of your outline, with the goal of learning how they relate to one another. For example, you should be sure you understand how each of the main objective areas for Exam 70-620 is similar to and different from another. Then you should do the same thing with the subobjectives; you should be sure you know which subobjectives pertain to each objective area and how they relate to one another. Next, you can work through the outline, focusing on learning the details. You should memorize and understand terms and their definitions, facts, rules and tactics, advantages and disadvantages, and so on. In this pass through the outline, you should attempt to learn detail rather than the big picture (the organizational information that you worked on in the first pass through the outline). Research has shown that attempting to assimilate both types of information at the same time interferes with the overall learning process. If you separate your studying into these two approaches, you will perform better on the exam.

10

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring

Active Study Strategies The process of writing down and defining objectives, subobjectives, terms, facts, and definitions promotes a more active learning strategy than merely reading the material does. In human information-processing terms, writing forces you to engage in more active encoding of the information. Simply reading over the information leads to more passive processing. Using this study strategy, you should focus on writing down the items that are highlighted in the book—bulleted or numbered lists, exam tips, notes, warnings, and review sections, for example. You need to determine whether you can apply the information you have learned by attempting to create examples and scenarios on your own. You should think about how or where you could apply the concepts you are learning. Again, you should write down this information to process the facts and concepts in an active fashion. The hands-on nature of the exercises at the end of each chapter provides further active learning opportunities that will reinforce concepts as well.

Common-Sense Strategies You should follow common-sense practices when studying: You should study when you are alert, reduce or eliminate distractions, and take breaks when you become fatigued.

Pretesting Yourself Pretesting allows you to assess how well you are learning. One of the most important aspects of learning is what has been called meta-learning. Meta-learning has to do with realizing when you know something well or when you need to study some more. In other words, you recognize how well or how poorly you have learned the material you are studying. For most people, this can be difficult to assess. Challenge exercises, practice questions, and practice tests are useful in that they reveal objectively what you have learned and what you have not learned. You should use this information to guide review and further studying. Developmental learning takes place as you cycle through studying, assessing how well you have learned, reviewing, and assessing again until you feel you are ready to take the exam. You might have noticed the practice exam included in this book. You should use it as part of the learning process. The MeasureUp test-simulation software included on this book’s CDROM also provides you with an excellent opportunity to assess your knowledge. You should set a goal for your pretesting. A reasonable goal would be to score consistently in the 90% range. See the element “What’s on the CD-ROM” near the back of the book for further explanation of the test-simulation software.

11

Study and Exam Preparation Tips

Exam Prep Tips After you have mastered the subject matter, the final preparatory step is to understand how the exam will be presented. Make no mistake: A Microsoft Certified Technology Specialist (MCTS) exam challenges both your knowledge and your test-taking skills. The following sections describe the basics of exam design and the exam formats, as well as provide hints targeted to each of the exam formats. Preparing for the 70-620 exam is a bit different than preparing for those old Microsoft exams, too. The following is a list of things that you should consider doing: . Combine your skill sets into solutions—In the past, exams would test whether you knew to

select the correct letter of a multiple choice answer. Today, you need to know how to resolve a problem that can involve different aspects of the material covered. For example, on exam 70-620 you could be presented with a problem that requires you to understand how to incorporate drivers in an unattended installation, as well as what errors you might see if you installed a computer that used a device driver incompatible with Windows Vista. The skills themselves are simple. Being able to zero in on what caused the problem and then to resolve it for a specific situation is what you need to demonstrate. In fact, you should not only be able to select one answer, but also multiple parts of a total solution. . Delve into excruciating details—The exam questions incorporate a great deal of informa-

tion in the scenarios. Some of the information is ancillary—it will help you rule out possible issues but not necessarily resolve the answer. Some of the information simply provides you with a greater picture, like you would have in real life. Some information is key to your solution. For example, you might be presented with a question that lists a computer’s hard disk size, memory size, and detailed hardware configuration. When you delve further into the question, you realize that the hardware configuration is the problem. Other times, you will find that the hardware configuration simply eliminates one or more of the answers that you could select. For example, a portable laptop does not support dynamic disks, so if the hardware configuration is a portable laptop and one of the answers is a dynamic disk configuration, you can eliminate it. If you don’t pay attention to what you can eliminate, the answer can elude you completely. And other times, the hardware configuration simply lets you know that the hardware is adequate. . TCP/IP troubleshooting is built right in—Because TCP/IP is a core technology to the

Windows Vista operating system, you are expected to know how to configure the operating system, how to recognize IP conflicts, and how to use the TCP/IP tools to troubleshoot the problem. Furthermore, Microsoft expects you to know how to work with the new version 6 of TCP/IP along with the traditional version 4 that has been used

12

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring

for many years. You should also be able to discern between an IP problem and something wrong with the OS or hardware, or even some combination that involves IP along with some other element. . It’s a GUI test—Microsoft has expanded its testing criteria into interface recognition.

You should be able to recognize each dialog box, properties sheet, option, and default. You will be tested on how to navigate the new interface—for example, the new Aero and Aero Glass desktop themes used by Windows Vista and the Category View shown in Control Panel. If you have reverted your Windows Vista desktop to the Windows Classic theme and you have not yet learned the new interface, you might end up selecting answers that are deliberately placed to confuse a person used to the old Windows desktop. Of course, if you know the difference between the two, you’ll be able to spot the old ones and avoid them. . Practice with a time limit—The tests have always been time restricted, but it takes more

time to read and understand the scenarios now, and time is a whole lot tighter. To get used to the time limits, test yourself with a timer. Know how long it takes you to read scenarios and select answers.

MCP Exam Design Every MCP/MCTS/MCITP exam is released in one of three basic formats. What’s being called “exam format” here is really little more than a combination of the overall exam structure and the presentation method for exam questions. Understanding the exam formats is key to good preparation because they determine the number of questions presented, the difficulty of those questions, and the amount of time allowed to complete the exam. All the exam formats use many of the same types of questions. These types or styles of questions include several types of traditional multiple-choice questions, multiple-rating (or scenariobased) questions, and simulation-based questions. Some exams include other types of questions that ask you to drag and drop objects onscreen, reorder a list, or categorize things. Still other exams ask you to answer various types of questions in response to case studies you have read. It’s important that you understand the types of questions you will be asked and the actions required to answer them properly. The following sections address the exam formats and the question types. Understanding these will help you feel much more comfortable when you take the exam.

13

Study and Exam Preparation Tips

Exam Formats As mentioned previously, there are two basic formats for the MCP exams: the traditional fixedform exam and the case study exam. As its name implies, the fixed-form exam presents a fixed set of questions during the exam session. The case study exam includes case studies organized into testlets that serve as the basis for answering the questions. Most MCP exams these days utilize the fixed-form approach, with the case study approach running second. Another test format previously used was the adaptive exam; however, Microsoft no longer employs adaptive algorithms in its exams. The adaptive exam uses only a subset of questions drawn from a larger pool during any given exam session. It might present each test-taker with a different number of questions, depending on how the person answers the initial questions.

Fixed-Form Exams A fixed-form computerized exam is based on a fixed set of exam questions. The individual questions are presented in random order during a test session. If you take the same exam more than once, you won’t necessarily see exactly the same questions. This is because two or three final forms are typically assembled for every fixed-form exam Microsoft releases. These are usually labeled Forms A, B, and C. The final forms of a fixed-form exam are identical in terms of content coverage, number of questions, and allotted time, but the questions for each are different. However, some of the same questions are shared among different final forms. When questions are shared among multiple final forms of an exam, the percentage of sharing is generally small. Many final forms share no questions, but some older exams may have a 10%–15% duplication of exam questions on the final exam forms. Fixed-form exams also have fixed time limits in which you must complete them. The score you achieve on a fixed-form exam, which is always calculated for MCP exams on a scale of 0 to 1,000, is based on the number of questions you answer correctly. For several years early in this decade, Microsoft no longer reported the actual score to you; however, more recently, Microsoft has again provided your exam score. In addition, most recent exams have standardized on a passing score of 700. In all cases, the score is calculated in this fashion. The typical design of a fixed-form exam is as follows: . The exam contains 50–60 questions. . You are allowed 75–90 minutes of testing time. . Question review is allowed, including the opportunity to change your answers.

14

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring . Candidates must correctly answer 70% or more of the questions to pass. . Candidates’ answers are scored according to their correct answers: . No points are deducted for incorrect answers—there is only zero credit for those

questions. . Partial credit may be granted for some questions where multiple answers are

expected for a complete solution and only a subset of the answers has been selected. . Full credit may be granted for some questions where multiple solutions are correct

in their entirety and only one of the answers has been selected.

Case Study Exams The case study–based format for Microsoft exams first appeared with the advent of the 70-100 exam (the original “Solution Architectures” exam) and then appeared in the MCSE sequence in the Design exams. The questions in the case study format are not the independent entities that they are in the fixed-format exams. Instead, questions are tied to a case study, a long scenario-like description of an information technology situation. As the test-taker, your job is to extract from the case study the information that needs to be integrated with your understanding of Microsoft technology. The idea is that a case study will provide you with a situation that is even more like a real-life problem than the other formats provide. The case studies are presented as testlets. A testlet is a section within the exam in which you read the case study and then answer 10–20 questions that apply to the case study. When you finish that section, you move on to another testlet with another case study and its associated questions. Typically, three to five of these testlets compose the overall exam. You are given more time to complete such an exam than to complete the other types because it takes time to read through the cases and analyze them. You might have as much as three hours to complete a case study exam—and you might need all of it. The case studies are always available through a linking button while you are in a testlet. However, when you leave a testlet, you cannot come back to it. Figure 1 provides an illustration of part of such a case study.

Question Types A variety of question types can appear on MCP exams. We have attempted to cover all the types that are available at the time of this writing. Most of the question types discussed in the following sections can appear in each of the two exam formats.

15

Study and Exam Preparation Tips

FIGURE 1 An example of a case study.

A typical MCP exam question is based on the idea of measuring skills or the ability to complete tasks. Therefore, most of the questions are written so as to present you with a situation that includes a role (such as a system administrator or technician), a technology environment (for example, 100 computers running Windows Vista Business on a Windows Server 2003 network), and a problem to be solved (for example, the user can connect to services on the LAN but not on the intranet). The answers indicate actions you might take to solve the problem or create setups or environments that would function correctly from the start. You should keep this in mind as you read the questions on the exam. You might encounter some questions that just call for you to regurgitate facts, but these will be relatively few and far between. The following sections look at the different question types.

Multiple-Choice Questions Despite the variety of question types that now appear in various MCP exams, the multiplechoice question is still the basic building block of the exams, and it comes in three varieties: . Regular multiple-choice question—Also referred to as an alphabetic question, a regular

multiple-choice question asks you to choose one answer as correct. A circle is displayed to the left of each answer. You click the circle to select your answer. If you change your mind, you can select another answer by clicking it, and your former selection is cleared. . Multiple-answer, multiple-choice question—Also referred to as a multi-alphabetic question,

this version of a multiple-choice question requires you to choose two or more answers as correct. In most cases, you are told precisely the number of correct answers to

16

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring

choose. A box is displayed to the left of each optional answer. You can click each box to select multiple answers. In some cases, the exam software prompts you to let you know that you have attempted to select more answers than the number required for the question. . Enhanced multiple-choice question—This is simply a regular or multiple-answer question

that includes a graphic or table to which you must refer to answer the question correctly. Examples of multiple-choice questions appear at the end of each chapter in this book.

Simulation Questions Simulation-based questions reproduce the look and feel of key Microsoft product features for the purpose of testing. The simulation software used in MCP exams has been designed to look and act, as much as possible, just like the actual product. Consequently, answering simulation questions in an MCP exam entails completing one or more tasks just as if you were using the product itself. A typical Microsoft simulation question consists of a brief scenario or problem statement, along with one or more tasks that you must complete to solve the problem. It sounds obvious, but your first step when you encounter a simulation question is to carefully read the question (see Figure 2). You should not go straight to the simulation application! You must assess the problem that’s presented and identify the conditions that make up the problem scenario. You should note the tasks that must be performed or outcomes that must be achieved to answer the question, and then you should review any instructions you’re given on how to proceed.

FIGURE 2

A typical MCP exam simulation with

directions.

The next step is to launch the simulator by using the button provided. After you click the Show Simulation button, you see a feature of the product, as shown in the dialog box in Figure 3. The simulation application partially obscures the question text on many test center machines. You should feel free to reposition the simulator and move between the question text

17

Study and Exam Preparation Tips

screen and the simulator by using hotkeys or point-and-click navigation—or even by clicking the simulator’s launch button again.

FIGURE 3 Launching the simulation application.

It is important for you to understand that your answer to the simulation question is not recorded until you move on to the next exam question. This gives you the added capability of closing and reopening the simulation application (by using the launch button) on the same question without losing any partial answer you might have made. The third step is to use the simulator as you would the actual product to solve the problem or perform the defined tasks. Again, the simulation software is designed to function—within reason—just as the product does. But you shouldn’t expect the simulator to reproduce product behavior perfectly. Most importantly, you should not allow yourself to become flustered if the simulator does not look or act exactly like the product. Figure 4 shows the solution to the sample simulation problem. Two final points will help you tackle simulation questions. First, you should respond only to what is being asked in the question; you should not solve problems that you are not asked to solve. Second, you should accept what is being asked of you. You might not entirely agree with conditions in the problem statement, the quality of the desired solution, or the sufficiency of defined tasks to adequately solve the problem. However, you should remember that you are being tested on your ability to solve the problem as it is presented. The solution to the simulation problem shown in Figure 4 perfectly illustrates both those points. As you’ll recall from the question scenario (refer to Figure 2), you were asked to assign appropriate permissions to a new user, FridaE. You were not instructed to make any other changes in permissions. Therefore, if you were to modify or remove the administrator’s permissions, this item would be scored wrong on an MCP exam.

18

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring

FIGURE 4

The solution to the simulation

example.

Hot-Area Question Hot-area questions call for you to click a graphic or diagram to complete some task. You are asked a question that is similar to any other, but rather than click an option button or check box next to an answer, you click the relevant item in a screenshot or on a part of a diagram. An example of such an item is shown in Figure 5.

FIGURE 5 A typical hotarea question.

19

Study and Exam Preparation Tips

Drag-and-Drop Questions Microsoft has utilized two different types of drag-and-drop questions in exams: select-andplace questions and drop-and-connect questions. Both are covered in the following sections. Select-and-Place Questions Select-and-place questions typically require you to drag and drop labels on images in a diagram so as to correctly label or identify some portion of a network. Figure 6 shows you the actual question portion of a select-and-place item.

FIGURE 6 A select-andplace question.

Figure 7 shows the window you would see after you clicked Select and Place. It contains the actual diagram in which you would select and drag the various server roles and match them up with the appropriate computers. Drop-and-Connect Questions Drop-and-connect questions provide a different spin on drag-and-drop questions. This type of question provides you with the opportunity to create boxes that you can label, as well as connectors of various types with which to link them. In essence, you create a model or diagram to answer a drop-and-connect question. You might have to create a network diagram or a data model for a database system. Figure 8 illustrates the idea of a drop-and-connect question.

20

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring

FIGURE 7 The window containing the select-andplace diagram.

FIGURE 8 A drop-andconnect question.

Microsoft seems to be getting away from this type of question, perhaps because of the complexity involved. You might see the same sort of concepts tested with a more traditional question utilizing multiple exhibits, each of which shows a diagram; in this type of question, you must choose which exhibit correctly portrays the solution to the problem posed in the question.

21

Study and Exam Preparation Tips

Ordered-List Questions Ordered-list questions require you to consider a list of items and place them in the proper order. You select items and then use a button or drag and drop to add them to a new list in the correct order. You can use another button to remove the items in the new order in case you change your mind and want to reorder things. Figure 9 shows an ordered-list question.

FIGURE 9

An ordered-list

question.

Tree Questions Tree questions require you to think hierarchically and categorically. You are asked to place items from a list into categories that are displayed as nodes in a tree structure. Such questions might ask you to identify parent-child relationships in processes or the structure of keys in a database. You might also be required to show order within the categories, much as you would in an ordered-list question. Figure 10 shows an example of a tree question.

Putting It All Together As you can see, Microsoft is making an effort to utilize question types that go beyond asking you to simply memorize facts. These question types force you to know how to accomplish tasks and understand concepts and relationships. You should study so that you can answer these types of questions rather than those that simply ask you to recall facts. Given all the different pieces of information presented so far, the following sections present a set of tips that will help you successfully tackle the exam.

22

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring

FIGURE 10

A tree

question.

More Exam-Preparation Tips Generic exam-preparation advice is always useful. Tips include the following: . Become familiar with the product. Hands-on experience is one of the keys to success

on any MCP exam. Review the exercises and the Step by Steps in the book. . Review the current exam-preparation guide on the Microsoft Training & Events web-

site. The documentation Microsoft makes available on the Web identifies the skills every exam is intended to test. . Memorize foundational technical detail but remember that MCP exams are generally

heavier on problem solving and application of knowledge than on questions that require only rote memorization. . Take any of the available practice tests. We recommend the one included in this book

and the ones you can create by using the MeasureUp software on this book’s CDROM. As a supplement to the material bound with this book, try the free practice tests available on the Microsoft MCP website. . Look on the Microsoft Training & Events website for samples and demonstration

items (as of this writing, check http://www.microsoft.com/learning/default.mspx, but you might have to look around for the samples because the URL might have changed). These tend to be particularly valuable for one significant reason: They help you become familiar with new testing technologies before you encounter them on MCP exams.

23

Study and Exam Preparation Tips

Tips for Success During the Exam Session The following generic exam-taking advice that you’ve heard for years applies when you’re taking an MCP exam: . To keep yourself sharp on the day of the exam, read over the items in the “Fast Facts”

section of this book and get a good night’s sleep the night before the exam. . On the day of the exam, make sure that you take the necessary number of forms of

identification that correctly identify you as the candidate. Arrive at least 20 minutes before the scheduled start of the exam. If you are sick and unable to take the exam, obtain a doctor’s certificate signed on the day the exam was scheduled to take the exam at a later date. . Take a deep breath and try to relax when you first sit down for your exam session. It is

very important that you control the pressure you might (naturally) feel when taking exams. . You will be provided scratch paper. Take a moment to write down any factual informa-

tion and technical detail that you have committed to short-term memory. . Carefully read all information and instruction screens. These displays have been put

together to give you information relevant to the exam you are taking. . Accept the nondisclosure agreement and preliminary survey as part of the examination

process. Complete them accurately and quickly move on. . Read the exam questions carefully. Reread each question to identify all relevant detail. . Look for key words in multiple choice (MC) questions such as “all” or “any.” The

word “all” indicates that you should look for one or more correct answers. The word “any” indicates that there may be one or more correct answers or that the option indicating that there is no correct solution might be correct. . You don’t lose any marks for guessing wrong answers, but you don’t gain any either! If

you can’t decide which solution is correct, you have nothing to lose by guessing. . In fixed-form exams, tackle the questions in the order in which they are presented.

Skipping around won’t build your confidence; the clock is always counting down. . Don’t rush, but also don’t linger on difficult questions. The questions vary in degree of

difficulty. Don’t let yourself be flustered by a particularly difficult or wordy question. Besides considering the basic preparation and test-taking advice presented so far, you also need to consider the challenges presented by the different exam designs, as described in the following sections.

24

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring

Tips for Fixed-Form Exams Because a fixed-form exam is composed of a fixed, finite set of questions, you should add these tips to your strategy for taking a fixed-form exam: . Note the time allotted and the number of questions on the exam you are taking. Make

a rough calculation of how many minutes you can spend on each question and use this figure to pace yourself through the exam. . Take advantage of the fact that you can return to and review skipped or previously

answered questions. Record the questions you can’t answer confidently on the scratch paper provided, noting the relative difficulty of each question. When you reach the end of the exam, return to the more difficult questions. . If you have session time remaining after you complete all the questions (and if you

aren’t too fatigued!), review your answers. Pay particular attention to questions that seem to have a lot of detail or that require graphics. . As for changing your answers, the general rule of thumb here is don’t! If you read the

question carefully and completely and you felt like you knew the right answer, you probably did. Don’t second-guess yourself. If, as you check your answers, one clearly stands out as incorrect, however, of course you should change it. But if you are at all unsure, go with your first impression.

Tips for Case Study Exams The case study exam format calls for unique study and exam-taking strategies: . Remember that you have more time than in a typical exam. Take your time and read

the case study thoroughly. . Use the scrap paper or whatever medium is provided to you to take notes, diagram

processes, and determine the important information. You might find that writing your thoughts, diagramming the information described in the question or the case study provided, and eliminating the obviously wrong answers in your scrap notes shortens the time you spend on each question. . Work through each testlet as if each were an independent exam. Remember that you

cannot go back after you have left a testlet. . Refer to the case study as often as you need to but do not use that as a substitute for

reading it carefully initially and taking notes.

25

Study and Exam Preparation Tips

Final Considerations Finally, a number of changes in the MCP program affect how frequently you can repeat an exam and what you will see when you do: . Microsoft has an exam retake policy. The rule is “two and two, then one and two.”

That is, you can attempt any exam twice with no restrictions on the time between attempts. But after the second attempt, you must wait two weeks before you can attempt that exam again. After that, you are required to wait two weeks between subsequent attempts. Plan to pass the exam in two attempts or plan to increase your time horizon for receiving the MCTS credential. . New questions are always being seeded into the MCP exams. After performance data is

gathered on new questions, the examiners replace older questions on all exam forms. This means that the questions appearing on exams change regularly. These changes mean that the brute-force strategies for passing MCP exams have lost their viability. So if you don’t pass an exam on the first or second attempt, it is possible that the exam’s form could change significantly by the next time you take it. It could be updated from fixedform to a case-study format, or even more likely, it could have a different set of questions or question types. Microsoft’s intention is not to make the exams more difficult by introducing unwanted change but to create and maintain valid measures of the technical skills and knowledge associated with the different MCP credentials. Preparing for an MCP exam has always involved not only studying the subject matter but also planning for the testing experience itself. With the continuing changes, this is now truer than ever.

This page intentionally left blank

PART I

Exam Preparation Chapter 1 Introducing Windows Vista Chapter 2 Installing Windows Vista Chapter 3 Upgrading to Windows Vista Chapter 4 Configuring and Troubleshooting Post-Installation System Settings Chapter 5 Configuring Windows Security Features Chapter 6 Configuring Network Connectivity Chapter 7 Configuring Applications Included with Windows Vista Chapter 8 Maintaining and Optimizing Systems That Run Windows Vista Chapter 9 Configuring and Troubleshooting Mobile Computing

This page intentionally left blank

1

CHAPTER ONE

Introducing Windows Vista In the years since it was first released, Windows XP has become nearly ubiquitous throughout the homes and offices of PC users worldwide. Although it’s a very stable, easily used operating system, it has become plagued with security problems in recent years. Service Pack 2 (SP2) certainly helped overcome these problems, but a new upgrade to the operating system, which has been in the works for several years, was sorely needed to overcome security problems and provide an enhanced productivity environment for home and business users alike. This study guide begins by looking at what Windows Vista is and explaining its features and concepts in a manner that sets the stage for the coming chapters. This chapter does not contain any formal Microsoft exam objectives, but you should become familiar with the terms introduced here. This information guides you as you study how to configure and secure Windows Vista in the many situations that arise in the world of everyday desktop support.

Outline Introduction

31

About Windows Vista

31

The History of Windows

31

Windows Vista Editions

33

Features

35

Productivity Improvements

35

Security Improvements

36

Improved Programs and Tools Included with Windows Vista

37

A Quick Tour of Windows Vista Welcome Center

39 39

Start Menu

42

Control Panel

43

Patches, Hotfixes, and Service Packs Summary

52 53

Key Terms

53

Suggested Readings and Resources

53

31

About Windows Vista

Introduction Windows Vista represents the first upgrade in more than five years to the flagship Microsoft Windows operating system. More than four years in the making, Windows Vista includes versions intended for business use as well as use on home computers of various types of configuration. The Microsoft 70-620 Exam assesses your ability to install, configure, administer, and troubleshoot Windows Vista and focuses on how to do so in a business environment. Before discussing the exam topics in detail, this chapter presents an overview of the new features of Vista and sets the stage for the chapters to come.

About Windows Vista Microsoft designed Windows Vista for both home and business users. Vista provides a 32-bit operating system based on the Windows NT (and later, Windows 2000 and Windows XP) kernel, including new desktop graphics, easy-to-follow menus, and enhanced personalization options. Also included are enhanced networking features that enable simplified connection to wired and wireless networks, enhanced user management, and improved security policies.

The History of Windows The PC has transformed over the past quarter century from a standalone computer that performed little more than word processing and spreadsheet functions to a portable multimedia machine supporting a diverse set of applications. Microsoft has been at the forefront of this development, providing the most ubiquitous operating system to power PC applications— Windows. Microsoft first announced its new graphical operating environment named Windows 1.0 on November 10, 1983, and then released it in 1985. Windows 2.0 followed in 1987. Those early versions of Windows were hardly memorable; however, most people remember Windows 3.0 (released in 1990) because of its wide popularity. Microsoft began integrating peer-to-peer and domain networking support in Windows for Workgroups 3.11, released in 1993. At that time, Microsoft was working with IBM to build a new industrial-strength networking system based on IBM’s popular OS/2 operating system. Plans were made to create a new operating system to be called OS/2 NT. Microsoft wanted to build on its accomplishments with Windows 3.x, but IBM wanted to continue with OS/2. Thus the partnership broke up, and Microsoft retained the rights to further Windows developments. Consequently, Microsoft introduced 32-bit networking in the form of Windows NT 3.1. NT stands for “New Technology,” and 3.1 referred to the fact that the interface resembled Windows 3.0.

32

Chapter 1: Introducing Windows Vista

From the point that Windows NT was introduced, Microsoft split its operating systems into three basic groups: home user versions, corporate user versions, and server versions. The home user versions grew from Windows 3.x to Windows 95 (released in August 1995) to Windows 98 and Windows Millennium Edition (Me). At this point, Microsoft brought the home and corporate user versions together under the Windows NT kernel. The home user version became Windows XP Home Edition. The corporate user versions were Windows NT 3.1; Windows NT Workstation 3.5 (released in 1994); Windows NT Workstation 3.51 (released in 1994); Windows NT Workstation 4.0 (released in 1996), which had the new interface matching Windows 95; Windows 2000 Professional; and Windows XP Professional. Microsoft also added a complete entertainment software package to Windows XP Professional, including support for watching and recording TV shows and working with digital music and videos, to create the Windows XP Media Center Edition. Almost as soon as Microsoft introduced Windows XP, it publicly announced initial plans for the next release of Windows, which it code-named “Longhorn” and originally planned to release in 2003. Within months, this date was pushed back to at least 2004. Around this time, Microsoft was putting together SP2 for Windows XP with its new security initiatives. This push for enhanced security resulted in a significant slowdown on the development of Longhorn until the completion of XP SP2. Consequently, in 2004 Microsoft announced that it was targeting Longhorn’s release for 2006 and revealed that Longhorn would incorporate major security enhancements beyond that of XP SP2, including technologies that would improve the resistance to such attack vectors as viruses, spyware, and other forms of malicious software. And in July 2005, Microsoft announced that the client version of Longhorn would be named “Vista,” and this set the stage for the final push to completion. But yet again, in 2006, Microsoft pushed the final release of Vista back into 2007, announcing that corporate versions would be available in November 2006, and the final public release was set for January 30, 2007. With the development of the new Windows operating system, Microsoft introduced two home versions—Windows Vista Home Basic and Windows Vista Home Premium. Windows Vista Business and Windows Vista Enterprise are the successors to Windows XP Professional, and Windows Vista Ultimate combines the features of both Windows Vista Enterprise and Windows Vista Home Premium into one operating system. The server versions all were based on the 32-bit Windows NT kernel and released at roughly the same times as the workstation versions—Windows NT 3.5 Server, Windows NT 4.0 Server, and Windows 2000 Server. Windows Server 2003 was introduced roughly one and a half years after Windows XP made its debut. Each server release also had additional server versions that provided additional services and/or hardware support for high-end corporate uses. Microsoft is currently working on a new version of its server, which will be known as Windows Server 2008 and will be released in early 2008.

33

About Windows Vista

Today’s Windows Vista represents more than 50 million lines of code and more than 20 years of research and development since the earliest versions of Windows.

Windows Vista Editions Microsoft designed five major editions of Windows Vista, each suited for a different segment of the general population: Windows Vista Home Basic, Windows Vista Home Premium, Windows Vista Business, Windows Vista Enterprise, and Windows Vista Ultimate. Table 1.1 compares the editions of Windows Vista and compares the basic features available with each. TABLE 1.1

Windows Vista Editions

Edition

Designed for

Notable Features

Home Basic

Home users who need only basic computing capabilities

Fundamental security capabilities such as Internet Explorer 7 and Windows Defender, as well as Windows Mail and parental controls

Home Premium

Enhanced home usage capability, including music, photo, and video usage

3D Aero desktop, photo and video handling and basic editing, DVD authoring, Mobility Center, and Windows Media Center

Business

Business users who need only basic computing capabilities

Windows Meeting Space, domain membership, advanced backup capabilities including shadow copy, business networking capabilities, and Remote Desktop

Enterprise

Business users who need advanced computing and security functions

BitLocker drive encryption and MultiLanguage User Interface (MUI)

Ultimate

Home and business users who desire the complete experience

All features included with Vista Home Premium and Vista Enterprise

In addition, Microsoft includes a Starter Edition that provides only very fundamental computing capabilities and is designed only for selected markets in developing overseas countries. This edition was created to address the issue of software piracy that has been rampant in these markets, as well as their financial and emerging market concerns. To meet the regulatory concerns of the European Union, Microsoft also includes “N” versions of these editions, which include all features except media-related capabilities. Table 1.2 provides additional detail on the components included in the various editions of Windows Vista. Many of these features are introduced in the following sections.

34

Chapter 1: Introducing Windows Vista

TABLE 1.2

Components Included in Vista Editions

Component

Home Basic

Home Premium

Business

Enterprise

Ultimate

Internet Explorer 7

x

x

x

x

x

Instant Search

x

x

x

x

x

Windows Mail

x

x

x

x

x

Windows Defender

x

x

x

x

x

Windows Firewall and Security Center

x

x

x

x

x

Parental Controls

x

x

x

x

x

Windows Media Player

x

x

x

x

x

Windows Aero and Aero Glass

x

x

x

x

Windows Media Center/ Movie Maker/DVD Maker

x

Windows Collaboration

x

x

x

x

Advanced networking capabilities

x

x

x

x

Windows Mobility Center/Tablet PC support

x

x

x

x

Scheduled backups

x

x

x

x

Domain support

x

x

x

Complete PC Backup and Restore

x

x

x

File encryption using Encrypting File System (EFS)

x

x

x

Remote Desktop

x

x

x

Windows Web Server

x

x

x

BitLocker drive encryption

x

x

Multilanguage User Interface (MUI)

x

x

Subsystem for UNIXbased applications

x

x

Secure Startup

x

x

x

35

About Windows Vista

Features As can be expected from the more than five-year interval between the introduction of Windows XP and Windows Vista, there are a large number of new features included with Windows Vista. Every edition of Windows Vista includes the same basic features. Additional features appear in some editions of Vista but not in others. The lists that follow are not designed to be exhaustive; they merely introduce the most important new features included with Windows Vista.

Productivity Improvements Windows Vista includes a number of new features and enhancements that are designed to improve the way users interact with the computer. The basic productivity enhancements included with every edition of Vista include the following: . Improved user interface and Start menu—The new look to the user interface includes

translucent window borders and a new Windows Sidebar on the right side of the desktop. While similar to the Windows XP Start menu, the Vista Start menu includes a new instant search assistant that directs you to any program or file on your computer (including multiple locations such as email, the Windows Calendar, HTML pages from the browser cache, and so on), network, or the Internet. You learn about the Start menu in more detail later in this chapter. . Aero Glass—Available on all Vista editions except Home Basic, this is the new desktop

appearance featuring translucent title bars that reveal objects hidden beneath them. You can also hover your mouse pointer over taskbar buttons to reveal live thumbnails of the document or program to which the button relates. Pressing the Windows+Tab key combination reveals live windows of each open document in sequence, facilitating your selection of the correct one. You can configure all these features from the Display applet in Control Panel. . Windows Mail—This standard email application replaces Outlook Express and includes

a new search capability. It also includes a junk mail filter patterned after the one in Outlook, as well as a phishing filter that alerts you when an email is attempting to send you to a bogus website that intends to extract personal information such as bank account or credit card numbers. . Improved startup capabilities—Microsoft has improved the startup code so that initializa-

tion scripts and applications can complete their tasks in the background and the user is able to begin work much sooner. . Sleep mode—Combining features of Windows XP’s Standby and Hibernation modes,

Sleep mode enables you to preserve open documents and programs on shutdown, enabling you to resume work rapidly from where you left off.

36

Chapter 1: Introducing Windows Vista . Restart Manager—Facilitates the installation of updates and patches by keeping track of

running processes and shutting down only the essential processes during patching. This reduces the need for rebooting your computer after installing updates and patches. . Windows Experience Index—This is a performance scoring metric that assesses the capa-

bility of several hardware and software components on your computer. It includes such components as the processor, memory, graphics card, and hard disk and displays a base score that relates to the weakest performing component on your computer. Thus it suggests which component you should upgrade to improve your computer’s overall performance. . Improved stability factors—Vista adds features such as input/output (I/O) cancellation,

which detects when a program is unable to receive input from an unavailable resource and cancels the invalid request. Service recovery policies enable Vista to restart failed essential services and reset dependent services, thereby reducing the need for reboots following service failures. A startup repair tool automatically diagnoses and repairs many startup problems. . Improved hardware diagnostics—Vista includes improved diagnostic tools that monitor

crashes caused by problems such as disk or memory failures. Network diagnostics monitor network connections and either fix problems or inform the user of ways she can remedy the problem. The Windows Diagnostic Console improves upon the Windows XP Performance Console to provide enhanced performance statistics. . Support for document metadata—Vista can search for documents, pictures, and so on

with the aid of metadata included with many file types—that is, data about data. The Search service indexes many types of metadata and enables you to filter search results to view data that contains specific property values. For example, you can filter images to display only those taken with a specific camera within a specified block of time. Later chapters of this book discuss specific details about many of these features. For additional information, consult the references provided in the “Suggested Readings and Resources” section at the end of this chapter.

Security Improvements As you know, Windows XP and other Windows versions have been subjected to a neverending flow of new vulnerabilities. Microsoft has introduced several new features designed to improve the security of computing in Vista: . Secure Startup—This feature prevents unauthorized users from accessing sensitive data

during startup by encrypting the system drive. It utilizes a hardware module called the Trusted Platform Module (TPM), which is found on many recently manufactured computers.

37

About Windows Vista . User Account Control—All users, even administrators, operate in a limited mode that

prevents actions that may be detrimental to system security. When users need to perform potentially risky tasks, Vista presents a dialog box requesting permission or credentials to perform the task. This feature helps to prevent actions attempted by malicious users or software. . Improvements to Windows Firewall—Windows Firewall now blocks both incoming and

outgoing traffic unless specifically configured to pass. This can block actions by malicious programs such as Trojan horses that attempt to send data to an unauthorized location. . Windows Defender—Introduced in Windows XP as Windows AntiSpyware, Windows

Defender monitors your computer for signs of spyware infection and blocks actions of malicious programs, such as their installation. . Spam and Phishing Filters—Windows Mail includes an antispam filter that scans incom-

ing messages for features prevalent in spam messages. A phishing filter alerts you when a message attempts to extract personal information. . Network Access Protection—This is a service that checks the security status of a computer

and compares the results to a set of network guidelines installed on a server that supports the feature. If the computer is not completely up-to-date with respect to security features such as patches or virus signatures, it is restricted to a protected area of the network from which it can download and install the required products. . Parental controls—These controls enable parents to set limits on their children’s activi-

ties by blocking access to specific types of websites or folders, specific content categories such as pornography, and file downloads; setting time limits; restricting games; and so on. . Windows Service Hardening—Vista limits the damage that can be caused by a compro-

mised service. It runs services at a lower privilege level and provides only the permissions required by the service to perform its functions. Services are restricted so that they can only perform their intended activities. Chapter 4, “Configuring and Troubleshooting Post-Installation System Settings” and Chapter 5, “Configuring Windows Security Features,” provide details of most of these features.

Improved Programs and Tools Included with Windows Vista Microsoft has packaged a basic set of programs and tools with every edition of Windows Vista. The following items highlight the most significant new programs and tools: . Welcome Center—This application starts automatically when you first start your com-

puter and log on. It displays your Vista edition and activation status and provides links to basic tasks such as adding printers, personalizing your experience, adding users, and

38

Chapter 1: Introducing Windows Vista

installing devices. You can also access the Control Panel and view your hardware and Windows settings. You learn more about the Welcome Center later in this chapter in the section, “A Quick Tour of Windows Vista.” . Windows Easy Transfer—This is an update to the Files and Settings Transfer Wizard that

was introduced in Windows XP. It supports additional media types such as flash drives. . Internet Explorer 7—Microsoft has added tabbed browsing, in which you can have mul-

tiple open pages available in their own tabs within a single Internet Explorer window. Internet Explorer 7 also features a new Manage Add-ons dialog box, which enables you to enable or disable add-ons and delete unwanted ActiveX controls, as well as an improved browsing history deletion feature and support for Real Simple Syndication (RSS) feeds. . Windows Mail—We have already mentioned this successor to Outlook Express. This

application also includes a preconfigured account for Microsoft’s newsgroup server, msnews.microsoft.com, which includes help groups designed to provide the best computing experience for Vista users. . Windows Calendar—This application enables you to track appointments, provide

reminders, schedule tasks, and view appointments by the day, week, or month. You can also set up multiple calendars for different users or purposes. . Windows Media Player 11—This major update includes several new features, such as a

cleaner interface that can include downloaded album art. It allows several views based on media metadata, an advanced metadata editor, an improved Search box, a capability for synching with compatible media devices, easier ripping of audio CD tracks, additional options for burning to media discs, DVD playback, and several other features. . Media Center—Included with Vista Home Premium and Vista Ultimate, the Media

Center comes with an improved interface and menu structure. . Windows Photo Gallery—This application facilitates the downloading of images and

videos from cameras, scanners, and network or Internet sources. You can view images, edit their metadata, and apply simple fixes to photos. . DVD Burning—Vista enables you to burn DVDs from several places such as Windows

Media Player, Media Center, and Windows Photo Gallery. This eliminates the need for third-party applications, as was the case in Windows XP. . Windows Mobility Center—On laptops and other mobile computers, you can view and

configure features such as battery status, wireless network connections, offline file synchronization, screen brightness, and so on. On a Tablet PC you can also control screen orientation. . Network Center and Network Map—Enables you to configure your network connection

and displays network components to which your computer is connected.

39

About Windows Vista . Windows Collaboration—This is an update to the NetMeeting program in Windows XP.

It enables you to show data to multiple users and collaborate on documents. You can invite people from various sources and do presentations. . Control Panel improvements—Microsoft has added new categories and modified existing

ones compared to those provided with Windows XP. Each category provides links to specific features, and some applets are cross-referenced to more than one category. Links to recent tasks are also included. Chapter 6, “Configuring Network Connectivity,” and Chapter 7, “Configuring Applications Included with Windows Vista,” discuss these programs and features in detail.

A Quick Tour of Windows Vista Windows Vista builds on the visual experiences introduced with Windows XP to offer you a whole new computing experience. This section introduces many of the new features you will become familiar with as you begin to work with Microsoft’s latest operating system.

Welcome Center When you first log on to a new installation of Vista, the Welcome Center shown in Figure 1.1 automatically starts and provides insight into many of the new features of Vista as well as several features updated from your Windows XP versions.

FIGURE 1.1 When you first log on to Vista, the Welcome Center introduces you to many new Vista features.

40

Chapter 1: Introducing Windows Vista

The Welcome Center automatically starts each time you log on until you clear the check box labeled Run at Startup, found at the bottom of the screen. If you want to run the Welcome Center later, go to the System and Maintenance category in Control Panel. Note that the items available from the Welcome Center may depend on the edition of Vista you are running. The following is an introduction to several items accessed from the Welcome Center: . View Computer Details—Provides a summary of information related to your computer,

including the hardware configuration, computer name, workgroup or domain information, and activation status (see Figure 1.2). You can also access this information by clicking Start, right-clicking Computer, and choosing Properties from the context menu.

FIGURE 1.2 You can view summary information about your computer by selecting View Computer Details from the Welcome Center.

. Transfer Files and Settings—Starts the Windows Easy Transfer Wizard, which is an

upgrade to the Windows XP Files and Settings Transfer Wizard. This wizard enables you to easily transfer applications, documents, and settings from an old computer running Windows 2000 or later to a new Windows Vista computer. . Add New Users—Opens the Control Panel User Accounts applet, which enables you to

create new user accounts or change the properties of existing user accounts. You can also configure the new Parental Controls feature from this location. . Connect to the Internet—Starts the Connect to the Internet Wizard, which assists you in

setting up new Internet connections.

41

About Windows Vista . Windows Ultimate Extras—Connects to Windows Update to locate optional updates for

your computer as well as extras available only to users of the Ultimate Edition of Windows Vista. . What’s New in Windows Vista—Provides details on new features included with Vista. . Personalize Windows—Starts the Control Panel Personalization applet, which enables

you to customize features such as your desktop wallpaper, screen saver, sounds, and fonts. . Register Windows online—Access a Microsoft Registration website that enables you to

perform an optional registration. This process enables you to receive tips, ideas, hints, and other information that improve your experience in working with Vista. Do not confuse this optional registration with the required Windows activation. . Windows Media Center—Enables you to set up Media Center for enjoyment of various

media types including music, television, photos, and digital videos. . Back Up and Restore Center—Enables you to perform automatic backup copies of files

and folders on your computer, thereby protecting them against system or disk failure. You can also create a Windows Complete PC Backup and Restore image of your computer. This assists you in recovering from a hardware failure. The same application enables you to restore files, folders, or your entire computer from previous backups. . Windows Basics and Windows Vista Demos—Provide instructions and video demos of

Vista features suitable for users with little or no computing background. . Offers from Microsoft—Enables you to receive additional Microsoft services, including

the following: . Windows Live services—a series of enhanced information services . Windows Live One Care—a complete antivirus and antispyware application . Windows Marketplace—an online software store that enables you to try out and pur-

chase software . Windows Live Mail desktop—enhancements to Windows Mail that assist you in pro-

tecting you from viruses, spam, and other undesirable items, as well as the capability for managing multiple email accounts and other enhancements . Windows Live Messenger—enables you to chat online with friends and coworkers

including video connections . A link for receiving online technical support

42

Chapter 1: Introducing Windows Vista

Start Menu Figure 1.3 shows the new Windows Start Menu, which follows the same basic design first seen in Windows XP but includes several enhancements, as follows: . Recently Used Programs—The left side of the Start menu contains links to recently used

programs, similar to that of Windows XP. However, some of the defaults have been moved to the right side of the menu. . Start Search—At the bottom of the Start menu, this feature enables you to perform

instant searches for programs, files, email, and other items on your computer, as well as search the Internet for anything you can imagine. Simply type the name of the item you want to locate, and Vista will display matches for your search in the left pane of the Start menu within a few seconds. If you type the name of a program on your computer and press Enter, Search will locate and open that program. You can also perform instant searches from any folder window. . All Programs—When you select this feature, the list on the left side of the Start menu

changes to display a menu of all available programs, many of which are categorized into folders. You can simply click through this menu to locate any program on your computer. . Links—The right side of the Start menu has been updated, with some of the Windows

XP features renamed. Notably, Vista does not use the “My” terminology and instead provides links with names such as Documents, Pictures, Computer, Network, and so on.

FIGURE 1.3 The Windows Vista Start menu offers several

enhancements from the Start menu included with Windows XP.

43

About Windows Vista

As in Windows XP, you can customize the items that appear on the Start menu by rightclicking Start and choosing Properties. You learn more about this in Chapter 4.

Control Panel Microsoft has continued the idea of categories that first appeared in Windows XP and has introduced new categories and additional links that assist you in locating any Control Panel application (or applet). See Figure 1.4.

FIGURE 1.4 The Windows Vista Control Panel offers new categories and links to frequently used applets.

This section provides an introduction to the Control Panel features. You learn about many of these features in detail in subsequent chapters of this book. System and Maintenance Shown in Figure 1.5, the System and Maintenance category includes several tasks that enable you to configure performance options and obtain information about your computer. Note that the left-hand side of the window includes links to other Control Panel categories. This feature assists you in navigating among categories and is displayed for all Control Panel categories.

44

Chapter 1: Introducing Windows Vista

FIGURE 1.5 The System and Maintenance category includes basic systemrelated configuration tasks.

The task options available through the System and Maintenance category include the following: . Welcome Center—Opens the Welcome Center, as already introduced. . Backup and Restore Center—Enables you to perform backups of files, folders, or your

entire computer, as already introduced. . System—Provides the same summary of computer information as obtained from the

View Computer Details link in the Welcome Center. . Windows Update—Enables your computer to download various updates, including

patches and hotfixes, from the Microsoft Windows Update website. You can view and download available updates and Windows Ultimate Extras from this location, and you can also configure settings that control the downloading and installation of updates. . Power Options—Enables you to select a power plan to conserve energy by turning off

items such as your display or hard disks after a period of inactivity or maximize performance of your computer. You can also customize a power plan to suit your needs. . Indexing Options—New to Windows Vista, this applet enables you to configure several

options that affect the speed and comprehensiveness of the Windows indexing service. . Problem Reports and Solutions—Also new to Windows Vista, enables you to search online

for solutions to problems you may be having with your computer. You can download and install solutions to problems, view problem history, and configure several related settings.

45

About Windows Vista . Performance Information and Tools—Enables you to test your computer’s performance.

You can calculate a Windows Experience Index, which as already discussed, rates your computer according to the lowest performing hardware component. You can also adjust several components to optimize your computer’s performance. . Device Manager—Enables you to view information on hardware devices on your com-

puter. You can enable or disable devices; identify resources used by each device; identify, update, and roll back device drivers; and so on. . Administrative Tools—Provides access to the entire suite of computer administrative

tools. Most of these tools are discussed in later chapters of this book.

Security Shown in Figure 1.6, the Security category includes several tasks that enable you to configure a large range of security-related topics.

FIGURE 1.6 The Security category includes a large range of system-related configuration applets.

Security category tasks include the following: . Security Center—Enables you to configure all security-related options on your computer. . Windows Firewall—Builds upon the firewall first introduced in Windows XP SP2 that

protects your computer against both incoming and outgoing threats. You can configure which programs are permitted to send or receive data across the firewall.

46

Chapter 1: Introducing Windows Vista . Windows Update—Enables you to receive automatic updates as Microsoft releases them.

You can configure the time at which updates are downloaded and check for new updates. . Windows Defender—Enables you to scan your computer for malicious software such as

spyware that can be downloaded to your computer without your knowledge. . Internet Options—Enables you to configure the properties of Internet Explorer 7. You

can specify your home page, delete your browsing history, modify tabbed browsing, configure security and privacy options, and many more actions. We look at these options in Chapters 4 and 5. . Parental Controls—Enables you to configure limits on computer use by any user and

view reports outlining user activity. . BitLocker Drive Encryption—Enables you to encrypt your entire hard disk in a single

action using BitLocker. From this applet, you can manage and secure the required encryption keys.

Network and Internet Shown in Figure 1.7, the Network and Internet category includes several tasks that enable you to configure connections to your local area network (LAN) or the Internet, as well as several other network-related tasks.

FIGURE 1.7 The Network and Internet category enables you to perform network-related tasks.

47

About Windows Vista

The task options provided by the Network and Internet category include the following: . Network and Sharing Center—Enables you to establish and configure options related to

networks accessible to your computer. It provides a local view of the network to which your computer is attached and enables you to perform several tasks related to sharing of items such as files, folders, printers, and media. You can view the current status of your network connections, enable or disable network connections, and diagnose connectivity problems. . Internet Options and Windows Firewall—Same as accessed through the Security category. . Offline Files—Enables you to cache copies of files located on servers or other network

computers so that you can access them and work with them even if you are not connected to the network. You can determine how your copies of these files are synchronized with the network location and how any modifications you make are treated when you reconnect to network locations. . People Near Me—New to Windows Vista, this enables you to provide information

about yourself to others on your network. This is a component of the new Windows Peer-to-Peer Networking platform that enables the discovery of people connected to the local network and set up collaborative activities across the network by issuing invitations and handling invitations received from others. You can sign in and out of People Near Me and send invitations for programs such as Windows Meeting Space. . Sync Center—Enables your computer to synchronize with other network devices

including mobile computers, handheld devices, smart phones, and so on.

Hardware and Sound Shown in Figure 1.8, the Hardware and Sound category includes applets that enable you to configure all your computer’s hardware components. The Hardware and Sound category includes the following applets: . Printers—Enables you to add printers and fax devices and configure properties of these

devices. You can view and manage print queues, configure printer permissions, modify settings related to a specific printer type, and troubleshoot problems related to printers and faxes. . Auto Play—Enables you to configure default actions that take place when you insert

media of a given type such as audio CDs, DVDs, blank discs, and so on. . Sound—Enables you to configure the settings associated with audio recording and play-

back devices. You can create and modify sound schemes that include the sounds that are associated with Windows and program events.

48

Chapter 1: Introducing Windows Vista

FIGURE 1.8 The Hardware and Sound category enables you to manage a diverse range of hardware components.

. Mouse—Enables you to configure mouse properties such as button settings, pointer

appearance, scroll wheel actions, and so on. . Power Options—Same as accessed through the System and Maintenance category. . Personalization—Enables you to configure a large range of mostly display-related

options such as color and appearance of windows, desktop background, screen saver, windows themes, display resolution and refresh, and so on. You can also configure sounds and mouse options from here. . Scanners and Cameras—Enables you to add, configure, troubleshoot, or remove scan-

ners, cameras, or other USB devices on your computer. . Keyboard—Enables you to configure keyboard properties such as character repeat and

cursor blink behavior. . Device Manager—Same as accessed through other categories. . Phone and Modem Options—Enables you to configure the properties of outbound tele-

phone connections. . Game Controllers and Pen and Input Devices—Enables you to add, configure, and remove

these types of devices. . Windows SideShow—New to Windows Vista, a SideShow–compatible device is an

additional display from which you can access information such as your calendar, email

49

About Windows Vista

messages, and news stories. You can access these information types even when your computer is off. . Color Management—Enables you to configure advanced color management settings for

devices such as monitors, printers, and scanners. . Tablet PC Settings—Enables you to configure settings specific to Tablet PC hardware.

You can configure settings for right- and left-handed users, handwriting recognition, display orientation, and pen and input device settings.

Programs Shown in Figure 1.9, the Programs category includes applets that enable you to configure features related to applications installed on your computer, including programs that run by default at startup as well as locating, downloading, installing, and removing of applications.

FIGURE 1.9 The Programs category helps you manage applications on your computer.

Applets provided by the Programs category include the following: . Programs and Features—This is a complete reworking of the Add or Remove Programs

applet in older Windows versions and enables you to uninstall, change, or repair applications installed on your computer. . Windows Defender—Enables you to view the latest Windows Defender antispyware

scan results.

50

Chapter 1: Introducing Windows Vista . Default Programs—Enables you to configure which applications Windows uses by

default for opening files of specific type. You can also control access to various types of applications and configure AutoPlay settings. . Windows SideShow—Same as accessed in the Hardware and Sound category. . Windows Sidebar Properties—Enables you to configure the appearance of the new

Windows Sidebar and configure which gadgets appear on the Sidebar. . Get Programs Online—Enables you to access the Windows Marketplace, from which

you can purchase, download, install, and test new software applications.

User Accounts and Family Safety The User Accounts and Family Safety category enables you to access the same User Accounts and Parental Controls applets that are available on the Welcome Center. You can also access Windows CardSpace, from which you can configure information used when logging on to online network services. You can keep track of memberships at online services and websites and modify personal information sent to these sites. Appearance and Personalization Shown in Figure 1.10, the Appearance and Personalization category enables you to configure properties of your computer related to how items appear on the display.

The Appearance and Personalization category enables you to configure appearance-related options.

FIGURE 1.10

51

About Windows Vista

The Appearance and Personalization category includes . Personalization—Same as accessed through the Hardware and Sound category. . Taskbar and Start Menu—Same as accessed from the Windows Vista Welcome Center. . Ease of Access Center—Contains several accessibility options that enable vision- and

mobility-challenged users to use the computer. You can access a wizard that helps you select the appropriate options for individuals with different requirements. . Folder Options—Enables you to modify how folder windows display their contents. You

can configure whether files open with a single- or double-click, show hidden files and folders, and so on. . Fonts—Enables you to manage fonts stored on your computer. You can add or remove

fonts and display samples of fonts installed on your computer. . Windows Sidebar Properties—Same as accessed through the Programs category.

TIP Displaying file extensions As in previous Windows versions, Vista does not display extensions for common types by default. To display file extensions, access the Folder Options applet and clear the check box labeled Hide Extensions for Known File Types. This helps you distinguish between files with otherwise similar names. It also helps guard against undesirable files with double extensions; for example, data.txt.exe would appear as data.txt and could hide a malicious executable if you have not cleared this check box.

Clock, Language, and Region The Clock, Language, and Region category contains two applets that enable you to configure the time and date displayed on your computers; configure your time zone; and select how your computer displays items such as dates, times, numbers, and currency according to the country in which you live. You can also add or remove display languages, set which language is displayed by default, and adapt your keyboard for specific languages. Ease of Access The Ease of Access category provides access to the Ease of Access Center, which is also included in the Appearance and Personalization category. It also includes the Speech Recognition applet, which enables you to configure microphones and train your computer to understand your voice. You can take a tutorial that shows you how to use speech on your computer and view or print a list of speech-related commands. Additional Options If you have installed software applications that add applets not directly related to one of the other categories in Control Panel, they appear here. This category does not include any default items.

52

Chapter 1: Introducing Windows Vista

Patches, Hotfixes, and Service Packs With millions of lines of code in any application, you can imagine that there will be some error that was not caught in testing, especially considering how many different uses that millions of people will find. This is something that users have expressed concerns about since the early days of computing—no program has ever worked perfectly under every circumstance, and the frustration of not being able to get work done because of some bug in the software generated complaints. Microsoft’s solution to bugs was to create bug fixes, also called “hotfixes.” More recently, Microsoft created security fixes known as “patches” and began to release these on the second Tuesday of every month, which has become known in Microsoft circles as “Patch Tuesday.” After a certain amount of time, people had to install so many patches and hotfixes that Microsoft packaged them into a single installation called a “service pack,” or SP for short. Of course, hotfixes created after the first service pack required Microsoft to incorporate all those fixes into another service pack. Service packs gave the developers an opportunity to release additional features. For example, SP2 for Windows XP added Windows Firewall, Windows Security Center, and a popup blocker for Internet Explorer. Each service pack is cumulative, so when you install a service pack, you need to install only the latest one released to gain all the fixes and features in previous SPs.

NOTE Service packs are not necessarily the best thing since sliced bread Each service pack usually causes a few unexpected errors with a variety of applications and/or hardware devices. As an administrator, you should install service packs with the same amount of caution that you would use to deploy the operating system itself, by first testing it in your own environment with your own applications and hardware and then running a pilot test of the update on a group of (forgiving, you hope) users. After you are sure that the service pack will cause fewer errors than the ones that it fixes, you should roll it out to your users.

You can expect that Microsoft will continue the tradition of introducing service packs from time to time with Windows Vista. In fact, Microsoft has already announced the intention of releasing SP1 for Vista before the end of 2007.

53

Summary

Summary Windows Vista comes in five editions designed for different types of users: Vista Home Basic, Vista Home Premium, Vista Business, Vista Enterprise, and Vista Ultimate. Vista has incorporated numerous improvements over its predecessor, Windows XP, particularly in the fields of user productivity and security. This chapter introduced you to the most significant improvements incorporated into Windows Vista. You looked at the new applications and tools included with Windows Vista, and toured the Windows Welcome Center and the various categories of the Control Panel.

Key Terms . Control Panel . hotfix . patch . service pack . Windows Vista Home Basic . Windows Vista Home Premium . Windows Vista Business . Windows Vista Enterprise . Windows Vista Ultimate . Welcome Center

Suggested Readings and Resources The following recommended readings introduce you to Microsoft Windows Vista: 1. Books . McFedries, Paul. Microsoft Windows Vista Unveiled. Indianapolis, IN: Sams

Publishing. 2006. . Stanek, William R. Introducing Microsoft Windows Vista. Redmond, WA: Microsoft

Press. 2006.

54

Chapter 1: Introducing Windows Vista 2. Websites . Windows IT Pro. Road to Gold: The Long Road to Windows Vista. http://www.

winsupersite.com/showcase/winvista_roadtogold_01.asp . Microsoft. Windows Vista: Choose an Edition. http://www.microsoft.com/windows/

products/windowsvista/editions/default.mspx . Microsoft. Windows Vista Features. http://www.microsoft.com/windows/products/

windowsvista/features/default.mspx . Microsoft TechNet. Windows Vista Reliability and Performance Features and

Improvements. http://technet.microsoft.com/en-us/windowsvista/aa905071.aspx

2

CHAPTER TWO

Installing Windows Vista Objectives This chapter helps you to prepare for the exam by covering the following Microsoft objectives for the Installing and Upgrading Windows Vista section of Exam 70-620: TS: Microsoft Windows Vista, Configuring.

Identify hardware requirements. . Hardware requirements include a “minimum” level that enables Windows Vista to run in a basic manner and a “preferred” level that enables Windows Vista to perform adequately and use the new Aero graphics interface to its fullest capacity. It is important that you know the hardware requirements so that you can plan the appropriate hardware configurations that support the various editions of Windows Vista and their capabilities.

Perform a clean installation. . Microsoft includes this objective to ensure that you know how to manually install Windows Vista. It is important to know how to perform a complete manual installation so that you understand what’s happening behind the scenes when performing automatic, unattended installations.

Troubleshoot Windows Vista installation issues. . Troubleshooting various types of installation require you to understand the steps that occur during installation and what can go wrong at each step. Troubleshooting failed installations is an objective referring to the error logs and troubleshooting procedures that are generated when Windows Vista fails during the Setup process. You are required to know which error log applies to which failure, as well as how to follow through in correcting the problem.

Install and configure Windows Vista drivers. . Drivers are software interfaces that enable devices such as pointing devices, scanners, printers, keyboards, cameras, modems, network adapters, and so on to perform under the Windows Vista operating system. An administrator must be able to physically connect a device and implement, upgrade, and roll back its device driver.

Outline Introduction

58

Defining a Solution

94

Preparing for Installation

58

Testing and Implementing the Solution

94

Documenting the Results

95

Identifying Hardware Requirements

60

Troubleshooting an Attended Installation

95

Hardware Compatibility

61

Software Compatibility

62

Network Requirements

64

Domain Membership

65

Workgroup Membership

67

File System Considerations

69

Product Activation

70

Media Problems

96

Insufficient Hard Drive Space

96

Unrecognizable DVD-ROM Drive

97

Unavailable Network

97

Advanced Startup

102

Refer to Compatibility

102

Troubleshooting an Unattended Installation

104

71

Problems with Answer Files

104

Performing an Attended Installation

72

Performing an Unattended Installation

78

Problems with Sysprep Installations

106

Understanding Vista Deployment Technologies

79

Performing a Clean Installation of Windows Vista

Using Windows System Image Manager to Create Unattended Answer Files

79

Creating an Answer File

80

Using the Answer Files to Perform an Unattended Installation

85

Installing Windows Vista by Using the System Preparation Tool (Sysprep)

85

Understanding the System Preparation Tool

85

Creating an Image with Sysprep

86

Deploying an Image with Sysprep

Understanding WDS

90

Requirements to Use WDS

91

Troubleshooting Process Identifying the Point of Failure

108

Stop Errors or Blue Screen of Death (BSOD)

109

Startup Repair

110

Stopped Installation

110

Installing and Configuring Windows Vista Drivers

111

Managing and Troubleshooting Drivers and Driver Signing

111

Using Windows Vista Rollback

114

Summary

115

Key Terms

116

Apply Your Knowledge

116

87

Installing Windows Vista by Using Windows Deployment Services (WDS) 90

Troubleshooting Windows Vista Installation Issues

Troubleshooting Failed Installations

92 93 94

Discovering the Cause of the Failure 94

Exercises

117

Exam Questions

118

Answers to Exam Questions

122

Suggested Readings and Resources

125

Study Strategies This chapter is devoted to preparing to install and installing Windows Vista. This chapter addresses several methods you can use to perform unattended installations of Windows Vista. Practical experience in this field is vital to understanding how these methods work and which situations are best suited for each. . If possible, have two or three computers available that do not contain any data of value for practicing the various exercises. Another strategy is to download and install the free version of Microsoft Virtual PC 2007 so that you can install multiple copies of Windows Vista as guest machines on a single host computer. . Practice manually installing Windows Vista. . Practice installing Windows Vista using each of the three automated deployment methods discussed in this chapter: Use Setup.exe along with answer files, Sysprep.exe install, and Windows Deployment Services. . Spend some time looking through the error logs on a Windows Vista computer. You should look at the specific logs and look at Event Viewer immediately after the Windows Vista operating system has been installed. . Review the “Troubleshooting an Attended Installation” section and become familiar with the various problems you can encounter, including their symptoms and causes. . Device drivers are often provided directly from original equipment manufacturers (OEMs). To familiarize yourself with how these device drivers function, obtain new device drivers for existing hardware on a test computer. Update the driver and review the changes that appear under Control Panel and in Device Manager. Roll back the device driver and then review any further changes. Run Performance Monitor (Perfmon) to see the performance differences between the drivers.

58

Chapter 2: Installing Windows Vista

Introduction The Microsoft 70-620 exam assesses your ability to install, configure, and administer Windows Vista and focuses on how to do so in a business environment. Basic to any installation type is the manual, clean installation of Vista on a new computer. Manual installation of Windows Vista is fine when you have only a few computers that need to be installed, but what would you do if you had several hundred (or thousand!) computers on which you needed to install Windows Vista? This chapter introduces you to automated deployment of Windows Vista using Windows Deployment Services (WDS) and the System Preparation Tool (Sysprep.exe, or Sysprep for short). As an adjunct to Murphy’s Law, what can go wrong during an operating system installation does go wrong, and then the situation needs troubleshooting. Windows Vista is no exception. Whether the installation is attended or whether the operating system is automatically installed through the use of WDS, Sysprep, or answer files, problems can and do occur. Knowing how to handle the unexpected error makes all the difference to a network administrator or engineer.

Preparing for Installation When you manually install a Windows Vista system, you may just think it’s a matter of getting your hands on a DVD and popping it into a computer. However, when you deploy Windows Vista throughout an entire organization, even if you decide to do so manually, you can reduce errors and delays by following a carefully planned deployment. Most projects involve five principal stages—Define, Design, Develop, Test, and Implement. You should follow them when deploying Windows Vista, as well. There are many different project methodologies, and some are quite complex. If you boil them down to their essential elements, they fall into the following five stages: . Stage 1: Define—Defining the project scope and objectives. You have to set limits to

your project so that you don’t end up with a task that will never end because it has no stopping point. Besides, who wants to be at the mercy of users who ask, “Can’t you just add this one little thing to the project?” You also have to set objectives to ensure that your project actually meets the goals of your organization. It would be senseless to spend hours to test and implement wireless networking within Windows Vista if your network has no wireless access points and has a security policy that objects to wireless networking altogether. However, it would be just as senseless to ignore testing and implementing multimedia support if you are conducting a project for a graphics company. With the scope and objectives of your project in hand, you can then begin planning the project by identifying tasks and phases, specifying the people and groups affected by it, and determining the timeframe for those tasks.

59

Preparing for Installation . Stage 2: Design—Designing your Windows Vista configuration. This stage involves cre-

ating the ideal desktop to deploy to your end users. (If you are fully networked with Windows 2000/2003/2008 Active Directory, you can also use Group Policy to make user-specific or group-specific configuration specifications rather than incorporating them into the installation itself.) Your design should incorporate the fundamental framework of the preferred Windows Vista configuration for your network. This phase might also involve a lab test of your preferred build to see what the logical design would look like. You can also design the implementation method—whether to implement manually, use WDS, use Sysprep, or refer to third-party implementation tools for unattended installations. . Stage 3: Develop—Developing the final configuration. During the development phase,

you will likely make changes to your original design. Mainly this phase is to gather or create all the resources necessary to conduct your deployment. For example, if you were to design a standard desktop configuration that included most of the Windows Vista features and planned to deploy it through WDS, then the development phase would include creating the unattended installation files for WDS, assembling the WDS server(s) required, along with providing for any network requirements to enable WDS across wide area networks (WANs), if that was a consideration on your network. . Stage 4: Test—Involves the following components: . Testing the final design of the desktop to ensure that it meets users’ needs . Analyzing hardware compatibility with the devices on your network . Testing application compatibility with the applications that your users must have to

be productive . Examining the implementation method to ensure that it will function properly

when the project is rolled out . Developing and testing a rollback method so that you can restore the computer to

its former state just in case a severe problem takes place During the testing stage, you should prioritize your tests to ensure that critical applications and uses of the operating system will receive the greatest focus. Giving minor problems a lower priority will help you avoid delays in the project. In fact, the testing phase is simply the process of trying to break your designed configuration of Windows Vista and then fixing anything that does break during testing before it gets in the hands of end users. This phase should involve a pilot test where you place your final configuration into a production environment with a small control group of users. These users can then conduct business and report back to you any problems that they run into while using your configuration. Users always find something that you might not have thought to test for while in the lab, mainly because they

60

Chapter 2: Installing Windows Vista

utilize features of applications in different ways than you might try in a lab environment. . Stage 5: Implement—Deploying the operating system throughout your organization as

defined in the scope of the project. This final stage should include . Notifying the affected users and groups of the deployment with some advance

notice . Installing any distribution servers if needed . Training the users on the new interface and features of Windows Vista . Backing up data on the users’ computers, if applicable . Upgrading or replacing incompatible hardware . Conducting any additional preparation tasks such as running system checks or

defragmenting the hard drives . Installing the operating system itself . Migrating user-specific data back to the newly installed PC . Conducting a quality analysis of the computers to ensure that they will boot up

and run critical applications

Identifying Hardware Requirements Objective:

Identify hardware requirements. Microsoft has defined two levels of hardware requirements for computers running Windows Vista. The minimum supported hardware requirements represent the bare minimum required to run the core features of Windows Vista and provide a basic user experience. Computers meeting these requirements are considered to be “Windows Vista-Capable” computers. The premium ready hardware requirements represent the hardware required to run all features of Vista with satisfactory performance. Table 2.1 lists the base hardware requirements for Windows Vista. Although these are the minimum hardware requirements for supporting the operating system, they are not necessarily adequate to support additional applications or for reasonable performance. When designing the hardware requirements for installation, you should allow for extra RAM and hard disk space and probably a faster processor for applications.

61

Identifying Hardware Requirements

TABLE 2.1

Hardware Requirements for Windows Vista

Device

Minimum Supported

Premium Ready

Processor

Intel Pentium/Celeron running at 800MHz or higher

Intel Pentium II/Celeron running at 1GHz or higher, or 64-bit (x64) processor

RAM

512MB

1GB

Graphics processor

DirectX 9-capable

DirectX 9-capabile with at least 128MB graphics memory

Hard disk

20GB with at least 15GB free space

40GB with at least 15GB free space

Monitor

SVGA (800×600)

1024×768 or higher resolution

Disk drives (for CD installations)

CD-ROM or DVD drive

CD-ROM or DVD drive at 12x or faster speeds

Other

Standard keyboard and mouse or other pointing device

Standard keyboard and mouse or other pointing device and audio output and Internet access capabilities

If you want to access a network, you should have a network adapter installed that is compatible with the network infrastructure. For Internet access, at a minimum you need a 14.4-Kbps modem or higher to dial up to an Internet service provider (ISP). Video conferencing, voice, fax, and other multimedia applications generally require 56-Kbps modems, microphone, sound card, and speakers or headset. Video conferencing itself requires a video conferencing camera.

Hardware Compatibility Microsoft makes it easy to check your hardware’s compatibility by providing a list of supported hardware. Microsoft designed the Windows Logo Program for Hardware with the aim of assisting users to identify hardware components that are compatible with Windows Vista and the next Windows Server release. This program replaces the Hardware Compatibility List and Windows Catalog that were previously used with older Windows versions. It consists of two tiers: . A “basic” logo that identifies all compatible products. . A “premium” logo that identifies products that present advanced experiences with

Windows Vista. Components that carry the premium logo are certified to perform with the Media Center. For more information on the Windows Logo program, refer to FAQ for Windows Logo Program in the “Suggested Readings and Resources” section at the end of this chapter.

62

Chapter 2: Installing Windows Vista

The Windows Logo program is not comprehensive. You can check hardware compatibility by contacting the manufacturer of the device if you cannot find it on the Microsoft website. An issue that can interrupt the installation process is the use of incompatible critical device drivers. If a compatible driver is not available, Setup stops until updated drivers are found. Operating system upgrades will not migrate incompatible Windows XP drivers. The only way to ensure a smooth installation is to make certain you have all the drivers available at the start of the installation process. Do not be concerned about unattended installations because there is a folder in which you can place any additional or updated drivers for hardware that is not included in the base Windows Vista files. Before you deploy Windows Vista on any system, you should ensure that the hardware and BIOS are compatible with the operating system. Older hardware may not have a compatible BIOS even though the devices within the PC itself are all listed in the Windows Logo program. The original equipment manufacturer (OEM) should have an updated BIOS available that can be downloaded from the OEM’s website. If you have an Internet connection, you can use the Dynamic Update feature to connect to the Windows Update website during setup. Windows Vista automatically downloads and installs updated drivers during the setup process from the Windows Update website.

Software Compatibility One of the more difficult parts of the development and testing phase of an operating system deployment project is to handle software compatibility, or rather, software incompatibility. The operating system that you deploy is important because it provides the basic functionality for the computer, but productivity usually depends on business applications that are installed, which makes applications more important to the organization. If an application is not compatible with the operating system, you have the following options: . Upgrade the application to a compatible version. . Replace the application with a similar type of application that is compatible with

Windows Vista. . Retire the application.

Before you are faced with these decisions, your first task in determining software compatibility is to identify all the applications that are used and that will be installed in your deployment project. You should develop a matrix of applications that is organized according to priority of business productivity and by number of users that use the application. For example, if you determine that 100% of all your users use APP A, but that it does not directly contribute to business productivity (such as an antivirus application), you would place it in the high use, low productivity quadrant. If you determine that 10% of your users use APP B, and it contributes

63

Identifying Hardware Requirements

highly to business productivity, you would place it in the low use, high productivity quadrant. If 5% of users use APP C and it has no impact on business productivity, you would place that in the low use, low productivity quadrant. The applications in that low use, low productivity quadrant are the ones that you should analyze for potentially retiring. If you find that 90% of all users use APP D and it is considered business-critical, you would put APP D in the high use, high productivity quadrant. All applications in this quadrant should receive priority during the project. Figure 2.1 attempts to place these applications into this perspective.

high

APP A

APP D (mission-critical)

APP C

APP B

Usage

low

low

Productivity

high

FIGURE 2.1 You should prioritize all applications used in your company according to their usage and productivity.

You might decide to include additional criteria to your matrix to better pinpoint the applications that will require more of your time during the project. For example, you could identify which applications are developed for Windows Vista and which are developed specifically for older Windows operating systems, as well as which have been developed in-house. Applications that have been developed for Windows 2000 or Windows XP might not run properly on Windows Vista. Those applications that were developed for older versions of Windows, such as Windows 9x/NT, are more likely to be incompatible with Windows Vista. Antivirus applications are typically incompatible if they were developed for older Windows versions. After you have an inventory of your current software, you should then build a test lab and test the applications with Windows Vista. With each application that has compatibility problems, you should decide whether the application is important enough to fix. If it is important, you should then determine the fixes you need to undertake to make it compatible. You can then package the fixes using the Microsoft Application Compatibility Toolkit. Finally, you should test the deployment and perform a quality assurance check on the test PCs to see whether the applications install and run properly. For more information on the Microsoft Application Compatibility Toolkit, refer to Inside the New Microsoft Application Compatibility Toolkit in the “Suggested Readings and Resources” section at the end of this chapter.

64

Chapter 2: Installing Windows Vista

Network Requirements In a Windows Vista deployment, you must be able to identify which network protocols and network hardware are used on your network. Network protocols affect how you configure the computer, especially if there is some problem with addressing. When you install Windows Vista, it will not connect to the network properly if it does not use a compatible protocol or does not have a correct address. The network hardware you use on the network affects the options you have available for deployment. For example, if you have no servers on your network and/or no peers with enough hard disk space to hold the installation files, you will be unable to install Windows Vista over the network—attended or unattended. If you have servers, but they do not run Windows 2000 or Windows 2003, you will not be able to use WDS. If you do not have sufficient bandwidth, you will not be able to run the installation across the network either. To assess your network, collect the following information: . Network protocols . Addressing format and address resolution . Naming conventions and name resolution . Network servers including server operating system, names, IP addresses, domain mem-

bership, file and print services, directory services, and authentication . Network sites and available bandwidth between the sites . Routers, hubs, switches, printers, bridges, other peripherals, firewalls, and proxy

servers A thorough network assessment includes physical and logical diagrams of all sites, documenting each physical link, its speed, IP address and available bandwidth, and the location of each piece of equipment. The logical portion should show server roles, Domain Name System (DNS) servers, Windows Internet Naming Service (WINS) servers, Dynamic Host Configuration Protocol (DHCP) servers, trust relationships, and your domain architecture. When the Windows Vista computer is a network client, you need to determine how to connect that client to the network. Keep in mind that large networks tend to be hybrids, having a mixture of network media. If one client is intended to connect to a token ring network, whereas another is intended to connect to a wireless network, you need to plan for the appropriate network adapter, drivers, and installation method. The standard network protocol for Windows Vista is Transmission Control Protocol/Internet Protocol (TCP/IP). If you intend to connect to a network that has NetWare servers that do

65

Identifying Hardware Requirements

not use TCP/IP, you also need to configure the NWLink protocol, which is Microsoft’s equivalent to the Internetwork Packet eXchange/Sequenced Packet eXchange (IPX/SPX) protocol. On the other hand, you should not install any additional protocols if they are unnecessary because they will generate additional network traffic. DHCP servers automatically provide IP addresses to each DHCP client on the network from a pool of addresses. When a network device releases its IP address, the address can be reused for another DHCP client. This averts IP address conflicts and helps distribute IP addresses efficiently, along with extended information such as DNS server data. Even if your network uses DHCP services, you should be aware of IP addresses used on each network link. This helps if you have to troubleshoot a problem with connectivity. If your network uses static IP addresses, you need to have an IP address for each network client you install.

Domain Membership Windows Vista computers can participate in an Active Directory domain by becoming members of the domain. Keep in mind that Windows Vista Home Basic or Home Premium cannot participate in a domain as a member but can access data on a domain server. Domain membership in an Active Directory domain requires the TCP/IP protocol and proper DNS server identification.

Challenge You are a network administrator who is preparing to install Windows Vista on a large number of computers that will be part of a domain. To test whether you can join a domain, you should first be able to communicate with a domain controller. You should be able to perform this process on your own based on what you have learned so far. If you have trouble with the process, you can determine whether the computer is able to join a domain by performing the following steps: 1. Click Start, right-click Computer on the Start menu, and select Properties. 2. On the dialog box that appears, click Change Settings under the Computer name, domain, and workgroup settings section. 3. If User Account Control is enabled, the message shown in Figure 2.2 informs you that Windows needs your permission to proceed. Click Continue. 4. On the System Properties dialog box, click the Computer Name tab. 5. Ensure that the name of the workgroup is the same as the name of the domain that you intend to join. 6. Apply the changes and restart the computer when requested. 7. Click Start and double-click Network. (continues)

66

Chapter 2: Installing Windows Vista (continued)

FIGURE 2.2 When you initiate an action in Vista that requires administrative credentials, you receive the User Account Control dialog box.

8. Locate the domain controller and double-click it. 9. Make certain that you can browse network resources. 10. Log off the computer and log on again to disconnect completely from the domain controller. 11. Now you can join the domain. Repeat steps 1 to 4 to access the Computer Name tab of the System Properties dialog box. 12. Click Change. 13. On the Computer Name/Domain Changes dialog box that appears, select Domain and type the name of the domain in the text box provided (see Figure 2.3). Then click OK.

FIGURE 2.3

Joining an Active Directory domain.

14. Type the user name, password, and domain name. This must be the name of a user who has the authority to join the domain. Click Next. (continues)

67

Identifying Hardware Requirements (continued)

15. When you receive the message Welcome to the domainname domain, you have successfully joined the domain. 16. Exit the Computer properties and you are prompted to restart the computer. 17. A new logon screen appears, where you need to press Ctrl+Alt+Delete to log on to the domain.

Workgroup Membership When you install a peer-to-peer network of Windows Vista and other Windows computers, you need to ensure that each computer is connected and that they are all running the same protocol with correct addressing. You also need to ensure that each computer within the peerto-peer network is a member of the same workgroup. Because the Windows Vista computer is a peer on the network, it not only needs to access other files and printers, but it needs to share its own files and printers. To do this, you should install File and Printer Sharing if it is not installed already on the computer. To install File and Printer Sharing, follow these steps: 1. Click Start and double-click Network. 2. You should see a message bar informing you that file sharing is turned off. Click this

message, and then click the Turn on Network Discovery and File Sharing option that appears. 3. A User Account Control message informs you that Windows needs your permission

(refer to Figure 2.2 shown previously). Click Continue to begin sharing files. With File and Printer Sharing installed, you still cannot share files and printers until you specify which should be shared. To share a file or printer, follow these steps: 1. Locate the resource to be shared and right-click it. 2. Select Share from the shortcut menu. 3. In the File Sharing dialog box, type the username of a user with whom you want to

share the folder (see Figure 2.4), click Add, and then click Share. 4. In the User Account Control dialog box that appears, click Continue. 5. The File Sharing dialog box informs you that the folder has been shared and that you

may email the links to inform users that the folders are shared or copy the links so that you can paste them into programs or documents. Click Done.

68

Chapter 2: Installing Windows Vista

FIGURE 2.4

Sharing a folder.

NOTE The Public folder Vista provides a folder located at c:\Users\Public that contains subfolders named Public Documents, Public Download, Public Music, Public Pictures, Public Videos, and Recorded TV. Although this folder is designed for sharing files and folders, it is not shared by default. You will need to share this folder using a procedure similar to that described in the preceding steps.

The file-sharing capabilities in Windows Vista are simplified such that all users have identical rights to files based on how you originally share the resource. This means that either all users can read the files, or all users can change the files. You can control which users are permitted to do by configuring the access control list (ACL) for the appropriate files and folders, provided you are using the New Technology file system (NTFS) for the file system. Right-click the file or folder and choose Properties and then select the Security tab of the dialog box that appears. Users and permissions are discussed further in Chapter 5, “Configuring Windows Security Features.”

NOTE Checking the access control list If you are using NTFS for the file system, you can check the access control list of a folder with the cacls command. Click Start, All Programs, Accessories, Command Prompt. At the prompt type the following: CACLS C:\FOLDER

69

Identifying Hardware Requirements

File System Considerations Windows Vista supports three file systems: . File Allocation Table 16 (FAT16) . File Allocation Table 32 (FAT32) . NT File System (NTFS)

FAT16 is a 16-bit file system, whereas FAT32 is a 32-bit file system, both of which have grown out of the Windows 95/98/Me family. NTFS is the 32-bit file system that has come from Windows NT. For more information on Vista file systems, refer to “Comparing NTFS and FAT file systems” in Vista Help and Support Center. In a corporate environment or in any peer-to-peer network, you should consider NTFS to be the optimum file system to use. It has the basic functionality that FAT16 and FAT32 provide, plus it supports improved security, file encryption, file compression, and larger partitions and files. For scalability, NTFS can ensure your file system will support the larger hard disks and will not degrade in performance. Fault-tolerant features are incorporated in NTFS. The file system automatically repairs disk errors without displaying error messages. When Windows Vista writes files to the NTFS partition, it saves a copy of the file in memory. It then compares the file on the disk to see whether it is the same as the copy in memory. If the two copies aren’t equivalent, Windows Vista marks that section of the disk as bad and rewrites the file to another disk location. NTFS also allows you to perform several operations related to file and folder security. The security within NTFS allows you to set permissions on folders and individual files. FAT16 and FAT32 do not. Furthermore, to use the Encrypting File System (EFS), you must have NTFS as your file system. EFS allows you to protect your files and folders from unauthorized access on the local hard drive through the use of public key security. In addition, you can set disk quotas. When multiple people use the same computer, you can control the amount of disk space each person can use on that computer. When you have configured disk quotas, a user looking at the available disk space will see only the amount of space available for that user’s disk quota. If users attempt to exceed their allotment, they are given the message that the disk is full. Native NTFS file compression enables users to select individual files or folders to compress. Because the file system takes care of the compression algorithm, any Windows application can read or write a compressed file without having to manually decompress the file beforehand. File compression is supported only when NTFS has a cluster size of 4KB or smaller.

70

Chapter 2: Installing Windows Vista

NOTE Upgrading considerations If you are upgrading an existing Windows system that already uses NTFS, you should keep NTFS. If you are upgrading Windows systems that use FAT16 or FAT32, your partition is automatically converted to NTFS during the setup process.

Dual-boot systems also require you to think through the file system choice. Although you may use both an NTFS and a FAT partition on the same computer, a Windows 9x operating system cannot access files in the NTFS partition. However, Windows Vista (as well as Windows NT, Windows 2000, and Windows XP) can access both partitions.

Product Activation The highly controversial Windows Product Activation (WPA) was first introduced by Microsoft in Windows XP and Office XP to deter piracy. The premise is that each computer installed should have a unique identifier associated with the software with which it was installed. The WPA addition, however, does cause some planning issues for a large deployment. In a simple installation of a single Windows Vista system, WPA is just a matter of contacting Microsoft via the Internet (the easiest method) or phone and obtaining the unique identifier. In a large deployment, Microsoft has introduced an update to WPA called Volume Activation, which enables straightforward activation of multiple computers. How WPA works is straightforward: It generates a unique identifier for your computer by combining your hardware ID with the product key. This ID is sent to Microsoft, which then checks to see whether that product key has been used for more than the number of systems that the End User License Agreement (EULA) allows, which is simply one system. If this check passes, your computer receives a confirmation code that activates Windows Vista, and the issue of WPA goes away. If the check fails, your system is not activated and will operate in reduced functionality mode after the 30-day activation period is over. If you have a computer that is not connected to the Internet and does not have a modem available for connection purposes, you are required to manually activate it. To do so, you run through the WPA process when prompted to activate the computer, and you will obtain an installation ID number. Then you call the Microsoft Activation Call Center to obtain a confirmation ID. Finally, you input the confirmation ID number in WPA. When you use WPA, regardless of the method, the information in the ID submitted to Microsoft indicates the following: . System volume serial number . Network adapter Media Access Control (MAC) address . CD-ROM or DVD-ROM ID

71

Performing a Clean Installation of Windows Vista . Display adapter ID . CPU ID and the CPU serial number . Hard drive ID . IDE controller ID

You can perform Volume Activation by using either of the following two types of licensing keys: . Multiple Activation Keys—These keys activate computers by either the Internet or tele-

phone in a manner similar to that already described for Product Activation. . Key Management Service—You can set up this service on a computer running Windows

Vista or the new Windows Server operating system to activate Vista computers automatically without the need to contact Microsoft. You must have a minimum of 25 Vista computers to utilize this service.

Performing a Clean Installation of Windows Vista Objective:

Perform a clean installation. In an attended installation, someone is required to interact with the computer while it executes the installation process. This is a process that IT professionals should be familiar with but one the average user will rarely, if ever, need to perform. With OEMs releasing new computers with the operating system pre-installed, and with organizations ensuring that only IT staff installs and configures computers, it’s likely that the only non-IT professionals who will run fully attended installations are those who purchase Windows Vista off the shelf and install it on their existing home computers. As an IT professional, you should run through at least one or two attended installations even if you are planning to deploy only unattended installations of Windows Vista throughout your organization. By going through the process, you can see each stage of installation and relate it to sections within the answer files and with the unattended process later on. If you need to troubleshoot an unattended installation, you will be better able to identify the point at which the installation failed if you have already become familiar with the attended installation process.

72

Chapter 2: Installing Windows Vista

Performing an Attended Installation You can run an attended installation process for either an upgrade or a clean installation of Windows Vista. Upgrading to Windows Vista is covered in Chapter 3, “Upgrading to Windows Vista,” so we will be walking through a clean installation process in this section. Before you begin, check to make certain that you have gathered all the information you need and are prepared to install. You should have the following: . A computer that meets the minimum hardware requirements listed in the Windows

Logo Program for Hardware. . Windows Vista drivers from the manufacturer for any hardware that does not appear in

the Windows Logo Program. It’s imperative that you have the hard disk drivers, especially if they are RAID or SCSI devices. . Windows Vista DVD or installation files available across a network. . BIOS that meets the minimum requirements for Windows Vista compatibility.

CAUTION BIOS support for ACPI Windows Vista requires Advanced Configuration and Power Interface (ACPI) capability in the BIOS; you cannot use older power management systems such as Advanced Power Management. Ensure that you have the latest BIOS available before beginning Vista installation.

. Product code, which should be listed on the CD package or provided to you from the

network administrator. . If across a network, a boot disk that can access network shares and appropriate net-

work adapters. . Internet connection for Automatic Updates and access to updated drivers and WPA. . A backup of all your existing data and the drivers for the backup device so that you can

restore the data. When you have all the preceding items in hand, you’re ready to install Windows Vista. Your first step in the installation is to boot up the computer into the setup process. This means that you will boot to the network and run Setup from a network share, boot from the CD, or create a set of Setup startup disks that will boot the computer and find the CD. If your CD-ROM drive is not bootable, consider that to be a red flag that your system might have compatibility problems. Installing across a network is covered in Exercise 2.1 in the “Apply Your Knowledge” section later in this chapter.

73

Performing a Clean Installation of Windows Vista

Step by Step 2.1 outlines the process for installing Vista using a bootable DVD-ROM rather than startup disks or a network installation.

STEP BY STEP 2.1 Manually Installing Windows Vista Via DVD-ROM 1. Insert the Windows Vista installation DVD and boot the computer. If you receive a message that the DVD has been auto-detected and a prompt to Press any key to boot from CD or DVD, press the spacebar or any other key within five seconds or the computer will attempt to boot from the hard disk. 2. A message stating that Windows is loading files appears. After a minute or so, the Install Windows dialog box shown in Figure 2.5 appears. If you need to change the language, time and currency, or keyboard or input method settings, do so. Otherwise, click Next to proceed.

FIGURE 2.5 The Install Windows dialog box offers options for language, time and currency, and keyboard or input method.

3. Another Install Windows dialog box appears. If you need further information, click the What to Know Before Installing Windows link. Click Install now to install Vista. 4. After a few seconds, you receive a Type Your Product Key for Activation dialog box (see Figure 2.6). Type the product key included with the installation DVD and then click Next.

TIP Installing Vista without a product key Unlike previous versions of Windows, you can leave the product key blank. If you do so, you will receive a warning message and will be prompted to select the edition of Vista you want to install. You will have 14 days to activate Windows, at which time you must supply a valid product key. You can use this feature to preview any edition of Vista and select the most appropriate edition for your requirements.

74

Chapter 2: Installing Windows Vista

FIGURE 2.6 Type your product key when prompted by this dialog box.

5. The EULA screen appears. You must select the I Accept the License Terms check box to accept the licensing agreement as indicated at the bottom of the screen. 6. The next screen offers you a choice of upgrade or clean installation. The Upgrade option will be disabled (grayed out) unless you are running the installation on a computer running a compatible copy of Windows XP with sufficient free disk space to accommodate the upgrade. Select the Custom (advanced) option to continue. 7. The next screen shows the available partitions and unpartitioned disk space where you can install Windows Vista. Make certain you select a partition that has enough available disk space, preferably 40GB but at least 20GB. If unpartitioned space is available, you can select the unpartitioned space and create a new partition for the operating system at this point. Click Next. 8. The next window tracks the progress of installing Windows Vista and informs you that your computer will restart several times, as shown in Figure 2.7. Take a coffee break.

FIGURE 2.7 Tracking the progress of Windows Vista installation.

75

Performing a Clean Installation of Windows Vista 9. After the final reboot, Setup displays the Choose a User Name and Picture dialog box shown in Figure 2.8. Type a username and password in the text boxes provided. The password you provide is for a local user account on the computer running Windows Vista. You do not need to make this password the same as the one for the domain administrator, and you can leave the password blank. Be careful when assigning different passwords for the Administrator account on different computers during a large deployment because you will have problems if you lose the local Administrator’s password.

FIGURE 2.8 Setup asks you to provide a username and password.

10. On the next screen, accept the computer name provided or type one of your choosing. If you intend to join a domain, enter a computer name that meets your organization’s naming conventions and that has a computer account on the domain. The computer name must be unique on the network for both DNS naming and WINS naming. Also choose a desktop background and then click Next. 11. On the next screen, select the Use Recommended Settings option to provide the highest security level (see Figure 2.9). 12. On the next screen, set the current date, time, and time zone. If this computer connects to the Internet, you can simply select the correct time zone and later make certain that Windows Vista automatically synchronizes with an Internet time provider. (If you have a local time provider computer, you can also type in that computer’s address in the appropriate location.) Figure 2.10 shows the dialog box for customizing time synchronization. You can access this dialog box by right-clicking the time on the right end of the Windows Vista taskbar, selecting Adjust Date and Time, and then clicking the Internet Time tab.

76

Chapter 2: Installing Windows Vista

FIGURE 2.9 The Help Protect Windows Automatically screen enables you to choose the appropriate security level. You should always select the Use Recommended Settings option.

You can synchronize your computer time across the Internet.

FIGURE 2.10

13. On the next screen, select the location that best describes your computer’s current location (see Figure 2.11). 14. Setup displays a Thank you message. Click Start to begin working with Vista. At this first logon, Windows informs you that it is checking your computer’s performance. After a minute or two, Vista displays a Welcome screen and a message that it is configuring your desktop.

77

Performing a Clean Installation of Windows Vista

Vista provides three options that govern how network settings are applied.

FIGURE 2.11

15. After another minute or two, the Windows Vista desktop and then the Welcome Center (which was introduced in Chapter 1) appears. The computer attempts to access the Internet to download and install updates from the Microsoft website, and a message at the bottom of the desktop informs you of the update progress. Click any of the options displayed to learn more about Vista.

CAUTION Activation period The period of time before you absolutely have to activate Vista is 30 days. If you do not activate Vista on time, it enters a “reduced functionality mode” in which you can only perform certain actions. Refer to The behavior of reduced functionality mode in Windows Vista in the “Suggested Readings and Resources” section for more information.

You have just completed a full, manual installation of Windows Vista from scratch. In a typical installation, you would next join a workgroup or domain, install additional applications, restore data from backup, and customize the desktop to meet your needs.

REVIEW BREAK You have conducted a manual, clean install of Windows Vista on a computer without a previous operating system. Keep in mind the following facts: . Windows Vista comes in the following editions: Home Basic, Home Premium,

Business, Enterprise, and Ultimate. A Starter Edition is also available for selected third-world countries.

78

Chapter 2: Installing Windows Vista . You can perform the initial installation of Vista without entering a product key; howev-

er, you must enter a product key to activate Vista before the 30-day grace period expires. . Ensure that the computer on which you are installing Vista meets at least the minimum

hardware requirements. This computer should preferably meet the Premium Ready hardware requirements for best performance. . You use the Setup.exe program on the Vista DVD-ROM to install Vista. The winnt.exe and winnt32.exe programs used with previous Windows versions no

longer exist.

Performing an Unattended Installation The procedure outlined in Step by Step 2.1 is fine when you have only a few computers that need to be installed. But what would you do if you had several hundred (or thousand!) computers on which you needed to install Windows Vista? This section describes several methods of unattended installation (also referred to as automated deployment), which enables you to deploy Windows Vista to a large number of computers with little or no intervention needed from end users. Unattended installation provides great time savings for administrators who need to install Windows Vista on even a modest number of computers. In addition, it provides a reliable method of creating a series of computers with consistent configurations and reduced chance of error during installation. Original equipment manufacturers (OEMs) use similar methods to install Windows Vista onto large numbers of new computers. Unattended installation also provides an efficient, rapid means of installing the operating system and core applications should a computer fail and a user needs to be provided with a new computer. Should you need to replace the hard drive containing the operating system files, unattended installation generally provides the fastest means of getting a user productive again. Several methods of automated deployment of Windows Vista are available. This section discusses the following methods: . Setup Manager—Enables you to create answer files, which are text files that provide

answers to questions asked by the installation program. You can use these answer files to script the installation of Windows Vista. . Sysprep—Used in conjunction with a third-party replication tool such as Norton Ghost,

Sysprep automates the installation of Windows Vista from answer files onto a series of computers. . WDS—Uses a server configured with image files of Windows Vista to automatically

install computers across the network.

79

Performing a Clean Installation of Windows Vista . Third-party disk duplication programs—Uses additional tools, such as Microsoft Systems

Management Server, to distribute copies of Windows Vista. This method is not covered on the exam and is not discussed in this book.

Understanding Vista Deployment Technologies Microsoft has modified the technology for automated setup in Vista considerably from the technologies previously used in Windows 2000/XP/Server 2003. Table 2.2 introduces the new and modified components and technologies used with Vista. TABLE 2.2

Deployment Tools and Technologies

Component

Description

Answer file

An XML-based file (Unattend.xml) that contains the operating system settings that you want to specify for the unattended installation. This file replaces the Unattend.txt and Udf files used in Windows XP and Windows Server 2003 setup.

System Image Manager (SIM)

The application used to automate the process of creating an answer file to your specifications. Replaces the Setup Manager program previously used in Windows XP and Windows Server 2003.

Catalog

A binary file containing the configuration of settings and packages within a Windows image.

Windows Preinstallation Environment (Windows PE)

A minimal 32-bit operating system based on the Vista kernel, used in the preinstallation and deployment of Vista.

ImageX

A command-line tool that collects, modifies, and applies Vista installation images.

Windows Setup

The application that installs the Vista operating system.

System Preparation Tool (Sysprep)

The application that processes images for deployment to multiple computers.

Windows image

A compressed file in the new Windows Imaging (.wim) format that contains all the folders and files required to complete a Vista installation, either attended or unattended.

Using Windows System Image Manager to Create Unattended Answer Files Windows System Image Manager (SIM) enables you to create answer files from information included in a Windows image (.wim) file and a catalog (.clg) file. You can also include component settings and software packages to be installed on the computers with Windows Vista. The following are several actions you can accomplish using SIM:

80

Chapter 2: Installing Windows Vista . Create new answer files and edit existing ones . Validate the information in an answer file against a .wim file . View and modify the component configurations in a .wim file . Include additional drivers, applications, updates, or component packages in the

answer file You can use SIM to create unattended answer files. You should have two computers, as follows: . A computer from which you install SIM and create the answer files. Microsoft refers to

this computer as the “technician computer.” . A computer without an operating system but equipped with a DVD-ROM drive, net-

work card, and a floppy drive, or USB support.

CAUTION Take care when editing answer files When using Notepad to edit the answer file or UDF file, you must ensure that you follow the rules of syntax exactly; otherwise, unattended installations will either fail or prompt the user for additional information.

Creating an Answer File To use SIM to create the files required for performing unattended installations, you first need to download and install the Windows Automated Installation Kit (AIK) from Microsoft and copy the appropriate files from the Windows Vista DVD-ROM. You should perform these steps on a computer running Windows XP Service Pack 2 or later, Windows Server 2003 Service Pack 1 or later, or Windows Vista. Microsoft refers to this computer as the “technician computer.” Follow Step by Step 2.2 to download and install the AIK.

STEP BY STEP 2.2 Downloading and Installing the AIK 1. Open Internet Explorer, navigate to http://www.microsoft.com/downloads/details.aspx?FamilyID= c7d4bc6d-15f3-4284-9123-679830d629f2&DisplayLang=en, and follow the instructions provided to save the Windows AIK image file to an appropriate location on your hard drive. You can also search for “automated installation kit” from Microsoft Live Search.

CAUTION AIK is a large download If you do not have a high-speed Internet connection, be prepared for an overnight download.

81

Performing a Clean Installation of Windows Vista 2. Use third-party DVD burning software or the native software included with Vista to burn the image file to a blank DVD-ROM disc. 3. Insert the DVD-ROM disc into the technician computer. The AutoRun program should execute and display a User Account Control dialog box. If not, navigate to the DVD-ROM folder and double-click the StartCD.exe file. 4. Click Continue to display the Welcome screen shown in Figure 2.12.

Installing the Windows Automated Installation Kit.

FIGURE 2.12

5. Select Windows AIK Setup from the list of options on the left side of this window. 6. The Windows Automated Installation Kit Setup Wizard starts with a Welcome page. Click Next. 7. On the License Agreement page, click I Agree and then click Next. 8. On the Select Installation Folder page, accept the folder provided or type the path to an appropriate folder, and then click Next. 9. On the Confirm Installation page, click Next and wait while the AIK is installed. This process takes several minutes. 10. When the completion page appears, click Close.

After you have installed the AIK, a folder is present on your computer, from which you can create answer files. Step by Step 2.3 shows you how.

82

Chapter 2: Installing Windows Vista

STEP BY STEP 2.3 Creating an Answer File 1. Insert the Windows Vista DVD-ROM and cancel the Install Windows window that appears. 2. Open a Computer (or My Computer on a Windows XP or Windows Server 2003 computer) window, navigate to the Vista DVD-ROM, right-click, and select Open. 3. Open the Sources folder, navigate to the install.wim file, right-click, and then choose Copy. 4. In the Computer (or My Computer) window, navigate to a suitable location and create a folder to hold the installation files, for example, c:\Vista_Install. 5. Open this folder and use Ctrl+V to paste the install.wim file into it. This will take about one hour. 6. Click Start, All Programs. In the program list that appears, click Microsoft Windows AIK and then click Windows System Image Manager. 7. In Windows System Image Manager shown in Figure 2.13, select File, Select Windows Image.

You need to select a Windows image file to create an answer file.

FIGURE 2.13

8. In the Select a Windows Image dialog box shown in Figure 2.14, navigate to the folder you copied the install.wim file to, select this file, and then click Open.

NOTE If you receive an error informing you that SIM was unable to load the wimgapi.dll file or that it could not be found, open a Computer window, navigate to c:\Program Files\Windows AIK\Tools\x86, and copy this file to c:\Windows\System32. You will need to supply administrative credentials. Wimgapi.dll

83

Performing a Clean Installation of Windows Vista

FIGURE 2.14

Selecting the install.wim file.

9. On the Select an Image dialog box shown in Figure 2.15, select the edition of Windows Vista that you want to create an answer file for.

FIGURE 2.15

Selecting a Windows Vista image.

10. SIM asks you to create a catalog file. Click Yes and then click Allow in the User Account Control dialog box that appears. A Generating Catalog File message box appears as the files are processed and the catalog file is created. This takes several minutes. 11. When the process of generating a catalog file is complete, click OK. You are returned to Windows SIM. 12. In the Windows Image pane, expand the Component node to display the available components. 13. Right-click each of the following components in turn and add them to the indicated configuration pass: . Microsoft-Windows-Setup\DiskConfiguration\Disk\CreatePartitions\ Create Partition; add to 1 Windows PE configuration pass. . Microsoft-Windows-Setup\DiskConfiguration\Disk\ModifyPartitions\ Modify Partition; add to 1 Windows PE configuration pass. . Microsoft-Windows-Setup\ImageInstall\OSImage\InstallTo; add to 1 Windows PE configuration pass.

84

Chapter 2: Installing Windows Vista . Microsoft-Windows-Setup\UserData; add to 1 Windows PE configuration pass. . Microsoft-Windows-Shell-Setup\OOBE; add to 7 oobeSystem configuration pass. 14. The Answer File pane should display all the settings you have added. To complete the creation of an answer file for a basic Vista installation, select and configure the settings contained in Table 2.3.

TABLE 2.3

Windows Settings for a Basic Answer File

Component

Value

Microsoft-Windows-Setup\DiskConfiguration

WillShowUI = OnError

Microsoft-Windows-Setup\DiskConfiguration\Disk

DiskID = 0 WillWipeDisk = True

Microsoft-Windows-Setup\DiskConfiguration\Disk\ CreatePartitions\CreatePartition

Extend = False Order = 1 Size = 40,000 (creates a 40GB partition) Type = Primary

Microsoft-Windows-Setup\DiskConfiguration\Disk\ ModifyPartitions\ModifyPartition

Active = True Extend = False Format = NTFS Label = OS_Install Letter = C Order = 1 PartitionID = 1

Microsoft-Windows-Setup\ImageInstall\OSImage\

WillShowUI = OnError

Microsoft-Windows-Setup\ImageInstall\OSImage\InstallTo

DiskID = 0 PartitionID = 1

Microsoft-Windows-Setup\UserData

AcceptEula = True

Microsoft-Windows-Setup\UserData\ProductKey

Key = <product_key> WillShowUI = OnError

Microsoft-Windows-Shell-Setup\OOBE

HideEULAPage = True ProtectYourPC = 3 SkipMachineOOBE = True SkipUserOOBE = True

15. Validate the settings you have configured by selecting Validate Answer File from the Tools menu. 16. If you receive an error message, double-click the message in the Messages pane, correct the error, and then repeat step 15. 17. When all errors have been corrected, click File, Save Answer File. Save the answer file as Autounattend.xml and then copy this file to a removable flash drive or floppy disk.

85

Performing a Clean Installation of Windows Vista

Using the Answer Files to Perform an Unattended Installation Having created the answer files as described in Step by Step 2.3, it is easy to run the automated installation of Windows Vista on a new computer without an operating system. Step by Step 2.4 shows you how.

STEP BY STEP 2.4 Performing an Unattended Installation of Windows Vista 1. Start the target computer and insert the Vista DVD-ROM and the flash drive or floppy disk you created in Step by Step 2.3. 2. To run Setup.exe, press Ctrl+Alt+Delete. The computer restarts and searches the flash drive or floppy disk for the Autounattend.xml file. 3. Setup should proceed automatically and install Vista with all customizations you have previously configured.

NOTE Don’t forget to remove the floppy disk If you start the computer from a floppy, do not forget to remove it before the first restart; otherwise, you will receive an error message. If an error message appears, remove the disk and press Ctrl+Alt+Delete.

Installing Windows Vista by Using the System Preparation Tool (Sysprep) The procedure outlined in Step by Step 2.4 is adequate if you are installing Vista on just a few computers. If you need to install Vista on a large number of computers, you can use the System Preparation Tool (Sysprep) together with a means of disk imaging. Unlike the situation in Windows XP, the Vista DVD already contains an image suitable for deployment to any computer. You can either deploy this image as-is or prepare an image of the computer you installed in Step by Step 2.4 for deployment to the destination computers. Such a procedure can save considerable time when you are performing a large rollout. In addition, should you encounter problems with a computer at a later time, you can re-image the computer from the disk image that you originally created to return the computer to a baseline configuration.

Understanding the System Preparation Tool Unlike the situation in Windows XP, Sysprep is automatically installed into the Windows\System32\Sysprep folder when you install Vista. To use Sysprep, you begin with a

86

Chapter 2: Installing Windows Vista

reference computer on which you have installed Windows Vista together with any applications and updates that you want to deploy to the destination computers. Certain situations are not supported for the use of Sysprep. In these instances, you might be able to use WDS if your network meets the requirements for using WDS: . Upgrades—You cannot use Sysprep for upgrading computers running older versions of

Windows to Windows Vista. . Production environment—Use of Sysprep for creating an image of a computer that has

been used in a production environment is not recommended. In other words, you should use a freshly installed version of Vista when preparing the computer to be imaged. . OEM installation image—Microsoft does not support the use of Sysprep for imaging a

computer that was originally set up from original equipment manufacturer (OEM) installation images or media. . Default user profile has been overwritten—You should not use Sysprep if you have copied

another user profile over the default user profile. Several optional switches are provided with Sysprep: . /audit—Runs Sysprep.exe in audit mode, which verifies hardware and software

installation after you have run Sysprep.exe in factory floor mode. This enables the computer to reboot to verify proper hardware and software installation. . /quiet—Runs Sysprep.exe without user interaction. . /generalize—Removes system-specific information such as the security identifier

(SID) and product activation information so that these items become unique on each newly installed computer. . /oobe—Runs Windows Welcome and the oobeSystem configuration pass on the next

reboot. . /reboot—Forces the computer to reboot after completion of disk imaging. . /unattend: —Specifies the name of an answer file. . /shutdown—Forces a shutdown rather than powering off the computer.

Creating an Image with Sysprep Creation of the image for Sysprep deployment involves preparation of the computer and running the Sysprep.exe utility, followed by shutting down the system and running the disk imaging program. You must be logged on as an administrator to perform these steps. Follow the steps outlined in Step by Step 2.5 to prepare and image the reference computer.

87

Performing a Clean Installation of Windows Vista

STEP BY STEP 2.5 Creating a Sysprep Image 1. On the computer you installed Vista on in Step by Step 2.4, run the following command: C:\Windows\System32\Sysprep.exe /oobe /generalize /shutdown

2. Sysprep cleans up the disk image by removing various user and machine settings and then shuts the computer down. Reboot the computer with a floppy and run the disk-cloning program to create the image that you will deploy to the target computers.

You can store the image created by this procedure on a CD-ROM or a shared folder that is accessible to the target computers. It is also good practice to perform a test deployment and ensure that the operating system and all applications are properly installed and configured before deploying the image to production computers. Should any problems occur, you can reconfigure the source computer and re-create the image.

Deploying an Image with Sysprep Microsoft includes Windows PE, which is a minimal version of a 32-bit operating system designed to facilitate the deployment of a Windows Vista image to multiple computers. To use Windows PE, you first need to create a CD that enables you to capture an image of the master computer to be stored on a shared folder accessible to the target computers. The process involves creating a CD from which you can start Windows PE, using this CD to start Windows PE, using ImageX to capture the installation image, and copying this image to a network share. Follow Step by Step 2.6 to complete these tasks.

STEP BY STEP 2.6 Creating a Windows Vista Image 1. At the technician computer, run the following commands to create a local Windows PE build directory: cd \Program Files\Windows AIK\Tools\PETools Copype.cmd <arch> <destination>

Where <arch> refers to x86, amd64, or ia64, and <destination> is the path to a local folder; for example: Copype.cmd x86 c:\WinPE_x86

88

Chapter 2: Installing Windows Vista 2. Copy additional tools as required to the local folder, for example: Copy “C:\Program files\Windows AIK\Tools\x86\imagex.exe “ C:\WinPE_x86\iso\ <subfolder>

Where <subfolder> refers to whatever subfolder structure is required for supporting the tools. 3. Use Notepad or another text editor to create a configuration file named wimscript.ini, which instructs ImageX to exclude specific files during the capture procedure. This file contains the following statements: [ExclusionList] ntfs.log hiberfil.sys pagefile.sys “System Volume Information” RECYCLER Windows\CSC [CompressionExclusionList] *.mp3 *.zip *.cab \WINDOWS\inf\*.pnf

4. Save this file to the same location specified in step 2. This enables ImageX to detect this file automatically. 5. Use the Oscdimg.exe tool to create an ISO image file, for example: cd \Program Files\Windows AIK\Tools\PETools Oscdimg –n –bc:\winpe_x86\etfsboot.com c:\winpe_x86\ISO c:\winpe_x86\winpex86.iso

6. Use the Windows CD-writing wizard or a third-party CD burning application to burn the ISO image file to a blank CD-ROM.

Having created the Windows PE CD-ROM, you can now start the master computer and copy its image to a network share for deployment. Step by Step 2.7 shows you how.

STEP BY STEP 2.7 Capturing the Vista Installation 1. At the master computer, insert the Windows PE CD-ROM and restart the computer. 2. Windows PE opens a command prompt. To capture an image of the master installation, type the following: D:\Tools\Imagex.exe /compress fast /capture C: C:\Myimage.wim “my Vista Install” /verify

89

Performing a Clean Installation of Windows Vista 3. On the network server, create and share a folder to hold the image, for example \\Server1\Vista_ installation\Images. 4. At the master computer, type the following to copy the image to the share: net use z: \\Server1\Vista_installation\Images copy c:\Myimage.wim z:

The image is now ready to deploy to any number of destination computers. Follow Step by Step 2.8 to deploy the image.

STEP BY STEP 2.8 Deploying the Vista Image 1. At the target computer, insert the Windows PE CD-ROM and restart the computer. 2. At the Windows PE command prompt, use the diskpart command to create the appropriate disk configuration; for example: diskpart select disk 0 clean create partition primary size=40000 select partition 1 active format exit

3. Type the following commands to copy the installation image to the local hard drive: net use z: \\Server1\Vista_installation\Images copy z:\Myimage.wim c:

4. Type the following command to use ImageX from the Windows PE media to apply the image to the local hard drive: D:\Tools\Imagex.exe /apply C:\Myimage.wim c:

This deploys the Vista image to the destination computer, ready for delivery to the end user.

NOTE Redeploying the image to the master computer If you want to redeploy the image to the computer you imaged in the previous steps, override the default boot order to boot the computer from the CD-ROM drive, using the appropriate function key to access the BIOS program.

90

Chapter 2: Installing Windows Vista

Installing Windows Vista by Using Windows Deployment Services (WDS) WDS is the replacement for Remote Installation Services (RIS), which was first introduced with Windows 2000 to provide a means of performing on-demand, image-based installation of operating systems across a network connection from a server running RIS to the computer on which the operating system is to be installed. You can install WDS on a server running either Windows Server 2003 or Windows Server 2008 and use it to install Windows Vista or Windows Server 2008 on destination computers.

Understanding WDS WDS provides several advantages to the administrator who needs to install Windows Vista/2008 on a large number of computers, including the following: . WDS enables you to install Windows Vista on computers at a remote location across a

wide area network (WAN). . WDS provides native support for Windows PE and the WIM file format. . WDS reduces the complexity associated with large deployments, thereby reducing

total cost of ownership (TCO). . WDS simplifies the duties associated with management of an installation server. . WDS simplifies the procedures required to recover an installation from system failures

that occur during installation. WDS provides backwards compatibility with RIS by enabling the following operational modes: . Legacy mode—Functionally equivalent to RIS, this mode enables the installation of

Windows 2000/XP/Server 2003 computers only. . Mixed mode—Enables the actions of both RIS and WDS to deploy any Windows

2000/XP/Server 2003/Vista/Server 2008 computers. . Native mode—Deploys only Windows PE boot images to install remote copies of

Windows Vista and Windows Server 2008. You can create installation images of Windows Vista or Windows Server 2008 that include complete computer configurations, including such items as applications and desktop settings, and use WDS to push these images out to client computers on the network. The capabilities of WDS include the following:

91

Performing a Clean Installation of Windows Vista . Enable users to install an operating system on demand. On starting a client computer

that is equipped with the PreBoot eXecution Environment (PXE), the computer connects to a WDS server, which then installs the operating system across the network without the need for a CD. . Provide images of the operating system that are complete with specific settings and

applications such as those required by a corporate workstation policy. You can designate the group of users that is provided with a certain image or series of images. . Create images that enable the automated installation of Windows Vista or Windows

Server 2008.

Requirements to Use WDS You can install WDS on a server running Windows Server 2003 or Windows Server 2008 from the Windows AIK by using the Windows_deployment_services_update.exe program included in the AIK. In addition, the following server components must be available on the WDS server or on another server available to the WDS server: . Dynamic Host Configuration Protocol (DHCP)—Provides TCP/IP configuration parame-

ters that enable the client computer to create its own network connection. . Domain Name System (DNS)—Provides name resolution services so that the client com-

puter can locate the WDS server by name. . Active Directory—WDS operates only in an Active Directory–enabled domain environ-

ment. You cannot use WDS in a workgroup environment. In addition, you must have the Windows AIK media available either on the WDS server or at an accessible location, as well as a separate partition on the WDS server that is formatted with the NTFS file system. You must be using a domain account with membership in the local Administrators group on the WDS server.

EXAM ALERT Be sure you know these requirements for using WDS You might encounter a question on the exam where you are asked to troubleshoot why WDS isn’t working, when the reason is that one of these services is missing. Also remember that DNS is required for Active Directory.

Client computers must meet the proper design specification to be installed with RIS. This includes the capability for remote booting, which is usually accomplished by adding a network interface card (NIC) that is equipped with a PXE ROM-enabled chip, along with support in the BIOS for booting the computer from this NIC. In addition, the client computer can have

92

Chapter 2: Installing Windows Vista

only a single disk partition. (Any additional partitions are destroyed when the operating system is installed, and the entire disk is formatted as a single NTFS partition.) Use of WDS to deploy multiple images of Vista is beyond the scope of the 70-620 exam and will not be discussed further. For additional details, refer to Windows Deployment Services Update Step-by-Step Guide in the “Suggested Readings and Resources” section.

REVIEW BREAK You have looked at the Windows System Image Manager, Sysprep, and the use of WDS for unattended installation of Windows Vista. You should be aware of the following major points: . You can use Windows System Image Manager to create answer files that supply

answers to questions asked by the Windows Vista setup program. . The answer file is an XML file that contains the information necessary to install Vista

without answering additional questions at the target computer. You can place this file on a floppy disk or USB key for use at the target computer. . Windows PE is a minimal 32-bit operating system based on the Vista kernel, used in

the preinstallation and deployment of Vista. . Sysprep enables you to deploy images of Vista to remote computers after you have cre-

ated a reference computer containing Vista together with any required configurations and applications. . WDS enables users to connect to a remote installation server and download an image

of Windows Vista, complete with service packs and applications. . You must have DHCP, DNS, and Active Directory operating on the network to use

WDS.

Troubleshooting Windows Vista Installation Issues Objective:

Troubleshoot Windows Vista installation issues. At some point, before a computer can be used, an operating system must be installed. Problems often occur during an operating system installation, which requires troubleshooting. Windows Vista is no exception. Whether the installation is attended or the operating system

93

Troubleshooting Windows Vista Installation Issues

is automatically installed through the use of answer files, Sysprep, or WDS, problems can occur. Network administrators and engineers need to know how to handle unexpected errors. In this section you review the common problems that can occur during attended installations. You also discover how to troubleshoot problems with the various types of unattended installations and the troubleshooting methods to follow when faced with a failed installation of Windows Vista.

Troubleshooting Process When you troubleshoot any problem, whether it is during installation or otherwise, there is a simple cyclical methodology that can help you achieve a solution. This is shown in Figure 2.16. As you can see, it consists of five phases: 1. Identify the point of failure. 2. Discover the cause of the failure. 3. Define a solution. 4. Test and implement the solution. 5. Document the results.

This is not a straightforward linear process because all troubleshooting is based on theory. Your job is to come up with a theory about why the computer is failing and then test your theory. If your test proves the theory to be wrong, you need to return to the original phase—identifying the point of failure. Discover Cause

Identify Failure

Define Solution

Test and Implement

Problem Resolved

Document Results

FIGURE 2.16

tion is found.

The troubleshooting methodology is circular until a solu-

94

Chapter 2: Installing Windows Vista

Identifying the Point of Failure The first phase of troubleshooting is determining what the problem is. Given that some symptoms can be caused by a variety of different failures, you need to remain open to any possibility. Let’s take for example that Windows Vista Setup does not boot from the DVD-ROM. The point of failure is limited to . DVD-ROM drive . DVD-ROM device drivers . BIOS . Installation media . Lack of power (computer is not plugged in)

Given that any one of these items could be the failure, you should look closely at the clues that your computer has given you. If, for example, you can see that the BIOS has started, the light on your keyboard is on, and the monitor is displaying data, you can discard the last item as a point of failure. You should select one of the most likely points of failure and then move on to the next phase.

Discovering the Cause of the Failure The difference between the point of failure and the cause of failure is the same as the what and why. A point of failure can be the DVD-ROM. The cause of the failure could be that the DVDROM drive is not plugged into the power cable, the DVD-ROM drive is not a bootable drive, or the DVD-ROM drive electronics failed. During this second phase, you should select the most probable cause of failure. Ask yourself, “If the problem is the what, then why did it fail?” and consider your answer to be the next part of your theory that you need to test.

Defining a Solution The third troubleshooting phase is to define a solution. This is the answer to the question “How do you fix it?” For example, if you have decided that the DVD-ROM drive is the problem and that it failed because it is not a bootable drive, your solution might be to install the operating system over the network from another computer’s shared DVD-ROM drive.

Testing and Implementing the Solution Testing and implementation are often the same phase when it comes to troubleshooting because your test is usually to carry out the solution you just defined. If the solution worked, it was implemented. Otherwise, you simply tested a possible solution with negative results.

95

Troubleshooting Windows Vista Installation Issues

If your test produces a negative result, you should return to the first phase—identifying the point of failure. For example, if you test the solution by trying to install Windows Vista from another computer’s shared DVD-ROM drive and you are unable to gain access to the media, you can theorize that the installation media is the point of failure. From there, you can theorize that the DVD is damaged. Your solution might be to replace the DVD. You can then test again and move through the cycle as needed until you succeed.

Documenting the Results Always document your results when you are troubleshooting. Not only is documentation generally considered a good practice, but it is a key to making sure you don’t make the same mistakes twice.

Troubleshooting an Attended Installation When you are sitting in front of a computer, watching it go through the various installation phases, it’s easier to troubleshoot a problem as it occurs than to resolve a failed installation after the event. The Vista Setup process is so streamlined that you usually do not encounter problems during installation. However, when a problem does occur, it’s frequently related to lack of preparation. This basic problem manifests itself in the following symptoms: . The Basic Input/Output System (BIOS) is not compatible with Windows Vista. . The hardware is not compatible with Windows Vista. . There is not enough space on the hard drive to install the operating system. . The drivers for the hard disk, network adapter, or other devices are incorrect or

incompatible. . The computer cannot connect to the network because the name or IP address conflicts

with another computer on the network. Typically, fixing a problem or running the installation again takes much longer than gathering the tools and information you need before you start the installation. As it happens, an ounce of preparation is equal to a pound of troubleshooting.

EXAM ALERT Have the latest BIOS One or two exam questions look for a combination of answers, with one being the need for the latest BIOS. Compatibility with Windows Vista is not just related to hardware or software; it includes firmware.

96

Chapter 2: Installing Windows Vista

This section reviews specific problems that you might encounter during installation. These consist of media errors, insufficient hard disk space, unrecognized CD-ROM, a network that can’t be accessed, and problems that require an advanced startup.

EXAM ALERT Be prepared to draw conclusions from stated symptoms Often, exam questions simply describe the symptoms of a problem. You need to draw conclusions from the exam question and then create a solution. To succeed on these questions, you should be thoroughly familiar with the most common problems that can occur during installation.

Media Problems Windows Vista can be installed directly from a bootable DVD-ROM drive. If the disc does not boot, check to see whether the drive can be configured as a boot drive and whether this is set in the computer’s BIOS. If you are installing from a bootable DVD-ROM and your computer has difficulty reading from the disc, the quickest way to resolve the problem may be to simply use a different Windows Vista Setup DVD-ROM. Even though a DVD-ROM has worked in the past for other installations, it might have become scratched or otherwise damaged. If you inspect the data side of the disc and discover fingerprints, a simple cleaning may fix the problem. To determine whether the problem is with the DVD-ROM or with the DVD-ROM drive, test the disc on another computer. If you have the same or similar errors reading the disc, you should contact Microsoft for a replacement. If you boot from a DVD-ROM and the Setup process begins but is unable to copy files to the computer, you might have an unsupported DVD-ROM drive. In addition, make sure you have a DVD-ROM drive and not a CD-ROM drive; the latter cannot read the Vista DVD-ROM disc. Try to install Windows Vista from another location—either from another DVD-ROM drive or across the network. Another option is to copy the Setup files to a local hard drive before beginning Setup. For network installations, you can boot to the network from either the computer’s existing operating system or a Setup floppy boot disk. If you have problems with the boot disk, test it on an alternate computer to see whether the disk needs to be re-created.

Insufficient Hard Drive Space The minimum hardware requirements for installing Windows Vista state that you should have 15GB of available drive space for the operating system on a drive of at least 20GB. If your hard drive is smaller than 20GB, you should add a new hard drive or replace the drive.

97

Troubleshooting Windows Vista Installation Issues

EXAM ALERT Reality bytes Although theoretically (and on the exam) you can install Windows Vista with only 15GB of free space, the reality is you need well over 20GB. On an exam question that suggests installing Windows Vista on a disk with less than 20GB total of space, select the answer to add another disk or replace the disk.

Unrecognizable DVD-ROM Drive If the Setup program doesn’t recognize the DVD-ROM drive, check whether the DVD-ROM drive is compatible with Windows Vista. If it is, you might be able to load updated drivers from the manufacturer. A much easier solution is to install across a network or to copy the files to a local drive before running Setup.

Unavailable Network Network connectivity can be a problem caused by simple errors, such as the following: . The password is incorrectly typed. Check to make sure that the Caps Lock key

isn’t on. . The wrong domain name is used. Check to make sure that the domain name has been

entered correctly. . The network cable is not connected. . The IP address is incorrect. . A name conflict exists, the name is too long, or the name contains illegal characters. . The computer was unable to obtain an IP address from the DHCP server. . The network adapter drivers are incorrect or malfunctioning. . The DNS server or domain controller is not online. . There is no computer account created in the domain. . The IP address of the default gateway is incorrect.

For each of these problems, there is generally an easy solution. To determine which of the errors specifically applies to you or if there is another error preventing network connectivity, you can use the IP utilities listed in Table 2.4.

98

Chapter 2: Installing Windows Vista

TABLE 2.4

IP Utilities

Utility

Command

Usage

Packet InterNet Groper (Ping)

ping

Uses an echo command to establish whether packets can be routed at the Network layer on a network.

File Transfer Protocol

ftp

Uploads/downloads files on a network. The ftp command helps you determine whether Application layer functions can work on the network.

Telnet

telnet

Establishes a character-based session with a Telnet server across a network. The telnet command helps you determine whether Session layer functions can work on a network.

Line printer daemon

lpr

Executes a print job on a network printer.

Ipconfig

ipconfig

Shows the IP configuration of network adapters installed in a computer. From the results of this command, you can determine whether you have incorrectly addressed the adapter or the default gateway or whether the adapter was unable to obtain an address from the DHCP server.

Name Server Lookup

nslookup

Checks DNS entries.

Netstat

netstat

Displays Transmission Control Protocol/Internet Protocol (TCP/IP) connections and protocol statistics. To find all the applicable switches, type netstat /? at the command prompt, as shown in Figure 2.17.

Nbtstat

nbtstat

Similar to netstat, except that it resolves NetBIOS names to IP addresses. To find all applicable command switches, type nbtstat /? at a command prompt.

Trace Route

tracert

Shows all the routing hops that a packet takes to reach a destination on a network.

FIGURE 2.17 The netstat command with switches is used for troubleshooting network connectivity.

99

Troubleshooting Windows Vista Installation Issues

If everything physically checks out with your computer and you are able to install and boot the computer but cannot connect to the network, you should determine whether the adapter is working and then review your network adapter configuration settings. Step by Step 2.9 shows you how to determine whether the adapter is functioning.

STEP BY STEP 2.9 Checking Network Adapter Settings 1. Click Start, right-click Computer, and select Properties. 2. On the Computer Name, Domain, and Workgroup Settings section of the System applet shown in Figure 2.18, make certain that the name is unique for the network and that the workgroup or domain name is spelled correctly.

The System applet enables you to verify computer name, domain, and workgroup settings.

FIGURE 2.18

3. On the left side of the applet under Tasks, select Device Manager. 4. On the User Account Control message box that appears, click Continue. 5. Expand the Network Adapters section, as shown in Figure 2.19. 6. Right-click the network adapter and select Properties. The Properties dialog box is shown in Figure 2.20. 7. Ensure that the General tab states that This Device Is Working Properly. 8. Click the Advanced tab to check the adapter’s configuration.

100

Chapter 2: Installing Windows Vista

FIGURE 2.19

Device Manager displays the network

adapter.

The network adapter’s Properties dialog box provides device information.

FIGURE 2.20

9. Click the Driver tab to determine whether you are using the current/latest driver for the adapter. You can also use the Update Driver button to install a newer driver or the Roll Back Driver button to revert to an older driver version. 10. On the Driver tab, ensure that the second command button from the bottom reads Disable. If it reads Enable, as shown in Figure 2.21, the adapter is disabled; click this button to enable it.

101

Troubleshooting Windows Vista Installation Issues

The Driver tab informs you whether the adapter is disabled.

FIGURE 2.21

11. Click the Resources tab to see whether there are any hardware conflicts to resolve. 12. Click the Power Management tab, if available, to see whether Power Management has been configured to turn the device off. 13. Close the Properties dialog box and Device Manager. 14. Click Start, right-click Network, and select Properties to display the Network and Sharing Center. If the network adapter is not functioning, the diagram at the top of this page displays a disconnected symbol in the form of a red “X”. 15. On the left side of the Network and Sharing Center, click Manage Network Connections. This brings up the Network Connections dialog box showing your local area connection. 16. Right-click the connection and select Properties and then click Continue in the User Account Control message box that appears. You should see a driver in the Connect Using text box. You should also see the following protocols listed in the This Connection Uses the Following Items list: . Client for Microsoft Networks or alternate client if connecting to a different type of network . Internet Protocol Version 4 (TCP/IP) . Internet Protocol Version 6 (TCP/IP) . Other network protocols 17. If you have determined that there is a TCP/IP problem from the results of running an ipconfig command, select the Internet Protocol Version 4 (TCP/IP) option and then click the Properties button. The Internet Protocol Version 4 (TCP/IPv4) Properties dialog box opens, as shown in Figure 2.22. You can configure the IP address, subnet mask, and default gateway.

102

Chapter 2: Installing Windows Vista

FIGURE 2.22

The Internet Protocol (TCP/IP) Properties dialog box shows how the network adapter’s IP address

is configured.

Advanced Startup Sometimes you can install the Windows Vista operating system but cannot get the computer to boot normally. You can use options in the Advanced Boot Options Menu by pressing F8 during the initial boot sequence. Use the Safe Mode option to load the minimum necessary operating system drivers and then continue to troubleshoot the problem by making configuration changes as appropriate. You can also select Safe Mode with Networking to access network or Internet resources. Another useful option is Enable Boot Logging. Boot logging stores information about drivers that initialize upon startup in the %systemroot% directory in a file named Ntbtlog.txt. You can identify incorrect, missing, or possibly corrupted drivers and replace them as necessary. Chapter 4, “Configuring and Troubleshooting Post-Installation System Settings,” discusses advanced startup and recovery options in more detail.

Refer to Compatibility The previous sections referred several times to checking the compatibility of your hardware, BIOS, and drivers. This is probably the main issue that affects a new installation of Windows Vista. Compatibility with Windows Vista means that Microsoft supports the driver or the device. If you have hardware that is not listed in the Windows Logo Program for Hardware, even if Windows Vista installs and appears to work correctly, Microsoft will not provide any technical support in the event of an error.

103

Troubleshooting Windows Vista Installation Issues

TIP Check your hardware first When you have an installation failure, check hardware compatibility first.

Application compatibility is another significant concern. Because many unattended installations of Windows Vista automatically incorporate applications, you can encounter errors that are caused by the applications rather than the operating system. To reduce application errors significantly, you should prepare in advance as follows: . Inventory the applications on the network. . Investigate the compatibility of the applications with Microsoft and the manufacturers. . Test the applications. . Resolve application compatibility issues and incorporate the resolutions in the installa-

tion process. . Test hotfixes, service packs, and application updates. . Incorporate hotfixes, service packs, and application updates into the installation

process. . Create standard software images so that all users have identical application

installations.

Strip the PC Back when we first became involved with computers, having a hard drive larger than 10MB was a big deal. The hardware for a standard PC was limited to a VGA monitor, simple CPU, hard drive, 5-1/4" floppy disk drive, keyboard, and mouse. Installing the operating system software on one of those babies was a matter of knowing each device’s resources and manually setting pins on adapters that you added before you started feeding installation floppy disks into the computer for a two-hour stretch, while manually selecting or inputting the device drivers for your computer into the Setup program. If you encountered an error, you checked your resources and pin settings and then started over again because there was no such thing as advanced startup or repair options. How times have changed! With today’s hardware automatically detected by Plug and Play, there is much less hardware tweaking needed. You’d think that would make installation easier, but, unfortunately, that’s not always the case. There are currently hundreds of different types of devices that can be attached to various brands of computers. Thousands of different configurations and millions of lines of operating system code are supposed to recognize every possible hardware combination and make it all work together seamlessly with whichever version of device driver it happens to have available to it. (continues)

104

Chapter 2: Installing Windows Vista (continued)

The fact is that errors abound, and the methods of resolving or working around them to have a functioning PC are convoluted at best. So the best way to resolve a problem with the operating system installation is to strip the PC. Remove every unnecessary hardware component, including detaching the printer, and take out any extra network adapters. This can greatly help you successfully install Windows Vista on a PC. After you have Vista installed and running, you can then add each component back to the computer, one at a time, rebooting and testing the computer between each device installation. If the first hardware component checks out okay, add a second, retest, and then go on to the third. Continue this for all devices. At some point, you will either discover the errant component or be able to attribute the error to a conflict that no longer exists.

Troubleshooting an Unattended Installation An unattended installation is one in which a computer installs Windows Vista without a person sitting at the console watching the progress, as covered earlier in this chapter. As already discussed, this process uses an answer file and can be automated to large numbers of computers using Sysprep, WDS, or third-party imaging solutions. A standard image of Windows Vista reduces implementation and maintenance costs. The implementation savings are obvious because you do not need to have a network administrator watch each installation and input information, which takes a lot of time. Ongoing maintenance costs of a standard configuration are less expensive because network administrators are thoroughly familiar with the configuration of the computer they are helping an end-user troubleshoot, saving time and effort. Because the method of setup for an unattended installation is different from an attended installation, you can expect that some of the problems you encounter are also different. You can encounter many of the same problems that you may have had in an attended installation, but you will also have unique problems associated with an unattended method of installation.

Problems with Answer Files You can use answer files to automate a Windows Vista installation, whether the computer is installed from a DVD or across a network. Nearly always, answer files are used with network installations. The fact that you can use an answer file with a DVD installation can help you troubleshoot a computer that has difficulty connecting to the network.

EXAM ALERT Answer files The exam might refer to answer files as a script, a text file, an answer file, or simply unattend.xml. Read the question and understand the context to be sure that the file being described is the same as you expected.

105

Troubleshooting Windows Vista Installation Issues

Boot Disks Because answer files are mainly used with network installations, the first dilemma usually stumbled into is booting to the network and accessing the distribution server files. You can use floppy boot disks, or you can execute the installation from a command line on a computer while it is running a different operating system. The only requirement you have of any existing operating system is that it has access to the network and that you are logged in with a user ID that has permissions to read the i386 folder structure on the distribution server. If you use a boot disk to access the network, you need to have the correct network interface card (NIC) driver for the computer already installed on the floppy disk. When you try to boot a computer with a boot disk that has drivers for one type of NIC while the computer has a different NIC, you will not be able to access the network. Depending on the computer’s configuration, you might not even see an error on the screen. Preparation When you are conducting a clean installation of Windows Vista, you are likely to have better results if you use a boot disk because you can automate preparation tasks such as creating a disk partition and formatting it. If you are upgrading a computer, you should execute the installation only from within the existing operating system. Chapter 3 discusses upgrades. Switches The Setup.exe program used for installing Vista utilizes a variety of switches to control how the Setup program runs. Table 2.5 displays the syntax used for Setup.exe switches. An incorrectly used switch can cause some of the errors you can encounter during an unattended installation. For example, you might need to specify an answer file for unattended installation. If you do not supply the proper path to the answer file, Setup will be unable to locate it and will ask for information otherwise included in the answer file. TABLE 2.5

Syntax for Setup.exe

Switch

Results

/1394debug:

Enables kernel debugging across an IEEE 1394 port.

/debug<port> [/baudrate:]

Enables kernel debugging across a COM port.

/emsport:[<port>| usebiossettings | off |[/emsbaudrate:]

Enables or disables Emergency Management Services (EMS) and specifies the baud rate to use while transferring data. Used for x86 systems only.

/noreboot

Tells Setup.exe not to reboot after copying files. Subsequent reboots are not suppressed.

/m:

Tells Setup.exe where to find replacement files to be copied. (continues)

106

Chapter 2: Installing Windows Vista

TABLE 2.5 Continued Switch

Results

/tempdrive:

Tells Setup.exe to put temporary Setup files on the root of the specified drive.

/unattend:[]

Specifies the answer file for the unattended installation.

/usbdebug:[]

Enables kernel debugging across a USB 2.0 port.

Answer File Specifications The answer file that you use is an XML file that’s structured considerably differently from those used with previous Windows installations. Like its predecessors, it contains headings, parameters, and values. If you don’t include a heading, a parameter, and a value for a specific item that you want to install a certain way, Windows Vista uses the default installation values for that item. While the SIM program creates valid XML coding, it is possible to edit the answer file using a text editor such as Notepad. Typos, incorrect headings, incorrect parameter names, or incorrect values cause errors or unexpected results during installation. Spelling counts! A spelling error in an answer file usually does not cause a Windows Vista installation to fail unless the error is specifically related to a driver. Most people use SIM to create an answer file. When SIM creates the file, it does not always customize the features that you want to customize. Therefore, you likely must edit the file directly. The best way to troubleshoot your answer file is to make certain that you save your original answer file created by SIM and save each subsequent version of the answer file. By doing this and by testing the answer file with each individual customization as you make them, you will be able to pinpoint the specific problem with the file.

Problems with Sysprep Installations The System Preparation Tool, or Sysprep, creates a snapshot of a Windows Vista workstation and strips out the unique information for that workstation so that the image can be stamped on another. Sysprep not only can prepare an image of Windows Vista, but it can include unusual settings, applications, special application configurations, and even additional files. After preparing the image with Sysprep, you can then use a third-party utility to transfer the image to a target computer. The process is quick and easy to repeat. This is called cloning and can be either the best thing since sliced bread to your company or its worst nightmare. The problem with cloning is that software image information is often intertwined with hardware information in odd places. When you attempt to clone a source computer onto a target computer that is not identical to the source, the image might function perfectly well, but it also might have results in a few configuration errors or even fail to start. It depends on what is different between the source and target computers and whether Sysprep strips out that particular information or the target computer has true Plug and Play devices.

107

Troubleshooting Windows Vista Installation Issues

EXAM ALERT Cloning The exam includes some questions about cloning to point out the need to generate cloned images for each different type of computer on the network.

Another issue you might experience with Sysprep is the version of the tool that you are using. Microsoft has been known in the past to include updated deployment tools with service packs and will likely continue to do so with Windows Vista and Windows Server 2008. When you create a source location that incorporates a service pack, you should also use the version of Sysprep that comes with that same service pack.

NOTE Sysprep and domains Sysprep does not work on a computer that is a member of a domain. It works only on a computer that is a member of a workgroup. If you run Sysprep on a computer that has already joined a domain, Sysprep removes it from the domain before preparing the image.

If you try to copy encrypted files using the Encrypting File System (EFS) on an NTFSformatted partition as part of your Sysprep image, you will fail because the Sysprep process makes encrypted files unreadable. The only way to encrypt the files is to execute the encrypting command after the image has been transferred to the target computer. Whenever you use Sysprep, you should ensure that the computer functions properly. Step by Step 2.10 leads you through some basic computer functions.

STEP BY STEP 2.10 Checking the Functionality of a Computer After Using Sysprep 1. Boot the computer and log on as a user. 2. Access the local hard drive and open a file. 3. Open all critical applications. 4. Run chkdsk C: /r to verify that the hard drive has no errors. 5. Click Start, Network, and view other machines located on the network. 6. Print a file to a network printer. 7. Send an e-mail. 8. Look through Event Viewer logs for errors. 9. Review the Setup Error log.

108

Chapter 2: Installing Windows Vista

Use cloning when you have hundreds of computers that have identical hardware and need identical software and operating system configurations. If you have a large number of different hardware configurations and/or software and operating system configurations, you should consider using answer files instead.

Troubleshooting Failed Installations A network administrator’s best friend in a crisis is an error log file. This is also true for Windows Vista installation failures. While installing, Windows Vista Setup generates log files that point you in the right direction when you need to troubleshoot. The Action log (Setupact.log) reports which actions Setup performed in chronological order. This log indicates which files were copied and which were deleted. It records whether any external programs are run and shows where errors have occurred. Setup creates an Error log (Setuperr.log) to record only the errors. Given that the Action log is extremely large, this log makes it easier to review errors and their severity levels. Although you might see some errors in the Action log, you probably won’t see them in the Error log unless they are fairly severe. For example, the Action log reports an error if Setup cannot delete a file because the file was already moved or deleted, but that error does not appear in the Error log. Other logs created during Setup include . %systemroot%\DtcInstall.log—Records errors generated by the Microsoft

Distributed Transaction Coordinator (MSDTC). . %systemroot%\setupact.log—Records modifications performed on the system dur-

ing Setup. . %systemroot%\setupapi.log—Records data for each time an INF file is called and

implemented. Check this file for device driver installation information. . %systemroot%\setuperr.log—Records errors generated by hardware or driver issues

during Windows installation. . %systemroot%\WindowsUpdate.log—Records information about transactions per-

formed by Windows Update, including updates downloaded during installation. . %systemroot%\debug\netsetup.log—Reports the results of a computer attempting to

join a workgroup or domain. Check this file if you have trouble joining a domain. . %systemroot%\security\logs\scesetup.log—Logs the security settings for the

computer.

109

Troubleshooting Windows Vista Installation Issues

Stop Errors or Blue Screen of Death (BSOD) If you receive a Stop error that appears on the Microsoft blue screen (commonly known as the Blue Screen of Death), you have encountered a serious error with the installation. Stop errors have some instructions to follow on the screen. Not only should you follow the instructions, but also you should check the compatibility of the hardware before attempting to install again. Step by Step 2.11 shows you how to resolve a Stop error.

TIP Stop codes The code and text associated with a Stop error are a great help in troubleshooting. For example, an error could be STOP 0X00000D1 (DRIVER IRQL NOT LESS OR EQUAL). You can search for this code number and text on Microsoft’s website for an explanation of the cause and possible ways to fix the problem.

STEP BY STEP 2.11 Resolving a BSOD 1. Shut down the computer. 2. Remove all new hardware devices. 3. Start up the computer and remove the associated drivers. Shut down. 4. Install one of the removed hardware devices. Boot the computer and install the appropriate driver. Reboot. If no BSOD occurs, continue adding devices, one at a time. 5. Open Device Manager and look for devices with a yellow exclamation point or red X. Run hardware diagnostic software. 6. Check for hardware compatibility and BIOS compatibility. Check to see whether you have the latest available version of the BIOS. 7. Check the System log in Event Viewer for error messages. These may lead to a driver that is causing the Stop error. 8. Visit http://www.microsoft.com and perform a search on the Microsoft Knowledge Base for the Stop error number (for example, Stop: 0x0000000A). Follow the instructions given in the Knowledge Base article(s) for diagnosing and repairing the error. 9. Disable BIOS options such as caching or shadowing memory. 10. If the Stop error specifies a particular driver, disable the driver and then download and update the driver to the latest version available from the manufacturer.

110

Chapter 2: Installing Windows Vista 11. Video drivers are commonly the cause of a BSOD. Therefore, switch to the Windows Vista Lowresolution video (640x480) driver (available from the Advanced Startup Options menu) and then contact the manufacturer for updated video drivers. 12. If using a Small Computer System Interface (SCSI) adapter and device, ensure that the SCSI chain is properly terminated and that there are no conflicts with the SCSI IDs.

Startup Repair If Vista fails to start and either hangs or displays the BSOD, the Vista installation DVD-ROM provides a Startup Repair option that can assist you in repairing the problem. This tool is a diagnostics-based troubleshooting utility that walks you through recovery options when your computer cannot boot normally. It performs several diagnostics tests, including looking at the log files, to determine the cause of the startup failure, and it then attempts to repair the problem. The following are several types of problems Startup Repair can attempt to correct: . Incompatible drivers—Startup Repair can use Device Driver Rollback or System Restore

to restore the drivers to a previous condition. . Missing or corrupted boot configuration—Startup Repair can rebuild the computer’s boot

configuration including all operating systems it finds on the machine. It then prompts the user to select the operating system he wants to start. . Corrupted disk metadata—Startup Repair can repair problems such as a corrupted mas-

ter boot record (MBR), problems in the boot sector, or a corrupted partition table. . Manual repair tools—Tools are available to assist the user in manually troubleshooting

startup problems. After Startup Repair has corrected the problem, it reboots the computer normally and notifies the user of the problem it has repaired. It includes an event in the event log that describes the repairs it has performed. In addition, you can install repair tools on your computer so that the computer will automatically fail over into Startup Repair should it become unbootable at a later date. For additional information on Startup Repair, refer to the Vista Help and Support Center.

Stopped Installation Windows Vista might stop in the middle of an installation. This can happen because of a hardware conflict, incompatibility, or unsuitable configuration. To resolve the conflict, you should follow the usual procedure of removing all unnecessary devices from the computer and attempting installation again. After Windows Vista is installed, you can add one device at a

111

Installing and Configuring Windows Vista Drivers

time back to the computer, load the latest manufacturer’s drivers, and boot to see whether the computer functions properly. It is important that you add only one device at a time so that you can discover which device (or devices) might have been the cause of the problem.

Installing and Configuring Windows Vista Drivers Objective:

Install and configure Windows Vista drivers. Drivers are software utilities that enable hardware components to communicate with the operating system. All components that you see in Device Manager, including disk drives, display adapters, network interface cards, removable media (floppy, CD-ROM, DVD-ROM, and so on) drives, keyboards, mice, sound cards, USB controllers, and so on, utilize drivers for this purpose. External components such as printers, scanners, and so on, also utilize drivers. With each new version of the operating system, it becomes necessary for hardware manufacturers to produce new drivers. Drivers written for older operating systems such as Windows 2000 and Windows XP might work with Vista but can result in reduced device functionality; or they might not work at all. You need to be able to install, configure, and troubleshoot drivers for various components for the 70-620 exam and for real-world computer support tasks.

Managing and Troubleshooting Drivers and Driver Signing Driver signing is a process that Microsoft follows to validate files that a third-party manufacturer creates for use in a Windows Vista computer. A manufacturer submits its drivers to Microsoft, and after Microsoft completes a thorough quality assurance testing process, Microsoft signs the files digitally. Driver signing is an extra assurance of the quality of the software installed on the PC. Microsoft has initiated the following new driver signing requirements for Windows Vista: . Standard (non-administrative) users can install only drivers that have been signed by

either a Windows publisher or trusted publisher. . Standard users cannot install unsigned drivers or drivers that have been signed by an

untrusted publisher; you cannot modify this policy in Vista.

112

Chapter 2: Installing Windows Vista . Administrative users can install drivers that have been signed by an untrusted publisher,

and they can also add the publisher’s certificate to the trusted certificates store, thereby enabling standard users to install drivers signed by this publisher. . If drivers are unsigned or have been altered, administrators are warned. They can pro-

ceed in a manner similar to how they would if the drivers were from an untrusted publisher. If you install a device, Windows Vista looks for the driver signature as a part of System File Protection. When it fails to find one, Vista notifies you that the drivers are not signed and prompts you to continue or stop the installation, provided you have administrative privileges. Otherwise, the installation attempt fails. If you continue with the installation, Vista automatically creates a restore point, which facilitates returning to the previous configuration. Restore points are discussed in more depth in Chapter 8, “Maintaining and Optimizing Systems That Run Windows Vista.” Dynamic-link libraries (DLLs) and other files are often shared by programs. Sometimes a program overwrites files that were originally installed by a digitally signed driver. If a device behaves oddly, you might want to verify that its driver still has the signature. You can check to validate the driver by looking in Device Manager. Double-click the device and click the Driver tab. You should see the statement: Digital Signer: Microsoft Windows Publisher. You can check individual files further by clicking the Driver Details button. Files that are signed have an icon of a box with a green check mark, which appears to the left of the name (see Figure 2.23). Files that have not been digitally signed do not have a green check mark icon next to the filename.

Each digitally signed file is displayed with an icon for easy identification. Unsigned files are indicated as such.

FIGURE 2.23

113

Installing and Configuring Windows Vista Drivers

If you want to verify device drivers throughout the system, you can run the sigverif application. To do so, click Start, Run. Type sigverif in the Open text box and press Enter. The File Signature Verification program starts. Click the Advanced button and verify that sigverif will log the results and save them to a file. Click OK and then click Start. After the program has completed its check, the program displays any files that were not signed in a window, plus you can see the results in the Sigverif.txt file. If the program does not detect any unsigned files, it displays a message box with the message, “Your files have been scanned and verified as digitally signed.”

TIP Enabling the Run command In Vista, the Run command does not appear on the Start menu by default. To enable this command, right-click the Start button and choose Properties. On the Taskbar and Start Menu Properties dialog box that appears, ensure that Start menu is selected and click Customize. On the Customize Start Menu dialog box, scroll down and select the Run command check box. Then click OK twice to close the dialog boxes.

Another method of viewing which drivers are signed is to open the System Information utility by clicking Start, Run, typing msinfo32, and pressing Enter. On the left side of the System Information dialog box, expand the Software Environment node. Click to select Signed Drivers. This displays a comprehensive list of all drivers, their signed status, date, manufacturer, and more. Unsigned drivers might not cause a problem. If you are having problems with a device that has an unsigned driver, you should disable the driver. If you are having unspecified problems, such as the computer does not go into Sleep mode, you should determine which devices have unsigned drivers, disable them one at a time, and test to see whether the problem is resolved. To disable an unsigned driver that has already been installed, you should disable the device that uses the driver, uninstall the driver, or rename the driver files.

TIP When in doubt, check the system files The System File Checker, which is executed from the command line with sfc.exe, can check the digital signature of system protected files. With other uses, such as repopulating the DLLCACHE folder and replacing system files that are missing or incorrect, sfc.exe can be executed from a batch program or script. This program has several options; run sfc.exe /? to view information on them. Note that in Vista, you must run this command as an administrator; right-click the Command Prompt option, select Run as administrator, and then click Continue in the User Account Control dialog box.

114

Chapter 2: Installing Windows Vista

Using Windows Vista Rollback If you update an existing driver to a new version and then you experience system problems, you should roll back the driver to the previous version. In versions of Windows prior to Windows XP, this was almost impossible to do. As was the case in Windows XP, Windows Vista maintains a copy of the previous driver each time a new one is updated. If, at any time, you want to restore the previous version, you simply need to roll back the driver. To do this, open Device Manager and double-click the device to open its Properties dialog box. Click the Driver tab and then click the Rollback Driver button. When prompted with the question Are You Sure You Would Like to Roll Back to the Previous Driver?, click Yes. After the previous version is restored, click the Close button. You can roll back all device drivers except for printers. You will receive a User Account Control dialog box before either updating a driver or rolling it back to a previous version.

115

Summary

Summary Microsoft has published two levels of hardware requirements that determine whether an existing computer can run Vista: minimum supported requirements that determine whether the computer can run Vista at all and premium-ready requirements that determine whether the computer is able to run Vista with a complete user experience. You took a look at software, network, and domain considerations that come into play before you install Windows Vista. In this chapter, you proceeded through a clean, manual installation of Windows Vista on a computer without a previous operating system. You then took a look at the use of Windows SIM to create an answer file, which supplies answers to the questions asked during a manual installation so that the installation can proceed in an unattended fashion. Sysprep allows you to prepare an image of a Windows Vista computer that is configured with applications, service packs, and settings. You can use a third-party imaging application to clone the image to new computers. You can also use WDS to deploy images of Windows Vista to multiple computers in a domain environment. After you completed installations of Windows Vista, you looked at some procedures you can utilize to troubleshoot installation problems. Troubleshooting a Windows Vista installation requires you to understand the process that installation follows. By pinpointing the failure’s cause, you can then define a solution and carry it out. The common problems that take place include . Media errors . Insufficient hard disk space . An unrecognized or failed DVD-ROM drive . Network access errors . Hardware incompatibility

Unattended installations can fail because of problems with the switches used with Setup.exe, as well as issues within answer files. Sysprep can experience problems if source and target computers vary significantly. Microsoft applies a digital signature to third-party manufacturers’ drivers when those manufacturers submit drivers that pass a rigorous quality assurance testing process. Standard users can install only those drivers that have been signed by either Microsoft or a trusted publisher; administrators are warned if they attempt to install an unsigned driver. Administrators can roll back a driver to a previous version in the device’s Properties dialog box Driver tab.

116

Chapter 2: Installing Windows Vista

Key Terms . application compatibility . deployment . Windows Logo Program . Setup.exe . answer file . Windows Deployment Services (WDS) . System Image Manager (SIM) . Windows Preinstallation Environment (Windows PE) . System Preparation Tool (Sysprep) . Basic Input/Output System (BIOS) . cloning . device driver . driver signing . Sigverif.exe . Stop error . Transmission Control Protocol/Internet Protocol (TCP/IP)

Apply Your Knowledge You have seen several methods you can use to install Windows Vista on a computer with no previous operating system. You need to be familiar with different types of installation so that you can select the most appropriate method. In addition, you need to be familiar with the installation process so that you can troubleshoot installation problems. You can be better prepared to handle errors when they occur by installing the operating system on as many different hardware combinations as you can find. You can practice unattended installations with just a single server and a single computer client. To perform these exercises, you should have two or three computers available. You should not have any valuable data stored on any of these computers.

117

Apply Your Knowledge

Exercises 2.1 Manually Installing Windows Vista Across a Network This exercise is intended to familiarize you with the process of installing Windows Vista. Because unattended installations are typically installed across a network, this will familiarize you with the processes you may need to use if you must manually troubleshoot a failed installation. Estimated time: 90 minutes, depending on the speed and capabilities of your computer’s hardware 1. On an available server, create a share named VISTASETUP. 2. Copy the files from the Windows Vista DVD-ROM into the newly created share. 3. Create a boot disk that is capable of accessing the network. 4. Use the boot disk to start the computer on which you will be installing Windows Vista. 5. Connect to the VISTASETUP share (for example, type net use z: \\server\vistasetup). 6. Type setup.exe at the z: prompt and press Enter. 7. Follow through the installation as described in the “Performing an Attended Installation” section of this chapter. The challenge with many networks is the centralization of servers and the increasingly lengthy distances between clients and their servers. What would happen if you were limited in bandwidth between your client computer and the server that contained the Vista Setup files? What installation process would you recommend for a site that connected to the rest of the corporate network through a virtual private network (VPN) connection across the Internet?

2.2 Deploying Windows Vista in a Heterogeneous Lab Environment Because failed installations cannot be guaranteed, you can perform the following exercise without using computers. However, if you have the opportunity to install Windows Vista on a computer that has a device that is not listed in the Windows Logo Program, or a non-compliant BIOS, you may be able to recreate a Stop error and troubleshoot it. As a network engineer, you have been hired to create and execute a Windows Vista deployment nationwide. You have a lab environment with examples of all the hardware that you will be installing. There are five different brands of computers and seven types of printers and scanners that may be connected to them. Two of the locations use a wireless LAN, one location uses Token Ring, and the rest use Ethernet 100. You have tested the following installation methods and results for the 11 test computer combinations: . Attended—Executed 11 trials; successful on 10 computers and failed on 1. . Answer files—Required a minimum of 11 answer files; successful installation on 10 computers and failed on 1.

118

Chapter 2: Installing Windows Vista . Sysprep—Required a minimum of seven images; successful on eight computers and failed on three. . WDS—Used existing Windows Server 2003 computer with WDS installed. Required a minimum of 7 images; successful on 0 computers and failed on 11. Estimated Time: 15 minutes. 1. Determine which installation method should be used. 2. The project sponsor has requested that you implement WDS. What might be the problem causing the test results? Answers: 1. Given this information, you should probably use the answer file unattended installation process. It had the same type of failure rate as attended installations, and it will save a great deal of time over an attended installation. 2. Although the information given in this exercise question does not provide much to go on, the fact that there were no successful WDS installations leads you to think that the test results were caused by a problem with the WDS server. It is possible that the Windows Server 2003 computer does not have Release 2 (R2) or Service Pack 2 (SP2) installed, and this might have interfered with performing a successful installation of Windows Vista.

Exam Questions 1. You are the network administrator for a large telecommunications company. You have been asked to deploy Windows Vista throughout the organization. You have seven domains and a NetWare network. To meet the corporate security policy, you must have all computers join a domain and authenticate to Active Directory services. Your boss has asked you to deploy Windows Vista Home Basic to save on the cost of licensing. He also has asked that all computers be installed unattended from a currently unused NetWare server. Given only the listed options, how do you proceed?

❍ A. Manually install Windows Vista Home Basic throughout the organization. ❍ B. Manually install Windows Vista Business throughout the organization. ❍ C. Use WDS to install Windows Vista Home Basic throughout the organization. ❍ D. Use Sysprep to install Windows Vista Home Basic throughout the organization.

119

Apply Your Knowledge 2. You are the network administrator for Boxes Corp., a box manufacturer. The network consists of 4,000 Windows 2000 and Windows XP computers scattered across several sites, each with its own Windows Server 2003 domain controller. The Active Directory is a single domain in a single forest. You have been tasked with deploying Windows Vista Business to a shipment of new computers that will replace the older Windows 2000 computers. To test the process, you have decided to install a new computer by running the Windows Vista Business installation process across the network. Put the steps you should follow in the correct order.

❍ A. Run Setup.exe. ❍ B. Boot the computer with a network boot disk. ❍ C. Check the client computer’s hardware and BIOS for compatibility. ❍ D. Create a network share and copy the Vista Business Setup files to it. ❍

E. Install Windows Vista Business.

❍

F. Install a server.

❍ G. Connect to the server’s network share containing the Vista Business Setup files. 3. You are installing a stand-alone computer in a highly secure facility. This computer is not allowed to be connected to a network or to a modem to meet the organization’s security policy. You are given only off-the-shelf media to install Windows Vista. How do you handle WPA?

❍ A. You install Windows Vista Home Basic because WPA can be avoided in the off-theshelf media.

❍ B. You install Windows Vista Business because WPA can be avoided in the off-the-shelf media.

❍ C. You manually call the Microsoft Product Activation Center. ❍ D. You cannot install the computer because WPA is unavoidable with off-the-shelf media. 4. Judy has run System Image Manager to create an answer file that she intends to distribute to users on a floppy disk that will be used for installing Windows Vista Business from a CD-ROM. She needs to ensure that the answer file has been given the proper name. Which name should this file have?

❍ A.

Unattend.txt

❍ B.

Unattend.xml

❍ C.

Winnt.sif

❍ D.

Reminst.sif

120

Chapter 2: Installing Windows Vista 5. Harry is the network administrator for a company that operates an Active Directory domain named examcram.com. Besides the domain, there is a workgroup to which computers used by developers belong. Harry receives five new computers to be used by developers and uses an answer file to install Windows Vista Business on these computers. Because of an error in the answer file, the new computers were joined to the domain rather than the workgroup. How can Harry correct this error with the least amount of administrative effort?

❍ A. Create a startup script that specifies the name of the workgroup. At each computer, configure a local Group Policy object (GPO) that applies this script. Then restart each computer to apply the GPO.

❍ B. Place all the computers in an organizational unit (OU) and configure a GPO that joins the computers to the workgroup. Then restart each computer to apply the GPO.

❍ C. Correct the error in the answer file and reinstall Windows Vista Business on each computer.

❍ D. Manually reconfigure each computer to join the workgroup. 6. You are the network administrator for a 30-user network. All your computers use the same hardware. You choose to implement Sysprep and clone the computers with Windows Vista Ultimate. You test the process on a computer, and you receive a Stop error. Which of the following should you do next?

❍ A. Upgrade the Sysprep server with the latest service pack. ❍ B. Use Notepad to add hardware information to the unattend.xml file. ❍ C. Review the hardware compatibility with Windows Vista Ultimate. ❍ D. Replace the network adapter. 7. Which of the following logs should you use to troubleshoot a computer that won’t join a domain?

❍ A.

Setupapi.log

❍ B.

Setuperr.log

❍ C.

Scesetup.log

❍ D.

Setupact.log

❍

E. Netsetup.log

121

Apply Your Knowledge 8. Mark is the network administrator for his company. He has been tasked with rolling out Windows Vista to the 40 laptops for the sales team. After the operating system installs, one of the computers cannot join the domain. Which of the following should Mark do to begin troubleshooting the problem? (Choose all that apply.)

❍ A. Reboot Windows Vista into Safe mode and view the device settings. ❍ B. Open the setupapi.log file to see whether there are any errors applicable to networking.

❍ C. Check the network adapter to see whether it is functioning. ❍ D. Open a command prompt and enter ipconfig /all. 9. Nancy uses a computer with Windows 2000 Professional, and decides to install Windows Vista Business on a separate partition. She performs a clean installation and reboots her computer. The computer displays a Stop error, and the computer stops responding. She receives the same result when she attempts to start the computer in Safe mode. What should she do?

❍ A. Run Msconfig and select the Selective Startup option. Then clear the Load Startup Items check box, click OK, and reboot.

❍ B. Use the Vista DVD to reboot the computer and then run the Check Compatibility Online tool.

❍ C. Uninstall Windows Vista and upgrade Windows 2000 Professional to Windows XP Professional.

❍ D. Use the Vista DVD to reboot the computer and then run the Startup Repair tool.

122

Chapter 2: Installing Windows Vista 10. You are the network administrator for GLAM Corp. Several graphic designers have reported problems with their computers. The graphics design department had recently added pen tablet pointing devices to each of their computers so that the graphic designers can input designs directly into a collaborative application that can function over the wide area network. You want to find out whether the device driver for PEN is signed. How do you discover this information? (Choose all that apply.)

❍ A. Click Start, Run, type msinfo32 signed PEN, and press Enter. ❍ B. Click Start, Run, type msconfig signed, and press Enter. ❍ C. Click Start, Run, type msinfo32, and press Enter. Open the Signed Drivers node below Software Environment and look for the drivers for the pen tablet.

❍ D. Click Start, Run, type msconfig, and press Enter. Click the Services tab. Navigate to the location for the pen tablet drivers.

❍

E. From the System and Maintenance category view in Control Panel, select System. From the left pane of the System applet, select the Device Manager link. Double-click the pen tablet device icon below the Mouse category. Click the Driver tab.

❍

F. From the System and Maintenance category view in Control Panel, select View hardware and devices under the Device Manager heading. Double-click the pen tablet device icon below the Mouse category. Click the Driver tab.

❍ G. From the Hardware and Sound category in Control Panel, select Scanners and Cameras. Click the Hardware tab. Select the pen tablet. Click the Troubleshoot button. 11. What should you do if you discover that you are using a device with an unsigned driver after experiencing intermittent computer problems?

❍ A. Obtain a new device driver from the manufacturer and on the Driver tab of the device’s Properties dialog box in Device Manager, click Driver Details.

❍ B. Obtain a new device driver from the manufacturer and on the Driver tab of the device’s Properties dialog box in Device Manager, click Update Driver.

❍ C. Obtain a new device driver from the manufacturer and on the Driver tab of the device’s Properties dialog box in Device Manager, click Roll Back Driver.

❍ D. Obtain a new device driver from the manufacturer and on the Driver tab of the device’s Properties dialog box in Device Manager, click Uninstall Driver.

Answers to Exam Questions 1. B. Windows Vista Business is the only version that can authenticate to Active Directory and join a domain. Given the information supplied in this question, you cannot proceed as your boss has asked, and you should inform her that you need to install Windows Vista Business. Even though this is a manual installation, it is the only one that will meet the organization’s security policy.

123

Apply Your Knowledge Answers A, C, and D are incorrect because Windows Vista Home Basic cannot join a domain. Also Windows Vista Home Basic or Vista Home Premium cannot be installed with either WDS or Sysprep. For more information, see the section, “Domain Membership.” 2. The installation steps should be taken in the following order: F. Install a server. D. Create a network share and copy the Vista Business Setup files to it. C. Check the client computer’s hardware and BIOS for compatibility. B. Boot the computer with a network boot disk. G. Connect to the server’s network share containing the Vista Business Setup files. A. Run Setup.exe. E. Install Windows Vista Business. For more information, see the section “Performing an Attended Installation.” 3. C. You will call the Microsoft Product Activation Center and manually enter the product ID code given to you by the center. Answers A, B, and D are incorrect because all off-the-shelf media require WPA, but you can activate the product by calling the product activation center and typing in the correct ID. For more information, see the section, “Product Activation.” 4. B. When you create an answer file that will be included on a floppy disk for users that are installing Windows Vista from a DVD-ROM, you should name the file Unattend.xml. The user should insert this floppy disk after the computer starts to boot from the DVD-ROM. The other files mentioned were used for deploying Windows XP but are no longer used with Vista, so answers A, C, and D are incorrect. For more information, see the section, “Performing an Unattended Installation.” 5. D. Harry needs to manually reconfigure each computer to join the workgroup. He can do this from the Computer Name tab of the System Properties dialog box. It is not possible to configure a GPO, local or otherwise, that removes computers from a domain and joins them to a workgroup, so answers A and B are incorrect. He could correct the error in the answer file and reinstall Windows Vista Business on each computer. However, this takes far more administrative effort, so answer C is incorrect. For more information, see the section, “Performing an Unattended Installation.” 6. C. You should review the hardware compatibility of your PCs with Windows Vista. Stop errors are usually caused by a device or device driver problem. Answer A is incorrect because there is no need for a Sysprep server. Answer B is incorrect because editing the Unattend.xml file is unlikely to resolve the Stop error; furthermore, you can create additional problems by introducing syntax errors into this file. Answer D is incorrect because there was no reason to suspect a problem with the network adapter. For more information, see the section, “Problems with Sysprep Installations.”

124

Chapter 2: Installing Windows Vista 7. E. You would use the Netsetup.log error log to see whether a computer was able to join a domain. Answer A is incorrect because Setupapi.log provides data about INF files that are called during setup. Answer B is incorrect because Setuperr.log shows errors related to hardware or driver issues that occur during setup. Answer C is incorrect because Scesetup.log shows security-related error information. Answer D is incorrect because Setupact.log displays all the actions that Setup performs during installation. For more information, see the section, “Troubleshooting Failed Installations.” 8. C and D. The problem exhibited by the one computer indicates a networking problem. You should check the physical network adapter and the TCP/IP configuration. Answers A and B are incorrect because the device settings are not the problem, and the setupapi.log file is applicable to device driver installation, not networking. For more information, see the section, “Unavailable Network.” 9. D. Nancy should reboot her computer using the Vista DVD-ROM and select the Startup Repair tool. She can reach this option by selecting Install Windows Now, entering the product code (or bypassing it), accepting the license terms, selecting the Custom (Advanced) option, selecting the partition on which she installed Vista, and then selecting Startup Repair. She cannot use Msconfig because she was unable to reach the Vista desktop, so answer A is incorrect. The Check Compatibility Online option checks her computer for the ability to install Vista. It does not repair a problematic installation, so answer B is incorrect. She cannot simply uninstall Vista to revert to Windows 2000 Professional; at any rate, upgrading Windows 2000 Professional to Windows XP Professional does not enable her to repair the Vista installation, so answer C is incorrect. For more information, see the section, “Troubleshooting Failed Installations.” 10. C, E, and F. You can find whether the pen tablet device driver is signed by looking at the pen tablet’s Properties dialog box from within Device Manager. Click the Driver tab to view the current version. You can access Device Manager from the System applet in the System and Maintenance category in Control Panel, or you can also access Device Manager directly from the System and Maintenance category. You can also find whether a particular driver is signed by viewing the System Information utility, which you can start in the Run box by typing msinfo32. Answer A is incorrect because it uses an incorrect command switch. Answers B and D are incorrect because msconfig is the wrong command. Answer G is incorrect because pen tablet point-and-click input devices are not located in the Scanners and Cameras applet. For more information, see the section, “Managing and Troubleshooting Drivers and Driver Signing.” 11. B. If you are using an unsigned driver and experience problems, you can update the driver with a new one from the manufacturer. This is done by opening Device Manager, double-clicking the device icon to open its Properties dialog box, selecting the Driver tab, and then clicking the Update Driver button. When prompted for a location for the new driver, you should click Have Disk. Answer A is incorrect because it does not install the new driver. Answer C is incorrect because it rolls the current driver back to a previous version, if any. Answer D is incorrect because it removes the current driver version rather than install the new one. For more information, see the section, “Managing and Troubleshooting Drivers and Driver Signing.”

125

Suggested Readings and Resources

Suggested Readings and Resources The following are some recommended readings on the subject of Windows Vista installation: 1. Books . McLean, Ian and Orin Thomas. MCTS Self-Paced Training Kit (Exam 70-620):

Configuring Windows Vista Client. Redmond, WA: Microsoft Press. 2007. 2. Course . Microsoft Official Curriculum course 5115, Installing and Configuring the

Windows Vista Operating System. Module 1, Installing Windows Vista. Information available at http://www.microsoft.com/learning/syllabi/en-us/5115aprelim.mspx. 3. Websites . Microsoft. FAQ for Windows Logo Program V. 3.0. http://www.microsoft.com/whdc/

winlogo/VistaLogoFAQ.mspx. . Microsoft. Windows Deployment Services Update Step-by-Step Guide for Windows

Server 2003. http://technet2.microsoft.com/WindowsVista/en/library/9e1971356711-4c20-bfad-fc80fc2151301033.mspx?mfr=true . Microsoft TechNet. Windows Vista Deployment Step-by-Step Guide. http://

technet2.microsoft.com/WindowsVista/en/library/88f80cb7-d44f-47f7-a10de23dd53bc3fa1033.mspx?mfr=true. . Microsoft. Windows Preinstallation Environment Overview. http://www.

microsoft.com/whdc/system/winpreinst/WindowsPE_over.mspx. . Microsoft TechNet. Comparing Windows XP and Windows Vista Deployment

Technologies. http://technet2.microsoft.com/WindowsVista/en/library/2957d7c402c7-4205-afb5-f03434d8f37d1033.mspx. . Microsoft TechNet. Deploying Windows Vista. http://technet.microsoft.com/en-us/

windowsvista/aa905061.aspx. . Microsoft. Driver Signing Requirements for Windows. http://www.microsoft.com/

taiwan/whdc/winlogo/drvsign/drvsign.mspx. . Microsoft. How to install Windows Vista. http://support.microsoft.com/kb/918884. . Microsoft. A Stop error occurs, or the computer stops responding when you try to start

Windows Vista. http://support.microsoft.com/?kbid=925810.

126

Chapter 2: Installing Windows Vista . Microsoft. System Requirements for Windows Vista. http://support.microsoft.com/

?kbid=919183. . Microsoft TechNet. Windows Vista Enterprise Hardware Planning Guidance.

http://technet.microsoft.com/en-us/windowsvista/aa905075.aspx. . Microsoft. Using System Configuration. http://windowshelp.microsoft.com/

Windows/en-US/Help/bd9e1cb6-a66a-47a8-a4b6-ef7ea672ae4b1033.mspx. . Microsoft. The behavior of reduced functionality mode in Windows Vista. http://

support.microsoft.com/kb/925582 . Microsoft TechNet. Windows Vista Reliability and Performance Features and

Improvements. http://technet.microsoft.com/en-us/windowsvista/aa905071.aspx. . Microsoft TechNet. Inside the New Microsoft Application Compatibility Toolkit.

http://www.microsoft.com/technet/technetmag/issues/2006/11/ApplicationCompat ibility/default.aspx.

3

CHAPTER THREE

Upgrading to Windows Vista Objectives This chapter helps you to prepare for the exam by covering the following Microsoft-specified objectives for the Installing and Upgrading Windows Vista section of the TS: Microsoft Windows Vista, Configuring exam:

Upgrade to Windows Vista from a previous version of Windows. . Microsoft provides several upgrade paths for computers running versions of Windows XP. This objective is included to ensure that you know how and when to upgrade Windows XP to Windows Vista.

Upgrade from one edition of Windows Vista to another. . Several paths are available for upgrading from one edition of Windows Vista to another edition. This objective is included to ensure that you know how and when to upgrade from one edition of Vista to a higher edition.

Outline Introduction

130

Upgrading to Windows Vista from a Previous Version of Windows

130

Preparing a Computer to Meet Upgrade Requirements

131

Vista Upgrade Advisor

131

Additional Preparatory Tasks

134

Upgrading the Computer to Windows Vista

135

Dual-Booting Windows Vista

138

Upgrading from One Edition of Windows Vista to Another

140

Windows Anytime Upgrade

141

Upgrading Windows Vista

141

Performing Post-Installation Updates and Product Activation

143

Installing Updates and Hotfixes

145

Managing Automatic Updates

146

Summary

148

Key Terms

148

Apply Your Knowledge

148

Exercises

149

Exam Questions

150

Answers to Exam Questions

152

Suggested Readings and Resources

153

Study Strategies This chapter focuses on processes related to upgrading to Windows Vista. When studying the contents of this chapter, be sure to follow these strategies: . Pay attention to the various methods of upgrading older Windows computers to Windows Vista and of upgrading one edition of Vista to a higher one. . Practice the various procedures several times, including updates from various older Windows operating systems and upgrades between editions of Vista. . Be sure you know when you can upgrade directly to Windows Vista and between which editions of Vista you can upgrade.

130

Chapter 3: Upgrading to Windows Vista

Introduction As Microsoft introduces new versions of its Windows operating system, many users around the world want to take advantage of the features included in the new version without purchasing new computers. Consequently, Microsoft has made available upgrade paths that enable users to upgrade older versions of Windows. By upgrading earlier versions of Windows to Windows Vista, you can retain registry settings and account information contained in the older operating system. Many users are attracted by the features available in higher editions of Vista, such as Vista Ultimate, but may have purchased a computer on which a lower edition of Vista such as Home Basic has been pre-installed. Consequently, Microsoft has made upgrade paths available that enable these users to upgrade to a higher version of Vista. As with the upgrade of an earlier version of Windows, these upgrade paths enable users to retain registry settings and account information from the lower version of Vista.

Upgrading to Windows Vista from a Previous Version of Windows Objective:

Upgrade to Windows Vista from a previous version of Windows. Upgrade paths from previous Windows versions depend on the operating system version currently installed. Table 3.1 lists the available upgrade paths for older operating systems. TABLE 3.1

Upgrading Older Operating Systems to Windows Vista

Operating System

Upgrade Path

Windows XP Home Edition

Can be upgraded directly to Windows Vista Home Basic, Vista Home Premium, Vista Business, or Vista Ultimate.

Windows XP Professional

Can be upgraded directly to Windows Vista Business or Vista Ultimate.

Windows XP Media Center

Can be upgraded directly to Windows Vista Ultimate.

Windows 9x/ME Windows NT 4.0 Workstation Windows 2000 Professional

Cannot be upgraded. You need to perform a clean installation of Windows Vista

Non-Windows operating systems (Unix, Linux, OS/2)

Cannot be upgraded. You need to perform a clean installation of Windows Vista.

131

Upgrading to Windows Vista from a Previous Version of Windows

NOTE Upgrading Windows 2000 and older computers Theoretically, you can upgrade Windows 98/Me/NT 4.0/2000 computers to Windows XP and then upgrade to Vista. However, the licensing costs for such an upgrade would be higher than that of purchasing a clean copy of Vista; besides, such older computers probably would not meet Vista’s hardware requirements.

Preparing a Computer to Meet Upgrade Requirements In addition to running one of the supported versions of Windows mentioned here, a computer to be upgraded to Windows Vista must meet the hardware requirements outlined in Chapter 2, “Installing Windows Vista.” In addition, all hardware components should be found in the Windows Logo Program for Hardware. Older software applications also may not be compatible with Windows Vista. Such applications might need to be upgraded or replaced to work properly after you have upgraded your operating system. Review the information provided in Chapter 2 when preparing your computers for upgrading to Windows Vista.

Vista Upgrade Advisor Microsoft includes a compatibility tool on the Windows Vista DVD-ROM that generates reports describing hardware and software components that might not be compatible with Windows Vista. This report identifies any hardware or software problems associated with the computer to be upgraded. Step by Step 3.1 shows you how to obtain a system compatibility report from the computer to be upgraded.

STEP BY STEP 3.1 Installing and Running the Vista Upgrade Advisor 1. Insert the Windows Vista DVD-ROM. 2. When the Windows Vista welcome screen appears, select Check Compatibility Online. 3. Internet Explorer connects to the Microsoft Windows Vista Upgrade Advisor website, which contains upgrade information plus a link to download the Upgrade Advisor, as shown in Figure 3.1. Select this link. 4. On the Security Warning that appears, click Run to begin the download. 5. After a minute or so, an Internet Explorer Security Warning message box appears. Click Run to install the Upgrade Advisor.

132

Chapter 3: Upgrading to Windows Vista

FIGURE 3.1 If you are connected to the Internet, you should choose to download the updated files before preparing your compatibility report.

6. If prompted to install a recent version of MSXML, select the Download and Install option and follow the instructions that appear. These instructions install the MSXML 6.0 Parser, which is needed to run the Upgrade Advisor. When this installation completes, click Back on your browser window to return to the Upgrade Advisor installation. 7. If prompted to install the .NET Framework, select the Download and Install option and follow the instructions that appear. These instructions install the Microsoft .NET Framework 2.0. 8. The Windows Vista Upgrade Advisor Setup Wizard starts with a Welcome screen. Click Next. 9. On the License Agreement page, click I Agree, and then click Next. 10. On the Select Installation Folder page, accept the location provided or type an alternative path. Then click Next. 11. On the Confirm Installation page, click Next to proceed. The installation takes a few minutes. 12. When the Installation Complete page appears, ensure that the Launch Windows Vista Upgrade Advisor check box is selected, and then click Close. 13. The Windows Vista Upgrade Advisor checks for updates and then displays a Welcome page (see Figure 3.2). Click Start Scan. 14. While the scan is taking place, the Upgrade Advisor displays a comparison chart of features for several Vista editions. Select the command buttons at the bottom to learn more about the various editions. 15. When the scan completes, the Upgrade Advisor displays a Scan complete page. Click See Details to view the results of the scan.

133

Upgrading to Windows Vista from a Previous Version of Windows

FIGURE 3.2 Click Start Scan to test the upgradeability of your computer.

16. As shown in Figure 3.3, the Upgrade Advisor informs you of the edition of Vista most suited to your computer and of any issues that could cause problems during upgrade. For additional information, scroll down this window to click the See Details buttons under System Requirements, Devices, and Programs.

FIGURE 3.3 The Upgrade Advisor informs you of the Vista edition most suited to your computer.

134

Chapter 3: Upgrading to Windows Vista 17. As shown in Figure 3.4, the Report Details page reviews any issues regarding system, devices, or programs that might not work properly with Vista.

FIGURE 3.4 The Report Details page provides information on issues related to system, devices, and programs.

18. On the Report Details page, click the Task List tab to obtain a list of tasks you should perform before upgrading your computer to Vista. 19. Click Save Report to save a copy of the Vista Upgrade Advisor report to a location on your hard disk.

Additional Preparatory Tasks Before you upgrade a Windows XP computer to Windows Vista, you should perform several additional tasks, as follows: . Check the BIOS manufacturer’s website for any available BIOS upgrades, and upgrade

the computer’s BIOS to the latest available functional version if necessary. You should perform this step before a clean install or an upgrade to Windows Vista. . Scan and eliminate any viruses from the computer, using an antivirus program that has

been updated with the latest antivirus signatures. You should then remove or disable the antivirus program because it may interfere with the upgrade process. In addition, you should use a third-party program to scan for and remove malicious software (malware).

135

Upgrading to Windows Vista from a Previous Version of Windows . Install any upgrade packs that may be required to render older software applications

compatible with Windows Vista. Consult software manufacturers for details. . Install the latest service pack for Windows XP (SP2 at the time of writing), plus any

other updates that Microsoft has published.

EXAM ALERT Vista requires the NTFS file system Whether you are performing a clean installation or upgrading a Windows XP installation to Vista, remember that the partition on which you install Vista must be formatted with the NTFS file system. An exam question could specify that you are upgrading a computer containing an installation of Windows XP on a FAT or FAT32 partition. In such a case, you must execute the convert c: /fs:ntfs command from XP before beginning the upgrade.

Upgrading the Computer to Windows Vista After you have checked system compatibility and performed all tasks required to prepare your computer for upgrading, you are ready to proceed. The upgrade takes place in a similar fashion to a new installation, except that answers to some questions asked by the setup wizard are taken from the current installation. Step by Step 3.2 shows you how to upgrade a Windows XP Professional computer to Windows Vista Ultimate.

STEP BY STEP 3.2 Upgrading to Windows Vista 1. If it is not in the drive from the compatibility check process, insert the Windows Vista DVD-ROM. 2. When the Windows Vista screen appears, select Install Windows. 3. The Get Important Updates for Installation page appears. If you are connected to the Internet, select the Go Online to Get the Latest Updates for Installations option. Otherwise select the Do Not Get the Latest Updates for Installation option. 4. On the Type Your Product Key for Activation page, type the product key and then click Next. 5. Accept the license agreement and then click Next. 6. On the Which Type of Installation Do You Want? page shown in Figure 3.5, select Upgrade. 7. The Compatibility Report page displays information about any applications or drivers that are not supported in Windows Vista (see Figure 3.6). Note the information provided, and then click Next.

136

Chapter 3: Upgrading to Windows Vista

FIGURE 3.5 The Which Type of Installation Do You Want? page offers you a choice between upgrading and performing a clean installation.

FIGURE 3.6 The Compatibility Report screen describes items that might be incompatible with the upgrade to Windows Vista.

8. The Vista upgrade proceeds in a fashion similar to that of a clean installation. It only asks for any information it cannot retrieve from the previous Windows installation. 9. After installation has completed and the computer has rebooted, the Set Up Windows dialog box appears (see Figure 3.7). Make any required settings, and then click Next.

137

Upgrading to Windows Vista from a Previous Version of Windows

FIGURE 3.7 The Set Up Windows dialog box enables you to select your country or region, time and currency, and keyboard layout.

10. On the Help Protect Windows Automatically page, select Use recommended settings. 11. Ensure that the time and date are set properly and then click Finish. Windows configures your personalized settings and then displays the Vista desktop.

EXAM ALERT Uninstalling Windows Vista If you should decide that you must revert your computer to Windows XP after upgrading to Vista, you must back up all data, reformat your system disk, and reinstall XP from scratch. Unlike Windows XP, which offered an uninstall option in Control Panel Add or Remove Programs after upgrading from Windows 98/Me, no such uninstall option is available in Vista. You might encounter an exam question asking you how to remove Vista after an upgrade.

Challenge You are a consultant who is responsible for upgrading all workstation computers in your client’s office to Windows Vista Business. You have available the installation media for Windows Vista as well as the older operating systems currently in use on these computers. In addition, all servers have already been upgraded to Windows Server 2003. (continues)

138

Chapter 3: Upgrading to Windows Vista (continued)

The following table describes the computers in your client’s office: Operating System

Number of Computers

Windows 98

50

Windows NT 4.0 Workstation

25

Windows 2000 Professional

75

Windows XP Professional Windows Vista Home Basic

100 30

Your task is to upgrade all these computers to Windows Vista Business by performing as few steps as possible. If possible, you must not remove any user settings, data, or applications from any of these computers. Draw up a plan for upgrading these computers while adhering to these specifications. Try to complete this exercise on your own, listing your conclusions on a sheet of paper. After you have completed the exercise, compare your results to those given here: 1. You can upgrade all computers running Windows XP Professional directly to Windows Vista Business. This involves a total of 100 computers. 2. You must install Windows Vista Business as a clean installation on the computers running Vista Home Basic. Microsoft does not support an upgrade of either home version to Vista Business, only to Vista Ultimate. This involves a total of 30 computers. 3. You must install Windows Vista Business as a clean installation on the computers running Windows 98, Windows NT 4.0, or Windows 2000. Microsoft does not support an upgrade of computers running versions of Windows prior to Windows XP to any edition of Vista. This involves a total of 150 computers. Alternatively, you can upgrade computers running Windows 98, Windows NT 4.0, or Windows 2000 Professional to Windows XP Professional and then to Windows Vista Business. This upgrade path enables you to maintain user settings, data, and applications on these computers but takes more time to accomplish and requires licensed Windows XP media.

Dual-Booting Windows Vista As in previous versions of Windows, you can install Windows Vista alongside a different version of Windows in a dual-boot configuration. By selecting Custom (Advanced) instead of Upgrade in step 6 of Step by Step 3.2, you can select a different partition on which to install Windows Vista. This retains all applications and settings you have configured in the previous version of Windows and creates a clean installation of Vista on the partition you have specified. You can even create multi-boot systems with more than two different operating systems,

139

Upgrading to Windows Vista from a Previous Version of Windows

including different editions of Vista, on the same computer. Dual-booting or multi-booting has the following advantages: . You can test various editions of Vista without destroying your current operating

system. . If you are running applications that are not compatible with Vista, you can boot into an

older operating system to run these applications. . Developers can test their work on different Windows versions without needing more

than one computer. Windows Vista introduces several new boot management programs, which replace the older programs used with Windows NT/2000/XP/Server 2003. These include the following: . Bootmgr.exe—Controls boot activities and displays a boot manager menu on a dual-

boot or multi-boot computer. . Bcdedit.exe—An editing application that enables you to edit boot configuration data

on Vista. This is the only program that offers boot management editing capabilities for Vista. . Winload.exe—The operating system loader, included with each instance of Windows

Vista or Windows Server 2008 installed on any one computer. Winload.exe loads the operating system, its kernel, hardware abstraction layer (HAL), and drivers on startup. . Winresume.exe—Included with each instance of Windows Vista or Windows Server

2008 installed on any one computer, this program resumes the operating system from hibernation. For additional details on multi-booting Windows Vista with other operating systems, refer to “Boot Configuration Data in Windows Vista” in the Suggested Readings and Resources section at the end of this chapter.

EXAM ALERT When multi-booting, install the oldest operating system first If you are setting up a dual-boot or other multi-boot system, install the oldest operating system first. For example, you would install Windows 2000, then Windows XP, and then Windows Vista in that order if you wanted a triple-boot configuration with these three operating systems. If you fail to do so, the newer operating system will be unable to start after you have installed an older operating system. An exam question could give you several choices of the sequence in which you might install multiple operating systems.

140

Chapter 3: Upgrading to Windows Vista

CAUTION Remember disk file system issues If you need to dual-boot Windows Vista with operating systems earlier than Windows 2000, remember that these older operating systems only support certain file systems. Windows 98/Me support FAT and FAT32 file systems, and Windows NT 4.0 supports FAT and NTFS file systems. If you need Vista plus one of these operating systems to read the same data, ensure that your data is located on a partition formatted with one of these file systems. Also ensure that Windows NT 4.0 has at least Service Pack 5 (SP5) installed. However, remember that the partition on which you install Vista must be formatted with the NTFS file system.

Upgrading from One Edition of Windows Vista to Another Objective

Upgrade from one edition of Windows Vista to another edition. Chapter 1, “Introducing Windows Vista,” introduced you to the editions Microsoft has produced for Windows Vista. Just as you can upgrade Windows XP to Vista, you can also upgrade a lower edition of Vista to a higher one. Table 3.2 summarizes the available upgrade paths. TABLE 3.2

Upgrading One Edition of Vista to a Higher One

Windows Edition You Are Upgrading

You Can Upgrade to This Edition

Vista Home Basic

Vista Home Premium Vista Ultimate

Vista Home Premium

Vista Ultimate

Vista Business

Vista Ultimate

Vista Enterprise

Vista Ultimate

Vista Ultimate

Cannot be upgraded further

NOTE Vista Enterprise is available only to volume users Microsoft makes the Enterprise version of Windows Vista available only to Enterprise Agreement (EA) or Software Assurance (SA) customers, who must purchase a minimum of 250 Vista licenses. You can only install Vista Enterprise as a clean installation. Smaller businesses should deploy Vista Ultimate if they need the enhanced features available to Vista Enterprise.

141

Upgrading from One Edition of Windows Vista to Another

Windows Anytime Upgrade The Windows Vista DVD-ROM contains the code for all editions of Vista. When you enter the license key, this tells Setup which edition of Vista you are installing. As mentioned in Chapter 2, you can also install Vista without entering a license key and then select the desired edition. Doing so enables you to preview the capabilities of a given edition before making a purchase decision. Microsoft recommends that you perform several procedures before installing Vista, regardless of the method used for installation.

Upgrading Windows Vista Follow Step by Step 3.3 to upgrade Windows Vista Home Basic to Vista Ultimate. Other possible upgrades (as outlined previously in Table 3.2) are performed in much the same fashion.

STEP BY STEP 3.3 Upgrading to Vista Ultimate 1. Click Start, Control Panel, System and Maintenance, Windows Anytime Upgrade. 2. As shown in Figure 3.8, Windows Anytime Upgrade enables you to compare the available editions of Vista or upgrade to available editions.

FIGURE 3.8 Windows Anytime Upgrade enables you to upgrade your edition of Vista.

142

Chapter 3: Upgrading to Windows Vista 3. If you want to review a summary of available features in different editions, click the Compare the Editions of Windows Vista link. When you are finished, click the Back button. 4. To upgrade to Windows Vista Ultimate, click its link. This takes you to the window shown in Figure 3.9.

FIGURE 3.9 This window provides instructions on how to upgrade your Vista installation.

5. If you have not yet activated Vista, this page displays an entry labeled Activate Windows before upgrading. Select the Activate Windows Now link and follow the instructions that appear. 6. Select the link labeled First, Purchase the Windows Vista Upgrade Online. This takes you to a secure Microsoft website from which you can purchase the required license. 7. Follow the instructions provided on this website to purchase and download the license. 8. Insert your Windows Vista DVD-ROM and click the Begin Upgrade Process Command button. 9. Click Continue on the User Account Control message box that appears. 10. When the Microsoft Windows Vista window appears, click Install Windows Now. 11. The Get Important Updates for Installation page appears. If you have an active Internet connection, select the Go Online to Get the Latest Updates for Installation link. Otherwise, select the Do Not Get the Latest Updates for Installation link. 12. The computer locates and downloads any available updates. When this is complete, type your product key in the space provided. Ensure that the Automatically Activate Windows When I’m Online check box is selected, and then click Next. 13. On the licensing page, ensure that the I Accept the License Terms check box is selected, and then click Next. 14. On the Which Type of Installation Do You Want? page shown in Figure 3.10, select the Upgrade option.

143

Performing Post-Installation Updates and Product Activation

When the computer meets the requirements for upgrading Vista, the Upgrade option is available.

FIGURE 3.10

15. The Vista upgrade takes place automatically, taking the required settings from the current installation. This can take up to an hour depending on the speed of your hardware. 16. After the final reboot, the Vista logon screen appears with the user name(s) you specified while running the previous edition of Vista. Select an appropriate username. 17. You are logged on and receive the Welcome Center, similar to that shown during the initial installation.

EXAM ALERT The Windows.OLD folder When you upgrade a previous version of Windows to Vista, Setup.exe stores copies of the previous operating system subfolders and files in the Windows.OLD folder, so that they are available in case you need them. This also happens if you perform an in-place upgrade or reinstallation of a Windows Vista system. You might encounter an exam question that asks you what happens to these files.

Performing Post-Installation Updates and Product Activation Chapter 2 introduced the concept of product activation, and it explained how Microsoft uses activation to combat software piracy. Even though you activated your computer running Windows XP, you are required to activate your product again after upgrading to Vista. You should note that product activation (which is required) is not the same as registration (which is optional). Windows operates at reduced functionality after the grace period unless you activate the product. Registering your copy of Windows Vista allows you to receive updates and

144

Chapter 3: Upgrading to Windows Vista

other offers from Microsoft and provides ready information to Microsoft tech support personnel should you ever need their services. If you entered your product key during installation or upgrading, Vista is automatically activated three days later. You can activate Vista sooner if you desire. Follow Step by Step 3.4 to complete product activation.

STEP BY STEP 3.4 Performing Product Activation 1. Click Start, right-click Computer, and choose Properties. The Windows activation section of the dialog box that appears informs you of the number of days left before you must activate Windows. Click Activate Windows now. 2. If you receive a User Account Control message box, click Continue. 3. On the Windows Activation dialog box shown in Figure 3.11, select Activate Windows Online Now.

You can activate Windows now or be reminded later from the Windows Activation dialog box.

FIGURE 3.11

4. If you have not previously typed your product key for activation, type the product key when requested and then click Next. 5. You are informed of the process of activating Windows. When finished, you receive an Activation Was Successful message, as shown in Figure 3.12. Click Close.

145

Performing Post-Installation Updates and Product Activation

FIGURE 3.12

Windows informs you when you have successfully activated it.

If you are not connected to the Internet, you can telephone a customer support representative at Microsoft. Select the option to generate an installation ID that you can give to the support representative, who will provide you with a confirmation ID that you type into the activation wizard to complete the procedure.

Installing Updates and Hotfixes Updates, hotfixes, and patches are designed to repair specific problems that are uncovered from time to time after the release of a new operating system or major update such as a service pack. Their purpose is to correct security-related or performance-related problems and maintain the operating system in an up-to-date condition at all times. Microsoft operates the Windows Update website that analyzes your computer and determines which updates are required to keep your computer up-to-date and downloads and installs these updates automatically. These updates take place in the background while you are working on other projects and inform you if a restart is needed. If this is so, you can schedule the restart so that it does not interfere with completion of your work. When you install or upgrade to Windows Vista and select the option to download updates at the time of installation, your operating system is up-to-date with all patches and hotfixes at that time. Microsoft releases additional updates on a periodic basis (generally monthly on the second Tuesday of each month). Automatic Updates is turned on by default at installation time so that you will receive these updates as they are made available. However, this feature provides several settings that enable you to manage how you receive and install these updates.

146

Chapter 3: Upgrading to Windows Vista

Managing Automatic Updates The Automatic Updates feature in Windows Vista enables computers to automatically connect to the Microsoft Windows Update website and download the latest updates, hotfixes, and patches. You can specify how and when your computers are updated, and updates can be downloaded and installed in the background while you are working. To configure options for automatically receiving updates, follow the procedure outlined in Step by Step 3.5.

STEP BY STEP 3.5 Configuring Automatic Updates 1. Click Start, Control Panel, Security, Windows Update. 2. On the left pane of the Windows Update applet, select Change Settings. 3. As shown in Figure 3.13, the Choose How Windows Can Install Updates page provides the following four options for configuring automatic updates: . Install Updates Automatically (Recommended)—Automatically downloads and installs updates at the day and time specified in the drop-down list boxes provided. You should ensure that your computer is on and connected to the Internet at the time you specify. This is the default setting. . Download Updates but Let Me Choose Whether to Install Them—Downloads updates when they are available and informs you by means of an icon in the notification area. You can select which updates should be installed by clicking this icon and choosing Install. . Check for Updates but Let Me Choose Whether to Download and Install Them—Provides an icon in the notification area to inform you that updates are available from the Windows Update website. You can download these updates by clicking this icon and choosing Start Download. After the updates are installed, you can select Install to install them. . Never Check for Updates (Not Recommended)—You are not informed of any available updates and need to access the Windows Update website regularly to check for updates. You can do this by means of the link provided. 4. Make your selection. If you keep the default setting, select a convenient option for the day and time. Then click OK.

147

Performing Post-Installation Updates and Product Activation

The Choose How Windows Can Install Updates dialog box provides four options for configuring automatic updates.

FIGURE 3.13

Administrators can configure Automatic Updates for all computers in an Active Directory domain or organizational unit (OU) by means of Group Policy, which offers the same options as outlined here. In this way, you can ensure that all computers automatically receive the required updates. In addition, you can specify that the client computers download their updates from a server running Windows Server Update Services (WSUS) on your network. By doing so, you can reduce the Internet bandwidth required for downloading updates, and you can test updates in a lab environment to ensure that they do not cause problems with services or applications on the client computers.

TIP Visit the Windows Update website regularly, even if you have configured Automatic Updates The Windows Update website downloads only high-priority and recommended updates in an automatic manner. This site also contains optional software and hardware updates, which can help improve your computer’s performance. Always test the updates on one or more computers that are representative of your production computers in a lab environment before rolling out the updates.

148

Chapter 3: Upgrading to Windows Vista

Summary In this chapter, you learned how to upgrade previous versions of Windows to Windows Vista and how to upgrade from one edition of Vista to a higher one. You learned about the requirements for upgrading previous versions and the tasks that you should perform before you upgrade a computer. You can upgrade computers running Windows XP to editions of Windows Vista, and you can upgrade certain editions of Vista to higher ones. You cannot upgrade computers running Windows 2000 or older to Vista and must perform a clean installation if you wish to perform such an upgrade. You also reviewed the method of performing product activation and looked briefly at how to keep your computer up-to-date with Windows Update.

Key Terms . dual-boot . product activation . Windows Anytime Upgrade . Windows Upgrade Advisor

Apply Your Knowledge You have seen the conditions under which older Windows operating systems can be upgraded to Windows Vista. Here you upgrade a computer running Windows Vista Business to Vista Ultimate without first having entered a product key for Vista Business. To perform this exercise you should have a computer on which you have installed Vista Business using methods outlined in Chapter 2 but without entering a Vista Business product key.

149

Apply Your Knowledge

Exercises 3.1 Upgrading Vista Business to Vista Ultimate As mentioned in Chapter 2, you can install Vista without a product key if you want to evaluate the features of a given edition of Vista. You can then upgrade to another supported edition by entering the product key of the upgraded edition. This procedure is also useful in learning situations and when preparing for Microsoft exams. Estimated Time: 45–90 minutes, depending on the speed of your hardware. 1. Insert the Vista DVD-ROM. 2. If the Install Windows screen does not appear, open Computer, navigate to the DVD-ROM drive, and double-click Setup.exe. 3. On the Install Windows screen, select Install Now. 4. If you are connected to the Internet, select Go Online to Get the Latest Updates for Installation. Otherwise, select Do Not Get the Latest Updates for Installation. 5. Type the product key for Vista Ultimate and then click Next. 6. Accept the license terms and then click Next. 7. On the Which Type of Installation Do You Want? page, select Upgrade. 8. Setup checks compatibility and displays a report outlining any applications or drivers that are not supported. Make a note of the items displayed and then click Next. 9. The Windows upgrade proceeds without interaction from the user, and the computer reboots. After the final reboot, the Set Up Windows screen appears. Modify the selections if required and then click Next. 10. On the Help Protect Windows Automatically page, select Use Recommended Settings. 11. On the Review Your Time and Date Settings page, ensure that the settings are correct, modify them if necessary, and then click Finish.

150

Chapter 3: Upgrading to Windows Vista

Exam Questions 1. You are responsible for upgrading the operating system on a large number of computers running various versions of Windows in your office, and you decide to upgrade all the computers to Windows Vista Business. Which of the following operating systems can you upgrade to Windows Vista Business? (Choose all that apply.)

❍ A. Windows 98 ❍ B. Windows NT 4.0 ❍ C. Windows 2000 Professional ❍ D. Windows XP Professional ❍

E. Windows XP Home Edition

❍

F. Windows Vista Home Basic

2. Ellen uses a computer running Windows XP Professional and wants to upgrade this computer to Windows Vista Business without reinstalling any of her applications. She inserts the Vista DVDROM and runs Setup.exe. However, she receives a message that informs her Setup has been disabled. What should Ellen do first to troubleshoot this problem?

❍ A. Perform a clean installation of Windows Vista Business. ❍ B. Check her hardware for compatibility with Vista. ❍ C. Upgrade her computer to Vista Ultimate instead. ❍ D. Disable her Windows XP antivirus program, and then rerun Setup.exe. 3. Peter wants to upgrade his computer from Windows XP Professional to Windows Vista Business. He is concerned that his computer’s hardware might be somewhat outdated and will not support the upgrade. Which of the following can he do to determine whether the computer will support Windows Vista Business?

❍ A. Run the setup /checkupgradeonly command from the Vista DVD-ROM. ❍ B. Run the winnt32 /checkupgradeonly command from the Vista DVD-ROM. ❍ C. Download and run the Windows Vista Upgrade Advisor. ❍ D. Simply install Windows Vista and hope that everything is compatible.

151

Apply Your Knowledge 4. Kristin is a developer who needs to work with more than one operating system to assess how her applications behave in different conditions. Her computer has a 100GB hard disk containing three partitions formatted with the FAT32 file system. Windows XP Professional is installed on the first partition. She wants to install Windows Vista Ultimate in a dual-boot configuration. What should she do?

❍ A. While running Windows XP, insert the Vista DVD-ROM and follow the prompts provided. When she receives the option to select the type of installation, select Custom (advanced). Then select the second partition to install Vista and format this partition with the NTFS file system.

❍ B. While running Windows XP, insert the Vista DVD-ROM and follow the prompts provided. When she receives the option to select the type of installation, select Upgrade. Then select the second partition to install Vista and format this partition with the NTFS file system.

❍ C. Do not reformat any partition. While running Windows XP, insert the Vista DVD-ROM and follow the prompts provided. When she receives the option to select the type of installation, select Custom (advanced). Then select the second partition to install Vista.

❍ D. Do not reformat any partition. While running Windows XP, insert the Vista DVD-ROM and follow the prompts provided. When she receives the option to select the type of installation, select Upgrade. Then select the second partition to install Vista. 5. You are using a computer running Windows XP Home Edition that has an old network interface card (NIC) and sound card that might not be compatible with Vista. You want to upgrade your computer to Windows Vista Home Premium. What should you do first?

❍ A. Purchase and install a new NIC and sound card. ❍ B. Run the Easy Transfer Wizard. ❍ C. Access the websites of the NIC and sound card manufacturers and download new drivers for these components.

❍ D. Run the Windows Vista Upgrade Advisor. 6. Tom is upgrading a computer from Windows XP Professional to Windows Vista Ultimate. The computer is a 2.8GHz Pentium IV and has 768MB of RAM and an 80GB hard disk. After the first restart, Tom is informed that the computer is infected with a master boot record virus. What should he do before continuing with the installation?

❍ A. Reboot the computer to Windows XP Professional and scan for and remove all viruses. ❍ B. Remove or disable any antivirus software installed in Windows XP. ❍ C. Run the Check Compatibility Online option and follow any recommendations provided. ❍ D. Run fixmbr.exe from the Windows Vista DVD-ROM. ❍

E. Upgrade the computer to 1GB of RAM.

152

Chapter 3: Upgrading to Windows Vista 7. You are installing Windows Vista Business on a computer running Windows XP Professional. The hard disk has three partitions: C, D, and E. Windows XP Professional is installed on partition C. When Setup gives you a choice of partition on which to install Windows Vista Business, you choose partition D. What happens?

❍ A. You create a dual-boot system. ❍ B. You upgrade Windows XP Professional to Windows Vista Business. ❍ C. The Windows Vista Business installation fails. ❍ D. You wipe out Windows XP Professional.

Answers to Exam Questions 1. D and E. You can upgrade Windows XP Home Edition or Windows XP Professional to Windows Vista Business. Microsoft does not support upgrades of older operating systems or of Windows Vista Home Basic or Home Premium to Vista Business, so answers A, B, C, and F are all incorrect. For more information, see the sections, “Upgrading to Windows Vista from a Previous Version of Windows,” and, “Upgrading from One Edition of Windows Vista to Another.” 2. B. Ellen should check her hardware for compatibility. The Windows Vista Upgrade Advisor utility will do this for her and will produce a report of any hardware or software issues that may interfere with her ability to upgrade to Vista. If she performs a clean installation of Windows Vista Business, she will not retain her applications or settings, so answer A is incorrect. She should not upgrade her computer to Windows Vista Ultimate because this upgrade will also fail; moreover, upgrading to Vista Business is a supported upgrade option. Therefore answer C is incorrect. While she should disable her antivirus software before upgrading to Vista, she will not receive this error if she hasn’t done so; therefore, answer D is incorrect. For more information, see the section, “Vista Upgrade Advisor.” 3. C. Peter should run the Windows Vista Upgrade Advisor. He can download this application by selecting the Check Compatibility Online option from the Install Windows screen that appears when he inserts the Vista DVD-ROM. The winnt32 /checkupgradeonly command was used with Windows XP to produce a compatibility report for upgrading older versions of Windows to this operating system. However, it is not used with Vista, so answer A is incorrect. The setup command used for installing Vista does not include the /checkupgradeonly switch, so answer B is incorrect. Because Peter can download and run the Vista Upgrade Advisor to produce a comprehensive report of potential issues, he should not simply install Windows Vista and hope that everything is compatible. Therefore answer D is incorrect. For more information, see the section, “Preparing a Computer to Meet Upgrade Requirements.” 4. A. Kristin should select the Custom (advanced) installation option to install Vista on the second partition and format this partition with the NTFS file system. If she selects the Upgrade option, she upgrades her installation of Windows XP to Windows Vista, so answers B and D are incorrect. If she does not format the partition with the NTFS file system, the installation will fail, so answer C is incorrect. For more information, see the section “Dual-Booting Windows Vista.”

153

Apply Your Knowledge 5. D. The Windows Vista Upgrade Advisor analyzes the hardware and software components of the computer for compatibility issues. You should run this utility before attempting to upgrade your computer to Vista. You should not purchase new hardware or download new drivers before you have run the Upgrade Advisor because it is always possible that these components are compatible with Vista. Therefore answers A and C are incorrect. The Easy Transfer Wizard is used to transfer files and settings from an older computer to a new Windows Vista computer. It does not check hardware compatibility, so answer B is incorrect. For more information, see the section, “Vista Upgrade Advisor.” 6. B. Antivirus (AV) software is known to cause problems during installation of or upgrading of Windows operating systems. On the first reboot, these programs may falsely report that the installation files contain a virus and halt the installation. You should uninstall the AV software and disable any AV checking in the computer’s BIOS before installing or upgrading to Vista. You can always re-enable or reinstall antivirus software after you have completed the upgrade. The computer is not actually infected with a virus, so Tom does not need to reboot to Windows XP or scan for viruses, so answer A is incorrect. The Check Compatibility Online option is used to check a computer for software or hardware incompatibility before upgrading to Windows Vista. These problems do not cause the false reporting of a virus, so answer C is incorrect. Fixmbr.exe is used to recover corrupted master boot records on existing Windows installations. You cannot use it in this scenario when the Windows installation is incomplete, so answer D is incorrect. Tom does not need to upgrade the RAM to 1GB, so answer E is incorrect. For more information, see the section, “Additional Preparatory Tasks.” 7. A. On a computer that is running Windows XP Professional, you can either upgrade the current Windows installation by installing Windows Vista on the same partition holding the current Windows operating files or create a dual-boot system by installing Windows Vista on a different partition. You do not upgrade Windows XP in this scenario because you installed to a different partition, so answer B is incorrect. This type of installation does not wipe another instance of Windows out, nor does it fail for this particular reason, so answers C and D are incorrect. For more information, see the section, “Upgrading to Windows Vista from a Previous Version of Windows.”

Suggested Readings and Resources The following are some recommended readings on the subject of upgrading to Windows Vista: 1. Books . McLean, Ian and Orin Thomas. MCTS Self-Paced Training Kit (Exam 70-620):

Configuring Windows Vista Client. Redmond, WA: Microsoft Press. 2007.

154

Chapter 3: Upgrading to Windows Vista 2. Course . Microsoft Official Curriculum course 5115, Installing and Configuring the

Windows Vista Operating System. Module 2, Upgrading and Migrating to Windows Vista Ultimate Edition. Information available at http://www.microsoft.com/ learning/syllabi/en-us/5115aprelim.mspx. 3. Websites . Microsoft. Boot Configuration Data in Windows Vista. http://www.microsoft.com/

whdc/system/platform/firmware/bcd.mspx . Microsoft. Log Files that are Created When You Upgrade to Windows Vista from an

Earlier Version of Windows. http://support.microsoft.com/kb/928901 . Microsoft. Windows Vista Upgrade Advisor. http://www.microsoft.com/

windowsvista/getready/upgradeadvisor/default.mspx . Microsoft. Upgrade Paths from Previous Versions. http://www.microsoft.com/

windowsvista/getready/upgradeinfo.mspx . Microsoft. System Requirements for Windows Vista. http://support.microsoft.com/

kb/919183 . Microsoft TechNet. Boot Configuration Data Editor Frequently Asked Questions.

http://technet2.microsoft.com/WindowsVista/en/library/85cd5efe-c349-427cb035-c2719d4af7781033.mspx?mfr=true . TechRepublic. Running the Windows Vista Upgrade Advisor on a New Computer by

Greg Shultz. http://articles.techrepublic.com.com/5100-10877_116152876.html?tag=nl.e132.

4

CHAPTER FOUR

Configuring and Troubleshooting PostInstallation System Settings Objectives This chapter helps you to prepare for the exam by covering the following Microsoft-specified objectives for the Installing and Upgrading Windows Vista section of the TS: Microsoft Windows Vista, Configuring exam:

Troubleshoot post-installation configuration issues. . After you have installed Vista, you might encounter configuration problems that lead to startup problems. You must know how to perform startup repair and to start your computer in alternate modes. Furthermore, you can encounter various hardware difficulties. This objective ensures that you are able to troubleshoot startup and hardware configuration problems.

Configure and troubleshoot Windows Aero. . Windows Vista presents a new Aero desktop interface, which can operate at several levels of functionality depending on the edition of Vista you are running as well as the computer’s hardware configuration. You can modify the default configuration to optimize the user’s experience or improve overall computer performance. This objective ensures that you can configure these options and troubleshoot them when problems occur.

Configure and troubleshoot Parental Controls. . Vista contains several options that are designed to limit a child’s exposure to questionable content on the local computer, network, and the Internet. A technician who services home-based computers needs to be familiar with these options and capable of instructing parents in their proper operation.

Configure Windows Internet Explorer. . Users are likely to rely on Internet Explorer for their Internet experience. However, users might also need to connect to other resources and prefer using Internet Explorer as a common interface. You therefore are expected to also know how to connect to files, shared folders, Web folders, and other network elements.

Outline Introduction Troubleshooting Post-Installation Configuration Issues

158

Configuring Windows Vista Start Menu and Taskbar Start Menu Properties

191 191

158

Taskbar Properties

191

Troubleshooting Startup Issues

158

Notification Area

193

Using Alternative Startup Strategies

162

Toolbars

194

Last Known Good Configuration

162

Safe Mode

163

System Restore

164

Boot Logging

166

Low Resolution Video (640×480)

166

Debugging Mode

166

Disable Automatic Restart on System Failure

167

Disable Driver Signature Enforcement

167

Troubleshooting Hardware Devices Using Device Manager to Troubleshoot Hardware Devices

167 168

Installing, Configuring, and Managing DVD and CD-ROM Devices

171

Monitoring and Configuring Disks

173

Configuring Application Compatibility

178

Windows Easy Transfer

180

Configuring and Troubleshooting Windows Aero

Configuring and Troubleshooting Parental Controls

194

Configuring Various Types of Restrictions

195

Creating User Accounts

195

Configuring Parental Restrictions Configuring Activity Reports

196 199

Configuring Windows Internet Explorer 200 Configuring Tabbed Browsing

201

Blocking Pop-ups

204

Customizing Internet Explorer

206

Customizing Search Providers

206

Customizing the Toolbars

207

Printing Web Pages

209

Managing Add-Ons

209

Configuring Really Simple Syndication (RSS) Feeds

211

Configuring AutoComplete Settings

212

184

Understanding Windows Presentation Foundation 186

Summary

213

Understanding Hardware Requirements for Running Aero

Key Terms

213

Apply Your Knowledge

214

186

Configuring Desktop Schemes

187

Troubleshooting Aero

188

Window Borders Are Not Translucent

188

Aero Glass Is Not Running

189

Exercises

214

Exam Questions

217

Answers to Exam Questions

220

Suggested Readings and Resources

223

Study Strategies This chapter is devoted to post-installation configuration of Windows Vista and looks at the Vista desktop including the Aero interface, the Start menu, and the taskbar. It also discusses Internet Explorer and the new Parental Controls feature. Practical experience in this field is vital to understanding how these methods work and which situations are best suited for each. . Experiment with the advanced startup options and the Startup Repair Tool until you are familiar with the function of each component and how to recover from various types of hardware failure. . Become familiar with Device Manager and its options. . Configure Windows Aero on computers with varying hardware capabilities and learn to recognize the differences between Aero and Aero Glass and when you are able to enable each of these new desktop schemes. . Examine the various options available in the Parental Controls feature. Create a couple of users and configure Parental Controls for these users. Then log on as each of the users and attempt to perform actions you have disallowed. Note the errors produced. Finally, return to your administrative user and view the activity reports that have been created. . Experiment with the various configuration options available in Internet Explorer. Set up a series of tabs and save these as favorites. Note what happens when you disable add-ons. Locate a website that hosts RSS feeds and experiment with the options available for displaying and managing these feeds.

158

Chapter 4: Configuring and Troubleshooting Post-Installation System Settings

Introduction Now that you have installed Windows Vista, you have a basic system that is reasonably well configured. You also have a large range of configuration options available to you, many of which are new or changed since the days of Windows XP. This chapter looks at several of these configurations and their problems, including startup issues, hardware devices, Windows Easy Transfer, the new Aero desktop interface, Parental Controls, and the updated Internet Explorer 7.

Troubleshooting Post-Installation Configuration Issues Objective:

Troubleshoot post-installation configuration issues. When users receive new Windows Vista computers, support technicians must confront a myriad of issues ranging from what to do if a user’s computer doesn’t start to how to get documents, applications, and settings from the old Windows XP computer to the new computer. Several of the issues this section explores include the following: . Startup issues—You need to know how to assist a user whose Windows Vista computer

does not start up properly or won’t let him log on to the network. . Hardware issues—Vista supports all the hardware types previously supported by

Windows XP and adds support for the latest high-tech gadgets. . Transferring documents and settings—Windows Vista provides the Easy Transfer Wizard,

which improves on Windows XP’s Files and Settings Transfer Wizard.

Troubleshooting Startup Issues Microsoft has improved the robustness of Vista beyond the capabilities present in previous versions of Windows. For example, if you attempt to rename or delete a vital driver from the Windows\System32\Drivers folder, you receive an administrative prompt asking for permissions beyond the capabilities of a normal administrative account. Just the same, startup problems can occur. When your computer is unable to boot properly or won’t let you log on, it can be very frustrating when you have pressing work deadlines. In a corporate environment, startup problems can result in many calls to the help desk. Microsoft has designed Vista to reduce the number of startup problems and automate their recovery as much as possible.

159

Troubleshooting Post-Installation Configuration Issues

New to Vista is the Startup Repair Tool (SRT), which attempts to automatically recover a computer that will not start normally. The following are some of the problems that the SRT can attempt to repair: . Missing, corrupted, or incompatible device drivers . Missing or corrupted system files or boot configuration settings . Improper or corrupted Registry keys or data . Corrupted disk metadata, such as the master boot table, boot sector, or partition table

SRT provides a diagnostics-based, step-by-step troubleshooting tool that enables end users and tech support personnel to rapidly diagnose and repair problems that are preventing a computer from starting normally. When SRT determines the problem that is preventing normal startup, it attempts to repair this problem automatically. If it is unable to do so, it provides support personnel with diagnostic information and suggests additional recovery options. Step by Step 4.1 demonstrates the action of SRT.

STEP BY STEP 4.1 Using the Startup Repair Tool 1. Start your computer with the Vista DVD-ROM in the drive. 2. Press the spacebar when instructed to press any key to boot from the CD or DVD. 3. When the Install Windows screen appears, confirm the settings displayed and then click Next. 4. On the Install Windows screen shown in Figure 4.1, select Repair Your Computer.

FIGURE 4.1 The Install Windows screen provides an option for repairing an unbootable computer.

160

Chapter 4: Configuring and Troubleshooting Post-Installation System Settings 5. On the System Recovery Options dialog box, you should see Microsoft Windows Vista, as shown in Figure 4.2. Ensure that it is highlighted, and then click Next.

FIGURE 4.2 The System Recovery Options dialog box enables you to repair one or more instances of Vista on your computer.

6. On the System Recovery Options dialog box shown in Figure 4.3, click Startup Repair.

FIGURE 4.3 The System Recovery Options dialog box provides five options for repairing an unbootable computer.

7. Startup Repair runs and displays the message shown in Figure 4.4. 8. If SRT detects and repairs a problem, it displays a message such as the one in Figure 4.5, informing you that it repaired the problem successfully. To see details of its actions, click the link provided. If it is unable to repair the problem, it offers additional information and links (see Figure 4.6).

161

Troubleshooting Post-Installation Configuration Issues

FIGURE 4.4

SRT attempts to repair an unbootable com-

puter.

FIGURE 4.5 When the SRT repairs a problem, it informs you of its actions.

FIGURE 4.6 When the SRT is unable to repair the problem, it provides links to additional details and log files.

9. When you are finished, click Finish, and then click Restart to restart your computer normally.

162

Chapter 4: Configuring and Troubleshooting Post-Installation System Settings

Using Alternative Startup Strategies Windows Vista provides several tools that help you recover from computer failures that prevent you from starting Windows normally. This section looks at several of these tools, including the Last Known Good Configuration, Safe mode, and System Restore.

NOTE Recovery Console The Recovery Console, which was used in Windows 2000/XP/Server 2003 to perform command line–based recovery procedures, has been replaced by the command prompt option in Startup Repair (refer to Figure 4.3 shown previously). For additional information on the actions you can perform using this option, refer to “Command-line reference for IT Pros” in the Windows Vista Help and Support Center.

Last Known Good Configuration Every time a user logs on successfully, Windows Vista makes a recording of the current Registry settings known as a control set. These settings are stored under HKEY_LOCAL_ MACHINE\SYSTEM\CurrentControlSet and are made available so that they can be used if the computer is unable to boot because of configuration changes such as installation of new device drivers or inappropriate modification of settings. For example, if configuration changes result in a computer displaying the Blue Screen of Death (BSOD) or modified display settings render the screen unreadable, you can revert to the previous settings by using the Last Known Good Configuration. Follow Step by Step 4.2 to use this configuration.

STEP BY STEP 4.2 Using the Last Known Good Configuration 1. Restart the computer (use the reset button if necessary). 2. Press F8 as the boot sequence begins to display the Windows Advanced Options menu, as shown in Figure 4.7. 3. Use the arrow keys to select Last Known Good Configuration and then press Enter. The computer proceeds to start from this configuration. 4. When the logon screen appears, log on as usual.

163

Troubleshooting Post-Installation Configuration Issues

FIGURE 4.7

Windows Vista provides several advanced startup options that you can use when unable to start

normally.

EXAM ALERT Know when you can and cannot use the Last Known Good Configuration Using the Last Known Good Configuration is the easiest way to correct changes when you are unable to log on as a result of various problems. If you have logged on successfully and then encounter a problem caused by a previous configuration change, you are unable to use the Last Known Good Configuration because this configuration is overwritten at the successful logon. Under these circumstances you must select a different startup option.

Safe Mode Safe mode starts your computer with a minimal set of drivers (mouse, VGA, and keyboard) so that you can start your computer when problems with drivers or other software are preventing normal startup. The following are several problems with which you can use Safe mode for recovering your computer: . The computer stops responding or runs very slowly—You can start in Safe mode and use

various tools for diagnosing and correcting the problem. You can also uninstall software, roll back device drivers, or use System Restore to roll back the computer to an earlier point in time. . The computer display is blank or distorted—After starting in Safe mode, you can use the

Control Panel Display applet to select appropriate display settings.

164

Chapter 4: Configuring and Troubleshooting Post-Installation System Settings . The computer fails to respond after new hardware or software is installed—Use Safe mode to

uninstall software, disable hardware devices in Device Manager, roll back drivers, or restore the computer using System Restore. To enter Safe mode, follow the procedure outlined in Step by Step 4.2 and select Safe mode from the options displayed previously in Figure 4.7. You can also select either of the following options: . Safe mode with Command Prompt—Starts the computer to a command prompt. This can

be useful if you cannot obtain a normal GUI. . Safe mode with Networking—Starts network drivers as well as the other basic drivers.

This is useful if you need to copy files from a network location.

CAUTION Safe mode has its limitations Safe mode does not repair problems caused by lost or corrupted system files or problems with basic drivers. In these cases, you may be able to use the Recovery Console.

System Restore First introduced with Windows XP, System Restore enables you to recover from system problems such as those caused by improper system settings, faulty drivers, and incompatible applications. It restores your computer to a previous condition without damaging any data files such as documents and email. System Restore is useful when problems persist after you have uninstalled incompatible software or device drivers, after downloading problematic content from a website, or when you are having problems that you cannot diagnose but that have started recently. During normal operation, System Restore creates snapshots of the system at each startup and before major configuration changes are started. It stores these snapshots and manages them in a special location on your hard drive. It also copies monitored files to this location before any installation program or Windows itself overwrites these files during application or device installation. You can run System Restore from the System and Maintenance category of Control Panel. Step by Step 4.3 shows you how.

STEP BY STEP 4.3 Using System Restore to Restore Your Computer 1. Click Start, Control Panel, System and Maintenance, System (or right-click Computer and choose Properties).

165

Troubleshooting Post-Installation Configuration Issues 2. On the left pane of the System applet, select System Protection. 3. In the User Account Control message box that appears, click Continue. This opens the System Protection tab of the System Properties dialog box, as shown in Figure 4.8.

FIGURE 4.8 The System Protection tab of the System Properties dialog box includes a System Restore option.

4. Click System Restore to open the System Restore dialog box, as shown in Figure 4.9.

FIGURE 4.9 The System Restore dialog box enables you to perform a System Restore.

5. Click Next to display the Choose a Restore Point page. 6. Select a date and time to which you want to restore your computer, and then click Next.

166

Chapter 4: Configuring and Troubleshooting Post-Installation System Settings 7. In the Confirm Your Restore Point dialog box, note the warning to save open files and then click Finish to perform the restore. 8. You receive a message box informing you that System Restore might not be interrupted and cannot be undone. Click Yes to proceed. The computer performs the restore, and then shuts down and restarts. 9. Log back on as an administrator. You receive a System Restore message box informing you that the restore completed successfully. Click Close.

TIP System Restore also enables you to create restore points If you are planning to install or download applications or other material that could be problematic, you can manually create a restore point first. Simply select the Create option shown in Figure 4.8 and follow the instructions provided.

NOTE You can use Safe mode and System Restore together to correct problems If you are unable to start your computer properly but are able to start in Safe mode, you can perform a System Restore from Safe mode to restore your computer to a functional state.

Boot Logging The boot logging option, selected from the options displayed previously in Figure 4.7, starts Vista normally while creating the \windows\ntbtlog.txt file, which lists all drivers that load or fail to load during startup. From the contents of this file, you can look for drivers and services that are conflicting or otherwise not functioning. After using this mode, reboot to Safe mode to read the ntbtlog.txt file and identify the problematic driver.

Low Resolution Video (640×480) The low-resolution video option starts Vista at the lowest video resolution with 16 colors. This is useful if you have selected a display resolution and refresh rate that is not supported by your monitor and video card or if you have installed a driver that is incompatible with your video card. You can go to the Display Properties dialog box, select an appropriate video option, and then reboot to Normal mode.

Debugging Mode Debugging mode provides advanced troubleshooting options for experienced developers and administrators. It sends kernel debug information to another computer via a serial cable.

167

Troubleshooting Post-Installation Configuration Issues

Disable Automatic Restart on System Failure The Disable Automatic Restart on System Failure option prevents Vista from automatically restarting if a problem is causing your computer to enter an endless loop of failure, restart attempt, and failure again.

Disable Driver Signature Enforcement The Disable Driver Signature Enforcement option permits you to install unsigned drivers or drivers that are improperly signed. After you reboot normally, driver signatures are again enforced but the unsigned driver is still used.

Troubleshooting Hardware Devices Microsoft has improved the technologies for implementing, configuring, and troubleshooting hardware devices with every upgrade of Windows. Windows Vista is no exception, and support for a large range of devices is present in Vista. You can manage many types of hardware devices in Windows Vista using the Computer Management tool, shown in Figure 4.10. You can open Computer Management by using any of the following procedures: . Click Start, right-click Computer, and select Manage. . Click Start and type Computer Management into the Search pane. After a few seconds,

Computer Management appears at the top of the Programs list. Select this entry. . Click Start, Control Panel, System and Maintenance, Administrative Tools. Select

Computer Management from the top of the list that appears. You can also select individual activities from the Administrative Tools entry under System and Maintenance. Computer Management offers the following tools and utilities: . Task Scheduler—Used for scheduling programs or actions to run at predetermined times

in the future . Event Viewer—Used for troubleshooting errors . Shared Folders—Used for creating and managing shares that are visible to users across

the network . Reliability and Performance—Used for troubleshooting errors as well as optimizing

performance . Device Manager—Used for configuring devices, updating or uninstalling device drivers,

rolling back device drivers, enabling and disabling devices, scanning for hardware changes, and troubleshooting

168

Chapter 4: Configuring and Troubleshooting Post-Installation System Settings . Disk Management—Used for viewing and managing volume and disk configuration as

well as defragmenting hard disks . Services—Used for starting and stopping services related to a device . WMI Control—Used for turning error logging on or off or backing up the Windows

Management Instrumentation (WMI) repository (in most cases, you will not use this tool)

The Computer Management tool enables you to perform a large range of administrative and troubleshooting tasks.

FIGURE 4.10

Another place to check devices is in the System Information console. You can open it by clicking Start, Run, typing msinfo32, and then pressing Enter. Expand the Hardware Resources category to obtain information.

Using Device Manager to Troubleshoot Hardware Devices The majority of the work involving device implementation, management, and troubleshooting for many types of hardware devices is found in the Device Manager utility. Every device has its own Properties dialog box, specific to its device type and sometimes specific to the manufacturer and model, depending on the installed driver. The following standard tabs are found in any device Properties dialog box: . General—Displays the device’s description and status. . Driver—Displays the current device driver’s information. Includes buttons to display

the files that make up the driver (Device Details), to install a new device driver (Update Driver), to roll back the driver to an older version (Roll Back Driver), to enable or disable the device (Disable), and to uninstall the driver (Uninstall).

169

Troubleshooting Post-Installation Configuration Issues . Details—Displays the device’s specifications. You can choose from a long list of device

properties. . Resources—Displays the system resources being consumed, including interrupt requests

(IRQs), direct memory access (DMA) channels, and the I/O memory range. Displays whether these resources are in conflict with any others being used in the system. You can access Device Manager from the Computer Management console. You can also access it by right-clicking Computer, selecting Properties, and selecting the Device Manager link or from the Hardware and Sound category in Control Panel. After you determine that a hardware device is installed correctly and is listed in the Windows Logo Program for Hardware, you should check to see whether the device is detected by Windows Vista and is functioning by checking Device Manager for its listing. If a device is not functioning, an icon with a red “X” appears over the device icon. If a device is functioning but experiencing problems, a yellow question mark icon appears next to the device icon. When you right-click a device, a shortcut menu similar to the one displayed in Figure 4.11 appears. You can select to update the driver or uninstall or disable the device. You can also scan the device for hardware changes or access the device’s properties. When you open the device’s Properties dialog box, you can put a variety of configurations into effect, as well as disable or enable the device.

The rightclick menu in Device Manager provides several configuration options.

FIGURE 4.11

You can use Device Manager to determine whether an I/O conflict exists by changing the view. In Computer Management, right-click Device Manager in the left pane, select View, and

170

Chapter 4: Configuring and Troubleshooting Post-Installation System Settings

then select Resources by Type. In the right pane, click the plus (+) sign next to Input/Output (IO). Each device is listed in the order of the I/O resources it uses, as shown in Figure 4.12.

Device Manager provides an organized view of devices by the I/O resources they consume.

FIGURE 4.12

Device Manager offers other views that assist in monitoring. When you select Devices by Type, you see the devices organized by the kind of hardware each device is. If you have multiple monitors, for example, you see each of the monitors displayed below the Monitor node. This is the default view. The Devices by Connection view groups each device by the way it is connected in the computer. For example, all the disk drives and CD or DVD drives connected to the IDE controller are displayed under the IDE connection node. The Resources by Connection view shows the status of the I/O ports, as well as DMA channels, IRQs, and memory addresses, listed by the connection type. To expand the views to show non–Plug and Play devices, select Show Hidden Devices from the View menu.

TIP The Problem Reports and Solutions applet Another place to look when you are experiencing hardware or software problems with your Vista computer is the new Problem Reports and Solutions Control Panel applet, found in the System and Maintenance category. Vista identifies problems that have occurred on your computer and automatically checks online for solutions to these problems. Click the problems displayed to obtain additional information.

171

Troubleshooting Post-Installation Configuration Issues

Installing, Configuring, and Managing DVD and CD-ROM Devices Virtually all computers sold nowadays come with DVD+RW or DVD-RW drives, which allow you to burn all types of information to 4.7GB DVD discs, while maintaining backwards compatibility with CDs. Considering that some drives are not included within the Windows Logo Program for Hardware, there are bound to be some problems. To troubleshoot a problem with your CD or DVD device, you can use the following process: . If the CD/DVD or the IDE/SCSI controller is not listed in the Windows Logo

Program for Hardware, the next course of action is to contact the original equipment manufacturer (OEM) for a compatible device driver. . If the Windows Logo Program for Hardware shows that both the CD/DVD and the

IDE/SCSI controller are listed, you need to physically inspect the devices to ensure that they have been installed correctly. If using SCSI, also ensure that the SCSI ID of the device does not conflict with any other SCSI IDs, the SCSI ID of the controller is set to 7, and the SCSI bus has been terminated correctly. If using IDE, ensure that you are using the correct IDE controller. If you suspect the problem is confined to the CD or DVD media that you are currently using, you can check the volume for the disc by selecting the Volumes tab in the device’s Properties dialog box while the CD or DVD is in the drive. If the CD or DVD were able to mount, you see a description of the volumes contained on the disk. To investigate the configuration, you can click the Details tab in the Properties dialog box. Click the arrow on the drop-down box and select the various items from the list. Although this dialog box does not allow you to make configuration changes, it displays whether power is being provided to the device, the hardware ID, and more. For DVD drives, an additional configuration tab is available in the Properties dialog box—the DVD Region tab. DVD discs are encoded for a specific geographical location, called a region, in which they are intended to be used. A DVD drive reads only the DVDs that match the region for which it has been configured. A problem presents itself when a user travels internationally or for some other reason requires access to DVDs from more than one region. You are allowed to change regions a limited number of times. If a user needs to read DVDs from two different regions on a frequent basis, you should purchase a second DVD drive for that user. For a short-term change to another region, you can configure the new region in the DVD Region tab. Simply select the country where the DVD originated or a country whose region matches the region indicated by the error message that was received when the DVD was inserted and click OK to change the region. The Driver tab in the device’s Properties dialog box allows you to uninstall or update the device driver, roll the driver back to an older version, or simply view the driver details. Drivers are often the source of problems with all types of devices.

172

Chapter 4: Configuring and Troubleshooting Post-Installation System Settings

You can use the Properties tab to troubleshoot an array of challenging problems. Table 4.1 displays common problems and the responses that you can use to troubleshoot them. TABLE 4.1

Troubleshooting CD or DVD Errors

Device

Problem or Process

Utility/Solution

Response

CD-ROM drive

Can’t play audio CD, can read data CD

Control Panel, Hardware and Sound utility, Sound tab

Verify CD drive is listed. Verify audio codecs.

CD or DVD drive

Disc reading problem

Physically inspect the disc

Verify that CD has no defects or scratches. Clean CD.

CD or DVD drive

Can’t play DVD

Device Manager, device Properties, General tab

Verify device type is DVD drive, not CD-ROM drive.

CD or DVD drive

Disc reading problem

Alternate CD or DVD drive

Test disc in alternative drive.

CD or DVD drive

Error reading multiple discs

Special CD or DVD drive cleaning disc

Clean drive.

CD or DVD drive

Computer stops responding while reading disc

Task Manager (press Ctrl+Shift+Esc), Performance tab

View performance. Exit unnecessary applications.

CD or DVD drive

Computer stops responding while reading disc

Perform a clean boot

Ensure that no unnecessary applications are running. Test the disc in the drive again.

DVD drive

Cannot play a DVD movie disc

Device Manager, display adapter Properties, Driver tab, Update Driver button

Update the video driver.

DVD drive

Analog copy protection error

Physical presence of video output cables or older device driver does not support copyright protection on disc. Device Manager, display adapter Properties, Driver tab, Update Driver button

Remove video output cables from video adapter or DVD drive. Update video adapter driver.

DVD drive

Low video memory

Device Manager, display adapter Properties, Driver tab, Update Driver button

Update the video driver.

173

Troubleshooting Post-Installation Configuration Issues

TABLE 4.1 Continued Device

Problem or Process

Utility/Solution

Response

DVD drive

Low video memory/poor resolution

Control Panel, Display utility, Settings tab, Advanced button, Monitor tab

Lower the refresh rate.

DVD drive

Does not play DVD discs

Firmware version and DVD decoder software version—validate compatibility

Update the firmware version; uninstall the DVD decoder software. Install a version that is compatible with Windows Vista. This can happen when a computer was upgraded from an older version of Windows.

The computer might also stop responding and does not eject the CD when there is an error reading the disc in the CD drive. Such a problem generally requires you to reboot your computer to eject the CD. Other types of audio problems can also occur when attempting to read a CD or DVD. For further information, refer to Troubleshoot Audio Problems in Windows Media Center in the “Suggested Readings and Resources” section at the end of this chapter.

TIP Know how to perform a clean boot Know when to perform a clean boot and understand the process to do so. You can customize how Windows Vista starts up by clicking Start, Run, typing msconfig in the Open text box, and pressing Enter. Select Diagnostic Startup, and then reboot. You might want to simply disable a selection of applications and services, in which case you can use the Selective Startup option and disable the items you want in the resulting dialog box. You can keep this configuration for several reboots if you need to. After your final reboot, you can restart Windows Vista normally by returning to the System Configuration utility (Msconfig.exe), selecting the Normal Startup option, and then rebooting a final time.

Monitoring and Configuring Disks Disk Management, which can be found in Computer Management as shown in Figure 4.13, displays the disks installed on your computer as well as the volumes configured for the disks.

174

Chapter 4: Configuring and Troubleshooting Post-Installation System Settings

Disk Management enables you to perform a large range of management and troubleshooting activities on disks and volumes.

FIGURE 4.13

The following list summarizes the major actions you can perform from the Disk Management snap-in: . Create dynamic disks—Disks can be either basic (the default) or dynamic. You can con-

vert a basic disk to a dynamic disk but you cannot change back. Your only avenue to reverting to a basic disk is by deleting the dynamic disk, losing the data, creating a new basic volume, and restoring the data from a backup. . Create volumes—You can create several types of volumes on a dynamic disk. Microsoft

provides a wizard to assist you in creating these volumes: . Simple volumes—A single region of free space on a single disk. You can create sim-

ple volumes on either basic or dynamic disks. . Spanned volumes—Two or more regions of free space on 2 to 32 disks linked into a

single volume on a dynamic disk. . Striped volumes—Multiple regions of free space from two or more disks. Data is

evenly interleaved across the disks, in stripes. Can be created on dynamic disks only. . Extend volumes—You can add additional unallocated space on a disk to an existing vol-

ume. Vista provides the Extend Volume Wizard to assist you in this action. . Shrink volumes—You can reduce the size of a volume to generate unallocated space for

creating or extending a different volume.

175

Troubleshooting Post-Installation Configuration Issues . Display properties of disks and volumes—For disks, you can obtain the same information

as provided by Device Manager. For volumes, you can obtain information about free space and device properties. This feature also lets you defragment the volume, share the volume, configure an access control list (ACL), back up all files on the volume, and create shadow copies of files and folders within the volume.

NOTE Shadow copies The shadow copy feature, first introduced with Windows XP and Windows Server 2003, is available in the Business, Enterprise, and Ultimate editions of Windows Vista. This feature creates copies of files in real time as you work on them. It enables you to revert to a previous version of a file should you accidentally delete a file or save unsuitable modifications. In addition, this feature works with Windows Backup to enable the back up of all files, including those that an application might have open currently. Versions of Windows prior to Windows XP skipped any open files, thereby risking incomplete backups.

The Disk Management utility is fairly comprehensive, but it is not the only tool available in Windows Vista to configure or manage disks. Some of these tools hearken back to the days of DOS and Windows 3.x, yet they are still very useful, especially if there is a problem accessing the graphical user interface (GUI): . Chkdsk.exe—A command-line utility that verifies and repairs FAT- or NTFS-formatted

volumes. (For NTFS drives, use the CHKDSK C: /R command to automatically check and repair disk problems.) . Cleanmgr.exe—Also known as Disk Cleanup, a GUI utility that deletes unused files. . Defrag.exe—Also known as Disk Defragmenter, a command-line utility that

rearranges files contiguously, recapturing and reorganizing free space in the volume. Optimizes performance. . Diskpart.exe—A command-line utility that can run a script to perform disk-related

functions. Diskpart’s nearest GUI counterpart is the Disk Management utility. . Fsutil.exe—A command-line utility that displays information about the file system

and can perform disk-related functions. An administrator should understand how to handle the errors that can plague a hard disk. Common problems are listed in Table 4.2.

176

Chapter 4: Configuring and Troubleshooting Post-Installation System Settings

TABLE 4.2

Troubleshooting Disk Errors

Error

Problem or Process

Possible Repairs

Non-system disk

Computer is trying to boot from a disk without a boot volume.

Remove any non-system disks from the floppy or CD-ROM drives. Repair the boot volume using Windows Recovery Console.

There is not enough memory or disk space to complete the operation.

Disk is full.

Free up space on the hard disk by deleting files, removing applications, or compressing files. Add another disk and extend the volume to span both disks.

Missing Operating System

No active partition is defined.

Check the BIOS settings and configure if they incorrectly identify the boot disk. Boot up with a floppy. Use Diskpart.exe to mark the boot volume as active. Use Windows Vista Startup Repair Tool. Reinstall Windows Vista.

Non-System Disk or Disk Error

Basic Input Output System (BIOS) generates this error when the master boot record (MBR) or boot sector is damaged or when a different device is configured as the boot device in the BIOS.

Check the BIOS and reconfigure if necessary. Remove any non-bootable floppy disks from the PC. Repair the boot volume with the Windows Vista Startup Repair Tool. Reinstall Windows Vista. Replace the hard disk.

Invalid Media Type

Boot sector is damaged.

Repair the boot volume with Windows Vista Startup Repair Tool. Reinstall Windows Vista. Replace the hard disk.

Hard disk controller failure

BIOS’s disk controller configuration is invalid, or the hard disk controller has failed.

Check the BIOS and reconfigure controller. Replace the hard disk controller.

The volume properties of a disk in the Disk Management snap-in provides you with a status display, which can help you in troubleshooting disk problems. The following statuses can appear: . Healthy—This status is normal and means that the volume is accessible and operating

properly. . Failed—This status means that the operating system could not start the volume nor-

mally. Failed usually means that the data is lost because the disk is damaged or the file system is corrupted. To repair a failed volume, physically inspect the computer to see

177

Troubleshooting Post-Installation Configuration Issues

whether the physical disk is operating. Ensure that the underlying disk(s) has an Online status in Disk Management. . Formatting—This status is temporary, appearing only while the volume is being for-

matted. . Unknown—This status means that you’ve installed a new disk and have not created a

disk signature or that the boot sector for the volume is corrupt, possibly because of a virus. You can attempt to repair this error by initializing the underlying disk by rightclicking the disk and selecting Initialize from the shortcut menu. . Data Incomplete—This status appears when a disk has been moved into or out of a

multi-disk volume. Data is destroyed unless all the disks are moved and imported on the new computer. . Healthy (At Risk)—This status indicates I/O errors have been detected on an underly-

ing disk of the volume but that data can still be accessed. The underlying disk probably shows a status of Online (Errors) and must be brought back online for the volume to be corrected. When you see a status other than Healthy for your volumes or other than Online for your disks, you can attempt to repair by selecting the Rescan Disks option from the Action menu in Disk Management.

Challenge You have been tasked with installing a Windows Vista Ultimate computer with two identical SCSI 200GB hard disks, a 250GB hard disk, and a 300GB hard disk. The computer is to be used by an engineer in charge of computer-assisted design (CAD) operations. You are to configure a volume on the new disks that will hold data files. The data volume should feature the highest possible level of performance plus the largest available quantity of storage because the CAD operations will require the rapid processing of extremely large quantities of data. Your task is to convert a basic disk to a dynamic disk, using Diskpart.exe, and then use the Diskpart.exe tool to create a striped volume. Try to work through the required steps on your own, referring to the Help files for Diskpart.exe as required. If you have difficulty, refer to the following steps: 1. Install the hardware on the computer and start the computer. 2. Click Start, Run, type cmd, and press Enter. 3. At the prompt, type diskpart and press Enter. (continues)

178

Chapter 4: Configuring and Troubleshooting Post-Installation System Settings (continued)

4. Type list disk and press Enter. The screen displays the disks in the computer along with the information about each. Look for the disks that you have just installed. Note that each of the new disks is, by default, a basic disk. 5. Type select disk n, where n is the number of the disk that you will be converting to a dynamic disk. The select disk n command moves the focus to the new disk. (This is similar to typing D:\ when you are at a C:\ prompt.) If you already have a single disk in the computer, Windows Vista automatically numbers the existing disk as disk 0 and the new disks sequentially; therefore, the disks will be numbered 1, 2, 3, and 4. 6. Type convert dynamic and press Enter. 7. Repeat steps 5 and 6 until all disks have been converted. 8. If requested, reboot the computer to complete the conversion. 9. To create a volume that exhibits the highest level of performance with the largest available quantity of disk space, you will create a striped volume. You can create a striped volume with 800GB of space, using 200GB from the two smallest disks and 200GB each from the larger disks. The unpartitioned space will be 50GB on one disk and 100GB on the largest disk. The benefit of the striped volume is that data is read from or written to all members of the volume simultaneously in 64KB blocks, thereby achieving the highest possible level of data throughput. Note that this volume is not fault-tolerant. You would require a computer running Windows 2000 Server, Windows Server 2003, or Windows Server 2008 to create a fault-tolerant volume. The striped volume meets the business objectives because it occupies the largest available amount of disk space while enabling the rapid processing of extremely large quantities of data. 10. Type create volume stripe size=200000 disk=1,2,3,4. The size parameter is the amount of space that the striped volume will occupy on each disk in megabytes. You can leave this parameter blank if you intend to use the maximum space available on the disks that can participate in the striped volume.

Configuring Application Compatibility Programs written for earlier versions of Windows might not work properly or stop responding (hang). At times, such programs might exhibit a compatibility issue with Windows Vista. Windows Vista provides a Compatibility mode that emulates the environment found on several previous versions of Windows. Follow Step by Step 4.4 to run an application in Compatibility mode.

179

Troubleshooting Post-Installation Configuration Issues

STEP BY STEP 4.4 Running an Application in Compatibility Mode 1. Right-click the executable or its shortcut and choose Properties. 2. On the Compatibility tab of the Properties dialog box, select Run This Program in Compatibility Mode For and choose one of the options shown in Figure 4.14. 3. Select additional options under Display Settings and Input Settings as required, and then click OK.

FIGURE 4.14

You can run a program in Compatibility mode if it does not run properly under Windows Vista.

TIP You can also use the Program Compatibility Wizard to run a program in Compatibility mode The Program Compatibility Wizard provides the same options available from the Compatibility tab described in Step by Step 4.4. Click Start, Control Panel, Programs and Features. In this category of Control Panel, select the Use an Older Program with this Version of Windows. Follow the instructions provided in the Program Compatibility Wizard.

180

Chapter 4: Configuring and Troubleshooting Post-Installation System Settings

Windows Easy Transfer When a user moves to a new computer, one of the most challenging activities that she faces is the migration of files and settings from the old computer to the new one. Microsoft provides the Windows Easy Transfer tool to assist users in this daunting task. An update to the Windows XP Files and Settings Transfer Wizard, the Windows Easy Transfer tool enables you to transfer files, folders, and settings belonging to a user from an old computer running Windows 2000 or later to a new computer or an existing computer on which a clean installation of Windows Vista exists. It is a simple means of transferring these settings when only a few computers are involved or when users are individually responsible for migrating information to a new computer. It is automatically installed on Windows Vista computers during operating system installation. Windows Easy Transfer migrates the following components to the new computer: . User accounts . Folders and their files, including pictures, music, and videos . Application data and settings (but not the applications themselves) . Email data, including messages, settings, and contacts . Windows and Internet settings

This wizard operates by creating a shared folder on the new computer, using this share to prepare data on the old computer for transfer, and then transferring it to the new computer. To perform this procedure, the following items must be available: . Removable media such as CD-R disks, a flash drive, or a removable hard drive to store

the migrated information. You can also use a shared folder on a server or a USB Easy Transfer cable to connect the two computers directly. . The username and password of the user whose information is being migrated.

To use Windows Easy Transfer, start the wizard on the new computer and create the shared folder, which contains a copy of the Easy Transfer application. Then go to the old computer, connect to the shared folder, and migrate the data to removable media or a shared folder. Finally, return to the new computer and import the migrated data. Step by Step 4.5 provides a detailed procedure.

181

Troubleshooting Post-Installation Configuration Issues

STEP BY STEP 4.5 Using Windows Easy Transfer and a Shared Folder to Transfer Data to a New Computer 1. Create and share a folder on the new computer, for example, C:\EasyTransfer. 2. At this computer, click Start, All Programs, Accessories, System Tools, Windows Easy Transfer. 3. Click Continue on the User Account Control message box that appears. 4. The Windows Easy Transfer Wizard displays the welcome screen shown in Figure 4.15 that describes its actions. Click Next.

The Windows Easy Transfer Wizard provides information on transferring files and settings from the old computer to the new one.

FIGURE 4.15

5. The wizard asks whether you want to start a new transfer or continue one in progress. Click Start a New Transfer. 6. The wizard asks whether you are at the new computer or the old one. Ensure that the My New Computer option is selected, and then click Next. 7. The wizard asks whether you have an Easy Transfer Cable. Select the No option to display the options shown in Figure 4.16 for accessing the old computer. 8. To install Windows Easy Transfer on the old computer, select the No, I Need to Install It Now option. 9. The wizard presents the options shown in Figure 4.17 for installing Windows Easy Transfer on the old computer. Select the External Hard Disk or Shared Network Folder option.

182

Chapter 4: Configuring and Troubleshooting Post-Installation System Settings

The Windows Easy Transfer Wizard provides three options for accessing the old computer.

FIGURE 4.16

Windows Easy Transfer presents four options for installation on the source computer.

FIGURE 4.17

10. Type the path to the shared folder that you created in step 1, and then click Next. The wizard copies the Windows Easy Transfer software to a subfolder named MigWiz in the shared folder and then asks whether the computers are connected to a network. 11. To transfer files and settings across the network, select the Yes option. 12. The wizard asks whether you have a Windows Easy Transfer key, which acts like a password for security purposes. Select No, I Need a Key, and write down the alphanumeric key that appears. Then click Next.

183

Troubleshooting Post-Installation Configuration Issues 13. Go to the old computer, click Start, Run, and type the path to the shared folder. If you are asked to provide credentials, type the username and password of the user on the new computer. 14. When the shared folder opens, select the MigWiz subfolder, open it, and then double-click MigWiz.exe. 15. Windows Easy Transfer opens and asks you how you want to transfer files and settings to the new computer. To use the shared folder, select the Transfer Directly, Using a Network Connection option. 16. To transfer files directly from the old computer to the new one, select the Use a Network Connection option. 17. Click Yes, I Have a Key, type the Windows Easy Transfer key that you received in step 12, and then click Next. 18. The wizard displays a Connecting to the Network message as it connects to the other computer and then asks what you want to transfer to the new computer. Select either All User Accounts, Files, and Settings or My User Account, Files, and Settings Only as Required. If you need to choose only selected users or settings, select the Advanced Options option. 19. As shown in Figure 4.18, the wizard displays a list of files and settings to be transferred. If you need to modify this list, click Customize and follow the instructions provided. Otherwise, click Transfer.

The wizard displays a list of items to be transferred.

FIGURE 4.18

20. Select a user account on the new computer or type a username to create a new user account. Then click Next. 21. The wizard collects the information to be transferred. This can take several minutes. When data collection is complete, it asks you to go back to the new computer. 22. At the new computer, select a user account and then click Next. 23. Review the list of selected files and settings, and then click Transfer to begin the transfer.

184

Chapter 4: Configuring and Troubleshooting Post-Installation System Settings 24. The wizard displays a progress bar as the transfer takes place. You are informed when the transfer is complete. 25. Click Close, and then click Yes to log off and apply the settings.

NOTE User State Migration Tool Microsoft also provides the User State Migration Tool (USMT), which is useful if you need to migrate large numbers of users to new computers running Windows Vista. USMT is a command line-based tool that is easily scripted and provides comprehensive migration capabilities for enterprise deployments. Refer to Migrating to Windows Vista Through the User State Migration Tool in the “Suggested Readings and Resources” section for further information.

REVIEW BREAK You have looked at various alternative startup strategies that you can employ when Windows Vista does not start normally. You have also looked at several hardware device troubleshooting strategies. . Windows Vista provides the Startup Repair Tool, which attempts to perform an auto-

matic repair of problems that prevent Windows from starting normally. . You can also start Vista in alternative modes, such as Last Known Good and Safe

mode, to repair startup problems. . You can use Device Manager to manage and troubleshoot hardware devices and their

drivers. . Vista provides the Program Compatibility mode, which can enable you to run older

applications that are not fully compatible with Vista. . You can use Windows Easy Transfer to transfer data and settings from an old comput-

er to a new Windows Vista computer.

Configuring and Troubleshooting Windows Aero Objective:

Configure and Troubleshoot Windows Aero. With Windows Vista, Microsoft introduces a new desktop scheme known as Aero. Any computer with a high-quality display adapter card can utilize all the power inherent in the display

185

Configuring and Troubleshooting Windows Aero

card to produce the top-level Aero Glass display appearance. Available on all editions except Home Basic, Aero Glass enables enhanced display features such as the following: . Translucent title bars—As shown in Figure 4.19, window title bars and other interface

elements show a view of any windows or the desktop hidden beneath them. This feature can assist you in tracking actions taking place in the background or locating hidden items. You can customize the color and transparency from the Control Panel Display applet. . Windows Flip—In Windows Vista, the familiar Alt+Tab brings up live thumbnail views

of each task running on the computer rather than generic icons, assisting you in locating the correct folder, Word document, and so on. . Windows Flip 3D—Pressing the Windows key+Tab brings up a stacked view of each

task window, showing live actions currently taking place and simplifying the task of choosing the application you want. You can even see live action of a task such as a movie playing in Windows Media Player. You can also scroll through the tasks by using the scroll wheel on your mouse. . Improved taskbar—You can obtain thumbnail views of tasks running on the computer by

hovering your mouse over a taskbar button. . More smoothly performing desktop—Aero has done away with previous redraw artifacts

such as “tearing” that frequently were observed in older Windows versions. Graphics driver-related lockups and crashes have also been reduced.

The Aero Glass desktop includes translucent interface elements.

FIGURE 4.19

186

Chapter 4: Configuring and Troubleshooting Post-Installation System Settings

Understanding Windows Presentation Foundation Known as Avalon during the beta phase of Vista, the Windows Presentation Foundation (WPF) presents an enhanced platform that supports media-rich applications that provide complete fidelity to systems such as the Xbox 360 Media Center Extender. Microsoft has backported WPF to Windows XP to provide support for these applications; however, this does not include the Aero interface. WPF provides the following improvements to graphics in Windows Vista: . Window “tearing” is eliminated—Under previous graphics subsystems, windows that

were dragged rapidly across the desktop appeared to tear. WPF routes graphics through the hardware-accelerated graphics processor, enabling smooth graphics movements under all conditions. . Improved animations—Animation effects such as blurred motion are possible.

Developers can create effects such as fade-ins and fade-outs, enhanced user interface elements, and impressive screen transitions. . Vector-based scaling—This improvement allows you to rescale images to larger size with-

out their appearing blurred or pixilated—in other words, no more jagged edges when you upscale an item such as an icon. . Transparency—WPF enables transparency without a high level of overhead because

everything is rendered in the hardware-accelerated graphics processor. . Enhanced video capabilities—WPF treats video in much the same manner as any other

graphical object. The hardware-accelerated graphics processor handles video without dropping frames (as happened in older Windows systems) or taxing the CPU. These capabilities also enable the Flip and Flip 3D actions already introduced.

Understanding Hardware Requirements for Running Aero A computer that runs Aero properly should meet the Premium Ready hardware requirements already introduced in Chapter 1, “Introducing Windows Vista.” Being a processor- and memoryintensive subsystem, Aero Glass imposes additional graphics card requirements on computers capable of running it:

187

Configuring and Troubleshooting Windows Aero . Video memory—You must have a high-performance video card with at least 128MB of

memory on the card to use Aero Glass. If using a resolution higher than 1920×1200 or a dual-monitor setup above 1280×1024, you need at least 256MB graphics memory. . Graphics processor—Aero requires a DirectX 9 graphics processor with Pixel Shader 2,

32 bits per pixel, and Windows Display Driver Model (WDDM) support. A further advantage of WDDM is that it provides a high level of graphics stability, thereby reducing crashes resulting from graphics driver problems. . Graphics memory bandwidth—You must have a bandwidth of at least 1800MB for a desk-

top computer running at a 1280×1024 pixel resolution. Computers whose graphics hardware do not meet Aero Glass requirements may still be able to function in the standard Aero capability. A computer that is not Aero-capable will provide a desktop graphics experience similar to that of Windows XP.

Configuring Desktop Schemes If the hardware requirements for Aero or Aero Glass are met, Vista automatically enables the highest display capabilities. You can enable or disable Aero or choose from other available schemes from the Appearance Settings dialog box. Step by Step 4.6 shows you how.

STEP BY STEP 4.6 Enabling or Disabling Windows Aero 1. Click Start, Control Panel, Appearance and Personalization, Personalization. You can also right-click a blank area of the display and choose Personalize. 2. Select Windows Color and Appearance. 3. On the Window Color and Appearance dialog box, click Open Classic Appearance Properties for More Color Options. 4. On the Appearance Settings dialog box shown in Figure 4.20, open the Color Scheme drop-down list and select Windows Aero. Then click OK or Apply.

188

Chapter 4: Configuring and Troubleshooting Post-Installation System Settings

FIGURE 4.20

You can choose from several color schemes from the Appearance Settings dialog box.

From this dialog box, you can also choose Windows Standard, which is similar to the display properties of Windows 2000, or Windows Classic, which is similar to Windows 98. Several high contrast schemes, which enhance visibility for vision-challenged users, are also available from this location.

Troubleshooting Aero This section describes some of the more common problems you might encounter with Aero and how you might solve those problems, either on the 70-620 exam or in the real world.

Window Borders Are Not Translucent Your computer can be running Aero Glass but might not be set for translucent window borders. To test whether your computer is running Aero Glass, press Windows+Tab. If you observe the Flip 3D task view, your computer is running Aero Glass. If so, follow Step by Step 4.7 to configure translucency.

189

Configuring and Troubleshooting Windows Aero

STEP BY STEP 4.7 Configuring Translucency 1. Click Start, Control Panel, Appearance and Personalization, Personalization. You can also right-click a blank area of the display and choose Personalize. 2. Select Window Color and Appearance. 3. As shown in Figure 4.21, select the Enable Transparency check box. You can also choose a color and a level of transparency from the options and sliders available on this dialog box. 4. When finished, click OK.

The Window Color and Appearance dialog box enables you to configure the transparency and color of windows in Aero Glass. FIGURE 4.21

Aero Glass Is Not Running If pressing Windows+Tab does not reveal Flip 3D actions, your computer is running the Vista Basic desktop scheme. Follow the procedure of Step by Step 4.6 to enable Aero Glass. If Aero Glass is not available from the Color Scheme drop-down list, your computer is not capable of running Aero Glass. Even if your video card is Aero Glass–capable, it might not have the appropriate drivers. Follow Step by Step 4.8 to check your video drivers.

190

Chapter 4: Configuring and Troubleshooting Post-Installation System Settings

STEP BY STEP 4.8 Checking Video Drivers 1. Click Start, right-click Computer, and click Properties. 2. Select Device Manager from the list on the left side of the System Properties applet. 3. Double-click Display Adapters, and then double-click your display adapter. 4. The Adapter Type string should contain a WDDM entry (see Figure 4.22). If it doesn’t, visit the display adapter manufacturer’s website to see whether they have a newer WDDM-compliant driver. 5. If you can obtain a WDDM-compliant driver, select the Update Driver command button to install it and reboot your computer.

FIGURE 4.22

You need to have a WDDM-compliant display adapter to run Aero Glass.

Additional features may inhibit the appearance of Aero Glass visual elements, as follows: . Glass or transparency might have been disabled in the Performance Options dialog box—In

Control Panel, open System and Maintenance, select Performance Information and Tools, and then select Adjust Visual Effects. From the Visual Effects tab of the Performance Options dialog box, ensure that the Adjust for Best Appearance radio button is selected. If the Adjust for Best Performance radio button is selected, Glass

191

Configuring and Troubleshooting Windows Aero

effects are automatically disabled. You can also select Custom, and then select the check boxes labeled Enable Desktop Composition and Enable Transparent Glass. . Incorrect theme setting—Ensure that Windows Vista is selected in the Theme Setting

dialog box. See Step by Step 4.6 discussed previously. . Color depth may be insufficient—You cannot run Aero Glass if the color depth is set to

less than 32 bits per pixel. Access the Display Settings dialog box and ensure that Color quality is set to Highest (32-bit). If this setting is not available, your display adapter is incapable of running Aero. . An application may be disabling Glass—Application compatibility settings for older appli-

cations may disable the Aero Glass desktop. You looked at application compatibility earlier in this chapter. For additional troubleshooting hints, refer to Windows Vista Rules for Enabling Windows Aero in the “Suggested Readings and Resources” section at the end of this chapter.

Configuring Windows Vista Start Menu and Taskbar Vista provides several options for configuring the properties of the Start menu and the Taskbar. Right-click Start and choose Properties to bring up the Taskbar and Start Menu Properties dialog box, which enables you to configure properties related to the taskbar, Start menu, notification area, and toolbars.

Start Menu Properties As shown in Figure 4.23, you can configure the following properties of the Start menu: . Start Menu Customize button—Select this button to ring up the Customize Start Menu

dialog box (see Figure 4.24). You can choose which options appear on the Start menu. In particular, you can enable the Run dialog box, which is not enabled by default in Windows Vista. . Classic Start Menu—Select this option to use a Start menu similar in appearance to that

of Windows 2000 and older operating systems. Click Customize to specify which items appear on this Start menu. . Privacy—If additional users are accessing your computer and you do not want them to

know which files and programs you have recently accessed, clear either or both of the check boxes in this section.

192

Chapter 4: Configuring and Troubleshooting Post-Installation System Settings

The Start Menu tab of the Taskbar and Start Menu Properties dialog box enables you to configure several options for the Start menu.

FIGURE 4.23

You can configure which items appear on the Start menu from the Customize Start Menu dialog box.

FIGURE 4.24

Taskbar Properties Selecting the Taskbar tab of the Taskbar and Start Menu Properties enables you to configure the following items shown in Figure 4.25. Except for the Show Window Previews option, these properties function as they did in Windows XP:

193

Configuring and Troubleshooting Windows Aero . Lock the taskbar—Determines whether the taskbar is always visible at the bottom of the

display. . Auto-hide the taskbar—Determines whether the taskbar disappears automatically after a

program is started. . Keep the taskbar on top of other windows—Prevents windows from hiding the taskbar. . Group similar taskbar buttons—When selected, taskbar buttons for similar functions

(such as multiple Word documents or multiple Explorer windows) are grouped into single buttons to prevent taskbar buttons from shrinking to a very small size. . Show Quick Launch—Enables the quick launch section of the taskbar, from which you

can start frequently used programs with a single mouse click. . Show window previews (thumbnails)—Enables the display of Flip view thumbnails.

The Taskbar tab enables you to configure several taskbar properties.

FIGURE 4.25

Notification Area Select the Notification Area tab to configure the items that appear in the notification area (formerly known as the System Tray), as shown in Figure 4.26. . Hide inactive icons—Clears the notification area of icons for programs that have not

recently been used. Click Customize to change the behavior of certain icon types. . System icons—Enables the display of the clock, as well as icons for speaker volume, net-

work connection, and on portable computers, the power setting.

194

Chapter 4: Configuring and Troubleshooting Post-Installation System Settings

The Notification Area tab enables display of icons in the notification area.

FIGURE 4.26

Toolbars You can configure the taskbar to display toolbars for Address, Windows Media Player, Links, Tablet PC Input Panel, Desktop, and the Quick Launch section of the taskbar. Only Quick Launch is enabled by default.

Configuring and Troubleshooting Parental Controls Objective:

Configure and Troubleshoot Parental Controls. A common problem in home-based computers is that children have free access to the computer at times when their parents are busy doing other tasks or are not at home. This allows access to questionable websites that include topics such as violence, pornography, drug making, and so on. Furthermore, children may be accessing games or other content at times when they should be using the computer for homework projects. Microsoft has incorporated the new Parental Controls feature into Windows Vista Home Basic, Home Premium, and Ultimate to enable parents to limit children’s computer usage and provide reports on what children actually are doing.

195

Configuring and Troubleshooting Parental Controls

Configuring Various Types of Restrictions The Parental Controls feature enables parents to specify the following types of restrictions: . Website restrictions—The Web Content Filter included with Windows Vista examines

the content of web pages and enables parents to configure restrictions on the type of content accessed by children. Parents can choose from several preconfigured restriction levels or modify them as needed. Besides Internet Explorer, this filter works with other major browsers such as Firefox. . Usage time limits—Parents might want to prevent children from using the computer for

hours on end. They can select the times of day and days of the week during which a child can use the computer. The child is logged off at the end of his allowed time, but his session remains active in the background so he can resume it during the next allowed time interval. . Application limits—Parents can choose which applications their child is permitted to

access, thereby preventing him from running programs such as the parents’ financial planner. The child can ask a parent for approval to run a specific application if required, for example, to complete a school assignment, and the parent can enter her user credentials to approve the application. . Game limits—Parents can choose which types of games children are permitted to play

according to age limits set by major game rating boards. They can also choose to permit or block specific games.

Creating User Accounts Every user of your computer (yourself included) should have his or her own user account, and these accounts should have passwords to help protect them from unauthorized use. Follow Step by Step 4.9 to create a user account.

STEP BY STEP 4.9 Creating User Accounts 1. Click Start, Control Panel, User Accounts and Family Safety, Add or Remove User Accounts. 2. Click Continue in the User Account Control message box that appears. 3. Click Create a New Account to display the dialog box shown in Figure 4.27. 4. Type a name for the user account. Choose an option as explained on the dialog box (you would normally choose the Standard User option) and then click Create Account.

196

Chapter 4: Configuring and Troubleshooting Post-Installation System Settings

The Create New Account dialog box enables you to create new user accounts.

FIGURE 4.27

5. To create a password, select Create a Password. Type a password in the Password and Confirm Password text boxes, and then click Create Password. You might also want to type a hint in the Type a Password Hint text box in case the user forgets the password.

Configuring Parental Restrictions After you have created user accounts for each child, it is simple to set up Parental Controls. Step by Step 4.10 shows you how.

STEP BY STEP 4.10 Configuring Parental Controls 1. Click Start, Control Panel, User Accounts and Family Safety, Set Up Parental Controls for Any User. Or simply type parental in the Search box in the Start menu and press Enter.

NOTE Another way to access Parental Controls You can also access Parental Controls from the Content tab of the Internet Properties dialog box. Click Start, right-click Internet, and choose Internet Properties. Or choose Tools, Internet Options from the command bar in Internet Explorer. Internet Explorer is discussed later in this chapter.

2. Click Continue in the User Account Control message box that appears. 3. Choose the user for which you want to configure Parental Controls. 4. On the Parental Controls dialog box shown in Figure 4.28, click On, Enforce Current Settings under the Parental Controls heading.

197

Configuring and Troubleshooting Parental Controls

The Parental Controls dialog box enables you to configure any of the four types of controls.

FIGURE 4.28

5. To configure website restrictions, click Windows Vista Web Filter. This brings up the screen shown in Figure 4.29, which enables you to configure the following items: . Block Some Websites or Content—Enables Web restrictions. Select this option to enable the remaining options. . Allow and Block Specific Websites—Brings up a dialog box in which you can enter specific websites that you want to either allow or block. . Block Web Content Automatically—Enables you to select a restriction level from High (blocks all sites except those approved for children), Medium (blocks unratable sites and those containing pornography, drugs, hate speech, and weapons), None (does not automatically block sites), or Custom (enables you to select categories to be blocked; you receive a list of 11 categories that you can selectively block). . Block File Downloads—Prevents the child from downloading potentially harmful material. 6. Choose the options you want from this list, and then click OK. 7. To specify time limits, click Time Limits to display the window shown in Figure 4.30. Click and drag to outline the blocked times in blue, and then click OK. 8. To specify game limits, click Games. From the Game Controls dialog box you can block or allow specific games on your computer or prevent the child from playing any games. Click Set Game Ratings to select a maximum allowed rating as shown in Figure 4.31. You can also choose to block specific content types even if a game has an allowed rating. Click OK twice.

198

Chapter 4: Configuring and Troubleshooting Post-Installation System Settings

You have several options for specifying what types of Web content should be blocked.

FIGURE 4.29

You can specify which hours of the day and days of the week your child is permitted to use the computer.

FIGURE 4.30

199

Configuring and Troubleshooting Parental Controls

You can select from a series of game ratings or block specific content types.

FIGURE 4.31

9. To specify program limits, click Allow and Block Specific Programs. Select the (Username) Can Only Use the Programs I Allow option and select the programs to be permitted. Then click OK. 10. When you are finished, click OK to confirm your settings and return to the User Controls dialog box.

TIP Other game rating systems are available You can select other game rating systems from the initial parental control window where you select the user you want to control. A series of rating systems including several Pan European Game Information systems is available, together with links to their websites. You must use the same ratings system for all users.

Configuring Activity Reports The Parental Controls feature enables you to view a report of what your child has done at the computer. This report is useful in case you need to modify the parental control settings. The report includes the following items: . Web Browsing—Shows the top 10 websites visited and the 10 most recent websites that

the child attempted to visit but was blocked by the filter. This also shows any Web overrides, files successfully downloaded, and files blocked from downloading. . System—Shows the recent times the child was logged on and the times he was blocked

from logging on. . Applications—Shows the programs the child ran or was prevented from running.

200

Chapter 4: Configuring and Troubleshooting Post-Installation System Settings . Gaming—Shows the games the child played or was prevented from playing. . Email and Instant Messaging—Summarizes the email and instant messages that the child

sent or received. . Media—Summarizes media player (songs, videos played, and so on) activity.

To enable activity reporting, select the radio button labeled On, Collect Information About Computer Usage in the main Parental Controls window shown previously in Figure 4.28. There are no other configurable options for activity reporting.

REVIEW BREAK You have looked at the desktop interface and Parental Controls feature included with Windows Vista. You should be aware of the following major points: . Windows Vista provides the new Aero and Aero Glass desktop interfaces. These inter-

faces have strong hardware requirements that may prevent them from running properly on some older computers. . The Appearance and Personalization category in Control Panel enables you to config-

ure Aero and its various options. You have also looked at several problems that can prevent Aero from displaying properly and several ways you can troubleshoot them. . The Parental Controls feature in Windows Vista enables you to place restrictions on a

child’s browsing the Web, logon times, available programs, and games.

Configuring Windows Internet Explorer Objective:

Configure Windows Internet Explorer. Browsers are fast becoming a ubiquitous interface to every type of resource—from Hypertext Markup Language (HTML) files, eXtensible Markup Language (XML) data, and FTP files, to network shares, network and local printers, local files and folders, and more. For the 70-620 exam, you are expected to have the skills to configure and troubleshoot various aspects of Internet Explorer 7, including tabbed browsing, pop-ups, add-ons, and Really Simple Syndication (RSS) feeds, and access a variety of network resources using Internet Explorer. Table 4.3 lists the methods you should know.

201

Configuring Windows Internet Explorer

TABLE 4.3

Accessing Resources Via a Browser

Command

Sample URL

Usage

http://

http://www.microsoft.com

Downloads HTML files from Internet Web servers and displays the file within the browser.

https://

https://www.microsoft.com

Downloads HTML files using Secure Socket Layer (SSL) so that the information exchanged is secured.

ftp://

ftp://ftp.microsoft.com

Downloads a file from an FTP server.

File://

File://server/share/folder/file

Opens the file specified from a network server.

http://

http://printserver/printers

Displays a list of the printers that are being shared by a computer configured with IIS for sharing printers.

http://

http://PrintServer/Printer

Opens the printer page for the printer.

EXAM ALERT Handling passwords with a URL How to type a URL correctly is a favorite exam question. When you open a file using FTP, for example, you might need a password. Because Internet Explorer doesn’t support password prompting, you must supply that password within your URL. In this example, the correct syntax is ftp://user:password@ftpserver/url-path.

Internet Explorer 7 improves upon its predecessor, Internet Explorer 6, in many ways. You can keep a series of websites open using tabbed browsing, search for information directly from the address bar, disable use of pop-up windows, use RSS feeds, modify the appearance of the browser window to suit your own preferences, and so on. You can type search phrases into the Search text box to the right of the main address bar (note “Live Search” in Figure 4.32 referenced in the following section). Internet Explorer 7 also improves browsing security greatly over the problem-plagued Internet Explorer 6. Chapter 5, “Configuring Windows Security Features,” discusses configuring Internet Explorer 7’s security settings.

Configuring Tabbed Browsing Users familiar with tabbed browsing in other browsers such as Firefox have come to realize the convenience of having multiple browser sessions open in the same window. To open a new tab in Internet Explorer, just click the small blank tab visible to the right of the active tabs. As shown in Figure 4.32, a new tab initially displays a page that summarizes the advantages of tabbed browsing.

202

Chapter 4: Configuring and Troubleshooting Post-Installation System Settings

Tabbed browsing in Internet Explorer enables you to have multiple websites open in a single browser window.

FIGURE 4.32

The following sections outline several activities you can perform using tabbed browsing: . Open, close, and refresh tabs—Right-clicking an active tab enables you to perform the

activities shown in Figure 4.33. You can close the current tab, close all tabs except the current tab, refresh the current tab or all tabs, or create a new tab.

Each tab has a right-click menu that enables you to perform several activities.

FIGURE 4.33

203

Configuring Windows Internet Explorer . View thumbnails of tabs—Click the small tab at the left end of the tabs (circled in Figure

4.34) to display all open tabs as thumbnail images. This feature is known as Quick Tabs. To view any of the tabs in full-screen view, simply click its thumbnail.

The Quick Tabs feature enables you to view multiple tabs as thumbnails.

FIGURE 4.34

. Save a set of tabs to reopen later—When you close Internet Explorer with more than one

tab open, a dialog box appears, asking you if you want to close all tabs. Click Show Options to display the options shown in Figure 4.35. To open the same tabs later, select the Open These the Next Time I Use Internet Explorer check box.

You can open the same set of tabs later in Internet Explorer.

FIGURE 4.35

204

Chapter 4: Configuring and Troubleshooting Post-Installation System Settings . Save a group of tabs as a favorite—Access the Favorites Center by clicking the yellow star

with the green “+” (circled in Figure 4.36). On the pop-up menu that appears, select Add Tab Group to Favorites. Type a name for the tab group, select a subfolder within Favorites if desired, and then click Add. You can access this group later simply by selecting the group name from the Favorites list, accessed from the yellow star at the far left end of the tabs bar.

You can create favorite groups of tabs for later use.

FIGURE 4.36

. Disable tabbed browsing completely—From the Tools menu, select Internet Options. On

the General tab, in the Tabs section, click Settings and then clear the check box labeled Enable Tabbed Browsing (see Figure 4.37). Then close and restart Internet Explorer.

Blocking Pop-ups Initially included with Internet Explorer 6 on Windows XP with SP2, the Pop-up Blocker eases the frustrations of many Internet users. You can configure how the Pop-up Blocker feature functions by opening the Tools menu, selecting the Pop-up Blocker submenu, and then clicking Pop-up Blocker Settings. The Pop-up Blocker Settings dialog box opens, as shown in Figure 4.38. (This option is not available if the Pop-up Blocker is off.) The other option in this submenu is to Turn Off the Pop-up Blocker (if it is turned on) or Turn On the Pop-up Blocker (if it is turned off).

205

Configuring Windows Internet Explorer

The Tabbed Browsing Settings dialog box enables you to configure additional options related to tabbed browsing or disable tabbed browsing entirely.

FIGURE 4.37

You can allow pop-ups from certain websites by editing the Pop-up Blocker Settings.

FIGURE 4.38

To allow pop-ups from a certain website, type the URL in the Address of Website to Allow text box, and then click the Add button. You can select whether to display the information bar and play a sound when a website’s pop-up is blocked. The Filter Level list box enables you to select whether to block all pop-ups (High), most pop-ups (Medium), or just the pop-ups that are from non-secure sites (Low).

206

Chapter 4: Configuring and Troubleshooting Post-Installation System Settings

When Internet Explorer blocks a pop-up, it displays an information message bar beneath the line of tabs. You can click this bar to temporarily allow pop-ups, always allow pop-ups from this site, or configure additional pop-up settings including suppressing the information bar.

Customizing Internet Explorer Internet Explorer contains a large range of features that you can configure to customize your browsing experience. We look at customizing search providers, managing add-ons, and configuring RSS feeds in this section.

Customizing Search Providers By default, Internet Explorer uses Microsoft Live Search as its search provider when you first open it (note “Live Search” in Figures 4.32 to 4.33). You can change the default search provider or add additional search providers to this box. Step by Step 4.11 shows you how.

STEP BY STEP 4.11 Configuring Search Providers 1. In Internet Explorer 7, click the small drop-down triangle immediately to the right of the Search field. From the pop-up menu that appears, select Find More Providers. 2. Internet Explorer opens a new tab displaying the Add Search Providers to Internet Explorer 7 web page. Click the desired search provider. 3. The Add Search Provider dialog box shown in Figure 4.39 appears. If you want to use this provider as your default, select the check box provided. Then click Add Provider.

The Add Search Provider dialog box enables you to add search providers and set a default provider.

FIGURE 4.39

4. To change or remove search providers, select Change Search Defaults from the pop-up menu. In the Change Search Defaults dialog box shown in Figure 4.40, select the desired search provider and click Set Default to make it the default search provider. Click Remove to remove this provider from the list.

207

Configuring Windows Internet Explorer

You can change your default search provider or remove search providers from the Change Search Defaults dialog box.

FIGURE 4.40

After you have added search providers, it is simple to perform a search with an alternate provider. Simply click the same small drop-down triangle and select the desired search provider. This procedure enables you to change the search provider temporarily without changing the default provider.

Customizing the Toolbars Microsoft has changed the default appearance of the toolbars at the top of the Internet Explorer window. However, you can customize Internet Explorer by selecting options from the Tools menu, as shown in Figure 4.41: . Delete Browsing History—Opens the Delete Browsing History dialog box, which enables

you to delete temporary Internet files, cookies, history, form data, or passwords that are stored on your computer. Click Delete All to delete all these items from your computer. . Pop-up Blocker—Enables you to manage the pop-up blocking feature, as already

discussed. . Phishing Filter—Warns you about fake websites that attempt to hijack your personal

information such as credit card numbers, social security numbers, and so on, which is a practice known as phishing. You can check the current website, report it if it appears to be suspicious, modify filter settings, or turn off the filter completely. . Manage Add-ons—Enables you to manage additional components added to Internet

Explorer. This feature is discussed in the section, “Managing Add-Ons.”

208

Chapter 4: Configuring and Troubleshooting Post-Installation System Settings . Work Offline—Saves copies of websites so that you can access information when offline.

This feature helps to save costs when you are using a provider that charges according to connect time. . Windows Update—Connects to the Microsoft Windows Update website. This was dis-

cussed in Chapter 3, “Upgrading to Windows Vista.” . Menu Bar—Displays the menu bar, which is hidden by default.

TIP Temporarily displaying the menu bar You can choose to temporarily display the menu bar by pressing the Alt key after opening Internet Explorer. Press this key a second time to hide the toolbar. If you use this option to display the menu bar, it is in effect only for the current browser session.

. Toolbars—Enables you to display additional toolbars, including favorites, history, feeds,

links, and status bar. Only the status bar is displayed by default. . Internet Options—Brings up the Internet Properties dialog box, components of which

are discussed elsewhere in this chapter and Chapter 5.

Click Tools to obtain a series of customizing options.

FIGURE 4.41

TIP Another way to access these options You can also access several of the options discussed here by right-clicking a blank area on the toolbar. The pop-up menu displayed also enables you to customize the icons appearing on the command bar by displaying all text labels selective text (the default) or icons only. You can also add or remove commands from this area.

209

Configuring Windows Internet Explorer

Printing Web Pages One of the most annoying features in previous versions of Internet Explorer was the fact that some web pages printed incompletely, with text on the right side of the page being clipped off. Internet Explorer has improved printing by introducing several new items, accessible from the Print icon and the Page icon on the command bar. Click the small triangle to the right of the printer icon to access a pop-up menu that enables you to preview the printed page or modify page setup options. You can specify the paper size, source, orientation (portrait or landscape), and margin size. You can suppress display of the headers and/or footers by clearing the text in the respective text boxes. You also can access printer properties by clicking the Printer button. New to Internet Explorer 7 in Vista is the XPS Document Writer. This appears as a printer option on the Print dialog box and enables you to create an XML Paper Specification (XPS) document, which is a portable file type that you can view on any computer with an XPS viewer installed. This feature enables you to display a web page or other document online exactly as it appears on your monitor. Such documents can be shared, sent to others, or published so that they do not display differently when printed or on computers with different monitors. When you select this printing option, you receive a Save As dialog box that enables you to save the web page to a folder of your choice.

Managing Add-Ons Add-ons are optional additional features that you can install in Internet Explorer to provide additional functionality. They generally come from sources on the Internet and are sometimes installed without your knowledge. At other times, the Internet source will ask you for permission to install an add-on before proceeding. However, if you deny this permission, the web page may not display as intended by their creators.

TIP Running Internet Explorer without any add-ons You can run Internet Explorer without any add-ons by clicking Start, All Programs, Accessories, System Tools, Internet Explorer (No Add-ons). Internet Explorer opens and displays a page that informs you that all add-ons are turned off.

Internet Explorer enables you to manage add-ons in several ways. Follow Step by Step 4.12 to manage add-ons.

STEP BY STEP 4.12 Managing Internet Explorer Add-Ons 1. In Internet Explorer 7, click Tools, Manage Add-ons, Enable or Disable Add-ons. The Manage Add-Ons dialog box shown in Figure 4.42 opens.

210

Chapter 4: Configuring and Troubleshooting Post-Installation System Settings

You can view and manage Internet Explorer add-ons from the Manage Add-Ons dialog box.

FIGURE 4.42

2. Select one of the following options from the Show drop-down list: . Add-ons that have been used by Internet Explorer—Lists all add-ons that have been downloaded to Internet Explorer at any time since you installed Windows plus those that were pre-approved by Microsoft or your computer manufacturer. . Add-ons currently loaded in Internet Explorer—Displays only those add-ons used by a currently or recently viewed web page. This list appears by default when you first open the Manage Add-ons dialog box. . Add-ons that run without requiring permission—Displays all add-ons that were pre-approved by Microsoft, your computer manufacturer, or your Internet service provider (ISP). These add-ons have generally been digitally signed and run without displaying any permissions message box. Any unsigned add-ons carry the message (Not verified) in the Publisher column. . Downloaded ActiveX Controls (32-bit)—Displays 32-bit ActiveX controls only. While these controls add functionality to Internet Explorer, malicious software writers often use them for undesirable purposes. 3. If an add-on appears to be causing problems or preventing a web page from displaying properly, select it and click Disable. 4. To delete an ActiveX control, select it and click Delete. Note that you cannot delete pre-installed ActiveX controls or other types of add-ons; you can only disable them. 5. To locate additional add-ons for Internet Explorer, click Tools, Manage Add-ons, Find More Add-Ons. Follow the instructions and links on the Add-Ons for Internet Explorer web page that appears.

211

Configuring Windows Internet Explorer

NOTE Deleting downloaded add-ons When you download and install an add-on, it is included in the program list found in Control Panel Add or Remove Programs. You can uninstall these add-ons from this location. You cannot delete any other types of add-ons other than ActiveX controls as explained here.

Configuring Really Simple Syndication (RSS) Feeds RSS presents a simple means in which you can receive up-to-date information on the Internet at times that are convenient to you. Internet Explorer 7 automatically detects when websites are offering RSS feeds and displays a toolbar icon. Click this icon to view the feed and obtain information about subscribing to it. You can subscribe to feeds from various websites and bring headlines from different sources together in one common list from which you can browse content without the need to access each site. When the Feeds toolbar icon turns orange, you are on a site that offers RSS feeds. Click this icon to view current headlines and subscribe to the feed. You can also specify that a sound be played when a feed is received. When you subscribe to feeds, Internet Explorer adds them to the Feeds section of the Favorites list. To review the feeds to which you are subscribed, click the star icon at the topleft corner of Internet Explorer and then click Feeds. Follow Step by Step 4.13 to configure how RSS feeds are downloaded and displayed.

STEP BY STEP 4.13 Managing RSS Feeds 1. In Internet Explorer 7, click Tools, Internet Options. 2. Select the Content tab, and then click Settings under Feeds at the bottom of the dialog box. The Feed Settings dialog box shown in Figure 4.43 opens.

You can manage RSS feeds from the Feed Settings dialog box.

FIGURE 4.43

212

Chapter 4: Configuring and Troubleshooting Post-Installation System Settings 3. Configure the following items as required: . Automatically Check Feeds for Updates—You can enable Internet Explorer to download feeds automatically at the interval selected from the drop-down list. Available intervals range from 15 minutes to one week. . Advanced options—You can choose to automatically mark feeds as read, play a sound when feeds arrive, or modify the view in which a feed is displayed. 4. Click OK when you are finished, and then click OK to close the Internet Properties dialog box (or click Apply to apply the settings and keep the Internet Properties dialog box open).

TIP Viewing feeds in HTML format The Turn On Feed Reading View option shown in Figure 4.43 controls whether feeds display in XML or HTML format. By default, Internet Explorer displays these feeds in XML. By clearing this check box, you can configure Internet Explorer to display feeds in HTML format.

Configuring AutoComplete Settings The Content tab of the Internet Properties dialog box also enables you to configure properties related to the AutoComplete feature. This feature remembers entries you have typed before on web page addresses, forms, usernames, and passwords. To configure the types of settings that are remembered, click Settings in the AutoComplete section. The AutoComplete Settings dialog box shown in Figure 4.44 opens. Simply select the types of items for which you want to use AutoComplete, and clear the settings to prevent new items from being stored.

You can specify which types of entries are completed from the AutoComplete Settings dialog box.

FIGURE 4.44

213

Key Terms

Summary After you have installed Windows Vista, you can configure many settings to improve the functionality of the operating system and troubleshoot issues that might arise. Various problems can cause Vista to fail to start or to display a Blue Screen of Death (BSOD) on startup. Vista provides the Startup Repair Tool (SRT) that helps you diagnose and correct startup problems automatically. You can also start Vista in several advanced options including the Last Known Good Configuration and Safe mode. You can invoke the System Restore feature to take your system back to a previous stable configuration and undo a harmful setup. Microsoft has provided the new Aero and Aero Glass interface with Vista to enable an enhanced desktop experience. The Aero Glass interface possesses enhanced hardware requirements, and is not available with Vista Home Basic. You saw how to enable Aero and Aero Glass, as well as to revert to a desktop similar to that of previous Windows operating systems, and we discussed several options that you can follow when a user’s desktop does not display as expected. The new Parental Controls feature enables parents to control a child’s computer capabilities to protect the child from undesirable actions. You can control the types of websites visited, limit logon hours, restrict the types of games that can be played, and limit the applications that will run. You can also view a report on the child’s computer activities. Internet Explorer 7 introduces new browsing capabilities. You saw how to configure tabbed browsing, control the appearance of pop-up windows, customize search providers and toolbars, manage add-ons, and control Really Simple Syndication (RSS) feeds.

Key Terms . activity reports . add-ons . Aero . Aero Glass . Blue Screen of Death (BSOD) . Computer Management console . Device Manager . Last Known Good Configuration . Parental controls . pop-up windows

214

Chapter 4: Configuring and Troubleshooting Post-Installation System Settings . Really Simple Syndication (RSS) . Safe mode . Start menu . Startup Repair Tool (SRT) . System Restore . tabbed browsing . taskbar . Windows Easy Transfer

Apply Your Knowledge The 70-620 exam expects you to be able to troubleshoot startup and hardware configuration problems, configure and troubleshoot the Aero and Aero Glass interfaces, configure Parental Controls, and customize Internet Explorer. You can supplement the exercises and questions with hands-on practice of configuring the various options for connecting to the Internet and displaying Web content and RSS feeds. You need at least two computers, together with an Internet connection, to perform these exercises.

Exercises 4.1 Creating a Restore Point In this exercise, you create a restore point that is needed by the SRT to perform a successful driver restore. You should have a dual-boot computer that can be running two instances of Windows Vista or one of Vista and one of either Windows 2000 or Windows XP to perform Exercises 4.1 and 4.2. Estimated time: 15 minutes (not including operating system installations). 1. Boot the computer to Windows Vista. 2. Click Start, All Programs, Accessories, System Tools, System Restore. 3. Click Continue on the User Account Control message box that appears. 4. On the System Restore dialog box that appears, select the System Protection link near the bottom of the dialog box.

215

Apply Your Knowledge 5. The System Protection tab of the System Properties dialog box opens. You should see two disks listed under Available Disks. Ensure that the check boxes for both disks are selected and then click Create. 6. Type a simple description for the restore point, and then click Create. 7. When you are informed that the restore point was created successfully, click OK and then close the System Properties and System Restore dialog boxes.

4.2 Startup Repair Tool In this exercise, you work with the SRT by setting up a dual-boot system and renaming an essential driver to observe the functioning of the SRT. You need to first modify the permissions on the Vista Windows folder so that the exercise runs properly, because Microsoft has created a new account identified only by its security identifier (SID) of S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464. This involves changing the owner of the Windows\System32\Drivers folder and modifying its default permissions. You are performing this exercise strictly to observe how the SRT works; the computer on which you perform this exercise should not contain any important data unless you have backed up this data previously. Perform this exercise on the same computer used for Exercise 4.1. Estimated time: 30 minutes. 1. Boot the computer to the Windows 2000/XP operating system and log on as an administrator. 2. In My Computer, navigate to the \Windows\System32 folder, where refers to the partition on which you installed Vista. Be very careful that you are in the correct partition. 3. To modify Vista filenames, even outside of Vista, you must change some file attributes. Start by right-clicking the Drivers folder and choosing Properties. 4. Select the Security tab and then click Advanced. 5. On the Owner tab of the Advanced Security Settings dialog box, note that the owner is given as the SID mentioned at the start of this exercise. Change the owner to the Administrators group, select the check box labeled Replace Owner on Subcontainers and Objects, and then click OK. 6. Back in the Security tab of the Drivers Properties dialog box, add Full Control to the allowed permissions, and then click Apply. 7. Select the General tab. If the Read Only attribute is selected, clear this check box, click OK, and then select the option to apply the changes to this folder, subfolders, and files. 8. Double-click the Drivers folder to open it. 9. Locate partmgr.sys and rename this file to partmgr.xxx. This is an essential disk driver file. 10. Restart the computer and boot to Vista. 11. Windows Boot Manager will display the error shown in Figure 4.45. It identifies the problematic file: \Windows\System32\drivers\partmgr.sys.

216

Chapter 4: Configuring and Troubleshooting Post-Installation System Settings

When an essential startup file is corrupted, Windows Boot Manager displays an error similar to this one.

FIGURE 4.45

12. Insert the Vista DVD-ROM, and then press the Reset button. 13. Press the spacebar when instructed to boot from the Vista DVD. 14. Press Enter to start Windows Setup. 15. After a few minutes, the Install Windows dialog box appears. Choose the proper language settings, and then click Next. 16. Click Repair Your Computer. 17. On the System Recovery Options dialog box, ensure that Microsoft Windows Vista appears, and then click Next. If Vista is not listed, click Load Drivers. 18. Click Startup Repair. Startup Repair displays a dialog box as it attempts to repair the problem. 19. After a few minutes, you should receive a Startup Repair message box instructing you to restart your computer to complete the repair. Click Finish to restart the computer. 20. Your computer should restart into Vista. If not, reboot to Windows XP and rename \Windows\ System32\drivers\partmgr.xxx back to partmgr.sys.

217

Apply Your Knowledge

Exam Questions 1. You are working as a network consultant at Joe’s Garage. Joe has entrusted his personal computer to you to have a new wireless network adapter driver installed. He tells you that he has extremely important data on the drive and asks that you be very careful to not lose it. After reassuring Joe, you install the new driver. After you reboot, Joe’s computer gives you a Blue Screen of Death error before you reach the logon screen. You attempt another reboot and are stopped again. How can you resolve the error and keep your promise to Joe?

❍ A. Restart the computer in Safe mode and use the Rollback feature in Device Manager to revert to the previous driver.

❍ B. Restart the computer using the Last Known Good Configuration option. ❍ C. Restart the computer with the Windows Vista DVD-ROM. When the Install Windows screen appears, select Repair Your Computer. When the System Recovery Options screen appears, select Startup Repair.

❍ D. Restart the computer with the Windows Vista DVD-ROM. When the Install Windows screen appears, select Repair Your Computer. When the System Recovery Options screen appears, select System Restore and then select yesterday’s restore point. 2. You have copied a useful legacy program from your old computer running Windows 98 to your new Windows Vista computer. However, the program does not run properly when you attempt to start it. What should you do to run this program on Vista? (Each correct answer is a complete solution. Choose two.)

❍ A. Right-click the program and choose Properties. On the dialog box that appears, select the Previous Versions tab and select the option to run the program in Compatibility mode for Microsoft Windows 98/Windows Me.

❍ B. Right-click the program and choose Properties. On the dialog box that appears, click the Compatibility tab and select the option to run the program in Compatibility mode for Microsoft Windows 98/Windows Me.

❍ C. In the Programs and Features section of Control Panel, select Use an Older Program with this Version of Windows. On the Program Compatibility Wizard, select the Microsoft Windows 98/Windows Me mode.

❍ D. In the Appearance and Personalization section of Control Panel, select Change the Theme. Then choose the Windows Classic theme and click Apply.

218

Chapter 4: Configuring and Troubleshooting Post-Installation System Settings 3. Peter uses a computer that runs Windows 2000 Professional. The computer has a 200GB hard drive that is configured with three partitions. Peter wants to explore the possibility of using Windows Vista Ultimate, so he installs this operating system on the second partition as a clean install. When he attempts to access the Internet from Vista by means of the computer’s PCI network adapter, he is unable to reach any websites. He reboots the computer to Windows 2000 and is able to access the Internet. After rebooting the computer to Vista he accesses Device Manager and notices a yellow exclamation mark on the network adapter. What should he do?

❍ A. Right-click the network adapter and select Update Driver Software. ❍ B. Right-click the network adapter and select Enable. ❍ C. Right-click the network adapter and select Scan For Hardware Changes. ❍ D. Open Control Panel Windows Update and select the Check for Updates option. 4. You are a desktop support technician for a major company that is in the process of rolling out Windows Vista computers to their employees. An employee named Diane has a computer on which she would like to run Windows Vista Business. The computer currently runs Windows XP Professional and is equipped with 1GB RAM, a 75GB hard drive, a 2.4-GHz processor, and a video card with 64MB video RAM. You upgrade this computer from Windows XP Professional to Windows Vista Business. Diane reports that nothing happens when she attempts to switch tasks using the Windows+Tab key combination. She would like to use the Flip 3D feature that she has read so much about, so she returns to you and asks you what she should do. What do you suggest?

❍ A. Go to the Display Properties applet and select the Aero Glass theme. ❍ B. Go to Device Manager and install an updated driver for the video card. ❍ C. Replace the video card with a new one that has 128MB video RAM. ❍ D. Tell her to use the Alt+Tab key combination instead. ❍

E. Tell her to upgrade the computer to Windows Vista Ultimate.

5. You are the network administrator for JAMS, Inc., a graphics and advertising firm. The graphics department has just purchased new monitors and video adapters for their computers. One ambitious fellow, George, has already installed the adapter and connected the monitor. George logs on to the computer and finds that the display is distorted. He is calling you for help. George thinks that the monitor and adapter he is using is the problem and wants to replace it. You first want to troubleshoot the video adapter, but you cannot see the screen well enough to read the text. What can you do to fix George’s problem? (Choose all that apply.)

❍ A. Restart the computer and select the Last Known Good Configuration. ❍ B. Restart the computer and select Enable Low-Resolution Video. ❍ C. In Device Manager, uninstall the existing video adapter driver. ❍ D. In Device Manager, click the Action menu and select Scan for Hardware Changes.

219

Apply Your Knowledge 6. You have configured Parental Controls on your Windows Vista Home Premium computer that your middle school–age daughter, Erin, uses for school projects. You have set the computer up to run only a limited number of programs she uses and have also configured Internet usage and games limits. Erin complains that she needs to use a program on a disk that her teacher has distributed to complete an assignment and that the assignment will not run. You need to enable this program without compromising the limits you have set on her access to the computer. What should you do to accomplish this objective with the least amount of administrative effort?

❍ A. Enter your username and password on the error message dialog box that Erin receives when she attempts to run the program.

❍ B. Right-click the program, select Run As, and enter your username and password. ❍ C. Enable the Erin Can Use All Programs option. ❍ D. Install the program and then select it in the program list that appears on the Application Restrictions page. 7. You are assembling a handout of information for members of your workgroup and are printing material from various websites to include in your handout. You do not want the printed material to display the website name and path in the header and footer areas. What should you do?

❍ A. From the Page Setup dialog box, delete the information that appears in the Header and Footer text boxes.

❍ B. From the Print dialog box, select Microsoft XPS Document Writer. ❍ C. From the Tools menu, select Menu Bar. Then open the View menu and clear the Header and Footer options.

❍ D. Copy the material to a Word document and then manually delete the header and footer. 8. You are working with several applications on your computer, which runs Windows Vista Business. You use the Flip 3D feature to navigate among the various windows open on the computer and find this feature highly useful. After opening an older application that used to work properly on your old Windows XP Professional computer, you observe that the Flip 3D feature is no longer working. You would like to ensure that Flip 3D always works. What should you do?

❍ A. Reconfigure the application compatibility settings. ❍ B. Open the theme settings in the Display applet and select Windows Vista. ❍ C. Update the drivers for the video card. ❍ D. Add additional RAM to the computer.

220

Chapter 4: Configuring and Troubleshooting Post-Installation System Settings 9. In Internet Explorer, you browse to an interesting website that offers a new add-on for download. So you download and install this add-on, and then restart Internet Explorer. However, you are unable to access any websites even though Internet Explorer starts properly. What should you do?

❍ A. Reset Internet Explorer to default settings. ❍ B. Run Internet Explorer using the No Add-Ons option. ❍ C. Uninstall the add-on from the Manage Add-Ons dialog box. ❍ D. Uninstall the add-on from Control Panel Programs and Features. 10. For several years, you have been subscribing to RSS feeds on a Windows 2000 Professional computer that has been running Internet Explorer 6. You have recently purchased a new Windows Vista Business computer and transferred all your files and settings to this computer. On viewing the RSS feeds in Internet Explorer 7 on your new computer, you notice that they are displaying in a fixed style sheet in XML format. You would prefer to view the feeds in the HTML format you are used to seeing on your old computer. What should you do to ensure that the feeds always appear in this format?

❍ A. Disable the Turn On Feed Reading View option. ❍ B. Reset Internet Explorer to default settings. ❍ C. Disable the XML DOM Document add-on. ❍ D. Search for a suitable add-on. Download, install, and enable this add-on. ❍

E. Click the title of the feed.

Answers to Exam Questions 1. B. Because you never actually logged on to the computer, you could restart the computer and use the Last Known Good Configuration. If you were able to log on and then received a stop error, you would probably need to use the Device Driver Rollback feature, but it isn’t necessary in this case. Answers A, C, and D are incorrect because they are measures you might take if you were unable to use the Last Known Good Configuration method, for whatever reason. For more information, see the section, “Using Alternative Startup Strategies.” 2. B and C. You can right-click the program and choose Properties. On the dialog box that appears, select the Compatibility tab and select the option to run this program in Compatibility mode for Microsoft Windows 98/Windows Me. Alternately, you can run the Program Compatibility Wizard and select the same option from this location. An application’s Properties dialog box does not have a Previous Versions tab; this tab is found on files and folders that have been modified. This feature enables you to go back to an older version of a file. It does not enable you to run a program in compatibility mode, so answer A is incorrect. Enabling the Windows Classic theme emulates the

221

Apply Your Knowledge desktop appearance of older Windows versions but does not enable a program to run in Compatibility mode; therefore, answer D is incorrect. For more information, see the section, “Configuring Application Compatibility.” 3. A. Peter should right-click the network adapter and select Update Driver Software. The yellow exclamation point indicates that the network adapter does not have drivers installed. Selecting Update Driver Software starts the Hardware Update Wizard and initiates a search for the appropriate driver. He might need to reboot to Windows 2000 to access the network adapter manufacturer’s website to download a suitable driver before he runs this wizard. Peter would receive the Enable option only if the network adapter were disabled; in this case it would be displayed with a red “X” icon, so answer B is incorrect. The Scan for Hardware Changes option does not install new drivers, so answer C is incorrect. Windows Update provides updates for Windows Vista and other Microsoft software products. It does not provide Windows Vista-compliant drivers, so answer D is incorrect. For more information, see the section, “Troubleshooting Hardware Devices.” 4. C. Diane needs to replace the video card with a new one that has 128MB video RAM. To run the Aero Glass theme, which includes the Flip 3D feature, she needs to have a video card that has at least this amount of memory. She cannot simply go to the display properties and select Aero Glass; this theme is not present in the available options unless her computer has the proper video card, so answer A is incorrect. Installing an updated driver for the video card will not help because the video card has insufficient RAM, so answer B is incorrect. The Alt+Tab key combination does not invoke Flip 3D, so answer D is incorrect. Diane does not need Vista Ultimate to use Aero Glass; Vista Business is adequate, so answer E is incorrect. For more information, see the section, “Understanding Hardware Requirements for Running Aero.” 5. B, C, and D. The process you need to go through is to first get to a point where you can see the screen. You can do this by rebooting the computer and selecting the Enable Low-Resolution Video (640×480) option. This uses a basic video driver to operate the display adapter. After you can see what you are doing, you then need to uninstall the video adapter driver that George replaced in the Device Manager. After the video adapter driver has been uninstalled, you can scan for new hardware changes, which will begin the installation of the video adapter driver. The only incorrect answer was A, which was to use the Last Known Good Configuration. However, you cannot use the Last Known Good Configuration because George had already successfully logged on to the computer. For more information, see the sections, “Using Alternative Startup Strategies,” and, “Using Device Manager to Troubleshoot Hardware Devices.” 6. D. You should install the program, and then select it in the program list that appears on the Application Restrictions page. This list specifies all programs installed on the computer and enables you to select which ones your child is permitted to run. If she attempts to run a program that is not approved, she receives an error message. While this error message contains text boxes that permit you to enter your credentials, you would need to do this each time she needs to run the program. Therefore, this method takes more administrative effort, and answer A is incorrect. Likewise, using the Run As option takes more administrative effort, so answer B is incorrect. Enabling the Erin Can Use All Programs option would permit her to run other programs that you do not want her to access, so answer C is incorrect. For more information, see the section, “Configuring Parental Restrictions.”

222

Chapter 4: Configuring and Troubleshooting Post-Installation System Settings 7. A. You should delete the information that appears in the header and footer text boxes in the Page Setup dialog box. This prevents these items from being printed. The Microsoft XPS Document Writer produces an exact copy of the document and facilitates its printing in the exact form it appears in on the web page. This option would include the header and footer information, so answer B is incorrect. Unlike Microsoft Office products, the View menu does not include options for turning off headers and footers, so answer C is incorrect. Copying the page to a Microsoft Word document would allow you to delete the header and footer. However, doing this might render the information in a different format than desired and present problems for reformatting it; therefore, answer D is incorrect. For more information, see the section, “Printing Web Pages.” 8. A. You should reconfigure the application compatibility settings. Application compatibility settings for older applications may disable the Aero Glass desktop. If this step does not work, you might need to contact the application’s vendor for an upgrade. The Windows Vista theme setting must already have been selected, or you would not have seen the Flip 3D feature before opening the application, so answer B is incorrect. The current video drivers and RAM on your computer must be adequate for enabling Flip 3D because you have been able to use this feature, so answers C and D are incorrect. For more information, see the section, “Aero Glass is Not Running.” 9. D. You should uninstall the add-on from Control Panel Programs and Features. While you cannot uninstall add-ons that were pre-installed on your computer, you can uninstall add-ons that you have downloaded. Click Start, Control Panel, and in the Programs category, select the Uninstall a Program option. This starts the Programs and Features applet with a page labeled Uninstall or Change a Program. Resetting Internet Explorer to default settings will not undo the effect of the problematic add-on, so answer A is incorrect. While you could run Internet Explorer with the No Add-ons option by selecting this option from the Start, All Programs, Accessories menu, many websites would be unable to display properly; therefore, answer B is incorrect. It is not possible to uninstall an add-on from the Manage Add-Ons dialog box; you can uninstall ActiveX controls only from this location. Therefore, answer C is incorrect. For more information, see the section, “Managing Add-Ons.” 10. A. To ensure that RSS feeds always appear in the HTML format, you should disable the Turn On Feed Reading View option. This option is found on the Feed Settings dialog box, which is accessed from the Feeds section of the Internet Properties dialog box, Content tab. The default settings are to view feeds in the XML format, so resetting Internet Explorer to default settings does not work; therefore, answer B is incorrect. Disabling the XML DOM Document add-on does not change the format of RSS feeds, so answer C is incorrect. You do not need to search for an additional add-on, so answer D is incorrect. Clicking the title of the feed only changes the feed to HTML format on a temporary basis, so answer E is incorrect. For more information, see the section, “Configuring Really Simple Syndication (RSS) Feeds.”

223

Apply Your Knowledge

Suggested Readings and Resources The following are some recommended readings on the subject of post-installation configuring and troubleshooting of desktop settings, Parental Controls, and Internet Explorer in Microsoft Windows Vista: 1. Course . Microsoft Official Curriculum course 5115, Installing and Configuring the

Windows Vista Operating System. Module 3, Configuring Post-Installation System Settings and Module 8, Configuring Internet Explorer 7.0. Information available at http://www.microsoft.com/learning/syllabi/en-us/5115aprelim.mspx 2. Websites . Microsoft. System requirements for Windows Vista. http://support.microsoft.com/

kb/919183 . Microsoft. Windows Vista Rules for Enabling Windows Aero. http://

www.microsoft.com/whdc/device/display/aero_rules.mspx . Microsoft. Troubleshoot audio problems in Windows Media Center. http://

windowshelp.microsoft.com/Windows/en-US/Help/e7b016f9-915c-47e6-b101c4c6deb4b7af1033.mspx . Microsoft. Stay up to date with Microsoft RSS feeds. http://www.microsoft.com/

windows/rss/default.mspx . Hardmeier, S. RSS—A Whole New Way to Communicate. http://www.microsoft.com/

windows/ie/community/columns/rss_communicate.mspx . Microsoft. Migrating to Windows Vista Through the User State Migration Tool.

http://technet.microsoft.com/en-us/windowsvista/aa905115.aspx . Microsoft. Learn About the Features. http://www.microsoft.com/windows/

products/windowsvista/features/safer.mspx. (includes Parental Controls and Internet Explorer 7)

This page intentionally left blank

5

CHAPTER FIVE

Configuring Windows Security Features Objectives This chapter helps you to prepare for the exam by covering the following Microsoft-specified objectives for the Installing and Upgrading Windows Vista section of Exam 70-620, TS: Microsoft Windows Vista, Configuring:

Configure and troubleshoot User Account Control. . User Account Control improves on security by enabling users to run without administrative privileges and provides a prompt when a user performs an action such as installing an application that requires administrative privileges. Microsoft expects you to know how to configure several policies related to User Account Control and troubleshoot problems that can arise.

Configure Windows Defender. . Windows Defender helps keep your computer secure by preventing installation of spyware, adware, and other unwanted software that unscrupulous websites can attempt to install. Support staff and administrators must ensure that users’ computers remain secure from these types of threats.

Configure Dynamic Security for Internet Explorer 7. . Users who access Web resources through Internet Explorer can inadvertently expose their computer to security problems. Ranging from hackers to malware, the exposure on the Internet can cause serious problems to a computer. Not only does an administrator need to protect the computer, but also the privacy of the user’s personal information.

Configure security settings in Windows Firewall. . You can configure the types of communication that are allowed to pass in either direction across Windows Firewall. In the 70-620 exam, Microsoft tests your ability to limit communications to only those that are desired, as well as troubleshoot communication problems that can occur across the firewall.

Outline Introduction

228

Configuring Security Settings in Windows Firewall

273

229

Configuring Windows Firewall

274

Managing User Accounts

230

Managing Local Group Accounts

234

Basic Windows Firewall Configuration

274

236

Using the Windows Firewall Snap-in

279

Configuring Multiple Firewall Profiles

280

Local User and Group Accounts

Belonging to a Windows Server Domain

Configuring and Troubleshooting User Account Control 238 Features of User Account Control Application Prompts

239 242

Configuring User Account Control

244

User Account Control Policies

246

Configuring Windows Defender

250

Scanning for Malicious Software

251

Configuring Windows Defender Actions

253

Updating Windows Defender

256

Using Software Explorer

257

Configuring Dynamic Security for Internet Explorer 7

259

Configuring Internet Explorer Zones

259

Configuring Protected Mode in Internet Explorer

261

Configuring Content Advisor

262

Configuring the Phishing Filter

266

Understanding Advanced Security Options

268

Privacy Tab Settings

268

Content Tab Settings

270

Advanced Tab Settings

271

Configuring Group Policy and Windows Firewall

282

Summary

284

Key Terms

284

Apply Your Knowledge

285

Exercises

285

Exam Questions

288

Answers to Exam Questions

295

Suggested Readings and Resources

298

Study Strategies You should practice configuring and implementing each of the security features discussed in this chapter. Perform the Step by Step and end-of-chapter exercises and experiment further with the settings to observe what they do so that you know when you should implement each of these features. . Attempt to perform actions that display UAC prompts from a nonadministrative user account. Then configure Group Policy for UAC to automatically deny elevation requests for standard users. Log back on as a non-administrative user and attempt to perform these actions again. . Configure a program to always run with elevated privileges, and then configure another program to request elevated privileges. Then run these programs from an administrative account and from a non-administrative account. . Experiment with the options in Windows Defender. Turn off Windows Defender and note the messages that you receive. . Internet Explorer security options affect how the computer treats a Web resource. Use a Windows Vista computer connected to the Internet. Connect to any website. Add the website to the Restricted Sites category. Close the browser, open again, and attempt to connect to the website. Configure the various security and content options and attempt to connect to the website again. Attempt to connect to websites offering material that is blocked by the various content categories. . Configure Windows Firewall to block all incoming connections and then attempt to connect to network and Internet resources. Configure the various exceptions, repeat your attempts, and observe what happens. Become familiar with the most important exceptions and the circumstances in which you should allow these exceptions.

228

Chapter 5: Configuring Windows Security Features

Introduction Whether a computer is used as a standalone, a portable laptop, a member of a workgroup, or a member of a domain, it can be subject to security breaches. All it takes is a person who can physically or remotely access the computer and gain rights to view or change its files. The risk can range from theft of proprietary information, to a breach of personal privacy, to malicious attacks on the computer’s operating system. The following is a brief summary of popular attack methods used by hackers and crackers in recent years (for additional information, see any recent book dedicated to computer security, including those listed in the “Suggested Readings and Resources” section of this chapter): . Denial of service (DoS)—This includes any type of attack that disrupts access to services

and resources that a user should be able to reach. In its usual form, a computer is so overwhelmed by such a large number of data packets that it is unable to perform normal activities. A distributed denial of service (DDoS) attack is similar except that the attacker uses a series of computers to attack and overwhelm the target. . Spoofing—This attack impersonates a legitimate user or website to make you believe

that data being sent is genuine. Phishing, or the attempt to deceive you into sending confidential information such as bank account or credit card numbers to attackers, is a type of spoofing. . Man-in-the-middle—An attacker intercepts traffic by entering the mid-point of a legiti-

mate communication and attempts to deceive the parties at both ends into believing that they are communicating with each other, when they are actually communicating with the attacker. TCP/IP hijacking is a type of this attack, in which the attacker uses source-routed IP packets to take over a TCP session between two legitimate computers. . Password guessing—Programs exist that attempt to sniff passwords being transmitted

across a network, either by searching dictionaries for commonly used passwords or utilizing a brute force method to try all possible combinations of letters, numerals, and special characters until a password is found. . Social engineering—An attacker can take advantage of the kind nature of individuals by

masquerading as a user such as a manager who has forgotten her password or other authentication information. . Malicious software—A malicious or compromised website or email message can distrib-

ute software programs that are intended to cause harm to any user accessing the website or message. Viruses, worms, and Trojan horses were the earliest types of malicious software (malware) employed by attackers. In recent years, more insidious forms of malware have arisen, including back doors, keystroke loggers, logic bombs, adware, spyware, and rootkits.

229

Local User and Group Accounts

Windows Vista incorporates a number of security technologies to protect it from these and other types of attacks. First introduced in Windows XP SP2, the Windows Security Center shown in Figure 5.1 enables you to configure many of these features.

FIGURE 5.1 You can configure many security options from the Windows Security Center.

This chapter looks at how you configure and troubleshoot User Account Control, Windows Defender, Internet Explorer security options, and Windows Firewall.

Local User and Group Accounts Although Microsoft did not include configuration of user and group accounts in its Exam 70620 objectives, an introductory knowledge of how these accounts operate is important in understanding security configuration and how features such as User Account Control operate. For this reason, this section includes an introduction to this topic.

NOTE Principle of Least Privilege In developing Windows Vista, Microsoft stressed the Principle of Least Privilege, which in its simplest form states that programs and services should run in a user account that is granted the minimum privileges required to run properly. Microsoft has simplified the processes behind running a computer with a standard user account by granting such accounts the privileges to do tasks such as modifying time and power settings while limiting actions that malicious software can perform. Internet Explorer 7 runs in Protected mode by default, and Windows services operate under a profile that enables only the minimum privileges required to run properly. Furthermore, most drivers run in user mode, which grants them fewer privileges than they formerly received by running in kernel mode. For more information on the Principle of Least Privileges, refer to Applying the Principle of Least Privilege to Windows Vista in the “Suggested Readings and Resources” section at the end of this chapter.

230

Chapter 5: Configuring Windows Security Features

Managing User Accounts Every person who logs on to Windows Vista must do so with a user account. If the user account has been granted greater rights and permissions, the user can access resources on that computer that otherwise would be inaccessible. Problems arise in productivity when users are not able to access the resources that they need to conduct their jobs. One alternative is to allow users to have unrestricted rights to the computers and resources. However, this can result in an even greater loss of productivity because a user could unintentionally render the computer inoperable in any number of ways. The trick to effective management is to create a balance between rights granted to users and those denied. One of the top concerns regarding user rights is file and folder access, especially the rights configured for shared folders or on computers that are shared by multiple users. Because multiple people potentially can access a file at any time on shared folders and shared computers, a misapplied right can compromise a file containing private data. Best practices dictate that users should never be granted rights individually. Instead, you should create a group to be granted that permission even if only one user needs the access to the resource. This practice makes it easier to duplicate the types of rights and permissions that users require to perform certain functions. For example, if you are managing a workgroup for a tax accounting business, you can expect that seasonally the work will increase. With extra work, additional tax preparers will require the same access as a current tax preparer. To make certain that all the additional tax preparers have the same rights to the shared folders, you can add them to the group (or combination of groups) that includes the current tax preparers. This method certainly beats trying to re-create the same rights for each file, folder, and other resources that a user account was granted individually. Any person who owns an object can grant or deny permissions to other users or groups. If permission is not specifically and explicitly granted to a user or the groups to which the user belongs, then the permission is implicitly denied. For example, if you create a group called SALES that has Read privileges to the Sales Literature folder and Full Control privileges to the Sales Database folder and its contents, a user who is not a member of the SALES group (and has not been granted any other rights explicitly or through other group membership) is not allowed to read the files in the Sales Literature folder or access the Sales Database folder contents.

CAUTION Denial wins out When permission is explicitly denied to a user or group, even if the user is a member of another group where the same permission is explicitly granted, the Deny permission overrides all others, and the user will not be allowed access.

231

Local User and Group Accounts

Permissions are stored as access control entries (ACE) in a discretionary access control list (DACL). (ACEs can be placed in the object’s system access control list [SACL], which determines what will trigger an audit event.) Whenever a user requests authorization to use a prohibited object or resource, the user sees an Access Is Denied message. When a local user account attempts to use a domain-based network resource, the user is disallowed unless the resource has been configured to allow Anonymous access. To enable anonymous access, you can select ANONYMOUS LOGON, which is a built-in special group, from the Select Users or Groups dialog box, which is displayed in Figure 5.2.

FIGURE 5.2 ANONYMOUS LOGON enables any user to have the authorization to use the resource.

Best Practices to Lock Down Windows Vista To ensure you have the greatest amount of security applied to your computers, you can follow these best practices: . Install the latest updates and service packs. You can download these from http://windowsupdate. microsoft.com. . Turn on Automatic Updates, as discussed in Chapter 3, “Upgrading to Windows Vista.” Step by Step 3.5 showed you how to configure this feature. . Turn on Windows Firewall for all Internet connections unless you connect to a private network that then connects to the Internet and contains its own firewall. You learn about this feature later in this chapter in the section, “Configuring Security Settings in Windows Firewall.” . Ensure that Pop-up Blocker is turned on, as discussed in Chapter 4, “Configuring and Troubleshooting Post-Installation System Settings.” (continues)

232

Chapter 5: Configuring Windows Security Features (continued)

. When a member of a domain, use domain user accounts only. . Rename the Administrator account. Open Local Security Policy applet in Control Panel. Edit the Local Policy \ Security Options policy for Accounts: Rename Administrator Account. . Disable the Guest account by opening Control Panel User Accounts Category and selecting Change an Account. Click Guest and select the option to turn off the Guest account. . If using a domain, disable File and Printer sharing for workstations. If already installed, right-click each of the network connections in the Network and Sharing Center and select Properties. Remove File and Printer Sharing for Microsoft Networks. Also configure Group Policies User Configuration node, Administrative templates, Network, Network Connections node to enable the policy Prohibit Adding or Removing Components for a LAN or Remote Access Connection. Chapter 6, “Configuring Network Connectivity,” discusses the Network and Sharing Center. . In a domain environment, you should utilize a consistent permissions management scheme. Microsoft recommends that you place Accounts Global groups, then place these groups in Domain Local groups. Finally you can grant or deny Permissions (AGDLP) to the Domain Local Groups. The section, “Belonging to a Windows Server Domain” later in this chapter briefly introduces domain groups. . Implement a certification authority (CA). . Require smart cards for logon and force logoff when the card is removed. . Use BitLocker drive encryption on all portable computers. Chapter 9, “Configuring and Troubleshooting Mobile Computing,” discusses security on portable computers. . For kiosks and publicly available computers, limit the GUI to include required applications; disable Control Panel, the Command prompt, and the Run command; and restrict all unnecessary software. . Restrict software from running from any website in the Internet Zone. . Use virus scanning software and update the virus data files daily. . Implement a password policy to require complexity. Set a maximum password duration of 30 days and a minimum password duration of 10 days. . Implement Account Lockout policy for a three-password threshold, to remember the invalid password attempts for one hour and to reset the counter after one hour. . Disable user accounts when users go on extended leave or leave the company, rather than delete them. This enables you to retain the users’ configuration settings, rights and permissions, group memberships, and so on. In addition, retaining the account ensures that any encrypted files can be recovered if a data recovery agent was never configured. . Never grant rights to the Anonymous Logon, Guests, Everyone, Interactive, Dialup, or Network groups. Instead, grant rights to the Authenticated Users group, which requires the user to provide valid credentials before being granted access to computer resources. Alternatively, create a special group and grant explicit rights to the group, which will be passed on to users specifically placed in that group.

233

Local User and Group Accounts

You can use User Accounts and Family Safety in Control Panel to create new local user accounts. Chapter 4 demonstrates the use of this feature. To create and configure both user and group accounts, you should use the Computer Management console, shown in Figure 5.3, which you can open by clicking Start, right-clicking Computer, and selecting Manage from the shortcut menu. You will need to provide administrative permission to use this feature.

FIGURE 5.3 Computer Management provides administration options for both local user accounts and local groups.

NOTE Password never expires When you create or edit a user account, you are provided with an option to configure for Password Never Expires. This setting overrides any password settings in Group Policy or Local Security Policy. You should use this option only for user accounts that are used for applications that must interact as a user with the operating system.

Local users receive their rights to access resources by being explicitly granted permissions or by being members of local groups that have been granted permissions. You cannot add local users to domain global groups—you can add domain users only to global groups in a domain. However, you can always add a domain global group as a member of a local group if Windows Vista Business, Enterprise, or Ultimate is a member of the domain.

TIP Using whoami to troubleshoot user rights You can troubleshoot user rights using whoami, a commandline utility that is installed by default in Windows Vista. To see the rights that the current user has, type whoami at the command prompt. You can see everything in verbose mode by typing whoami /all. This utility displays all groups, even the built-in groups that do not appear under Member Of property sheets, which you can use to track down a misconfigured right.

234

Chapter 5: Configuring Windows Security Features

Managing Local Group Accounts Windows Vista provides a number of default local groups. Table 5.1 lists the more commonly accessed default local groups. The Authenticated Users and Interactive groups are special built-in groups described later in Table 5.2. Their inclusion in the Users group allows any user who has submitted correct credentials to be considered a member of the Users group. Removing the Authenticated Users and Interactive groups from the Users group will cause problems and potentially prevent access to the computer from applications such as Remote Assistance. TABLE 5.1

Default Local Groups in Windows Vista

Local Group

Default Access

Default Members Locally

Administrators

Unrestricted access to the computer

Administrator

Backup Operators

Access to run Windows Backup and sufficient access rights that override other rights when performing a backup

N/A

Guests

Limited only to explicitly granted rights and restricted usage of computer

Guest

Network Configuration Operators

Access to manage the network configuration of the computer, such as TCP/IP properties

N/A

Power Users

Not used directly with Vista; included only for backwards compatibility with previous Windows versions

N/A

Remote Desktop Users

Limited to accessing the computer via a remote desktop connection plus any explicitly granted rights and restricted usage of computer

N/A

Users

Limited to use of the computer, personal files and folders, and explicitly granted rights

All newly created users. NT Authority\Authenticated Users special built-in group NT Authority\ Interactive special built-in group

Best practices state that you should never change the default rights and members of a default local group or built-in group. Instead, you should create your own specific groups, provide them with explanatory names and descriptions, and then grant or deny those groups the necessary rights. To create a group, open the Local Users and Groups console (by accessing it in Computer Management, or typing lusrmgr.msc in the Run dialog box and pressing Enter, or adding the Local Users and Groups snap-in in the Microsoft Management Console [MMC]).

235

Local User and Group Accounts

Right-click Groups and select New Group from the shortcut menu. The New Group dialog box opens, as shown in Figure 5.4.

FIGURE 5.4 The New Group dialog box enables you to name, describe, and add members to a group.

When you name the group, you will be restricted from using special characters (\ / “ [ ] : | < > + = ; , ? * @), the same as you would when creating a new user. To add new members to the group after it is created, you can right-click the group and select Add to Group from the shortcut menu. When you delete a local group, you delete the group and its permissions but not any users who are members of the group. You are not allowed to modify the built-in system groups directly in the Local Users and Groups console because their membership is not based on who the user is, but on how the user was able to access the computer. A user is dynamically included in these groups after satisfying the authentication required by the group. You are able to add or deny rights and permissions to built-in special groups. To prevent severe problems when granting rights, never deny nor increase rights to these groups—create your own special group and deny or grant the rights to that group and then add the users to whom these rights should be given. Table 5.2 discusses several of the more common built-in special groups. TABLE 5.2

Built-in Special Groups in Windows Vista

Built-in Group

Default Access

Default Members Locally

Anonymous Logon

Not provided any default access rights

User accounts that Windows Vista cannot authenticate locally

Authenticated Users

Not given any default access rights

All users with valid local user accounts on this computer (continues)

236

Chapter 5: Configuring Windows Security Features

TABLE 5.2 Continued Built-in Group

Default Access

Default Members Locally

Creator Owner

Designated full control over resources created or taken over by a member of the Administrators group

Administrators group

Dialup

No specific rights; this group is not shown on systems without configured modems and dial-up connections

All users who have connected to the computer with a dial-up connection

Everyone

Full control is the default permission granted for all files and folders on NTFS volumes; you must remove this permission to implicitly deny access

All users who access the computer

Interactive

No specific rights

All users who have logged on locally to the computer

Network

No specific rights

All users who have established a connection to this computer’s shared resource from a remote network computer

Belonging to a Windows Server Domain As outlined in Chapter 1, “Introducing Windows Vista,” you can join computers running the Business, Enterprise, or Ultimate editions of Windows Vista to an Active Directory domain hosted on domain controllers running Windows 2000 Server, Windows Server 2003, or Windows Server 2008. To do so, ensure that you are connected to the network hosting the domain controllers. Then follow Step by Step 5.1.

STEP BY STEP 5.1 Joining a Windows Server domain 1. Access the System Properties dialog box and click Change Settings in the Computer Name, Domain, and Workgroup Settings section of this dialog box. 2. Click Continue on the User Account Control prompt that appears. 3. In the System Properties dialog box, click Change to access the Computer Name/Domain Changes dialog box. 4. Under Member of, select Domain and type the name of the domain to be joined and then click OK, as shown in Figure 5.5.

237

Local User and Group Accounts

FIGURE 5.5 The Computer Name/Domain Changes dialog box enables you to join an Active Directory domain.

5. When requested, supply the credentials of an account with Domain Administrator privileges in the selected domain. 6. You will have to restart the computer to complete this action.

After you have joined the domain, you should use only domain user accounts to log on to your computer, as already mentioned. In addition, you can use domain-based user and group accounts to configure security on your Windows Vista computer. This enables you to utilize domain groups with the following group scopes: . Global—You can use these groups to contain users, computers, and other global groups

from the same domain. They are generally employed to organize users who have similar functions and therefore similar needs on the network. For example, you might include all help desk staff in one global group, all accounting staff in another global group, and so on. . Domain local—You can use these groups to contain users, computers, and groups from

any domain in the Active Directory forest. Note that a forest is a group of domains that share a common trust relationship, schema, and configuration. They are most often used for granting permissions for resources and as such may be employed to grant access to any resource in the domain in which they are created. Therefore, it is logical for a domain local group to include global groups that contain all users who have a common need for a given resource. . Universal—Similar to the way you use domain local groups, you can employ these groups

to grant permissions to resources. However, this group scope enables you to grant access to any resource in the Active Directory forest, rather than just a single domain. A universal group can include users, computers, and global groups from any domain.

238

Chapter 5: Configuring Windows Security Features

You can add any of these domain groups directly to local groups on your Windows Vista computer to grant access to files and folders on your computer. In addition, the following default domain groups are automatically added to local groups when you join your computer to a domain: . The Domain Admins global group is added to the Administrators local group. . The Domain Guests global group is added to the Guests local group. . The Domain Users global group is added to the Users local group. . All domain user accounts in the computer’s domain or any trusted domain are added to

the Authenticated Users special built-in group. For more information on Active Directory domains, user accounts, and group accounts, refer to MCSE Exam 70-294 Exam Prep: Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure in the “Suggested Readings and Resources” section.

TIP Permissions applied to domain users When you grant permissions to domain users, the best practice is to use the AGDLP method. This means that you place Accounts in Global groups. Then you place the Global groups into Domain Local groups, to which you grant (or deny) Permissions.

Configuring and Troubleshooting User Account Control Objective:

Configure and troubleshoot User Account Control. In previous versions of Windows, many users became frustrated with the inability to perform many common tasks and therefore ran their computers with an administrative user account, often the default Administrator account created when Windows was installed. These users received total system privileges as required for installing and configuring applications, modifying system configuration, running background system tasks, installing device drivers, and performing other system configuration actions. Such a practice left the computers open to many types of attack by malware programs such as those mentioned at the start of this chapter.

239

Configuring and Troubleshooting User Account Control

Administrators and technical support personnel in a corporate environment were often left in a dilemma. They could grant users administrative privileges, which can result in users changing settings, either accidentally or deliberately, that disrupted computer or network performance or compromised security. Or they could limit user privileges, which often limited productivity because users were unable to perform basic tasks such as connecting to a wireless network or installing a printer driver. Windows Vista addresses this problem by introducing a new feature called User Account Control (UAC). Simply put, UAC requires users performing high-level tasks to confirm that they actually initiated the task. Members of the Administrators group are logged on with only normal user privileges and must approve administrative actions before such actions will run. Nonadministrative users must provide an administrative password. Providing administrative approval to run such tasks places the computer into Admin Approval mode.

Features of User Account Control UAC requests approval before running administrative tasks on the computer. UAC redefines what a standard user is permitted to do: Such a user can perform many basic functions that pose no security risk but previously required administrative privileges. In addition, it facilitates the act of providing administrative credentials when users needed to perform a higher-level task such as installing an application or configuring system settings. Furthermore, UAC makes administrative accounts safer by limiting tasks that can be performed without providing additional consent and requesting such consent for performing tasks such as system tasks that require higher privileges. Under UAC, all users (administrative or not) can perform tasks such as the following without supplying administrative credentials: . Viewing the system clock and calendar and configuring the time zone (but not chang-

ing the system time) . Modifying power management settings . Installing printers and hardware devices that an administrator has allowed using Group

Policy . Using Wired Equivalent Privacy (WEP) to connect to an approved wireless network . Creating and configuring an approved virtual private network (VPN) connection . Installing ActiveX controls from sites that an administrator has approved . Installing critical updates from Windows Update

240

Chapter 5: Configuring Windows Security Features

EXAM ALERT The Power Users group The tasks summarized here are similar to those granted to members of the Power Users group in previous Windows versions. Vista includes the Power Users group solely for backwards compatibility purposes. You do not need to add users to this group to perform these functions. Only add users to this group if required for running non-certified or legacy applications. To grant this group all the privileges provided in Windows XP, you must apply a default security template that modifies default permissions on system folders and the Registry. An exam choice that suggests adding a user to the Power Users group in Vista is most likely incorrect in all instances.

When authenticating a member of the Administrators group, Vista issues two access tokens: a full administrator token and a standard user token. The standard token is used for all actions that do not require administrative privileges, while the administrator token is used only when administrative privileges are required. Windows Vista informs you when a task requires elevated (administrative) privileges by displaying a shield icon such as those that appear in the Tasks column of the System applet shown in Figure 5.6. When you select one of these tasks, the screen dims and you receive a UAC prompt (also known as an elevation prompt), as shown in Figure 5.7. When you click Continue, the administrative access token grants you elevated privileges, enabling you to perform the task you have selected.

FIGURE 5.6 Vista uses a shield icon to inform you when a task requires administrative privileges.

The dimmed screen indicates that the UAC prompt is running in secure desktop mode (such as when the Ctrl+Alt+Delete prompt appears when logging on to a domain-based computer). This means that you must either approve or cancel the UAC prompt before you can continue performing any other task on the computer.

241

Configuring and Troubleshooting User Account Control

FIGURE 5.7 User Account Control displays this prompt to ask for approval of an administrative task.

A user who is not a member of the Administrators group receives only the standard user token when her access is authenticated. Such a user receives the UAC prompt shown in Figure 5.8, which requires that a password for an Administrator user account be entered.

FIGURE 5.8 User Account Control requests that an administrative user password be entered when displayed from a non-administrative user account.

CAUTION Protecting your computer Always ensure that the action that launches a UAC prompt is the one you want to perform. This is especially true if a UAC prompt appears unexpectedly, which could indicate a malware program is attempting to run. Should this happen, click Cancel, and the program cannot run. You should then scan your computer with one or more malware detection programs.

242

Chapter 5: Configuring Windows Security Features

If a background application that is minimized to the taskbar requires elevated privileges, the UAC prompt appears on the taskbar and blinks to draw attention. An example of where this would happen is in the downloading of an application from the Internet. When the download completes and approval for installation is required, the user can click the prompt and approve it. This enables the user to continue performing other tasks such as reading email without being interrupted by the UAC prompt.

NOTE UAC and Parental Controls In a family setting, UAC supplements the functions that a parent can control with the Parental Controls feature introduced in Chapter 4. Parents can give each child a user account with ordinary privileges. When a child needs to perform a task such as installing a program, the child receives a UAC dialog box asking for administrative approval and can ask a parent to enter administrative credentials. This enables the parent to approve programs a child wants to use as required.

Application Prompts UAC causes some third-party applications to display prompts when you attempt to run them. This helps to secure your computer because the prompt informs you of the program that is attempting to run so that you can verify that this is a program you really want to run. Click Continue to run the program or Cancel to exit. When running with an administrative account, a program with a legitimate digital signature that includes its name and publisher will display the prompt appearing in Figure 5.9.

FIGURE 5.9 User Account Control displays a prompt similar to this when you start a third-party program with a legitimate digital signature.

A non-administrative user running a similar program will receive the prompt appearing in Figure 5.10. If the third-party program does not have a digital signature that includes its name and publisher, the prompt that appears is stronger. It uses a yellow title bar and yellow shield, as shown in Figure 5.11. If a prompt with a strange program name appears, click Cancel to prevent it from running. When a non-administrative user runs a program without a digital signature, UAC asks for an administrative user password, as shown in Figure 5.12.

243

Configuring and Troubleshooting User Account Control

When run from a non-administrative user account, a third-party program with a legitimate digital signature displays this prompt.

FIGURE 5.10

When a program that does not have a digital signature attempts to run, UAC displays this prompt to an administrative user.

FIGURE 5.11

When a program that does not have a digital signature attempts to run, UAC displays this prompt to a non-administrative user.

FIGURE 5.12

244

Chapter 5: Configuring Windows Security Features

Configuring User Account Control Microsoft has provided several means of configuring applications and tasks to run with elevated privileges. Follow Step by Step 5.2 to perform a task with elevated privileges.

STEP BY STEP 5.2 Using Elevated Privileges to Perform a Task 1. Start the program or task that is displayed with a shield icon. The display dims, and the UAC prompt appears, as previously shown in Figure 5.7. 2. Verify that the UAC prompt is requesting privileges for the proper task. If desired, click Details for more information on the task. 3. Click Continue to start the task or application.

You can also mark an application to always run with elevated privileges. This situation may occur if the application developer has coded the program to access protected folders such as the %ProgramFiles% or %Systemroot% folders, or requires access to the Registry. Follow Step by Step 5.3 to mark an application to always run with elevated privileges.

STEP BY STEP 5.3 Configuring an Application to Always Run with Elevated Privileges 1. Ensure that you are logged on to the computer as a member of the local Administrators group. 2. Right-click the desired application and choose Properties. 3. On the Compatibility tab of the application’s Properties dialog box, select Run This Program as an Administrator, as shown in Figure 5.13. Then click OK.

CAUTION Default Administrator account If you are logged on using the default Administrator account created when you install Windows Vista, you do not receive any UAC prompts. Do not use this account except under emergency conditions. Best practices recommend that this account be disabled.

245

Configuring and Troubleshooting User Account Control

You can configure a program to run as an administrator from the Compatibility tab of its Properties dialog box.

FIGURE 5.13

You can also configure a program to request administrative privileges from its shortcut properties. When you do this, the program always displays a UAC prompt when started from its shortcut. Follow Step by Step 5.4 to do so.

STEP BY STEP 5.4 Configuring an Application to Request Elevated Privileges 1. Ensure that you are logged on to the computer as a member of the local Administrators group. 2. If necessary, drag a shortcut to the desktop. 3. Right-click the shortcut and choose Properties. 4. On the Shortcut tab, click the Advanced button. 5. On the Advanced Properties dialog box shown in Figure 5.14, select the Run as Administrator check box, and then click OK. 6. Click OK to close the shortcut Properties dialog box.

246

Chapter 5: Configuring Windows Security Features

FIGURE 5.14

The Advanced Properties dialog box for a shortcut enables you to always run the program as an

administrator.

NOTE Windows programs and shortcuts You cannot configure Windows components to always run in elevated privileges. For these programs, the options on the Compatibility tab shown previously in Figure 5.13 are unavailable (dimmed). For these components, you must perform the procedure outlined in Step by Step 5.3 so that the program displays a UAC prompt when started from the shortcut. Also note that if you start the program that you have configured in Step by Step 5.3 from the Start, All Programs menu, it does not display a UAC prompt and runs in normal mode.

User Account Control Policies Microsoft has provided a series of policies in Vista Group Policy that govern the behavior of UAC. These policies are available from the Group Policy Object Editor snap-in (available by typing gpedit.msc from the Run dialog box) or from the Local Security Policy snap-in. Follow Step by Step 5.5 to configure UAC policies.

STEP BY STEP 5.5 Using Local Security Policy to Configure UAC 1. Click Start, Control Panel, System and Maintenance, Administrative Tools, Local Security Policy. You can also click Start, Run, type gpedit.msc, and then press Enter. 2. Click Continue on the UAC prompt that appears. 3. On the Local Security Policy console, navigate to the Security Settings\Local Policies\Security Options node. 4. Scroll to the bottom of the policy list to view and configure the available policies, as shown in Figure 5.15.

247

Configuring and Troubleshooting User Account Control

Group Policy provides a series of policies that govern UAC behavior.

FIGURE 5.15

5. To configure a policy, right-click it and choose Properties. Choose Enabled or Disabled as required, and click OK. Two of the policies offer options from a drop-down list, as shown in Figure 5.16. You can also click the Explain tab for further information on each policy.

You can configure each policy or obtain more information from its Properties dialog box.

FIGURE 5.16

6. When finished, click OK.

Group Policy makes the following UAC policies available: . Admin Approval Mode for the Built-in Administrator—Governs the behavior of the built-

in Administrator account. When enabled, this account displays the UAC prompt for all actions requiring elevated privileges. When disabled, this account runs all actions with full administrative privileges. Disabled by default.

248

Chapter 5: Configuring Windows Security Features . Behavior of the Elevation Prompt for Administrators in Admin Approval Mode—Determines

the behavior of the UAC prompt for administrative users. This policy has the following options: . Prompt for Consent—Enables an administrator to select either Permit or Deny

when an action runs that requires elevated privileges. Select Permit to run the action with the highest possible privileges. This is the default. . Prompt for Credentials—Prompts for an administrative username and password

when an action requires administrative privileges. When selected, administrative users receive the prompt previously shown in Figure 5.8 for non-administrative users. . Elevate without Prompting—Enables the administrator to perform the action with-

out consent or credentials. In other words, the administrator receives Admin Approval mode automatically. This setting is not recommended for normal environments. . Behavior of the Elevation Prompt for Standard Users—Determines the behavior of the

UAC prompt for non-administrative users. This policy has the following options: . Prompt for Credentials—Displays a prompt to enter an administrative username and

password when a standard user attempts to run an action that requires elevated privileges. This is the default. . Automatically Deny Elevation Requests—Displays an Access is Denied message simi-

lar to that shown in Figure 5.17 when a standard user attempts to run an action that requires elevated privileges.

Non-administrative users receive an error when they attempt to run a program requiring administrative credentials when you have configured the policy to automatically deny elevation requests.

FIGURE 5.17

. Detect Application Installations and Prompt for Elevation—When enabled, displays a UAC

prompt when a user installs an application package that requires elevated privileges. When disabled, domain-based Group Policy or other enterprise-level technologies

249

Configuring and Troubleshooting User Account Control

govern application installation behavior. Enabled by default in an enterprise setting and disabled by default in a home setting. . Only Elevate Executables that are Signed and Validated—When enabled, performs public

key infrastructure (PKI) signature checks on executable programs that require elevated privileges before they are permitted to run. When disabled, no PKI checks are performed. Disabled by default. . Only Elevate UIAccess Applications that are Installed in Secure Locations—When enabled,

runs applications only with UIAccess integrity if situated in a secure location within the file system such as %ProgramFiles% or %Windir%. When disabled, the application will run with UIAccess integrity regardless of its location in the file system. Note that UI (User Interface) Access-application programs and accessibility tools used by developers to push input to higher desktop windows require the uiAccess flag to be equal to true; that is, uiAccess=true. Also the application program that wishes to receive the uiAccess privilege must reside on the hard drive in a trusted location and be digitally signed. Disabled by default. . Run All Administrators in Admin Approval Mode—When enabled, enforces Admin

Approval mode and other UAC policies. When disabled, all UAC policies are disabled, and no UAC prompts will be displayed. In addition, the Windows Security Center will notify the user when disabled and offer the option to enable UAC. Enabled by default. . Switch to the Secure Desktop When Prompting for Elevation—When enabled, displays the

secure desktop when a UAC prompt appears. When disabled, the UAC prompt remains on the interactive user’s desktop. Enabled by default. . Virtualize File and Registry Write Failures to Per User Locations—When enabled, redirects

application write failures for pre-Vista applications to defined locations in the Registry and the file system, such as %ProgramFiles%, %Windir%, or %Systemroot%. When disabled, applications that write to protected locations fail as was the case in previous Windows versions. Enabled by default.

CAUTION Don’t disable UAC completely If you disable the Run All Administrators in Admin Approval mode policy setting, you disable UAC completely, and no prompts will appear for actions requiring elevated privileges. This leaves your computer wide open for attack by malicious software. Do not disable this setting at any time! Note that the Windows Security Center will display a message from the notification area if you have disabled this setting.

250

Chapter 5: Configuring Windows Security Features

REVIEW BREAK You have looked at user and group accounts and the new UAC feature in Windows Vista and how these help to improve your computer’s security. . You can create local user and group accounts on a Windows Vista computer and assign

permissions to resources to these accounts. . Vista provides a series of built-in group accounts that carry a set of preconfigured priv-

ileges with them. . User Account Control (UAC) is a new security feature in Windows Vista that requires

users to provide administrative approval before performing tasks that operate in Admin Approval mode. . Non-administrative users attempting to perform administrative tasks receive a UAC

prompt that requires them to enter the username and password of an administrative account. . Group Policy enables you to control the behavior of User Account Control or turn it

off completely.

Configuring Windows Defender Objective:

Configure Windows Defender. First available in Windows XP as Windows AntiSpyware beta, Windows Defender is a program that protects your computer against the damaging effects of spyware. Spyware is malicious software that hides on your computer and performs nefarious activities such as the following: . Logging your Internet browsing habits and sending pop-up advertisements that reflect

these habits . Modifying your default Internet Explorer start page and search engine . Adding unwanted, difficult to remove toolbars to Internet Explorer and Windows

Explorer . Logging keystrokes that capture confidential information such as passwords

251

Configuring Windows Defender . Sending personal data such as credit card or Social Security numbers to unauthorized

parties . Taking control of your computer for purposes such as storing pirated data or sending

spam . Causing a general slowdown of computer performance with more frequent program or

system crashes Although you might think that Windows Firewall would block spyware downloads or UAC would display prompts when spyware attempts to install or run, most spyware programs piggyback onto otherwise legitimate programs that users download from the Internet. These problems are great enough that Microsoft decided to integrate Windows Defender into Vista as an important component of the operating system. Windows Defender provides an additional layer of protection against these types of malware. Windows Defender monitors your computer for telltale signs of spyware activity. When it finds problems, it attempts to block the actions of spyware and remove it from your computer. It displays alerts in the event that a serious problem requiring your immediate action should occur. In addition, it collects and sends information about the spyware infection to a Microsoft online community called SpyNet, which assists other users in detecting and combating spyware attacks.

TIP Using third-party anti-spyware programs Windows Defender can cooperate with third-party antispyware programs to provide an enhanced level of protection from malware. Other programs may have spyware definitions or scan techniques not yet built into Windows Defender. Spyware is pervasive and uses a large number of methods to infect computers, so it is always worthwhile to have more than one anti-spyware program running at the same time.

Scanning for Malicious Software Windows Defender automatically and continuously monitors your computer for signs of unwanted applications, concentrating on often-abused locations such as Registry keys and the Startup folder. By default, it also performs a quick scan of the most vulnerable locations of your computer daily at 2:00 AM. An application attempting to perform a modification in such a location will cause Windows Defender to display a prompt, asking the user either to allow or reject the modification. Follow Step by Step 5.5 to perform scans using Windows Defender.

252

Chapter 5: Configuring Windows Security Features

STEP BY STEP 5.5 Performing Windows Defender Scans 1. Start the Windows Defender configuration screen, which is shown in Figure 5.18, using one of the following procedures: . Click Start and type defender in the Search box. Then click Windows Defender in the program list. . Click Start, Control Panel, Security, Windows Defender. . Click Start, All Programs, Windows Defender.

You can configure Windows Defender options from the main Windows Defender dialog box.

FIGURE 5.18

2. To perform an immediate quick scan, click Scan. Windows Defender scans the most vulnerable locations of your computer and displays the results. 3. To perform a full or custom scan, click the triangle next to Scan. This displays a pop-up menu from which you can choose a full scan (scans all computer locations) or a custom scan (enables you to select the drives and folders to be scanned). 4. To display a history of recent Windows Defender activities, click History. The History panel shown in Figure 5.19 displays recent actions and provides links to items that are either permitted or restricted from executing. 5. When you are finished, close Windows Defender. It continues to monitor your computer in the background.

253

Configuring Windows Defender

FIGURE 5.19

The Windows Defender History screen enables you to view recent Windows Defender actions.

If Windows Defender finds software that it thinks is spyware on your computer, it displays an alert and offers you the following options: . Quarantine—Places the software in a restricted location on your computer from which

it cannot run. You can choose later to delete the software or move it back to a location from which it can run. Use this option if you are unsure whether the program is spyware. . Remove—Deletes the software permanently from your computer. . Ignore—Ignores the threat this time only. Windows Defender will detect the threat

again the next time it runs. . Always Allow—Enables the software to run and adds it to the Windows Defender

allowed list.

Configuring Windows Defender Actions Windows Defender comes with a complete set of configurable actions that govern how it monitors your computer. Follow Step by Step 5.6 to configure actions performed by Windows Defender.

254

Chapter 5: Configuring Windows Security Features

STEP BY STEP 5.6 Configuring How Windows Defender Works 1. Start the Windows Defender configuration screen using one of the methods described in Step by Step 5.5. 2. Click Tools, and then click Options to display the Options screen shown in Figure 5.20.

The Options screen enables you to configure how Windows Defender scans your computer.

FIGURE 5.20

3. From this screen, configure the following items as required: . Automatically Scan My Computer (recommended)—Enables you to configure the frequency, time, and type of scan (quick scan or full system scan) . Check for Updated Definitions Before Scanning—Ensures that Windows Defender always has the most recent spyware definitions from Microsoft. This check box is selected by default. . Apply Default Actions to Items Detected During a Scan—Automatically removes spyware or other types of malware at the conclusion of a scan. This check box is selected by default. . Default Actions—Enables you to select the type of action to be applied when items of high, medium, or low alert value are detected. . Real-Time Protection Options—Enables you to select from a list of security agents to be run. These options are all selected by default. See Table 5.3 for a description of the available security agents. . Advanced Options—Enables you to scan archived files and folders, use heuristics to detect potentially harmful or undesired behavior, or create a restore point before applying actions to detected items. These three actions are all selected by default. You can also use the Add button to specify

255

Configuring Windows Defender files or locations that Windows Defender should not scan or the Remove button to reenable files and locations for scanning. . Administrator Options—Enables you to choose whether to use Windows Defender at all (you should never deselect this option) and to allow all non-administrative users to use Windows Defender. 4. After you have configured these options, click Save and then click Continue in the UAC prompt to apply the configured actions. This returns you to the Tools display, where you can select additional options. 5. To manage the list of quarantined items, click Quarantined Items from the Tools display. If you have inadvertently quarantined an item that should be allowed, select it, click Remove, and click Continue in the UAC prompt that appears. 6. To manage the list of allowed items, click Allowed Items from the Tools display. If you have inadvertently allowed an item that should be prevented from running, select it, click Remove from List, and click Continue in the UAC prompt that appears.

TABLE 5.3

Available Security Agents in Windows Defender

Agent

What each agent monitors

Auto Start

Applications that execute automatically on Vista startup, either from the Registry hives or the various Startup folders. Spyware can add itself to these locations to execute without the user’s knowledge.

System Configuration (Settings) Security-related Windows settings. Spyware can modify these settings to allow it to run undetected. Internet Explorer Add-ons

Add-ons that run automatically from Internet Explorer. Spyware can masquerade as these add-ons. See Chapter 4 for more information.

Internet Explorer Configuration (Settings)

Browser security settings. Spyware can modify these settings without your knowledge.

Internet Explorer Downloads

Downloaded applications that provide functionality to Internet Explorer, such as ActiveX controls and software installation programs. Spyware is often included with these downloads.

Services and Drivers

Services and drivers interacting with applications and the Windows operating system itself. Spyware can masquerade as services or drivers to perform its actions.

Application Execution

Programs as they start up and execute on the computer. Spyware can attach itself to these programs and run in the background.

Application Registration

Files and other locations in the operating system in which applications including spyware can be inserted to execute.

Windows Add-ons

Software utilities integrated with Windows. Such utilities can collect information about the user and transmit it to unauthorized parties.

256

Chapter 5: Configuring Windows Security Features

NOTE Windows Defender is also available for older operating systems Microsoft makes Windows Defender available as a free download. It can work with computers running Windows 2000/XP/Server 2003 in much the same manner as described here for Vista.

Updating Windows Defender Microsoft publishes updates to spyware definition signatures on a regular basis. You might be informed of an available update by receiving a message Windows Defender Definitions haven’t been updated on starting Windows Defender. Follow Step by Step 5.6 to check for updates to Windows Defender.

STEP BY STEP 5.6 Checking for Updates to Windows Defender 1. Start the Windows Defender configuration screen using one of the methods described in Step by Step 5.5. 2. Click the triangle next to the Help (blue question mark) icon. From the pop-up menu that appears (see Figure 5.21), select Check for Updates and then click Continue on the UAC prompt that appears. 3. You receive a message in the notification area as Windows Defender checks for and installs any available updates. In a few minutes, you receive a message that either the updates were installed successfully or that no updates were available.

FIGURE 5.21

Windows Defender enables you to check for available updates.

257

Configuring Windows Defender

If you receive this message but are informed that no updates are available after following Step by Step 5.6, your computer may not be up-to-date from Windows Update. You might also need to uninstall the most recent definition file. For more information, refer to How to troubleshoot definition update issues for Windows Defender in the “Suggested Readings and Resources” section of this chapter.

Using Software Explorer Windows Defender also includes a program called Software Explorer, which enables you to view information about software programs and system state on your computer. It includes categories for startup programs, currently running programs, network connected programs, and Winsock service providers. Software Explorer provides the following information: . Auto Start—Specifies programs that are configured to start automatically on Windows

startup. . Startup Type—Specifies the location where automatically starting programs are regis-

tered; for example, a user’s or All Users Startup folder or various Registry hives. . Ships with Operating System—Indicates programs that were installed as Windows

components. . Classification—Specifies whether the program has been tested for risks to computer

security or personal privacy. . Digitally Signed By—Specifies whether the program has been signed and the name of

the publisher that signed it. You should locate additional details about unsigned software before deciding whether you trust such programs. Using Software Explorer you can perform actions such as either temporarily or permanently disabling a program from running at startup. Follow Step by Step 5.7 to run Software Explorer.

STEP BY STEP 5.7 Using Software Explorer 1. Start the Windows Defender configuration screen using one of the methods described in Step by Step 5.5. 2. Click Tools and then click Software Explorer. Software Explorer opens to the Startup Programs category as shown in Figure 5.22. 3. The list on the left side displays programs configured to start from various locations, including the User Profile, All Users, and the Current User and Local Machine hives of the Registry. To view information on a startup program, select it from the list. Information appears on the right side of Software Explorer.

258

Chapter 5: Configuring Windows Security Features

Software Explorer enables you to manage software on your computer.

FIGURE 5.22

4. To prevent a program from starting once only, select it and click Disable. Click Yes on the prompt that asks you whether you are sure you want to disable this program. 5. To remove it permanently from the Startup folder, click Remove and then click Yes on the confirmation prompt. 6. To view a list of programs currently running on the computer, select Currently Running Programs from the Category drop-down list. To shut a program down, select it and click End Process. To open Task Manager, which offers additional options for managing applications running on the computer, click Task Manager. Chapter 8, “Maintaining and Optimizing Systems That Run Windows Vista,” discusses Task Manager in more detail. 7. To view programs running from a network location, select Network Connected Programs from the Category drop-down list. You receive the same options available for other programs. 8. To view Winsock service providers, select it from the Category drop-down list. These are programs that perform fundamental networking and communication services for Windows and its running programs. This option does not have any configurable controls.

259

Configuring Dynamic Security for Internet Explorer 7

Configuring Dynamic Security for Internet Explorer 7 Objective:

Configure Dynamic Security for Internet Explorer. In Chapter 4 you learned about the new features of Internet Explorer 7 and how to perform basic configurations, including tabbed browsing, pop-up windows, interface customizations, add-ons, and Really Simple Syndication (RSS) feeds. Here, the discussion of Internet Explorer continues by showing you how to configure and troubleshoot Internet Explorer’s security settings. The term “dynamic security” refers to the multiple, interrelated security features that defend your computer against multiple attacks, including those introduced at the start of this chapter. Also included are technologies that protect users against malicious websites that attempt to steal users’ personal data using tactics such as phishing. You can configure your Internet Explorer’s security settings from the Internet Properties dialog box, which you can access by any of the following methods: . Click Start, right-click Internet Explorer, and then select Internet Properties. . Click Start, Control Panel, Security, and then select Internet Options. . Open the Security Center and select Internet Options from the list on the left side. . In Internet Explorer, select Tools, Internet Options.

Configuring Internet Explorer Zones The Security tab of the Internet Properties dialog box displays a list of website types called Internet zones, as shown in Figure 5.23. By default, all websites are included in the Internet zone. To move a website to another zone, select the desired zone and click Sites. On the dialog box that appears, type or copy the URL to the text box provided, click Add, and then click Close. You can return a site to the Internet zone by selecting it and clicking Remove. You can also limit the Local intranet and Trusted sites zones to secured sites whose URL starts with https: by selecting the check box labeled Require Server Verification (https:) for All Sites in This Zone.

260

Chapter 5: Configuring Windows Security Features

You can establish security settings separately to each type of website location.

FIGURE 5.23

CAUTION Trusted Sites zone The default security for the Trusted Sites zone is considerably lower than that for any of the other zones. Be absolutely certain that you trust a website implicitly before adding the site to this zone. If you are uncertain, you should leave the site in the Internet zone until you have investigated it thoroughly.

To configure the security settings for an Internet zone, click the zone to select it and then click the Custom Level button. The Security Settings dialog box opens, as shown in Figure 5.24, where you can select each individual security setting or set an Internet zone to a predefined group of security settings including Low, Medium-Low, Medium, Medium-High, and High. Unlike previous versions of Internet Explorer, the default Internet zone does not include the Low and Medium-Low options. The default security setting for this zone is Medium-High. To establish the privacy settings, click the Privacy tab. Here you can select a preset level for handling cookies. If you click the Sites button, you can block or allow privacy information to be exchanged with specific websites. To establish a different method for handling cookies in the Internet zone, click the Advanced button and select your preferred settings.

261

Configuring Dynamic Security for Internet Explorer 7

Individual security settings apply to an Internet zone for a custom security definition.

FIGURE 5.24

For security settings that govern specific behaviors in Internet Explorer, click the Advanced tab and scroll down the window to the Security category. Here, you can set options such as reducing problems caused by software downloaded and run from the Internet (do this by clearing the Allow Software to Run or Install Even if the Signature Is Invalid check box). One of the ways that you can secure Internet Explorer is to ensure that it is updated with the latest patches and service packs available. Microsoft is constantly providing new security updates. To look for these updates, open Internet Explorer, click the Tools menu and select Windows Update. This will take you to windowsupdate.microsoft.com, where you can download and install all types of updates for Windows Vista.

Configuring Protected Mode in Internet Explorer Internet Explorer 7 in Windows Vista introduces the concept of Protected mode, which provides enhanced levels of security and protection from malware. Protected mode prevents websites from modifying user or system files and settings unless you provide your consent. It displays a prompt similar to those discussed with UAC, asking you to confirm any action that attempts to download something to your computer or launch a program. The user can ensure that these actions are desired and prevent any action that would perform an activity such as installing undesired software. You can stop any such type of action and confirm the trustworthiness of the website before proceeding. Protected mode also prevents Internet Explorer from writing

262

Chapter 5: Configuring Windows Security Features

data to any location except the Temporary Internet Files folder unless you provide consent (such as during a desired download). Protected mode is enabled by default on all Internet zones except the Trusted Sites zone, and Internet Explorer confirms this fact by displaying a message Protected Mode: On in the status bar. If this message does not appear, you can turn Protected mode on by selecting the check box labeled Enable Protected Mode on the Security tab shown previously in Figure 5.23 and then restarting Internet Explorer. Internet Explorer might also display an information bar informing you that Protected mode is turned off in this instance.

EXAM ALERT Internet Explorer Protected Mode Protected mode prevents hackers from hijacking your browser for nefarious purposes such as installing malicious software, modifying startup routines, or redirecting your home page. Internet Explorer runs in Protected mode by default and informs you of this fact with a message in the status bar at the bottom of the browser window (see the figures referenced in the previous section). You should not turn this mode off; if it is turned off by mistake, you can reenable it by resetting Internet Explorer to default settings. An exam question might include a situation in which you must check the Protected mode setting.

Configuring Content Advisor Content Advisor enables you to control the Internet content that users can view on the computer. You can specify ratings that filter websites according to their content as established by various rating boards. By default, Internet Explorer 7 uses rules formulated by the Recreational Software Advisory Council (RSAC). You can also add content rules set out by other Internet content ratings bureaus that utilize rules formatted according the World Wide Web Platform for Internet Content Selection (PICS). Follow Step by Step 5.8 to enable and configure Content Advisor ratings.

STEP BY STEP 5.8 Enabling and Configuring Content Advisor 1. Access the Content tab of the Internet Properties dialog box using any of the methods described earlier in this section. 2. Under Content Advisor, click Enable, and then click Continue on the UAC prompt. The Content Advisor dialog box opens, as shown in Figure 5.25.

263

Configuring Dynamic Security for Internet Explorer 7

Content Advisor enables you to restrict Web browsing to sites rated at a level you approve.

FIGURE 5.25

3. To configure ratings levels, select a category from the list provided. You can select from the following categories: . Content that creates fear, intimidation, etc.—Provides three levels for limiting this content from no content to unlimited: None, which prevents any content of this type from appearing; Limited, which limits this content to situations of artistic, medical, educational, sports, or news; or Unrestricted, which removes all limits of this nature. . Content that sets a bad example for young children—Limits the extent of content that would encourage young children to perform harmful acts or dangerous behavior. . Depiction of alcohol use, depiction of drug use, depiction of gambling, depiction of tobacco use, depiction of weapon use, and incitement/depiction of discrimination or harm—Provides three levels for each of these categories similar to the fear and intimidation category. . Language—Limits the extent of vulgar language, profanity, and swearing. . Nudity—Limits the extent of nudity. . Sexual material—Limits the extent of sexual acts, including obscured or implied acts, kissing, and so on. . User-generated Content—Limits the appearance of content from sources such as chat rooms and message boards, including moderated locations. . Violence—Limits various types of violent acts. 4. To configure any of these ratings, drag the slider to the desired position.

264

Chapter 5: Configuring Windows Security Features 5. To specify websites that are always or never approved for viewing, select the Approved Sites tab. Type or copy the URL into the Allow This Web Site text box and then select Always or Never as required. 6. To configure user options, click the General tab and select the following check boxes as required (see Figure 5.26): . Users Can See Websites That Have No Rating—Enables users to access any Web pages that are not rated. Otherwise, users cannot access these pages. . Supervisor Can Type a Password to Allow Users to View Restricted Content—Enables users to view restricted content after you type the supervisor password for the Content Advisor. Click Create Password to provide a password that protects unauthorized users from modifying these settings or enables users to view restricted content.

The General tab of the Content Advisor dialog box enables you to configure several user options.

FIGURE 5.26

7. To view or modify systems used to rate Web pages, click Rating Systems to display the Rating Systems dialog box. Select from the listed rating systems, and then click OK. 8. To add a rating system, click Find Rating Systems to connect to a Web page containing links to additional rating systems. Then download the desired rating system to your computer and add it from the Rating Systems dialog box by clicking the Add button on this dialog box. 9. To add rules set out by PICS, click the Advanced tab. Type the name of the ratings bureau offering these rules, and then click Import under the PICS Rules section (see Figure 5.27). 10. When you are finished configuring content rules, click OK. If you haven’t entered a password from the General tab, the Create Supervisor Password dialog box appears. Type and confirm a password, and then provide an optional hint. This hint should help you remember the password without providing a clue to others who use the computer.

265

Configuring Dynamic Security for Internet Explorer 7

The Advanced tab of the Content Advisor dialog box enables you to specify additional ratings bureaus and import PICS rules.

FIGURE 5.27

After you have configured Content Advisor for the first time, the Enable button changes to Disable. If you need to modify the settings in Content Advisor, follow Step by Step 5.9.

STEP BY STEP 5.9 Modifying Content Advisor Settings 1. Access the Content tab of the Internet Properties dialog box using any of the methods described earlier in this section. 2. Under Content Advisor, click Settings and then click Continue on the UAC prompt. 3. In the Supervisor Password Required dialog box, type the password you entered when you first enabled Content Advisor, and then click OK. 4. In the Content Advisor dialog box, configure the required settings as described in Step by Step 5.8. Click OK when finished.

After you have enabled Content Advisor, any Web page that does not conform to the rules you have configured will display a message box similar to that shown in Figure 5.28, informing you of the rule or rules that were violated. To view the website, select one of the options shown, type the supervisor password you configured when you first enabled Content Advisor, and then click OK. You might want to use Step by Step 5.9 to modify content rules.

266

Chapter 5: Configuring Windows Security Features

You receive this message box if you attempt to view a Web page that does not conform to the content rules.

FIGURE 5.28

Configuring the Phishing Filter The practice of phishing refers to the creation of a fake website that closely mimics a real website and contains a similar looking URL, intending to scam users into sending confidential personal information such as credit card or bank account numbers, dates of birth, Social Security numbers, and so on. The attacker sends email messages that appear to originate from the company whose website was spoofed, so that users connect to the fake website and provide this type of information. The attacker can use this information for identity theft and other nefarious purposes. Microsoft built the phishing filter into Internet Explorer 7 to check websites for phishing activity using the following methods: . Comparing website addresses visited by users with lists of reported legitimate sites

saved on your computer . Analyzing website addresses against characteristics (such as misspelled words) used by

phishing sites. . Comparing website addresses with those in an online service that Microsoft operates

for immediate checking against a list of reported phishing sites. This list is updated several times each hour using material gathered by Microsoft or other industries or reported by users. Other global databases of known phishing sites are also used. If the phishing filter detects a known phishing site, Internet Explorer displays the address bar in red and replaces the website with a message informing you of the risks. You receive options

267

Configuring Dynamic Security for Internet Explorer 7

to close the website or continue to it. If the site is not a known phishing site but behaves in a similar manner to a phishing site, the address bar appears in yellow and a warning message appears. The user can report the site to the Microsoft Phishing Filter list or gather further information to report a false positive if the site turns out to be legitimate. If you suspect that a website you are visiting is a phishing site (whether the address bar has turned yellow or not), you can check the following items: . The URL appearing in the address bar—A spoofed domain name will appear similar to

the authentic one but contain misspelled or additional words. . URLs associated with page links—Although some of these might point to the authentic

site, others might point to the phisher’s site. Check the address that appears in the lower-left corner of the status bar when you hover your mouse over the link. . Advertisements or other content not associated with the legitimate site—Many phishers use

free Web hosting services that might add advertising or other content to the fake site. . Failure to use a secure (https) connection—Legitimate sites use secure connections for

transmitting all sensitive data. Internet Explorer displays a lock icon in the status bar for all https connections. If this icon does not appear, you are most likely dealing with a phishing site. . Addresses used for submitting forms—In general, the phisher site will contain a form that

you are asked to fill out with your personal information and click a button that says Submit or something similar. To check this address, select View, Source, and locate the value of the

tag’s Action attribute. If this is a non-legitimate address, you know you are on a phishing site. To configure the phishing filter, follow Step by Step 5.10.

STEP BY STEP 5.10 Configuring the Phishing Filter 1. Open Internet Explorer to a website that you suspect might be a phishing site. 2. On the Tools menu, select Phishing Filter, and then select one of the following options: . Turn On Automatic Website Checking—Displays the dialog box shown in Figure 5.29, which enables you to turn the filter on or off as desired. This menu item appears as Turn Off Automatic Website Checking when the filter is already on. . Check This Website—Checks the current website. Click OK in the Phishing Filter message box that appears and you will receive a message informing you of the result.

268

Chapter 5: Configuring Windows Security Features . Report This Website—Enables you to report a phishing website or remove an authentic site that has been flagged as a phishing one. . Phishing Filter Settings—Accesses the Advanced tab of the Internet Properties dialog box and enables you to turn automatic website checking on or off or disable the phishing filter entirely.

FIGURE 5.29

The Microsoft Phishing Filter dialog box enables you to turn the automatic phishing filter on

or off.

Understanding Advanced Security Options The Internet Properties dialog box enables you to configure additional options that affect the security of Internet Explorer. The following sections describe several of the more important options that you should be familiar with: . Privacy tab . Content tab . Advanced tab

Privacy Tab Settings The Privacy tab of the Internet Properties dialog box, shown in Figure 5.30, enables you to configure cookie handling and the pop-up blocker.

269

Configuring Dynamic Security for Internet Explorer 7

The Privacy tab enables you to configure cookie settings and the pop-up blocker.

FIGURE 5.30

Cookies are small files that websites place on your computer to facilitate improved browsing or advertisement display on future visits to the same website. You can choose from the following options: . Block All Cookies—Prevents all websites from storing cookies on your computer and

from reading existing cookies. . High—Prevents websites that do not have a compact privacy policy from storing cook-

ies on your computer. This is a condensed computer-readable privacy statement. Web sites are also prevented from storing cookies that use personally identifiable information without your consent. . Medium High—Prevents websites that do not have a compact privacy policy from

storing cookies on your computer. Also blocks third-party cookies that use personally identifiable information without your explicit consent or first-party cookies that use personally identifiable information without implicit consent. . Medium—Prevents websites that do not have a compact privacy policy from storing

cookies on your computer. Limits websites that place first-party cookies that save information but use identifiable information without your implicit consent.

270

Chapter 5: Configuring Windows Security Features . Low—Allows websites to place cookies on your computer, including those that do not

have a compact privacy policy or that use personally identifiable information without your explicit consent. . Accept All Cookies—Allows all websites to place cookies on your computer and allows

websites that create cookies to read them. The Content tab, which is described in the next section, also enables you to specify which websites are allowed or prevented from using cookies regardless of their privacy policy. Click Sites to access the Per Site Privacy Actions dialog box to specify these websites. You can also choose the manner in which first- or third-party cookies are handled in the Internet zone. Click Advanced to specify whether these cookies are accepted or blocked or whether you receive a prompt for these cookies. Pop-ups are additional windows that appear while browsing the Internet. Advertisers often use these to display ads to Internet users. Some pop-ups even deploy malware and are displayed in such a way that the only possible way to close the pop-up without installing the malware is to use the Task Manager to force the window to close. Users who do not know how to do this often end up with huge amounts of pop-up traffic, viruses, spy software, and other problems. Internet Explorer 7 includes a pop-up blocker that blocks any website from spawning another Internet Explorer window without your explicit permission. To toggle this feature on and off, in Internet Explorer click the Tools menu and select Pop-up Blocker and then either select Turn Pop-up Blocker On or Turn Pop-up Blocker Off. You learned about the settings available for the pop-up blocker in Chapter 4.

Content Tab Settings Besides the Content Advisor already discussed earlier in this section, the Content tab includes several other security-related options, as follows: . Parental Controls—Links to the Parental Controls feature described in Chapter 4. . Certificates—Controls the behavior of certificates used for encrypted connections and

identification. Click the Certificates button to view certificates issued to yourself or others on the computer. You can also view certificates issued by trusted root certification authorities (CAs) or intermediate CAs, import new certificates and configure certificate purposes. Click Publishers to view information on trusted and untrusted publishers. . Auto Complete—Stores information from previously visited Web pages and tries to

complete entries you make on Web addresses, forms, usernames, passwords, and so on. Click Settings to specify the types of entries that Auto Complete is used for. You can delete Auto Complete history from the General tab of the Internet Properties dialog box. . Feeds—Enables you to configure settings for Really Simple Syndicated (RSS) feeds,

which you learned about in Chapter 4.

271

Configuring Dynamic Security for Internet Explorer 7

Advanced Tab Settings The Advanced tab of the Internet Properties dialog box contains a large range of settings that you can configure in the subjects of accessibility, browsing, HTTP 1.1, international, multimedia, printing, searching, and security. Figure 5.31 shows most of the security settings available from this tab.

The Advanced tab contains a series of settings that affect the security of Internet Explorer 7.

FIGURE 5.31

From this tab you can click Restore Advanced Settings to reset all settings to their defaults or click Reset to reset all Internet Explorer settings to their defaults.

Challenge You are a consultant who has been hired by the district school board to implement security settings for student computers in the district’s middle schools, which will be used by children ranging from nine to fourteen years of age. The children will use these computers for school projects that require Internet access, but mature content including pornography, drugs, hate speech, and weapons must be blocked. Access to websites that include sexual material in an educational context must be allowed, and access to http://www.inciteviolence.com must be specifically blocked. Students must be allowed to run a limited number of applications, including three games (FreeCell, Minesweeper, and Solitaire), that teachers have approved for usage. You need to configure the Windows Vista computers, which are configured as workgroup members, to limit children’s usage according to these guidelines. All children will use a single user account named Student to access each computer. (continues)

272

Chapter 5: Configuring Windows Security Features (continued)

To complete this exercise, you need to configure both the Parental Controls and Internet Explorer security settings to meet these objectives. Try to work through the required steps on your own, referring to procedures outlined in this chapter and Chapter 4 as required. If you have difficulty, refer to the following steps: 1. Click Start, right-click Internet, and select Internet Properties. 2. From the Content tab of the Internet Properties dialog box, click Parental Controls and then click Continue on the UAC prompt that appears. 3. On the Parental Controls dialog box, select Windows Vista Web Filter. 4. On the Web Restrictions page, select Medium under Block Web Content Automatically. What happens to the option to only allow websites that are on the allow list? 5. Click OK to return to the Parental Controls dialog box. 6. Click Games and then click Block or Allow Specific Games. 7. On the Control Specific Games Student Can and Cannot Play page, select FreeCell, Minesweeper, and Solitaire, and then click OK twice to return to the main Parental Controls dialog box. 8. Select Allow and Block Specific Programs and on the Application Restrictions page, select Student can Only Use the Programs I Allow. Then select each allowed program and click OK when finished. 9. Click OK to return to the Parental Controls dialog box and then close this dialog box to return to the Content tab of the Internet Properties dialog box. 10. Click Enable under Content Advisor, and then click Continue on the UAC prompt that appears. 11. If you have previously configured Content Advisor settings, enter the password that you provided at that time. 12. On the Ratings tab, scroll down to select Sexual Material, drag the slider to the Limited position, and then click Apply. 13. Select the Approved Sites tab. In the Allow This Web site text box, type http://www. inciteviolence.com, and then click Never. Then click OK. 14. In the Create Supervisor Password dialog box, type and confirm a password, and then provide an optional hint. Then click OK. 15. Click OK to close the Internet Properties dialog box. What you have read up to this point should enable you to configure Parental Controls and Content Advisor to work together and answer the question on your own. The following is the answer to the question asked during step 4 of this procedure: When you select a specific level for allowing or blocking Web content, the option to block or allow specific websites becomes unavailable, and you cannot specifically block a website from this location.

273

Configuring Security Settings in Windows Firewall

REVIEW BREAK You have looked at Windows Defender and security-related settings available in Internet Explorer 7. . Windows Defender uses a signature database to monitor your computer for signs of

spyware activity. If it finds software that might be spyware, it enables you to ignore, quarantine, remove, or always allow the program to run. . Software Explorer enables you to view information about software programs and sys-

tem state on your computer. It includes categories for startup programs, currently running programs, network connected programs, and Winsock service providers. . Protected mode in Internet Explorer 7 provides enhanced levels of security and protec-

tion from malware. Protected mode prevents websites from modifying user or system files and settings unless you provide your consent. . Content Advisor enables you to control what Internet content users can view on the

computer. You can specify ratings that filter websites according to their content as established by various rating boards. . The Phishing Filter in Internet Explorer 7 detects websites that attempt to hijack per-

sonal data such as credit card numbers and sends the addresses of such sites to a database maintained by Microsoft for this purpose. . The Privacy tab in Internet Explorer 7 enables you to configure how cookies are han-

dled for websites in the various Internet zones, plus settings for the pop-up blocker. . The Content tab in Internet Explorer 7 enables you to configure the Content Advisor,

which limits websites that can be viewed according to configurable levels of several types of potentially objectionable content. This tab also enables you to access the Parental Controls feature and view certificates used for encrypted connections and identification.

Configuring Security Settings in Windows Firewall Objective:

Configure security settings in Windows Firewall. The Internet Connection Firewall (ICF) in Windows XP before SP2 is now called the Windows Firewall. Windows Firewall is a personal firewall, stopping undesirable traffic from

274

Chapter 5: Configuring Windows Security Features

being accepted by the computer. Using a firewall can avoid security breaches as well as viruses that utilize port-based TCP or UDP traffic to enter the computer’s operating system. For computers that use broadband Internet connections with dedicated IP addresses, the Windows Firewall can help avoid attacks aimed at disrupting a home computer. Even people with dialup Internet connections can benefit from added protection. As in Windows XP SP2, the Windows Firewall is enabled by default when you install Vista. Windows Vista has upgraded the Windows Firewall even further. The Vista firewall adds outbound traffic protection. This is important because some malicious programs such as Trojan horses attempt to send personal information to unauthorized destinations. The outbound firewall prevents this from occurring. In addition, Microsoft has added the following new features to Windows Firewall: . Support for the IP Security (IPSec) protocol . Support for environments using only IP version 6 (IPv6) . Configurable exceptions for both incoming and outgoing firewall . Application of exceptions to many components, including both local and remote ports;

specific interface types including local area networks (LANs), remote access, and wireless networks; additional protocols beyond TCP and UDP; specific computers and users; and Vista services . Support for command-line configuration

Configuring Windows Firewall As in XP SP2, you can accomplish basic configuration activities from a Control Panel applet; however, the Vista firewall adds advanced configuration features available from a MMC snapin. This section looks at each set of features in turn.

Basic Windows Firewall Configuration You can enable or disable the Windows Firewall separately for each connection. In doing so, you are able to use Windows Firewall to protect a computer connected to the Internet via one adapter and not use Windows Firewall for the adapter connected to the private network. Follow Step by Step 5.11 to perform basic firewall configuration.

275

Configuring Security Settings in Windows Firewall

STEP BY STEP 5.11 Basic Windows Firewall Configuration 1. Open the Windows Firewall applet shown in Figure 5.32 by using any of the following methods: . Click Start, Control Panel, Security, Windows Firewall. . Click Start, Control Panel, Network and Internet, Windows Firewall. . Click Start, right-click Network, and then click Properties. Select Windows Firewall from the lowerleft corner of the Network and Sharing Center. . From the Windows Security Center, select Windows Firewall in the left pane.

The Windows Firewall applet enables you to configure its basic settings including allowing programs.

FIGURE 5.32

2. From the left pane, select Turn Windows Firewall On or Off, and then click Continue in the UAC prompt that appears. This displays the General tab of the Windows Firewall Settings dialog box, shown in Figure 5.33. 3. If you are connected to a corporate network with a comprehensive hardware firewall, select Off. If you are connected to an insecure network such as an airport or restaurant Wi-Fi hot spot, select the Block All Incoming Connections option. This option disables all exceptions you’ve configured on the Exceptions tab.

276

Chapter 5: Configuring Windows Security Features

The General tab of the Windows Firewall Settings dialog box enables you to turn the firewall on or off and to block incoming connections.

FIGURE 5.33

CAUTION Don’t disable the firewall unless absolutely necessary Never select the Off option in Figure 5.33 unless you’re absolutely certain that your network is well protected with a good firewall. The only exception should be temporarily to troubleshoot a connectivity problem; when you’ve solved the problem, be sure to reenable the firewall immediately.

4. To configure program or port exceptions, select the Exceptions tab. 5. From the list shown in Figure 5.34, select the programs or ports you want to have access to your computer. Table 5.4 describes the more important items in this list. Clear the check boxes next to any programs or ports to be denied access or select the check boxes next to programs or ports to be granted access.

TABLE 5.4

Windows Firewall Configurable Exceptions

Program or Port

Description

Enabled by Default?

Core Networking and Network Discovery

Work together to enable your computer to connect to other network computers or the Internet

Yes

Distributed Transaction Coordinator

Coordinates the update of transactionprotected resources such as databases, message queues, and file systems

No

File and Printer Sharing

Enables your computer to share resources such as files and printers with other computers on your network

Yes

277

Configuring Security Settings in Windows Firewall

TABLE 5.4 Continued Program or Port

Description

Enabled by Default?

Remote Administration

Allows management of remote computers by means of utilities that utilize remote procedure call (RPC)

No

Remote Assistance

Enables an expert user to connect to the desktop of a user requiring assistance in a Windows Feature

Yes

Remote Desktop

Enables a user to connect with and work on a remote computer

No

Remote Management

Enables an administrator to manage items on a remote computer, including event logs, scheduled tasks, services, and disk volumes

No for all these tasks

Routing and Remote Access (RRAS)

Enables remote users to connect to a server to access the corporate network (used on RRAS server computers only)

No

Windows Easy Transfer

Enables a user to copy files, folders, and settings from an old computer running Windows 2000 or later to a new Vista computer

Yes

Windows Meeting Space

Enables users to collaborate with others by setting up computer-based meetings

No

Windows Remote Management

Enables you to manage a remote Windows computer

No

The Exceptions tab of the Windows Firewall Settings dialog box enables you to block or allow specific programs across the firewall.

FIGURE 5.34

278

Chapter 5: Configuring Windows Security Features 6. To add a program not shown in the list, click Add Program. From the Add a Program dialog box that appears, select the program to be added, and then click OK. If necessary, click Browse to locate the desired program. 7. To add a port, click Add Port. On the Add a Port dialog box, type the name and number of the desired port. Select the appropriate protocol (TCP or UDP), and then click OK. To modify the scope of a given port, select Change Scope and select an option from the Change Scope dialog box. 8. To view properties of any program or port on the list, select it and click Properties. 9. To delete a program or port from the list, select it and click Delete. You can do this only for programs or ports you have added using steps 6 or 7. 10. Click the Advanced tab to display the settings shown in Figure 5.35. If you have more than one network connection, they will be displayed here, and you can select the connections you want to protect.

The Advanced tab of the Windows Firewall Settings dialog box enables you to turn the firewall on or off for specific connections or to restore defaults.

FIGURE 5.35

11. If you need to restore default settings, click Restore Defaults. Then confirm your intention in the Restore Defaults Confirmation dialog box that appears. 12. When you are finished, click OK. To apply settings and continue making changes, click Apply.

TIP Configuring public and private connections If you click the Advanced tab, you should select the boxes next to any connections that link to the Internet and clear the boxes next to any connections to a private network.

279

Configuring Security Settings in Windows Firewall

You can also access the Exceptions tab directly by selecting the Allow a Program Through Windows Firewall option from the Windows Firewall applet.

EXAM ALERT The Block All Incoming Connections option You should select the Block All Incoming Connections option, found on the General tab of the Windows Firewall Settings dialog box, when you must block all unsolicited attempts to connect to your computer (for example when you are in an insecure location such as a public Wi-Fi hotspot). This option ignores all exceptions you have configured but still enables you to send and receive email and instant messages and view Web pages. An exam question might present a scenario in which you are required to select this option to block access or clear this option to obtain access to resources such as Web pages stored on the computer. For further information, refer to Windows Vista Help and Support.

Using the Windows Firewall Snap-in Microsoft has provided a powerful new snap-in called Windows Firewall with Advanced Security, which enables you to perform a comprehensive set of configuration actions. To access the snap-in, click Start, Run, type wf.msc, and then press Enter. You can also type firewall in the Search field of the Start menu and then select Windows Firewall with Advanced Security from the Programs tab. After accepting the UAC prompt, you receive the snap-in shown in Figure 5.36.

The Windows Firewall with Advanced Security snap-in enables you to perform advanced configuration options.

FIGURE 5.36

280

Chapter 5: Configuring Windows Security Features

When the snap-in first opens, it displays a summary of configured firewall settings. From the scope pane, you can configure any of the following types of properties: . Inbound rules—Displays a series of defined inbound rules. Enabled rules are shown with

a green check mark icon. If the icon is dark in appearance, the rule is not enabled. To enable a rule, right-click it and select Enable Rule. To disable an enabled rule, rightclick it and select Disable Rule. You can also create a new rule by right-clicking Inbound Rules and selecting New Rule. Follow the instructions in the New Inbound Rule Wizard that starts. . Outbound rules—Displays a series of defined outbound rules, also with a green check

mark icon for enabled rules. You can enable or disable rules and create new rules in the same manner as with inbound rules. . Connection security rules—Does not contain any rules by default. Right-click it and

choose New Rule to create rules that are used to determine limits applied to connections with remote computers. . Monitoring—Displays a summary of enabled firewall settings and provides links to

active rules and security associations. This includes a domain profile for computers that are members of an Active Directory domain. The following three links are available from the bottom of the details pane: . View Active Firewall Rules—Displays enabled inbound and outbound rules . View Active Connection Security Rules—Displays enabled connection security rules

that you have created . View Security Associations—Displays IPSec main mode and quick mode associations

Configuring Multiple Firewall Profiles The Windows Firewall with Advanced Security snap-in enables you to define different firewall behavior for each of the following three profiles: . Domain Profile—Specifies firewall settings for use when connected directly to an Active

Directory domain. If the network is protected from unauthorized external access, you can specify additional exceptions that facilitate communication across the LAN to network servers and client computers. . Private Profile—Specifies firewall settings for use when connected to a private network

location, such as a home or small office. You can open up connections to network computers and lock down external communications as required. . Public Profiles—Specifies firewall settings for use when connected to an insecure public

network such as a Wi-Fi access point at a hotel, restaurant, airport, or other location

281

Configuring Security Settings in Windows Firewall

where unknown individuals might attempt to connect to your computer. By default, network discovery and file and printer sharing are turned off, inbound connections are blocked, and outbound connections are allowed. To configure settings for these profiles from the Windows Firewall with Advanced Security snap-in, right-click Windows Firewall with Advanced Security at the top of the scope pane and choose Properties. This opens the dialog box shown in Figure 5.37.

The Windows Firewall with Advanced Security on Local Computer dialog box enables you to configure profiles that are specific for domain, private, and public networks.

FIGURE 5.37

You can configure the following properties for each of the three profiles individually from this dialog box: . State—Enables you to turn the firewall on or off for the selected profile and block or

allow inbound and outbound connections. For inbound connections, you can either block connections with the configured exceptions or block all connections. . Settings—Enables you to customize firewall settings for the selected profile. Click

Customize to specify whether to display notifications to users when programs are blocked from receiving inbound connections or allow unicast responses. You can also view but not modify how rules created by local administrators are merged with Group Policy-based rules. . Logging—Enables you to configure logging settings. Click Customize to specify the

location and size of the log file and whether dropped packets or successful connections are logged (see Figure 5.38).

282

Chapter 5: Configuring Windows Security Features

You can customize logging settings for each of the Windows Firewall profiles.

FIGURE 5.38

TIP Secure public network communication By default, the public profile blocks inbound connections but allows your configured exceptions. You should set the Inbound Connections option on this profile to Block All Connections, which is the same as selecting the Block All Incoming Connections option in Figure 5.33 shown previously.

You can configure IPSec settings from the IPSec Settings tab, including defaults and exemptions. IPSec authentication rules enable you to configure bypass rules for specific computers that enable these computers to bypass other Windows Firewall rules. Doing so enables you to block certain types of traffic while enabling authenticated computers to receive these types of traffic. Configuring IPSec settings is beyond the scope of the 70-620 exam and will not be further discussed here. For additional information on all aspects of using the Windows Firewall with Advanced Security snap-in, refer to The New Windows Firewall in Windows Vista and Windows Server 2008 and Getting Started with Windows Firewall with Advanced Security in the “Suggested Readings and Resources” section.

Configuring Group Policy and Windows Firewall Group Policy in Windows Firewall enables you to configure similar policies to those configured with the Windows Firewall with Advanced Security snap-in. Follow Step by Step 5.12 to configure Group Policy for Windows Firewall.

STEP BY STEP 5.12 Configuring Group Policy for Windows Firewall 1. Click Start, Run, type gpedit.msc, and then press Enter. Then click Continue on the UAC prompt that appears.

283

Configuring Security Settings in Windows Firewall 2. Navigate to the Computer Configuration\Windows Settings\Security Settings\Windows Firewall with Advanced Security\Windows Firewall with Advanced Security—Local Group Policy Object node. The details pane displays the Windows Firewall with Advanced Security settings, as shown in Figure 5.39.

You can use Group Policy to configure Windows Firewall with Advanced Security options.

FIGURE 5.39

3. Scroll the details pane to select links for inbound rules, outbound rules, and connection security rules. These links open subnodes in the console tree. 4. Unlike the Group Policy with Windows Firewall snap-in, no default rules are present. To add rules, right-click in the details pane and select New Rule. Follow the instructions in the New Rule Wizard to add rules.

After you have added firewall rules in Group Policy, you can filter the view according to profile (domain, private, or public) or by state (enabled or disabled).

EXAM ALERT Group Policy and multiple users A new Group Policy feature in Windows Vista enables you to configure common policy settings for all user accounts on a computer used by more than one user. This includes Windows Firewall as discussed here, as well as UAC and all other policy settings. In addition, you can configure separate policies for administrators or non-administrators. If necessary, you can even configure local group policies on a per-user basis in Windows Vista. An exam question might contain answer options that refer to this feature.

284

Chapter 5: Configuring Windows Security Features

Summary Every Windows Vista computer contains its own user database that holds local user accounts and groups, including a series of default groups with Microsoft-defined rights and privileges. You can create your own local users and groups and add users or groups to the default groups. In a domain environment, you can also add domain users and groups to the locally defined groups. Microsoft created UAC to enable all users, even administrators, to run with only nonadministrative privileges enabled. When an administrator needs to perform an administrative task, he receives a UAC prompt that asks him to confirm that he wants to perform this task. A non-administrative user receives a UAC prompt asking for the credentials of an administrator to perform the task. You can configure a series of policies in Group Policy that govern UAC behavior. Windows Defender monitors the computer against spyware and offers default remedies when it recognizes a spyware infection. You can configure the behavior of Windows Defender including the ability to check for updated spyware definitions and the security agents used for performing scans. Software Explorer enables you to view information about software programs and system state on your computer. Internet Explorer organizes its security settings in the Internet Properties dialog box. You can create different security settings for the various Internet zones. The Content tab enables you to configure Content Advisor, which places limits on the types of viewable Internet content. The Phishing filter enables you to receive alerts if a malicious website is attempting to hijack your personal information. The Advanced tab contains additional security settings. Windows Firewall stops undesirable traffic from being accepted by the computer. It also stops certain types of outbound traffic from being sent out. You can configure the firewall with policies that protect the computer on domain-based, private, and public networks; specify exceptions; and block all incoming traffic as necessary.

Key Terms . Admin Approval mode . Content Advisor . Group Policy . Local group

285

Apply Your Knowledge . Local Security Policy . phishing . Security agent . Software Explorer . User Account Control (UAC) . Windows Defender . Windows Firewall

Apply Your Knowledge Windows Vista introduces several new security-related features and enhances the features that were included in previous Windows versions such as Windows XP and Windows Server 2003. The 70-620 exam expects you to be familiar with the configuration and application of these security features. The exercises in this section are designed to improve upon your understanding of how these features operate. Note that you must be logged on with an administrative account to perform these exercises.

Exercises 5.1 Running Applications with Elevated Privileges Estimated Time: 5 minutes. Windows Vista enables UAC and Admin Approval mode by default, which means that local administrator accounts run with administrative privileges disabled until these privileges are required. At this time, a UAC prompt appears. Use the following procedure to configure an application to always require Admin Approval mode to run. 1. Right-click the application and choose Properties. 2. Select the Compatibility tab. 3. Under Privilege Level, select Run This Program as an Administrator, and then click OK. 4. Double-click the application to run it. You should receive a UAC prompt.

286

Chapter 5: Configuring Windows Security Features

5.2 Enabling Application Installation Without Requiring Admin Approval Mode Estimated Time: 5 minutes. When installing most applications, Windows Vista displays a UAC prompt. You can configure Vista to install applications without displaying the UAC prompt by performing the following exercise. Note that the Local Security Policy snap-in used here contains a subset of the settings in the local Group Policy Object Editor snap-in (gpedit.msc) described in the chapter text. 1. Click Start, Run, type secpol.msc, press Enter, and then click Continue on the UAC prompt that appears. 2. On the Local Security Policy snap-in, navigate to and select the Security Settings\Local Policies\Security Options node. 3. Scroll to the bottom of the list in the details pane and double-click User Account Control: Detect Application Installations and Prompt for Elevation. 4. In the Properties dialog box that appears, select Disabled and then click OK. 5. Close the Local Security Policy snap-in.

5.3 Using Group Policy to Configure Windows Defender Settings Estimated Time: 10 minutes, plus the wait time before Windows Defender next performs a scheduled scan. Group Policy provides a series of settings that govern the behavior of Windows Defender. None of these settings are configured by default in Windows Vista. In this exercise you examine these settings and configure Windows Defender to check for new signatures before performing an automatic scan. 1. Click Start, Run, type gpedit.msc, press Enter, and then click Continue on the UAC prompt that appears. 2. On the Group Policy Object Editor snap-in, navigate to and select the Computer Configuration\ Administrative Templates\Windows Components\Windows Defender node. The details pane displays the eight policies shown in Figure 5.40.

Group Policy provides eight settings that modify the behavior of Windows Defender.

FIGURE 5.40

287

Apply Your Knowledge 3. Double-click the first policy and select its Explain tab. Note the information provided, and then click Next Setting. 4. Repeat step 3 for each of the other policies. Close the Properties dialog box after reading the last explanation. 5. Return to the Check for New Signatures Before Scheduled Scans. Double-click this policy and select Enabled. Then click OK. 6. Click Start, All Programs, Windows Defender. 7. Click Tools, Options. 8. On the Options page, select the next hour under Approximate Time, click Save, and then click Continue on the UAC prompt that appears. 9. Wait until the next hour. A few minutes later, repeat steps 6 and 7 to reopen Windows Defender to the Options page. 10. Note that you receive a message informing you that some settings are managed by your system administrator. Click the link provided and note that Group Policy has been applied. Also note that the Check for Updated Definitions Before Scanning option is unavailable (dimmed) because you used Group Policy to configure this setting. 11. Close Windows Defender and the Local Security Policy snap-in.

288

Chapter 5: Configuring Windows Security Features

Exam Questions 1. You are the network administrator for a retail pet store named Bones. The store operates four Windows Vista computers that are shared by multiple employees. You must ensure that employees are able to perform the following tasks only: . Viewing the system clock and calendar and configuring the time zone (but not changing the system time) . Modifying power management settings . Installing printers and hardware devices that an administrator has allowed using Group Policy . Using Wired Equivalent Privacy (WEP) to connect to an approved wireless network . Creating and configuring an approved virtual private network (VPN) connection . Installing ActiveX controls from sites that an administrator has approved . Installing critical updates from Windows Update What should you do to grant employees these privileges without providing them with excess privileges?

❍ A. Add the user accounts of the employees to the Administrators group. ❍ B. Add the user accounts of the employees to the Power Users group. ❍ C. Add the user accounts of the employees to the Interactive group. ❍ D. Add the user accounts of the employees to the Remote Desktop Users group. ❍

E. You do not need to do anything else because these employees are entitled to perform these tasks by default.

289

Apply Your Knowledge 2. You are the administrator for Grapevines Magazine, a small company of ten administrative users and four reporters. All the network computers run Windows Vista Home Premium as members of a workgroup. A reporter named Charles logs on to a computer, opens the System applet in Control Panel, and selects the Advanced System Settings link. He receives the message This program is blocked by group policy. For more information, contact your system administrator and asks you for assistance. On opening the Local Group Policy

Object Editor snap-in to the Security Options subnode, you notice that policies are configured as shown in the figure.

What should you do to enable Charles to access the System Properties dialog box without granting him excess privileges?

❍

A. Add Charles to the local Administrators group.

❍

B. Configure the User Account Control: Behavior of the Elevation Prompt for Standard Users policy to prompt for credentials.

❍

C. Enable the User Account Control: Only Elevate Executables that are Signed and Validated policy.

❍ D. Enable the User Account Control: Switch to the Secure Desktop when Prompting for Elevation policy.

❍

E. Disable the User Account Control: Run All Administrators in Approval mode policy.

290

Chapter 5: Configuring Windows Security Features 3. Jennifer is the desktop support specialist and is responsible for updating and maintaining all computers in the company. She is configuring a Windows Vista computer that will be used by a help desk analyst who has a standard user account on the computer. The help desk analyst will need to run scripts from the command prompt using administrative privileges. Jennifer must ensure that the help desk analyst receives the User Account Control prompt to elevate his privileges each time without the need to right-click the command prompt option and select Run As Administrator. Which of the following should she do?

❍ A. From the Shortcut tab of the Command Prompt Properties dialog box, click Advanced and then select the Run as Administrator option.

❍ B. From the Security tab of the Command Prompt Properties dialog box, select the help desk analyst’s user account and then select Full Control under the Allow column.

❍ C. From the Compatibility tab of the Command Prompt Properties dialog box, select the Run as Administrator option.

❍ D. Add the help desk analyst’s user account to the Administrators group on the Vista computer. 4. You are a technical support specialist for Blastoff. Instances have occurred recently in which Windows Defender has detected legitimate programs as spyware. Instances have also occurred in which Windows Defender has properly blocked spyware programs from installing. You are investigating new software programs including patches and updates for applications that currently exist on your network and want to be able to save them and test them without their being removed by Windows Defender. Which of the following actions should you select if you receive a message from Windows Defender so that you can examine the software with the least amount of administrative effort?

❍ A. Quarantine ❍ B. Remove ❍ C. Ignore ❍ D. Always Allow

291

Apply Your Knowledge 5. Ryan is a desktop support specialist for his company, which has installed 20 computers running Windows Vista in the graphics department. A user named Jill informs Ryan that she believes her computer is infected with spyware. Ryan examines Jill’s computer and decides to use Windows Defender to run a scan. He must make certain that any spyware detected during the scan is automatically removed when the scan finishes. How should he accomplish this objective? (Each answer represents part of the solution. Choose two.)

❍ A. Clear the Application Execution option under Real-Time Protection Options on the Options page.

❍ B. Clear the Check for Updated Definitions before Scanning under Automatic Scanning option under Automatic Scanning on the Options page.

❍ C. Configure the custom scan option in Windows Defender and specify the C:\Program Files folder.

❍ D. Select the check box labeled Apply Default Actions to Items Detected During a Scan under Automatic Scanning on the Options page.

❍

E. Select Remove from the High Alert Items drop-down list under Default Actions on the Options page.

6. You are a desktop administrator for your company, which operates an Active Directory domain. The marketing department uses portable computers with Windows Vista Business installed on them. Users connect to Web folders on the intranet, as well as on the Internet, and to resources supplied by a vendor on the vendor’s extranet. Recently, a group policy was created that strengthened security settings applicable to Internet websites. Corporate policy prevents you from changing these settings. However, all the users in the marketing department have reported that they can no longer use the vendor’s application and that it is impacting their sales activities. What can you do to fix this problem?

❍ A. Apply a local security setting because it overrides group policies. ❍ B. Configure an exception to the Windows Firewall settings, even though it violates company policy.

❍ C. Add the vendor’s website to the Trusted sites zone. ❍ D. Ask the vendor to copy the Web application to your intranet server.

292

Chapter 5: Configuring Windows Security Features 7. You need to visit large numbers of potentially questionable websites during the performance of your job tasks. If you happen to visit websites that are not legitimate and might attempt to hijack your personal data, you must ensure that Internet Explorer warns you of this possibility and sends the address of the website to Microsoft. What should you do?

❍ A. On the Privacy tab of the Internet Explorer Properties dialog box, ensure that the popup blocker is enabled.

❍ B. From the Tools menu in Internet Explorer, ensure that the phishing filter is enabled. ❍ C. On the Security tab of the Internet Explorer Properties dialog box, ensure that Protected mode is enabled.

❍ D. On the Security tab of the Internet Explorer Properties dialog box, set the security level of the Internet zone to High. 8. You have upgraded your computer to Windows Vista Home Premium. After several of your friends experienced problems with unwanted software being installed on their Windows XP Home Edition computers, you want to ensure that Internet Explorer displays a warning should a Web page attempt to install software or run programs on your computer. Which of the following should you do?

❍ A. From the Tools menu in Internet Explorer, ensure that the phishing filter is enabled. ❍ B. On the Privacy tab of the Internet Explorer Properties dialog box, select the Block All Cookies option.

❍ C. On the Privacy tab of the Internet Explorer Properties dialog box, ensure that the popup blocker is enabled.

❍ D. On the Security tab of the Internet Explorer Properties dialog box, ensure that Protected mode is enabled.

293

Apply Your Knowledge 9. After a colleague of yours was forced to format his hard drive and reinstall Windows Vista because of an especially persistent malicious software program that he had inadvertently downloaded from the Internet, you are afraid of accessing sites on the Internet that might be infected. You have heard that Internet Explorer 7 can run in Protected mode to prevent malicious software from running. What should you do to ensure that Internet Explorer 7 is running in Protected mode? Choose all that apply.

❍ A. Choose the option to reset Internet Explorer to default settings. ❍ B. Delete all browsing history options. ❍ C. Disable all add-ons. ❍ D. Check the status bar for a message informing you that Protected mode is on. ❍

E. Disable RSS feeds.

10. Peter is an office administrator and part-time technical support specialist for an insurance office that employs eight agents. The office runs a workgroup containing eight Windows Vista Business computers and one Windows Server 2003 computer. Sarah creates an intranet website on her Windows Vista computer that includes current fees for services offered by the medical office. Other users in the office attempt to access Sarah’s website but are unable to access it. In fact other users are unable to reach Sarah’s computer using the ping command with either the name or IP address of her computer. But Sarah is able to reach personal files that are stored on the server. How should Peter advise Sarah to enable other users to access her website? (Each answer represents part of the solution. Choose two.)

❍ A. Open the Windows Firewall with Advanced Security on Local Computer dialog box. On the Public Profile tab, select the Allow option under Inbound Connections.

❍ B. Open the Windows Firewall Settings dialog box to the General tab. Then select the Off option.

❍ C. Open the Windows Firewall Settings dialog box to the General tab. Clear the check box labeled Block All Incoming Connections.

❍ D. Open the Windows Firewall Settings dialog box to the Exceptions tab. On the Program or Port list, select Remote Desktop.

❍

E. Open the Windows Firewall Settings dialog box to the Exceptions tab. Select Add Port, and then add TCP port 80 (Hypertext Transfer Protocol, HTTP) to the exceptions list.

294

Chapter 5: Configuring Windows Security Features 11. You are a road warrior who frequently accesses the Internet from various locations including hotels, cafes, and airports. You have configured Windows Firewall options that enable client employees to access product information when in client locations. However, when you are elsewhere, you must block all external computers from accessing your computer regardless of firewall rules that allow connections when you are in client locations. How should you configure Windows Firewall?

❍ A. Select the Block option in the Inbound Connections section on the Private Profile tab of the Windows Firewall with Advanced Security on Local Computer Properties dialog box. Select the Block All Connections option in the Inbound Connections section on the Public Profile tab of the Windows Firewall with Advanced Security on Local Computer Properties dialog box.

❍ B. Select the Block option in the Inbound Connections section on the Public Profile tab of the Windows Firewall with Advanced Security on Local Computer Properties dialog box. Select the Block All Connections option in the Inbound Connections section on the Private Profile tab of the Windows Firewall with Advanced Security on Local Computer Properties dialog box.

❍ C. Select the Block option in the Outbound Connections section on the Private Profile tab of the Windows Firewall with Advanced Security on Local Computer Properties dialog box. Select the Block All Connections option in the Inbound Connections section on the Public Profile tab of the Windows Firewall with Advanced Security on Local Computer Properties dialog box.

❍ D. Select the Block option in the Outbound Connections section on the Public Profile tab of the Windows Firewall with Advanced Security on Local Computer Properties dialog box. Select the Block All Connections option in the Inbound Connections section on the Private Profile tab of the Windows Firewall with Advanced Security on Local Computer Properties dialog box.

❍

E. Select the Block option in the Inbound Connections section on the Private Profile tab of the Windows Firewall with Advanced Security on Local Computer Properties dialog box. Select the Block option in the Outbound Connections section on the Public Profile tab of the Windows Firewall with Advanced Security on Local Computer Properties dialog box.

❍

F. Select the Block option in the Inbound Connections section on the Public Profile tab of the Windows Firewall with Advanced Security on Local Computer Properties dialog box. Select the Block option in the Outbound Connections section on the Private Profile tab of the Windows Firewall with Advanced Security on Local Computer Properties dialog box.

295

Apply Your Knowledge

Answers to Exam Questions 1. E. In Windows Vista, all users are automatically members of the Users group, which is entitled to perform these tasks by default; therefore, you do not need to add the users to any other group. Adding the accounts of these users to the Administrators group or the Remote Desktop Users group would grant the users excess privileges, so answers A and D are incorrect. The Power Users group is not used in Windows Vista and appears only to enable backwards compatibility with applications requiring its usage, so answer B is incorrect. The Interactive group is a special group to which local users of a computer are added automatically. You cannot add user accounts to this group, so answer C is incorrect. For more information, see the section, “Managing User Accounts.” 2. B. You should configure the User Account Control: Behavior of the Elevation Prompt for Standard Users policy to prompt for credentials. The figure shows that this policy is set to automatically deny elevation requests, which results in users receiving a denial of access if they attempt to perform an action that displays a UAC prompt. By setting this policy to prompt for credentials, Charles will receive a UAC prompt that asks for an administrator to enter a password to enable him to perform this action. If you add Charles to the Administrators group, he receives more privileges than required, so answer A is incorrect. If you enable the Only Elevate Executables that are Signed and Validated policy, public key infrastructure (PKI) signature checks on executable programs that require elevated privileges are performed before they are permitted to run. This does not alleviate the problem at hand, so answer C is incorrect. If you enable the Switch to the Secure Desktop when Prompting for Elevation policy, the secure desktop appears whenever a UAC prompt is displayed. While you should enable this policy for a secure environment, it does not solve this problem, so answer D is incorrect. If you disable the Admin Approval mode for the Built-in Administrator account, you turn UAC off. Administrators can run any actions that normally display UAC prompts without receiving a prompt, while non-administrators are denied access; therefore, answer E is incorrect. For more information, see the section, “User Account Control Policies.” 3. A. Jennifer should select the Shortcut tab of the Command Prompt Properties dialog box, click Advanced, and then select the Run as Administrator option. This action marks the command prompt to always run with elevated privileges and ensures that the help desk analyst will receive the UAC prompt. She cannot select the Run as Administrator option from the compatibility tab of the Command Prompt Properties dialog box because these options are not available on this tab; therefore, answer B is incorrect. She should not grant the help desk analyst the Full Control permission on the Security tab. This would enable the help desk analyst to modify the properties of the shortcut but would not provide him with the UAC prompt automatically, so answer C is incorrect. Adding the help desk analyst’s user account to the Administrators group would provide him with more privileges than required, so answer D is incorrect. For more information, see the section, “Configuring User Account Control.” 4. C. You should select the Ignore option. This option downloads the software to a location from which you can run it for testing purposes so that you can decide whether you want the software on your computer and others on the network. If you choose Quarantine, software is placed in a restricted location on your computer from which it cannot run. You would need to move it to another location to test it, so answer A is incorrect. If you choose Remove, the software is deleted

296

Chapter 5: Configuring Windows Security Features permanently, and you cannot examine it later, so answer B is incorrect. If you choose Always Allow, the software is enabled to run and is added to the Windows Defender allowed list. You would need to edit the allowed list if you decide that the software is unwanted, so answer D is incorrect. For more information, see the section, “Scanning for Malicious Software.” 5. D and E. Ryan should select the check box labeled Apply Default Actions to Items Detected During a Scan, found under the Automatic Scanning section of the Options page. He should also select the Remove option under the High Alert Items drop-down list in the Default Actions section of the same page. This option automatically removes spyware or other types of malware at the conclusion of a scan according to the default actions configured from the same page. The application execution option checks programs as they start up and execute on the computer. He should keep this option selected, so answer A is incorrect. The Check for Updated Definitions before Scanning ensures that Windows Defender has the most recent signature files before performing a scan. Ryan should ensure that this option is selected before performing a scan, so answer B is incorrect. The custom scan option in Windows Defender enables him to customize which drives and folders are scanned by Windows Defender. The spyware program may have installed to a different folder, so answer C is incorrect. For more information, see the section, “Scanning for Malicious Software.” 6. C. You should add the vendor’s website address into the Trusted Sites zone in the Internet Properties Security Settings. If necessary, you can adjust the settings for the Trusted Sites zone. Answer A is incorrect because local security policies are applied before all other Group Policy settings and cannot override the subsequent settings. Answer B is incorrect because changing Windows Firewall settings will not accomplish your objective; furthermore, violating security policy is an unacceptable condition. Answer D is incorrect because copying the website brings with it problems such as applying updates and potential security breaches. For more information, see the section, “Configuring Internet Explorer Zones.” 7. B. You should access the Tools menu in Internet Explorer and ensure that the phishing filter is enabled. This option checks for malicious websites that attempt to trick you into providing personal data such as credit card or bank account numbers for fraudulent purposes. It sends the addresses of these sites to Microsoft, which maintains an up-to-date list of websites that have been identified as phishing sites. This filter is enabled by default. The pop-up blocker prevents websites from displaying additional Internet Explorer windows but also does not check for phishing sites, so answer A is incorrect. Protected mode prevents websites from modifying user or system files and settings unless you provide your consent. It also does not check for phishing sites, so answer C is incorrect. Setting the security level for the Internet zone to High disables less secure features of the browser and ensures that the highest security level is maintained; however it does not check for phishing sites, so answer D is incorrect. For more information, see the section, “Configuring the Phishing Filter.” 8. D. You should ensure that Protected mode is enabled for the Internet zone. You can do this by accessing the Security tab of the Internet Properties dialog box. Protected mode prevents websites from modifying user or system files and settings unless you provide your consent and is enabled by default on all zones except the Trusted Sites zone. The phishing filter checks websites against lists of known and suspected phishing sites, but is not relevant to this situation, so answer A is

297

Apply Your Knowledge incorrect. The Block All Cookies option prevents websites from placing cookies on your computer, but does not prevent websites from installing software, so answer B is incorrect. The pop-up blocker prevents websites from displaying additional Internet Explorer windows but also does not prevent them from installing software, so answer C is incorrect. For more information, see the section, “Configuring Protected Mode in Internet Explorer.” 9. A and D. In Internet Explorer 7 on Vista, the default setting is to run in Protected mode. So if you reset Internet Explorer to default settings, it will be running in Protected mode. In addition, it will display the message Protected Mode: On in the status bar. If this message is not visible, you should reset the default settings. Protected mode attempts to prevent hackers from hijacking your browser and installing malicious software. Deleting the browser history, disabling add-ons, or disabling RSS feeds will not reset Internet Explorer to Protected mode, so answers B, C, and E are incorrect. For more information, see the section, “Configuring Protected Mode in Windows Internet Explorer.” 10. C and E. Sarah should clear the Block All Incoming Connections option on the General tab of the Windows Firewall Settings dialog box. She should also open TCP port 80 in Windows Firewall on her computer. In this scenario, it appears that the Block All Incoming Connections option has been enabled on her computer, preventing any type of network communication, including use of the ping command. Clearing the Block All Incoming Connections option enables network communication from other computers. The Exceptions tab of the Windows Firewall Settings dialog box enables her to add programs or ports to the list of allowed communications across the firewall, and port 80 is the TCP port used by Hypertext Transfer Protocol (HTTP). The public profile is used for enabling communications in insecure locations such as public Wi-Fi spots. Enabling inbound communications under this profile would not enable communications across port 80 in this scenario, so answer A is incorrect. Turning Windows Firewall off would expose her computer to unauthorized users on the Internet, so answer B is incorrect. Remote Desktop enables Sarah to connect to her computer from another computer running Windows XP or Vista, but does not allow other users to access her website, so answer D is incorrect. For more information, see the section, “Configuring Windows Firewall.” 11. A. You should select the Block option in the Inbound Connections section on the Private Profile tab of the Windows Firewall with Advanced Security on Local Computer Properties dialog box. This enables client employees to access shared information on your computer according to the Windows Firewall exceptions you have configured. You should also select the Block All Connections option in the Inbound Connections section on the Public Profile tab of the Windows Firewall with Advanced Security on Local Computer Properties dialog box. This prevents any unauthorized connections to your computer when you are in an insecure location, while still allowing Internet access. Answer B is incorrect because this option would prevent client employees from accessing required information and would leave your computer open to unauthorized access when in insecure locations. Answers C, D, E, and F are all incorrect because you do not need to configure outbound connections and one of the required inbound configurations is missing. For more information, see the section, “Configuring Multiple Firewall Profiles.”

298

Chapter 5: Configuring Windows Security Features

Suggested Readings and Resources The following are some recommended readings on the subject of Windows Vista security features: 1. Course . Microsoft Official Curriculum course 5115, Installing and Configuring the

Windows Vista Operating System. Module 4, Sharing Files by Using Windows Vista; Module 6, Configuring User Account Security; Module 7, Configuring Network Security; and Module 8, Configuring Internet Explorer 7.0. Information available at http://www.microsoft.com/learning/syllabi/en-us/5115aprelim.mspx 2. Books . Poulton, Don. MCSE Exam 70-294 Exam Prep: Planning, Implementing, and

Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure. Indianapolis, IN: Que Publishing. 2006. . Hausman, Kirk, Diane Barrett, and Martin Weiss. Security+Exam Cram 2.

Indianapolis, IN: Que Publishing. 2003. . Bradley, Tony and Harlan Carvey, Essential Computer Security. Rockland, MA:

Syngress, 2006. 3. Websites . Microsoft TechNet. Windows Vista Security Guide. http://www.microsoft.com/

technet/windowsvista/security/guide.mspx. . Microsoft TechNet. User Account Control Overview. http://technet.microsoft.com/

en-us/windowsvista/aa906021.aspx. . Microsoft TechNet. Windows Vista User Account Control Step by Step Guide.

http://technet2.microsoft.com/WindowsVista/en/library/0d75f774-8514-4c9eac08-4c21f5c6c2d91033.mspx?mfr=true. . Microsoft TechNet. Understanding and Configuring User Account Control in Windows

Vista. http://technet2.microsoft.com/WindowsVista/en/library/00d04415-2b2f422c-b70e-b18ff918c2811033.mspx?mfr=true. . Microsoft. Microsoft’s Spyware Strategy. http://www.microsoft.com/athome/

security/spyware/software/msft/strategy.mspx. . Heaton, Alex. Applying the Principle of Least Privilege to Windows Vista.

http://www.microsoft.com/technet/community/columns/secmgmt/sm1006.mspx. . Microsoft. How to troubleshoot definition update issues for Windows Defender.

http://support.microsoft.com/kb/918355.

299

Apply Your Knowledge . Microsoft TechNet. Content Advisor. http://www.microsoft.com/technet/

prodtechnol/ie/reskit/6/part2/c05ie6rk.mspx?mfr=true. . Walker, Mark. Internet Explorer 7: Security gets an upgrade. http://

www.microsoft.com/windows/ie/community/columns/securityupgrade.mspx. . Microsoft TechNet. Using Windows Vista: Controlling Communication with the

Internet. http://technet2.microsoft.com/WindowsVista/en/library/7ea6ee84-b6964e75-9c1c-c2b99c8af54b1033.mspx?mfr=true. . Microsoft TechNet. Introduction to Windows Firewall with Advanced Security.

http://technet.microsoft.com/en-us/windowsvista/aa905080.aspx. . Davies, Joseph. The New Windows Firewall in Windows Vista and Windows

Server2008. http://www.microsoft.com/technet/community/columns/ cableguy/cg0106.mspx. . Microsoft TechNet. Getting Started with Windows Firewall with Advanced Security.

http://technet2.microsoft.com/WindowsVista/en/library/19b429b3-c32b-4cbdae2a-8e77f2ced35c1033.mspx?mfr=true. . Riley, Steve. Exploring the Windows Firewall. http://www.microsoft.com/technet/

technetmag/issues/2007/06/VistaFirewall/default.aspx

This page intentionally left blank

6

CHAPTER SIX

Configuring Network Connectivity Objectives This chapter helps you to prepare for the exam by covering the following Microsoft-specified objectives for the Installing and Upgrading Windows Vista section of exam 70-620, TS: Microsoft Windows Vista, Configuring:

Configuring networking by using the Network and Sharing Center. . Windows Vista introduces the Network and Sharing Center, which provides a central point for all types of network configuration. You should know how to perform the various network configuration activities that you can perform from this location.

Troubleshoot connectivity issues. . You should understand how a Windows Vista computer interacts on the network via TCP/IP to be able to troubleshoot it if there are connectivity problems.

Configure Remote Access. . Dial-up networking (DUN) enables a Windows Vista computer to connect to another single computer, a private network, or to the Internet through a modem or other adapter. This same connection can then be shared with other computers on the network. You are expected to know how to configure and troubleshoot all types of connections. You should also understand the Remote Assistance and Remote Desktop applications, the difference between the two applications, their situational usage, and management.

Outline Introduction Understanding the TCP/IP Protocol

305 305

Managing Wireless Networks

332

Setting Up a Wireless Network Connection

333

Managing Wireless Network Connections

338

Wireless Network Profiles

339

Configuring and Troubleshooting Internet Connection Sharing

340

Features of TCP/IP Version 4

307

Implementing APIPA

308

Static IPv4 Addressing

309

Dynamic IP Addressing

312

Features of TCP/IP Version 6

313

IPv6 Address Syntax

313

Troubleshooting Connectivity Issues

343

IPv6 Prefixes

314

Troubleshooting LAN Connections

343

Types of IPv6 Addresses

314

Compatibility Between IPv4 and IPv6 Addresses

Incorrect IPv4 address or Subnet Mask

344

316

Unable to Connect to a DHCP Server

345

Duplicate IP Address

345

Unable to Configure an Alternate TCP/IPv4 Configuration

345

Using Event Viewer to Check Network Problems

345

Configuring Networking by Using the Network and Sharing Center Using the Network and Sharing Center to Configure TCP/IP Configuring TCP/IP Version 4

316 317 317

Configuring TCP/IP Version 6

322

Disabling IPv6

324

Using TCP/IP Utilities to Troubleshoot TCP/IP 345

Using the Network and Sharing Center to Configure File Sharing

ARP

346

325

Finger

346

Sharing Files, Folders, and Printers

FTP and TFTP

346

325

ipconfig

346

Modifying Shared Folder Properties

Nbtstat

347

327

Netstat

347

Use of the Public Folder for Sharing Files

330

Nslookup

348

Ping

348

Tracert

349

Sharing Printers

330

Password-Protected Sharing

330

Media Sharing

330

Searching for Network Resources

331

Troubleshooting Wireless Networks

350

Windows Switches Randomly Between Access Points

350

Wireless Networks Are Unavailable 350 Troubleshooting Hardware and Modem Problems 351

Configuring Remote Access Understanding Remote Access

354 355

Remote Access Authentication Protocols

355

Remote Access Security

357

Using a VPN Connection to Connect to Computers

359

Connecting to the Internet by Using Dial-Up Networking

361

Remote Desktop

362

Remote Assistance

365

Summary

368

Key Terms

368

Apply Your Knowledge

368

Exercises

370

Exam Questions

373

Answers to Exercises

379

Answers to Exam Questions

379

Suggested Readings and Resources

382

Study Strategies You should practice configuring different types of network connectivity and sharing across a simple peer-to-peer network consisting of two or three computers. Practice with the different types of network connections available in Windows Vista and use the following suggestions for additional experience: . Transmission Control Protocol/Internet Protocol (TCP/IP) provides the basic connectivity for Windows Vista to communicate with other computers. You should practice troubleshooting TCP/IP on a network with at least three segments. Place a computer at one end of the network. Place a server at the other end. Change an IP address so that it is incorrect. Test connectivity between the two computers. Use the various TCP/IP troubleshooting tools. . You should have a thorough understanding of how to subnet Class A, B, and C addresses so that there are sufficient addresses per segment for the required physical segments on the network. This will take practice with paper and a pencil. . You should practice using the Network and Sharing Center to configure sharing of files across a network of two or three computers. On one computer, use the Network and Sharing Center to share a folder and provide access to the files in that folder. Log on from another computer and determine whether you have access to the shared folder and files. Log on as different users and test access to the files. . To prepare for the remote access section of the exam, you should configure one computer as a network server that provides remote connections via dial-up and virtual private networking (VPN) and a Windows Vista computer. You should have two phone lines available to you and an ISP. Using these resources, you can configure and test the dial-up connections under various configurations. . Configure one Windows Vista computer for using Remote Desktop and attempt to connect to this computer from the other Vista computer. Experiment with the various options available from the Remote Desktop Connection dialog box and their effects on your connectivity. Ensure you know the reasons for the various errors you encounter in this process. . Enable Remote Assistance and practice providing assistance to a user on another computer. Set up a situation where you control one computer’s desktop session from another one and observe how the two computers interact.

305

Understanding the TCP/IP Protocol

Introduction Connectivity between Windows Vista computers and other networks (inclusive of the Internet and other computers) is provided in a variety of ways. Windows Vista computers utilize a variety of tools, applications, and protocols for connecting to networks. New to Vista is the Network and Sharing Center, which consolidates many of these applications and utilities into one convenient location from which you can create and manage different types of network connections as well as file and print sharing. This chapter reviews a wide variety of these components, including how to install, configure, or manage them: . Versions 4 and 6 of the TCP/IP protocol suite . Network and Sharing Center . Dial-up networking . Remote Desktop . Remote Assistance

Not only do you explore each of these components in this chapter, but you also look at their features and dependencies as they exist within the Windows Vista operating system.

Understanding the TCP/IP Protocol The Transmission Control Protocol/Internet Protocol (TCP/IP) protocol suite is the default protocol for all editions of Windows Vista. With the omnipresent Internet, the usage of proprietary network protocol suites has diminished greatly in favor of seamless integration with the Internet, which requires TCP/IP. Since its introduction of the Active Directory in Windows 2000, Microsoft has made TCP/IP the protocol required for Windows networks that use Active Directory. This is largely because of the Active Directory’s dependence upon Domain Name System (DNS) to provide the name and address resolution for all Active Directory resources. TCP/IP is a suite of protocols that govern the transmission of data across computer networks and the Internet. The following is a brief description of the major protocols that you should be aware of: . Transmission Control Protocol (TCP)—Provides connection-oriented, reliable communi-

cation between two hosts, typically involving large amounts of data. This kind of communication also involves acknowledgements that data has been correctly received. . User Datagram Protocol (UDP)—Used for fast, non–connection-oriented communica-

tions with no guarantee of delivery, typically small short bursts of data. Applications using UDP data are responsible for checking their data’s integrity.

306

Chapter 6: Configuring Network Connectivity . Internet Protocol (IP)—Handles, addresses, and routes packets between hosts on a net-

work. It performs this service for all other protocols in the TCP/IP protocol suite. . Internet Control Messaging Protocol (ICMP)—Enables hosts on a TCP/IP network to

share status and error information. It is specifically responsible for reporting errors and messages regarding the delivery of IP datagrams. It is not responsible for error correction. Higher layer protocols use information provided by ICMP to recover from transmission problems. The ping command uses ICMP to check connectivity to remote computers. . Address Resolution Protocol (ARP)—Used to resolve the IP address of the destination

computer to the physical or Media Access Control (MAC) address, which is a unique 12-digit hexadecimal number that is burned into ROM on every network adapter card. Refer to “Guide to TCP/IP, Second Edition,” in the “Suggested Readings and Resources” section at the end of the chapter for additional information on these protocols and details on the other protocols that make up TCP/IP. By default, previous versions of Windows have used version 4 of the IP protocol, simply known as IPv4. With its 32-bit address space, this version has performed admirably well in the over 25 years since its initial introduction. However, with the rapid growth of the Internet in recent years, its address space has approached exhaustion, and security concerns have increased. Consequently, the Internet Engineering Task Force (IETF) introduced version 6 of the IP protocol with Request for Comment (RFC) 1883 in 1995 and updated with RFC 2460 in 1998. Simply known as IPv6, this protocol provides for 132-bit addressing, which allows for a practically infinite number of possible addresses, as well as the following benefits: . An efficient hierarchical addressing scheme—IPv6 addresses are designed to enable an effi-

cient, hierarchical, and summarizable routing scheme making way for multiple levels of Internet service providers (ISPs), which is becoming more common. . Simpler routing tables—Backbone routers on the Internet are more easily configured for

routing packets to their destinations. . Stateful and stateless address configuration—IPv6 simplifies host configuration with the

use of stateful address configuration, or configuring IP addresses in the presence of a Dynamic Host Configuration Protocol (DHCP) server, as well as stateless address configuration, or configuration of IP addresses in the absence of a DHCP server. Stateless address configuration enables the automatic configuration of hosts on a subnetwork according to the addresses displayed by available routers. . Improved security—IPv6 includes standards-based support for IP Security (IPSec). In

fact, IPv6 requires IPSec support.

307

Understanding the TCP/IP Protocol . Improved support for Quality of Service (QoS)—IPv6 header fields improve the identifica-

tion and handling of network traffic from its source to destination, even when IPSec encryption is in use. . Extensibility—You can add extension headers after the IPv6 packet header, which enable

the inclusion of new features as they are developed in years to come. Using a new TCP/IP implementation known as the Next Generation TCP/IP stack, Vista enables a dual IP layer architecture enabling the operation of both IPv4 and IPv6 at the same time. Unlike previous Windows versions, you do not need to install a separate IPv6 component.

EXAM ALERT Get to know IPv6 As the usage of IPv6 becomes more common, Microsoft expects that everyone receiving Windows certifications should have knowledge of IPv6 as well as the older version of TCP/IP, IPv4. Expect to see some questions on most certification exams that deal with this protocol.

Features of TCP/IP Version 4 Much of TCP/IPv4 is transparent to users and to administrators. The administrator might need to configure the address information applied to the network interface. This information consists of the following: . IP address—The unique, logical 32-bit address, which identifies the computer (called a

host or node) and the subnet on which it is located. The IP address is displayed in dotted decimal notation (each decimal represents an octet of binary ones and zeroes). For example, the binary notation of an address might be 10000000.00000001.00000001. 00000011, which in dotted decimal notation is written as 128.1.1.3. . Subnet mask—The subnet mask is applied to an IP address to determine the subnet-

work address and the host address on that subnet. All hosts on the same subnet must have the same subnet mask for them to be correctly identified. If a mask is incorrect, both the subnet and the host address will be wrong. (For example, if you have an IP address of 128.1.1.3 and an incorrect mask of 255.255.128.0, the subnet address would be 128.1.0, and the host address would be 1.3. If the correct subnet mask is 255.255.255.0, then the subnet address would be 128.1.1, and the host address would be 3.) . Default gateway—The address listed as the default gateway is the location on the local

subnet to which the local computer will send all data meant for other subnets. In other

308

Chapter 6: Configuring Network Connectivity

words, this is the IP address for a router that is capable of transmitting the data to other networks. . Domain Name System (DNS) server address—The DNS server address is the place where

names of IP hosts are sent so that the DNS server will respond with an IP address. This process is called name resolution. DNS is a distributed database of records that maps names to IP addresses, and vice versa. A HOSTS file that maps names to IP addresses can be placed on the local computer and used instead of DNS, which renders this an optional setting, although it is rare that a network is small enough to make a HOSTS file more efficient than a DNS server. When a user types in a DNS name such as JacksPC.mydomain.local, the computer sends the name to the DNS server. If the name is one that the DNS server knows, it sends back the IP address. Otherwise, the DNS server sends the name request to a higher-level DNS server, and this recursive process continues until either the IP address is found and returned to the original requestor or until all avenues have been exhausted and the original requestor is notified that the name cannot be found. . Windows Internet Naming Service (WINS) server address—The WINS server address is

the location where network computers send requests to resolve NetBIOS names to IP addresses. WINS is used on Microsoft Windows networks where older Windows computers or applications require NetBIOS naming. When a user types in a NetBIOS name, such as JACKSPC, the computer sends the name to the WINS server. Because WINS is a flat-file database, it returns an IP address or a Name not found message. WINS server addresses, like DNS server addresses, are optional. A computer can use a local LMHOSTS file to map the NetBIOS names to IP addresses rather than use WINS.

EXAM ALERT Know how to solve TCP/IP problems and use other skills Administrators need to thoroughly understand TCP/IP. To make certain you understand these skills and to test you on the core exam requirements, you will find that questions that appear to be focused on one subject also incorporate a question about TCP/IP.

Implementing APIPA The Automatic Private Internet Protocol Addressing (APIPA) system provides an alternate configuration to DHCP for automatic IP addressing in small networks. When a computer uses APIPA, Windows Vista assigns itself an IP address and then verifies that it is unique on the local network. To work effectively, APIPA is useful only on a small local area network (LAN) or as a backup to DHCP.

309

Understanding the TCP/IP Protocol

NOTE What is APIPA? APIPA is not a protocol; it is an internal procedure that the operating system performs.

When a Windows Vista computer begins its network configuration, it performs the following procedures: 1. It checks to see whether there is a manually configured (or static) IP address. 2. If there is none, it contacts a DHCP server with a query for configuration settings. A

response from a DHCP server leases—or validates the lease of—an IP address, subnet mask, and extended IP information such as DNS server, default gateway, and so on. 3. If there is no DHCP server response within six seconds, Windows Vista looks to see

whether an alternate configuration has been applied by the administrator. 4. If there is no alternate configuration, Windows Vista uses APIPA to define an IP

address unique on the LAN.

NOTE Vista uses APIPA much faster than previous Windows versions Windows Vista waits only six seconds for a response from a DHCP server before configuring itself with APIPA. This differs from previous Windows versions, which waited up to three minutes. For more information, refer to Knowledge Base article 931550, referenced in the “Suggested Readings and Resources” section at the end of this chapter.

APIPA defines its IP addresses in the range of 169.254.0.1 to 169.254.255.254. The subnet mask on these addresses is configured as 255.255.0.0. You do have administrative control over APIPA. When Windows Vista selects an address from this range, it then performs a duplicate address detection process to ensure that the IP address it has selected is not already being used, while continuing to query for a DHCP server in the background. If the address is found to be in use, Windows Vista selects another address. The random IP selection occurs recursively until an unused IP address is selected, a DHCP server is discovered, or the process has taken place 10 times.

Static IPv4 Addressing IP addresses indicate the same type of location information as a street address. A building on a street has a number, and when you add it to the street address, you can find it fairly easily because the number and the street will be unique within a city. This type of address scheme— an individual address plus a location address—allows every computer on the Internet to be uniquely identified.

310

Chapter 6: Configuring Network Connectivity

A static IP address is one that is permanently assigned to a computer on the network. Certain computers require static IP addresses because of their functions, such as routers or servers. Client computers are more often assigned dynamic addresses because they are more likely to be moved around the network or retired and replaced. DSL and cable modem users are usually given a static IP address, whereas dial-up users are provided with dynamic addresses. As discussed earlier, IP addresses consist of two parts: one that specifies the network and the other that specifies the computer. These addresses are further categorized with classes, as described in Table 6.1. TABLE 6.1

IPv4 Address Classes

Class

Dotted Decimal Hosts per Range

First Octet Binary Usage

Number of Networks

Number of Hosts per Network

A

1.0.0.0–126.255.255.255

0xxxxxxx

Large networks/ISPs

126

16,777,214

B

128.0.0.0–191.255.255.255

10xxxxxx

Large or midsize ISPs

16,382

65,534

C

192.0.0.0–223.255.255.255

110xxxxx

Small networks

2,097,150

255

D

224.0.0.0–239.255.255.255

1110xxxx

Multicasting

N/A

N/A

E

240.0.0.0–254.255.255.255

1111xxxx

Reserved for future use

N/A

N/A

Loopback

127.0.0.1–127.255.255.255

01111111

Loopback testing

N/A

N/A

Private IP Class A address

10.0.0.0–10.255.255.255

00001010

Reserved for a private network

1

16,777,214

Private IP Class B address

172.16.0.0–172.16.255.255

10101100

Reserved for a private network

1

65,534

Private IP Class C address

192.168.0.0–192.168.255.255 11000000

Reserved for a private network

254

254

NOTE Loopback testing TCP/IPv4 has a predefined IP address that identifies a computer to dial itself up to perform loopback testing. If TCP/IP is configured, you should be able to run the ping 127.0.0.1 command when troubleshooting a connectivity problem. The private IP address classes are used on private networks that utilize Network Address Translation or proxy services to communicate on the Internet. Internet routers are preconfigured to not forward data that contains these IP addresses.

311

Understanding the TCP/IP Protocol

The portion of the address that decides on which network the host resides varies based on the class and, as you will see further on, the subnet mask. In the following list, the uppercase Ns represent the part of the IP address that specifies the network, and the lowercase Cs represent the part of the address that specifies the computer. This explains why there are differing numbers of networks per class and different numbers of hosts per network, as listed in Table 6.1. . Class A—NNNNNNNN.cccccccc.cccccccc.cccccccc . Class B—NNNNNNNN.NNNNNNNN.cccccccc.cccccccc . Class C—NNNNNNNN.NNNNNNNN.NNNNNNNN.cccccccc

These address portions coincide with the default subnet masks for each address class. A Class A subnet mask is 255.0.0.0, a Class B subnet mask is 255.255.0.0, and a Class C subnet mask is 255.255.255.0. Subnet masks enable you to reconfigure what constitutes the network portion and what constitutes the computer portion. When you apply the subnet mask to the IP address by using a “bitwise logical AND” operation, the result is a network number. A bitwise logical AND operation adds the bit, whether 1 or 0, to the corresponding bit in the subnet mask. If the subnet mask bit is a 1, the corresponding IP address bit is passed through as a result. If the subnet mask bit is a 0, a zero bit is passed through. For example, if the IP address is 141.25.240.201, you will have the following: . IP address—10001101.00011001.11110000.11001001 . Subnet mask—11111111.11111111.00000000.00000000 . Result from bitwise logical AND . Network—10001101.00011001.00000000.00000000

This shows the network address as 141.25.0.0 and the host address as 0.0.240.201. If you add bits to the mask, you will be able to have additional subnetworks when you perform a bitwise logical AND, and each subnetwork will have fewer hosts because fewer bits are available for the host portion of the address. Using the same address, and adding five bits to the subnet mask, you would receive the following: . IP address—10001101.00011001.11110000.11001001 . Subnet mask—11111111.11111111.11111000.00000000 . Result from bitwise logical AND . Network—10001101.00011001.11110000.00000000

312

Chapter 6: Configuring Network Connectivity

In this case, the subnet mask changes the network address to 141.25.240.0. The host address changes to 0.0.0.201. Other IP addresses that are under the default Class B subnet mask that would otherwise be part of the same network, such as 140.25.192.15 and 140.25.63.12, are now on different subnets. For an organization with a large number of physical networks where each requires a different subnet address, you can use the subnet mask to segment a single address to fit the network. You can easily calculate how many subnets and hosts you will receive when you subnet a network. The formula is 2n – 2, where n is the number of bits. The 2n is the number 2 raised to the power of the number of bits, and that result minus 2 (the addresses represented by all 1s and all 0s) equals the available subnets or hosts. Therefore, if you have a subnet of 5 bits as is shown here, you are able to achieve 25 – 2 = 32 – 2 = 30 subnets. Because there are 11 bits left for host addresses, each subnet will have 211 – 2 = 2048 – 2 = 2,046 hosts. When you multiply 2046 by 30, you will see that you have 61,380 addresses available for network hosts and that you “lost” 4,154 addresses. This is the problem that Classless InterDomain Routing (CIDR) solves and is discussed in the sidebar.

How CIDR Functions When you consider that a Class A address has more than 16 million host addresses and that no organization with a Class A address has managed to utilize each of those addresses, the use of classful addressing (an IP addressing system that does not segment the network into smaller subnetworks) is extremely wasteful. CIDR was developed to prevent the Internet from running out of IP addresses by reusing some of the unused addresses and expanding the addresses available when subnetting. With CIDR, a subnet mask is not considered separate from the network portion of the mask. Instead, whatever portion of the mask is used for the network determines how many networks there are. This means that a company can “supernet” two (or more) Class C addresses to put more than 254 hosts on a single physical network. Supernetting is the process of subtracting bits from the default subnet mask. This adds bits to the host portion, increasing the number of hosts available. CIDR notation allows you to simply specify the number of bits that are used for a mask after the IP address. For example, 192.168.1.0 with a subnet mask of 255.255.255.0 is written as 192.168.1.0/24. If the address were supernetted, it could be 192.168.1.0/22.

Dynamic IP Addressing Dynamic IP addresses are provided to a computer when it needs to be connected to the network. The provider is the DHCP server. When the computer is disconnected, the IP address becomes available for use by another computer. The address does not become available immediately, however. It is leased for a specified period of time (the administrator specifies this time period when configuring the DHCP server), and when the lease is up, the IP address is placed back in an IP address pool and can be delivered to another computer.

313

Understanding the TCP/IP Protocol

Before DHCP was developed, network administrators were forced to manually assign a separate IP address to each computer on the network. If a user left for a 2-month vacation and the computer was off the entire time, the IP address was unusable by anyone else. If the administrator (yes, to err is human) forgot to reuse an IP address for a computer that was retired, then the number of IP addresses available was also reduced. Other administrative errors included assigning duplicate IP addresses to computers on the network and misconfiguring the subnet mask, default gateway, and DNS server addresses. DHCP resolves these problems.

EXAM ALERT The DHCP process DHCP has a set communication process that is used to lease an IP address to a DHCP client. You might see a reference on the exam to a particular part of this process, so you should be able to relate the entire sequence of events and understand where a breakdown in communications might occur. 1. Client boots up and broadcasts a DHCPDiscover packet. 2. Server responds with a DHCPOffer packet, containing an IP address, subnet mask, and often including the default gateway and DNS server addresses. 3. Client replies with a DHCPRequest packet as a broadcast, requesting verification that it is okay to use the address. This notifies any other DHCP servers that they do not need to hold a reservation of an IP address for the client if they also responded to the original DHCPDiscover packet. 4. Server responds with a DHCPACK acknowledgement packet, and the client begins using the address.

On a Windows Vista computer, you can configure any network connection to be a DHCP client by selecting the option to Obtain an IP Address Automatically, which is configured in the Internet Protocol (TCP/IP) Properties dialog box. If you change from a manual address to a dynamic one, you need to clear out the manual IP addressing information first.

Features of TCP/IP Version 6 The 128-bit addressing scheme used by IPv6 enables an unimaginably high number of 3.4 × 1038 addresses, which equates to a total of 6.5 × 1023 addresses for every square meter of the Earth’s surface. This addressing scheme is complicated as a result, as described in this section.

IPv6 Address Syntax Whereas IPv4 addresses use dotted-decimal format as already explained in the section, “Features of TCP/IP Version 4,” IPv6 addresses are subdivided into 16-bit blocks. Each 16bit block is portrayed as a 4-digit hexadecimal number and is separated from other blocks by colons. This addressing scheme is referred to as colon-hexadecimal.

314

Chapter 6: Configuring Network Connectivity

For example, a 128-bit IPv6 address written in binary could appear as follows: 0011111111111110

1111111111111111

0010000111000101

0000000000000000

0000001010101010

0000000011111111

1111111000100001

0011101000111110

The same address written in colon-hexadecimal becomes 3ffe:ffff:21a5:0000:00ff:fe21:5a3e. You can remove any leading zeros, converting this address to 3ffe:ffff:21a5::ff:fe21:5a3e. In this notation, note that the block that contained all zeros appears as “::”, which is called double-colon.

IPv6 Prefixes Corresponding to the network portion of an IPv4 address is the prefix, which is the part of the address containing the bits of the subnet prefix. IPv6 addresses do not employ subnet masks but rather use the same CIDR notation used with IPv4. For example, an IPv6 address prefix could be 3ffe:ffff:21a5::/64, where 64 is the number of bits employed by the address prefix.

Types of IPv6 Addresses IPv6 uses the following three types of addresses: . Unicast—Represents a single interface within the typical scope of unicast addresses. In

other words, packets addressed to this type of address are to be delivered to a single network interface. Unicast IPv6 addresses include global unicast, link-local, site-local, and unique local addresses. Two special addresses are also included: unspecified addresses (all zeros, equivalent to the IPv4 address of 0.0.0.0) and the loopback address, which is 0:0:0:0:0:0:0:1 or ::1 , which is equivalent to the IPv4 address of 127.0.0.1. . Multicast—Represents multiple interfaces to which packets are delivered to all network

interfaces identified by the address. Multicast addresses have the first eight bits set to ones and so begin with “ff”. . Anycast —Also represents multiple interfaces. Anycast packets are delivered to a single

network interface that represents the nearest (in terms of routing hops) interface identified by the address. Table 6.2 provides additional details on the IPv6 classes and subclasses:

315

Understanding the TCP/IP Protocol

TABLE 6.2

IPv6 Address Classes and Subclasses

Class

Address Prefix Additional Features

Global unicast

2000::/3

Use a global routing prefix 001 of 45 bits (beyond the initial 001 bits), which identifies a specific organization’s network, a 16-bit subnet ID, which identifies up to 54,536 subnets within an organization’s network, and a 64-bit interface ID, which indicates a specific network interface within the subnet.

First Binary Bits

Globally routable Internet addresses that are equivalent to the public IPv4 addresses

Usage

Link Local unicast

fe80::/64

Equivalent to APIPA-configured IPv4 addresses in the 169.254.0.0/16 network prefix.

111111101000

Used for communication between neighboring nodes on the same link.

Site Local unicast

fec0::/10

Equivalent to the private IPv4 address spaces mentioned previously in Table 6.1. Prefix followed by a 54-bit subnet ID field within which you can establish a hierarchical routing structure within your site.

111111101100

Used for communication between nodes located in the same site.

Unique local IPv6 unicast

fc00::/7

Prefix followed by a local (L) flag, a 40-bit global ID, a 16-bit subnet ID, and a 64-bit interface ID.

11111100

Provide addresses that are private to an organization but unique across all the organization’s sites.

Multicast

ff

Use the next 4 bits for flags (Transient[T], Prefix [P], and Rendezvous Point Address[R]), the following 4 bits for scope (determines where multicast traffic is forwarded), and the remaining 112 bits for a group ID.

11111111

Multiple interfaces to which packets are delivered to all network interfaces identified by the address.

Anycast

(from unicast addresses)

Assigned from the unicast address space with the same scope as the type of unicast address within which the anycast address is assigned.

(varies)

Only utilized as destination addresses assigned to routers.

316

Chapter 6: Configuring Network Connectivity

Compatibility Between IPv4 and IPv6 Addresses To assist in the migration from IPv4 to IPv6 and their coexistence, several additional address types are used, as follows: . IPv4-compatible addresses—Nodes communicating between IPv4 and IPv6 networks can

use an address represented by 0:0:0:0:0:0:w.x.y.z, where w.x.y.z is the IPv4 address in dotted-decimal. . IPv4-mapped address—An IPv4-only node is represented as ::ffff:.w.x.y.z to an IPv6

node. This address type is used only for internal representation and is never specified as a source or destination address of an IPv6 packet. . 6-to-4 address—Two nodes running both IPv4 and IPv6 across an IPv4 routing infra-

structure use this address type when communicating with each other. You can form the 6-to-4 address by combining the prefix 2002::/16 with the 32-bit public IPv4 address to form a 48-bit prefix. This tunneling technique is described in RFC 3056. More information on compatibility addresses and technologies used for transition to IPv6 is available in IPv6 Transition Technologies in the “Suggested Readings and Resources” section at the end of this chapter.

Configuring Networking by Using the Network and Sharing Center Objective:

Configuring networking by using the Network and Sharing Center. New to Windows Vista, the Network and Sharing Center, shown in Figure 6.1, brings all networking tasks together in a single convenient location. The diagram at the top indicates your connections to the network and the Internet and graphically indicates when a connection is unavailable. You can open the Network and Sharing Center by using any of the following methods: . Click Start, right-click Network, and then click Properties. . Click Start and click Network. At the top of the Network window, click Network and

Sharing Center. . Click Start and type network and sharing in the Search text box. Then select

Network and Sharing Center from the Programs list.

317

Configuring Networking by Using the Network and Sharing Center . Click Start, Control Panel. On the Control Panel home page, click Network and

Internet and then click Network and Sharing Center or View Network Status and Tasks.

FIGURE 6.1 The Network and Sharing Center provides a centralized location for configuring network properties.

The Network and Sharing Center enables you to configure connections to other computers and networks; share folders, printers, and media; view devices on your network; set up and manage network connections; and troubleshoot connectivity problems.

Using the Network and Sharing Center to Configure TCP/IP The Network and Sharing Center enables you to configure either version 4 or 6 of TCP/IP, as described in the following sections.

Configuring TCP/IP Version 4 You can configure TCP/IP version 4 on a Windows Vista computer either manually or dynamically. The default method is to dynamically configure TCP/IP. If the infrastructure includes DHCP services that deliver IP addresses to network computers, then a Windows Vista computer can connect upon logon with the default configuration of the network adapter. However, if you need to apply a static IPv4 address and other parameters, your only option is to manually configure the network adapter. Manually configuring one computer is timeconsuming and error-prone. Multiply that by hundreds of computers, and you can see why dynamic configuration has become so popular. Step by Step 6.1 describes how to configure TCP/IP.

318

Chapter 6: Configuring Network Connectivity

STEP BY STEP 6.1 Configuring a Network Adapter with a Static IPv4 Address 1. Open the Network and Sharing Center by any of the methods described in the previous section. 2. From the Tasks list on the left side of the Network and Sharing Center, select Manage Network Connections. This opens the Network Connections dialog box, as shown in Figure 6.2.

FIGURE 6.2 The Network Connections dialog box displays the network connections configured for your computer.

3. Right-click the connection that represents the adapter you are going to configure. Select Properties from the shortcut menu, and then click Continue in the User Account Control (UAC) prompt that appears. The Local Area Connection Properties dialog box opens, as shown in Figure 6.3. 4. Click to select the Internet Protocol Version 4 (TCP/IPv4). (You might need to scroll through other services to reach this item.) Click Properties. The Internet Protocol Version 4 (TCP/IPv4) Properties dialog opens, as shown in Figure 6.4. 5. To use DHCP services, you should make certain that Obtain an IP Address Automatically is selected, and if the DHCP server provides extended information—including the DNS server information—you would also select Obtain DNS Server Address Automatically. To manually configure the IP address, you should click Use the Following IP Address. 6. In the IP Address box, type the address that will function on the current network segment. For example, if the network segment uses a Class C address 192.168.1.0 with a subnet mask of 255.255.255.0, and you’ve already used 192.168.1.1 and 192.168.1.2, you could select any node address from 3 through 254 (255 is used for broadcasts), in which case you would type 192.168.1.3. 7. In the Subnet Mask box, type the subnet mask. In this case, it would be 255.255.255.0.

319

Configuring Networking by Using the Network and Sharing Center

FIGURE 6.3

The network adapter is considered a network

connection.

FIGURE 6.4 The Internet Protocol Version 4(TCP/IPv4) Properties dialog box lets you define manual or dynamic IPv4 address information.

8. In the Default Gateway box, type the IP address that is assigned to the router interface on your current segment that leads to the main network or the public network. In this case, the IP address of the router on your segment is 192.168.1.1 and the IP address of the router’s other interface is 12.88.54.179. In the Default Gateway box, you would type 192.168.1.1.

320

Chapter 6: Configuring Network Connectivity 9. Click the Use the Following DNS Server Addresses option and type the IP address for at least one DNS server. 10. Click the Advanced button. The Advanced TCP/IP Settings dialog box opens, as shown in Figure 6.5.

FIGURE 6.5 The Advanced TCP/IP Settings dialog allows you to control granular IP addressing options.

11. If you require more than one IP address for a computer, such as for hosting two different websites, you can configure the additional IP addresses in this dialog box by clicking the Add button. You cannot configure any additional IP addresses if you are using DHCP. 12. If your network segment is connected to more than one router leading to the main or outside networks, you can configure these gateway addresses in the Default Gateways section by clicking the Add button. 13. Click the DNS tab and then click the Add button under the DNS Server Addresses section. Type the IP address to the additional DNS server and click Add. 14. The lower section of the DNS tab applies to the fully qualified domain name (FQDN) of resources. Users sometimes use a simple name for a computer or printer. This section enables you to configure the last portion of the domain name that will be appended to the simple name to create an FQDN. For example, if you have configured mydomain.local and jubilee.local in this box, and the user typed in server, the computer would automatically attempt to contact server.mydomain.local. If that failed, the computer would then attempt to contact server.jubilee.local. Click the Append These DNS Suffixes (in Order) option. Then click the Add button to configure the DNS suffixes. 15. If you have a DNS server that provides Dynamic DNS, and when you want to share files or printers from your computer, you should register your computer’s DNS name and IP address in the DNS database. To do so, select the Register This Connection’s Addresses in DNS check box.

321

Configuring Networking by Using the Network and Sharing Center 16. Click the WINS tab. WINS provides resolution for NetBIOS names to IP addresses on Windows networks. If you use legacy networks or have applications that require NetBIOS names, you should configure the address for a WINS server on the network.

TIP DHCP and routers Many hardware routers, including those used when connecting home networks to high-speed Internet connections, include DHCP functionality. If you are using one of these, simply leave the defaults selected in step 5 of Step by Step 6.1.

Challenge You are the network administrator for I.M. Society, a non-profit organization that seeks to protect the rights of Internet usage. I.M. Society has been granted some shared office space from a company named ISPrUS, an Internet service provider (ISP). The office space is distributed across a large campus with several different buildings. Because the space has been donated, I.M. does not have the ability to consolidate onto a single network. The organization consists of 102 computers on 12 different subnets. Currently I.M. has been using the same IP addresses as ISPrUS. You have had some questions about security because public traffic has limited access to some of the subnets that ISPrUS has provided you, so you have wired a separate network for your users. The new network consists of 102 computers on 10 physical subnetworks. You have no more than 14 computers on any single subnet. You have been told that I.M. is not planning on expanding for a long time. You have received a Class C address for your own network. Keeping this information in mind, answer the following questions: 1. How can you use the Class C address to provide unique IP addresses for each of your computers? 2. You have added four bits to the default subnet mask. How many subnets will you have, with how many nodes on each subnet? Will this meet your needs? 3. If the Class C address you are given is 192.168.0.1, what subnet ranges will you have with the subnet mask of 255.255.255.240? 4. You decide to use CIDR. How will this affect your network? Answers to Challenge 1. You need to create a subnet mask to subdivide the address into multiple subnetworks that provide a minimum of 10 subnets and at least 14 nodes per subnetwork. 2. Adding 4 bits to the subnet mask results in 14 subnets with 14 nodes on each subnet. This meets your criteria. (continues)

322

Chapter 6: Configuring Network Connectivity (continued)

3. You will have the following ranges. Because you cannot have a subnet with all 0s or all 1s, you cannot use the first or last subnet numbers (this is to satisfy legacy rules). The list of networks would be as follows: 192.168.0.0–192.168.0.15: not used 192.168.0.16–192.168.0.31 192.168.0.32–192.168.0.47 192.168.0.48–192.168.0.63 192.168.0.64–192.168.0.79 192.168.0.80–192.168.0.95 192.168.0.96–192.168.0.111 192.168.0.112–192.168.0.127 192.168.0.128–192.168.0.145 192.168.0.146–192.168.0.161 192.168.0.162–192.168.0.177 192.168.0.178–192.168.0.191 192.168.0.192–192.168.0.207 192.168.0.208–192.168.0.223 192.168.0.224–192.168.0.239 192.168.0.240–192.168.0.255: not used 4. CIDR does not use the rules that eliminate the first and last subnet range from your options. For your current network configuration, you will not have much change. However, you are able to expand your network to two other physical subnets.

Configuring TCP/IP Version 6 You can let IPv6 configure itself automatically with a link-local address described previously in Table 6.2. You can also configure IPv6 to use an existing DHCP server, or manually configure an IPv6 address as required. Configuration of IPv6 addresses is very similar to the procedure used with configuration of IPv4 addresses, as Step by Step 6.2 shows.

323

Configuring Networking by Using the Network and Sharing Center

STEP BY STEP 6.2 Configuring a Network Adapter with a Static IPv6 Address 1. Open the Network and Sharing Center by any of the methods previously described. 2. From the Tasks list on the left side of the Network and Sharing Center, select Manage Network Connections. This opens the Network Connections dialog box, as previously shown in Figure 6.2. 3. Right-click the connection that represents the adapter you are going to configure and select Properties. Then click Continue in the User Account Control (UAC) prompt that appears. 4. Click to select the Internet Protocol Version 6 (TCP/IPv6). (You might need to scroll through other services to reach this item.) Click Properties. The Internet Protocol version 6 (TCP/IPv6) Properties dialog opens, as shown in Figure 6.6.

FIGURE 6.6 The Internet Protocol Version 6 (TCP/IPv6) Properties dialog box lets you define manual or dynamic IPv6 address information.

5. To use DHCP, ensure that the Obtain an IPv6 Address Automatically radio button is selected. If the DHCP server provides DNS server information, ensure that the Obtain DNS Server Address Automatically radio button is also selected. You can also select these options to configure IPv6 automatically with a link-local address using the address prefix fe80::/64 previously described in Table 6.2. 6. To manually configure an IPv6 address, select Use the Following IPv6 Address. Then type the IPv6 address, subnet prefix length, and default gateway in the text boxes provided. For unicast IPv6 addresses, you should set the prefix length to its default value of 64. 7. To manually configure DNS server addresses, select Use the Following DNS Server Addresses and then type the IPv6 addresses of the preferred and alternate DNS server in the text boxes provided. 8. Click Advanced to display the Advanced TCP/IP Settings dialog box shown in Figure 6.7.

324

Chapter 6: Configuring Network Connectivity

FIGURE 6.7 The Advanced TCP/IP Settings dialog allows you to control granular IPv6 addressing options.

9. As with IPv4, you can configure additional IP addresses if you are not using DHCP. Click Add and type the required IP address in the dialog box that appears. 10. As with IPv4, if your network segment is connected to more than one router, configure additional gateway addresses in the Default Gateways section by clicking the Add button. 11. Click the DNS tab. The settings on this tab are the same as those found in the DNS tab for IPv4 described previously. Click Add under the DNS Server Addresses section to add the IPv6 addresses of additional DNS servers, as required. Also configure the information pertaining to the FQDN of resources if needed (see steps 13 and 14 of Step by Step 6.1 for additional details).

NOTE Use of the command line to configure IPv6 You can also use the netsh.exe tool with the interface IPv6 subcommand to configure IPv6. For more information, refer to Configuring IPv6 with Windows Vista in the “Suggested Readings and Resources” section at the end of the chapter.

Disabling IPv6 You cannot remove IPv6 from a Windows Vista computer. However, you can disable IPv6 on a specific connection. Follow steps 1 to 3 of Step by Step 6.2 to access the Local Area Connection Properties dialog box. Clear the check box beside Internet Protocol Version 6 (TCP/IPv6) and then click OK. You can do this selectively for each network connection on your computer.

325

Configuring Networking by Using the Network and Sharing Center

You can also selectively disable IPv6 components. This is a more complex procedure that involves editing the Registry and is beyond the scope of this book. For more details, refer to Configuring IPv6 with Windows Vista in the “Suggested Readings and Resources” section.

Using the Network and Sharing Center to Configure File Sharing The Sharing and Discovery section of the Network and Sharing Center enables you to perform actions related to sharing of resources on your computer with others on the network. It contains the following nodes, each of which can be turned on or off from the main Network and Sharing Center screen (refer to Figure 6.1): . Network Discovery—Enables your computer to locate other computers and devices on

the network and other computers to locate yours. . File Sharing—Enables others on the network to access shared files and printers on your

computer. . Public Folder Sharing—Enables others on the network to access files in your Public

folder. . Printer Sharing—Enables others on the network to print from printers attached to your

computer. . Password Protected Sharing—Increases security by limiting access of shared files and

printers to only those who have a user account and password on your computer. . Media Sharing—Enables others on the network to access shared music, pictures, and

videos on the computer and enables your computer to access these types of shared information on the network.

Sharing Files, Folders, and Printers Shared folders are folders on the local hard drive that other users on a network can connect to. For the exam, it is critical that you understand how to manage and troubleshoot connections to shared resources, how to create new shared resources, and how to set permissions on shared resources. The process that Windows Vista uses to share folders is that an administrator selects a folder, regardless of its location in the local folder hierarchy, and shares it through the Sharing tab of the folder’s Properties dialog box. Shares can be managed through the Computer Management console snap-in. Administrators might find that the Computer Management snap-in is helpful in file and folder security management. You can open Computer Management from within Administrative Tools, which is found in the System and Maintenance category of Control Panel, or by rightclicking Computer and choosing Manage. To manage file and folder security, navigate to the

326

Chapter 6: Configuring Network Connectivity

Shared Folders node in the left pane. Double-click Shares to see the shared folders. The hidden administrative shares are followed by a dollar sign ($) and cannot be modified. From the remaining shared folders, select one to double-click and view the security settings on the folder. Aside from the Public folder (C:\Users\Public) and the default administrative shares, there are no folders that are automatically shared with the network. To share files with other users across the network, you must manually do so for each folder containing the files that you want to share. To share a folder with other network users, you can open any Explorer window and then follow the process shown in Step by Step 6.3.

STEP BY STEP 6.3 Sharing Folders from Within Any Explorer Window 1. In an Explorer window, navigate to the folder, right-click it, and select Share. The File Sharing dialog box opens, as shown in Figure 6.8.

FIGURE 6.8 The File Sharing dialog box enables you to choose those you want to share a file with.

2. Type the name of a user with whom you want to share the folder and then click Add. The name appears in the Name list with a default permission level of Reader. 3. To share with another user, repeat step 2 as many times as required. When finished, click Share. Then click Continue on the UAC prompt that appears. 4. When the file is shared, you receive a message informing you that your folder is shared. This message enables you to email the link to the users with whom you shared the folder or copy it to other programs or documents. Click Done.

To add people to the sharing list, follow the procedure of Step by Step 6.3 and select Change Sharing Permissions from the File Sharing dialog box. Then type the name of the required

327

Configuring Networking by Using the Network and Sharing Center

user and click Add. To remove a shared folder, select Stop Sharing from the File Sharing dialog box.

Modifying Shared Folder Properties Windows Vista shares folders to others as Reader, which means that the users you specify can view but not modify available files. The Advanced Sharing feature in Vista enables you to modify these properties when necessary. When granting full access to your local files to other users across a network, your computer becomes vulnerable to both unintentional and intentional attacks. Not only can the data simply be viewed for malicious purposes, such as corporate spying, but it can be altered or destroyed on purpose or accidentally. For this reason alone, you should always grant the most restrictive permissions necessary for a network user to conduct work on those files. Granting just enough permission without being too lenient requires careful consideration. If you are too stringent, users can’t get their jobs done. If you are too lenient, the data is at risk. Follow Step by Step 6.4 to modify shared folder properties.

STEP BY STEP 6.4 Modifying Shared Folder Properties 1. In an Explorer window, right-click the shared folder and choose Properties. 2. Click the Sharing tab to obtain the dialog box shown in Figure 6.9.

FIGURE 6.9 The Sharing tab of a folder’s Properties dialog box enables you to modify shared folder properties.

328

Chapter 6: Configuring Network Connectivity 3. Click Advanced Sharing and then click Continue on the UAC prompt that appears. The Advanced Sharing dialog box shown in Figure 6.10 appears.

The Advanced Sharing dialog box enables you to configure several properties of shared folders.

FIGURE 6.10

4. To add an additional share name, click Add under the Share Name section. An additional share name enables users to access the shared folder under this name. 5. To change the maximum number of simultaneous users, type the required number. This number cannot be higher than 10 on a Windows Vista computer. 6. To change shared folder permissions, click Permissions. This displays the Permissions dialog box shown in Figure 6.11. By default, the creator of the share receives Full Control permission (which enables him to perform any task on the folder or its constituent files), and other users receive the Read permission (which enables them to view but not modify files). The Change permission enables users to view and modify files but not change the attributes of the shared folder itself. Click OK when finished. 7. To modify settings that affect how users view and access shared folder contents, click Caching, as shown earlier in Figure 6.10 and configure the settings in the Offline Settings dialog box as required. 8. To set granular security permissions on the folder, click the Security tab and modify the settings in the dialog box shown in Figure 6.12 as required. These permissions apply to everyone accessing the folder either locally or across the network, and more restrictive permissions configured here override those configured from the Sharing tab. For more information on these settings, consult the Windows Vista Help and Support Center.

329

Configuring Networking by Using the Network and Sharing Center

The Permissions dialog box enables you to configure permissions that apply to users accessing the folder across the network.

FIGURE 6.11

The Security tab of a folder’s Properties dialog box enables you to configure granular permissions for users and groups accessing the folder.

FIGURE 6.12

9. When you are finished, click OK to close the Properties dialog box. You can also click Apply to apply your changes and continue making modifications.

330

Chapter 6: Configuring Network Connectivity

Use of the Public Folder for Sharing Files Windows Vista provides the Public folder as a location for sharing files as a default. By default, public folder sharing is turned off. To use this folder for sharing files, expand the Public Folder Sharing line under Sharing and Discovery on the Network and Sharing Center. You have the following options at C:\Users\Public: . Turn On Sharing So Anyone with Network Access Can Open Files—Shares the folder with

Read shared folder permission. If password protected sharing is turned on, a password is required. . Turn On Sharing So Anyone with Network Access Can Open, Change, and Create Files—

Shares the Public folder with Full Control shared folder permission. If password protected sharing is turned on, a password is required. . Turn Off Sharing (People Logged On To This Computer Can Still Access This Folder)—

Disables sharing of the Public folder. By default, this folder is located at C:\Users\Public and becomes visible when you select either of the Turn on Sharing options. You can configure additional security options on this folder by accessing its Properties dialog box from this location and following the procedures outlined in Step by Step 6.4.

Sharing Printers When you have installed a printer on your computer, you can configure printer sharing from the Sharing and Discovery section of the Network and Sharing Center. Expand this entry and select the Turn On Printer Sharing option. Then click Apply and click Continue on the UAC prompt that appears. By default, printer sharing is enabled with a password required if password-protected file sharing is turned on.

Password-Protected Sharing When password-protected sharing is turned on, only users with a local user account and password on your computer can access shared files and printers, including the Public shared folder. To enable others to access shared resources, expand the Password Protected Sharing section and select the Turn Off Password Protected Sharing radio button. Then click Apply and click Continue on the UAC prompt that appears.

Media Sharing Turning media sharing on enables users and devices on the network to access music, pictures, and videos in Windows Media Player and from devices attached to the computer such as digital cameras, portable device assistants (PDAs), cellular phones, and so on. In addition, the computer can locate these types of shared files on the network. To turn media sharing on, expand this entry in the Sharing and Discovery section of the Network and Sharing Center

331

Configuring Networking by Using the Network and Sharing Center

and click the Change button. For further information on media sharing, consult the Windows Vista Help and Support Center.

Searching for Network Resources Windows Vista lets you search for computers on the network, even when connected remotely. To search for a computer, click Start and select Search from the list on the right side of the Start menu. In the dialog box that appears, select Advanced Search, and under Location, click Choose Search Locations. In the Choose Search Locations dialog box shown in Figure 6.13, expand the Network entry to display available computers. Click to select a computer on the network. In the box, type the name or partial name of the desktop or server that you want to access and then click OK. You can double-click any of the results and view the shared folders, files, printers, and other resources that the found computer provides.

The Choose Search Locations dialog box enables you to search network locations for shared resources.

FIGURE 6.13

The search utility is exceptionally cooperative. If you type in a partial name or similar name, Windows Vista displays the results. Therefore, misspellings do not prevent you from finding the computer you need to use. To search for a computer, click Start and then click Search. If you do not know the name of the computer that you want to access, you can use the View Computers and Devices option in the Network and Sharing Center. You should see a list of the currently configured network location shortcuts that were either created by you or

332

Chapter 6: Configuring Network Connectivity

automatically configured by the operating system. Double-click the desired computer to view its shares.

Managing Wireless Networks The recent advances in wireless networking technology have enabled individuals to connect to networks from virtually any place a wireless access point is available. Many homes and small offices are taking advantages of the ease of setup of wireless LANs (WLANs), which allow for mobility and portability of computers and other devices located within the office. Public access points in locations such as restaurants and airports permit users to send and receive data from many places that would not have been thought of not too many years ago. Along with the convenience of wireless networking comes an increased chance of unauthorized access to the networks and the data they contain. Because security is still not perfected for wireless networks, they have not made major inroads in corporate environments yet. Windows Vista supports the 802.11 protocols for WLANs and is capable of transparently moving between multiple wireless access points (WAPs), changing to a new IP subnet, and remaining connected to the network. Each time the IP subnet changes, the user is re-authenticated. In Windows Vista, you can configure wireless networking in the Network and Sharing Center. This enables you to connect to wireless networks, configure an ad hoc connection or use of a WAP, and manage your wireless networks.

NOTE Wireless network protocols Windows Vista supports three wireless protocols: the older 802.11b protocol, which operates at 11 Mbps, and the 802.11a and 802.11g protocols, which both operate at 54 Mbps. While devices that support the 802.11a standard are generally incompatible with those that support 802.11b, some devices are equipped to support either 802.11a or 802.11b. The newest standard, 802.11g, extends the older 802.11b standard to the 54 Mbps rate and allows 802.11b and 802.11g devices to operate together on the same network. This standard was created specifically for backwards compatibility with the 802.11b standard.

Windows Vista improves upon the wireless support included with Windows XP so that wireless networking is as well integrated with the operating system as normal networking. Consequently, wireless network reliability, stability, and security are considerably enhanced over that of Windows XP. The following are some of the more important security improvements in Windows Vista wireless networking: . Vista minimizes the amount of private information such as the service set identifier

(SSID) that is broadcast before connecting to a wireless network. . When connecting to an unencrypted public network (such as an airport or restaurant

Wi-Fi hotspot), Vista warns users of the risks so that they can limit their activities accordingly.

333

Configuring Networking by Using the Network and Sharing Center . Vista supports a complete range of wireless security protocols from Wired Equivalent

Privacy (WEP) to Wi-Fi Protected Access (WPA and WPA2), Protected Extensible Authentication Protocol (PEAP), and its combination with Microsoft Challenge Handshake Authentication Protocol version 2 (MS-CHAP v2) and Extensible Authentication Protocol Transport Layer Security (EAP-TLS). . Vista uses WPA2-Personal for maximum security when communicating by means of an

ad hoc wireless network (direct communication with another wireless computer without use of an access point). This helps to protect against common vulnerabilities associated with such unprotected networks. . Administrators can use Group Policy settings to configure Single Sign On (SSO) pro-

files that facilitate wireless domain logon. 802.1x authentication precedes the domain logon, and users are prompted for wireless credentials only if absolutely necessary. The wireless connection is therefore in place before the domain logon proceeds. . Vista supports the three network location types (public, private, and domain) together

with their Windows Firewall settings for wireless networking. You learned about these settings in Chapter 5, “Configuring Windows Security Features.” For more information on wireless security protocols and wireless security in general, refer to Chapter 7 of Implementing and Administering Security in a Windows Server 2003 Network Exam Cram 2 (70-299) in the “Suggested Readings and Resources” section. For more information on networking enhancements introduced with Windows Vista in general, refer to New Networking Features in Windows Server 2008 and Windows Vista.

Setting Up a Wireless Network Connection Windows Vista provides a wizard that simplifies the process of setting up various types of network connections and connecting to wireless and other networks. From the Start menu, click the Connect To option to display the available connection options in the Connect To a Network dialog box shown in Figure 6.14 (note that this dialog box might not display all these options according to the networking hardware attached to your computer): . Connect to the Internet—Enables you to connect to the Internet from an existing wire-

less, broadband, or dial-up connection. . Set Up a Wireless Router or Access Point—Enables you to configure a new wireless con-

nection. . Manually Connect to a Wireless Network—Enables you to connect to an infrastructure-

based wireless network (a network with an access point) . Set up a Wireless Ad Hoc (Computer to Computer) Network—Enables you to connect to

another computer without passing through a wireless point

334

Chapter 6: Configuring Network Connectivity . Set up a Dial-Up Connection—Enables you to set up a remote access connection to a

network. You learn about remote access connections later in this chapter in the section, “Configuring Remote Access.” . Connect to a Workplace—Enables you to set up a VPN connection to a workplace. You

learn about VPN connections in the section, “Using a VPN Connection to Connect to Computers.”

The Choose a Connection Option dialog box enables you to connect to several types of networks.

FIGURE 6.14

Follow Step by Step 6.5 to set up a wireless network connection.

STEP BY STEP 6.5 Setting Up a Wireless Network Connection 1. Click Start, Connect To. 2. In the Connect to a Network dialog box, click Set Up a Connection or Network. 3. In the Choose a Connection Option dialog box, select Set Up a Wireless Router or Access Point, and then click Next. 4. The Set Up a Home or Small Business Network Wizard starts and informs you of the options you can configure, as shown in Figure 6.15. Click Next. 5. The wizard detects network hardware and settings. When it finishes, it displays a page showing the available options. 6. To configure a device manually, select the Configure this Device Manually option. Follow the instructions provided; you will need to enter the network SSID and the security type plus the key or passphrase required for connecting to the network.

335

Configuring Networking by Using the Network and Sharing Center

The Set Up a Home or Small Business Network Wizard helps you configure wireless networks.

FIGURE 6.15

7. To create wireless network settings and save these settings to a USB flash drive, select this option. Type the SSID, and then click Next. 8. Accept the passphrase displayed or type a passphrase of your choosing. Then click Next and click Continue on the UAC prompt that appears. 9. Choose an option for file and printer sharing from those displayed in Figure 6.16, and then click Next.

You have four options for configuring file and printer sharing on the wireless network.

FIGURE 6.16

10. To save your settings to a USB flash drive, insert the drive and then select the drive from the list box provided. Then click Next. 11. When informed that your settings have been saved, click Finish and remove the flash drive.

336

Chapter 6: Configuring Network Connectivity

This procedure copies the wireless settings plus a small utility application to the USB flash drive. You can use this flash drive to enter information to the wireless router or to configure other computers for wireless networking on the same access point. You can use the same wizard to connect to an infrastructure wireless network, as Step by Step 6.6 shows.

STEP BY STEP 6.6 Connecting to a Wireless Network 1. Click Start, Connect To. 2. In the Connect to a Network dialog box, click Set Up a Connection or Network. 3. On the Choose a Connection Option dialog box, select Manually Connect to a Wireless Network, and then click Next. 4. The wizard displays the Manually Connect to a Wireless Network page shown in Figure 6.17. Enter the following information, and then click Next. . Network name—The name (SSID) of the wireless network you are connecting to. . Security type—Authentication method to be used in connecting to the wireless network. Table 6.3 lists the available security types. . Encryption type—Select the method to be used for encryption of data sent across the wireless network. You can choose from 128-bit WEP, 128-bit Temporal Key Integrity Protocol (TKIP), or 128-bit Advanced Encryption Standard (AES) according to the security type chosen (see Table 6.3).

The Manually Connect to a Wireless Network page enables you to enter the information required for connecting to a wireless network.

FIGURE 6.17

337

Configuring Networking by Using the Network and Sharing Center . Security key/passphrase—Enter the security key or passphrase according to the security type selected (the WEP key for the WEP security type), the WPA preshared key (for the WPA-Personal security type), or the WPA2 preshared key (for the WPA2-Personal security type). Select the Display Characters check box to view the information typed here. . Save this network for—Enables you to specify whether the network connection is available for use by yourself only or for all users of the computer. . Start this connection automatically—When selected, Vista will automatically connect to the network when you log on. When cleared, you must use the Connect to a Network dialog box to connect to the network. . Connect even if the network is not broadcasting—Specifies whether Windows will attempt to connect even if the network is not broadcasting its name. This can be a security risk because Vista sends Probe Request frames to locate the network, which unauthorized users can use to determine the network name. 5. The wizard informs you that it has successfully added the network you specified. Click the link specified to connect to the network or the Close button to finish the wizard without connecting.

TABLE 6.3

Available Wireless Security Types

Security Type

Description

Available Encryption Types

No authentication (open)

Open system authentication with no encryption

None

WEP

Open system authentication using WEP

WEP

WPA-Personal

Wi-Fi Protected Access (WPA) using a preshared passphrase or key

TKIP (default) or AES

WPA2-Personal

Version 2 of WPA using a preshared passphrase

TKIP or AES (default)

WPA-Enterprise

WPA using IEEE 802.1x authentication

TKIP (default) or AES

WPA2-Enterprise

Version 2 of WPA using IEEE 802.1x authentication

TKIP or AES (default)

802.1x

IEEE 802.1x authentication using WEP (also known as dynamic WEP)

WEP

NOTE WPA2-Enterprise Security WPA2-Enterprise security provides the highest level of wireless networking authentication security. It requires authentication in two phases: first, an open system authentication and second, authentication using EAP. It is suitable for domain-based authentication and on networks using a Remote Authentication Dial-In User Service (RADIUS) authentication server. In environments without the RADIUS server, you should use WPA2-Personal security.

338

Chapter 6: Configuring Network Connectivity

The wireless network you configured is visible in the Network and Sharing Center, from which you can connect later if you have not chosen the Start This Connection Automatically option.

EXAM ALERT WPA and WPA2 wireless security You might be asked to choose between the four available types of WPA wireless security. You should select WPA (either Personal or Enterprise) to use TKIP encryption by default or WPA2 (either Personal or Enterprise) to use AES encryption by default. In addition, if you are required to type a security key or passphrase, you should select one of the Personal options. If you are not required to type a security key or passphrase, you should select one of the Enterprise options.

Managing Wireless Network Connections After you have configured one or more wireless network connections, you can manage them from the Manage Wireless Networks dialog box shown in Figure 6.18. You can access this dialog box from the task list in the Network and Sharing Center. This dialog box enables you to add new wireless networks, view or modify the properties of a wireless network connection, modify the sequence of preferred connection to these networks, or choose the type of profile to be applied to a network. You learn about wireless network profiles later in this section.

The Manage Wireless Networks dialog box displays the various wireless networks you have configured on your computer.

FIGURE 6.18

To modify the order in which Windows attempts to connect to the wireless networks, select the network to be connected first and drag it to the top of the list. To modify the properties of the wireless network connection, right-click it and choose Properties. This displays the

339

Configuring Networking by Using the Network and Sharing Center

dialog box shown in Figure 6.19. (This dialog box is also available from the completion page of the wizard in Step by Step 6.6 by selecting Change Connection Settings.)

The Wireless Network Properties dialog box enables you to modify the properties of your wireless network connection.

FIGURE 6.19

From the Wireless Network Properties dialog box, you can modify the options previously selected to connect automatically or connect even if the network is not broadcasting. You can also choose to connect to a more preferred network if you have configured one and it is available (this option is unavailable if you have configured only one wireless network). The Security tab of this dialog box enables you to change the security and encryption types according to the types given previously in Table 6.3. From this tab you can also change the network security key if you have chosen a security type that requires this key.

Wireless Network Profiles The Manage Wireless Networks dialog box also enables you to manage wireless network profiles. Simply put, a wireless network profile is a set of wireless networks available to a given user on a Vista computer. The profile contains the SSID, the security settings as configured earlier in this section, and whether the network is an infrastructure or ad hoc network. There are two types of wireless network profiles: . Per-User Profiles—These profiles apply to specific users of the computer and are con-

nected when that user logs on to the computer. . Per-Computer Profiles—This profile applies to all users of the computer and is connect-

ed regardless of which user is logged on to the computer.

340

Chapter 6: Configuring Network Connectivity

In addition to using the Manage Wireless Networks dialog box, you can use the netsh command to manage wireless network profiles. You can also use Group Policy to deploy or maintain wireless network profiles. For more information, refer to Wireless Networking in Windows Vista in the “Suggested Readings and Resources” section.

Configuring and Troubleshooting Internet Connection Sharing Quite often, it is not feasible for a small office or a home user to install a high-speed dedicated link to the Internet, such as a T1 line, or have each computer dial up to an ISP. Even dedicated broadband links offered to home users are reasonably priced only if they are connected directly to a single network adapter in a computer. One of the growing trends for small office or home networks is to share an Internet connection with all the members of the network. Windows Vista contains a feature called Internet Connection Sharing (ICS), which enables a small office or home network to use one computer on the network as the router to the Internet. Windows Vista’s ICS components consist of . Auto-dial—A method of establishing the Internet connection when attempting to access

Internet resources on a computer that does not host the Internet connection. . DHCP Allocator—A simplified DHCP service that assigns IP addresses from the

address range of 192.168.0.2–192.168.0.254, with a mask of 255.255.255.0 and default gateway of 192.168.0.1. . DNS Proxy—Forwards DNS requests to the DNS server and forwards the DNS replies

back to the clients. . Network Address Translation (NAT)—Maps the range of IP addresses (192.168.0.1–

192.168.0.254) to the public IP address, which is assigned by the ISP. NAT is a specification in TCP/IP that tracks the source private IP addresses and outbound public IP address(es), reformatting the IP address data in the header dynamically so that the source requests reach the public resources and the public servers can reply to the correct source-requesting clients. ICS can be used to share any type of Internet connection, although it must be a connection that is enabled for all users on the PC dial-up for sharing to be effective. To enable ICS, you need to make sure that the Internet-connected computer has been configured with connections for a modem and a network adapter. If you are using broadband, you need two network adapters: one to connect to the broadband device for the Internet and the other to connect to the network. Perform Step by Step 6.7 at the computer that is connected to the Internet to set up ICS.

341

Configuring Networking by Using the Network and Sharing Center

STEP BY STEP 6.7 Sharing an Internet Connection 1. Click Start, Network to display the Network Connections dialog box. 2. Right-click the connection you want to share and choose Properties. If you receive a UAC prompt, click Continue. 3. Select the Sharing tab, and then select the check box labeled Allow Other Network Users to Connect Through this Computer’s Internet Connection. 4. If you want, select the check box labeled Allow Other Network Users to Control or Disable the Shared Internet Connection.

After you have shared your connection, you need to configure the other computers to use this connection. Step by Step 6.8 shows you how.

STEP BY STEP 6.8 Using the Shared Internet Connection 1. Click Start, right-click Internet, and choose Internet Properties. 2. On the Connections tab of the Internet Explorer Properties dialog box, select Never Dial a Connection. 3. Click the LAN Settings command button. 4. On the Local Area Network (LAN) Settings dialog box, clear the Automatically Detect Settings, Use Automatic Configuration Script, and Use a Proxy Server for Your LAN check boxes. 5. Click Start, right-click Network, and choose Properties. 6. Right-click the connection and choose Properties. 7. Click Internet Protocol Version 4 (TCP/IPv4) or Internet Protocol Version 6 (TCP/IPv6), and then click Properties. 8. On the Properties dialog box, select Obtain an IP Address Automatically or Obtain an IPv6 Address Automatically.

CAUTION Check for use of IPv4 address 192.168.0.1 Before you configure ICS, you should ensure that no computers are currently assigned an IP address of 192.168.0.1 because the network adapter on the ICS computer is automatically assigned that address when ICS is configured.

342

Chapter 6: Configuring Network Connectivity

If you have problems with ICS, you should open Event Viewer and check out the System log for any errors related to ICS. In addition you can view the NSW.LOG file to look for errors. The following are several additional suggestions in case users are unable to access the Internet from the client computers: . Check the configuration of the client Internet browser. Client configuration was men-

tioned in Step by Steps 6.7 and 6.8. . Ensure that the client can connect to the host computer. Check the connection by typ-

ing ping 192.168.0.1. If this ping is unsuccessful, check the physical network connections. . Check the client computer’s IP configuration. Use the ipconfig command and ensure

that the client has an IP address on the proper subnet and that the default gateway is set to 192.168.0.1. For more information on the ipconfig and ping commands, see the section, “Using TCP/IP Utilities to Troubleshoot TCP/IP” later in this chapter.

NOTE Network Address Translation ICS is a simplified form of NAT, which is a protocol used on larger networks to hide internal IP addresses. NAT runs on a server and is capable of translating multiple external IP addresses to internal private IP addresses used on client computers. The NAT server can also be configured to provide DHCP services to the client computers.

REVIEW BREAK . Vista includes both versions 4 and 6 of the TCP/IP protocol by default. You can dis-

able but not uninstall these protocols. . IPv4 uses 32-bit addresses with a subnet mask and default gateway. The subnet mask

determines how many bits of the address are dedicated to the network identification. . IPv6 uses 128-bit addresses together with a network prefix that indicates how many

bits of the address are dedicated to the network identification. . You can configure both versions of TCP/IP from the Network and Sharing Center in

Windows Vista.

343

Troubleshooting Connectivity Issues . You can also configure file sharing from the Network and Sharing Center. This enables

you to share files, folders, and printers with others on your network. You can specify properties including whether users can modify folder contents. You can also require password-protected sharing and share media. . Vista has enhanced the security capabilities of wireless networking. You can configure

several types of wireless networks from the Network and Sharing Center and choose from several available wireless security types. . You can use Internet Connection Sharing to share an Internet connection among sev-

eral computers on a small network. ICS provides simple DHCP services to the client computers using IP addresses in the range 192.168.0.1 to 192.168.0.254.

Troubleshooting Connectivity Issues Objective:

Troubleshoot connectivity issues. With any type of computer network, connectivity problems can and do occur. You should be aware of the types of problems that you might encounter and the steps to follow for determining the source of the problem and the means to correct it.

Troubleshooting LAN Connections You can check the status of a LAN connection from the Network Connections folder. Rightclick your connection icon and choose Status to display the Local Area Connection status dialog box shown in Figure 6.20. If you suspect a problem, click Diagnose to open a troubleshooter. You can also click Diagnose and Repair from the Tasks list in the Network and Sharing Center. You will be informed of any problem that exists. If no problem exists, Windows will inform you and offer to reset the network adapter. Click Yes and click Continue on the UAC prompt. To obtain details on your LAN connection, click Details. The resulting dialog box provides a subset of the information also provided by the ipconfig command discussed in the next section. To view or configure the properties of the connection, click Properties. This takes you to the same Properties dialog box discussed earlier in this chapter in the section “Configuring TCP/IP Version 4” and shown in Figure 6.3.

344

Chapter 6: Configuring Network Connectivity

The Local Area Connection Status dialog box provides information on the connectivity of your LAN connection.

FIGURE 6.20

Many LAN connection problems can be traced to improper TCP/IP configuration. Before looking at the use of TCP/IP utilities for troubleshooting these problems, this section reviews briefly some of the problems you might encounter.

Incorrect IPv4 address or Subnet Mask Recall from earlier in this chapter that the subnet mask determines the number of bits assigned to the network portion of the IP address and the number of bits assigned to the host portion. Be aware of the fact that the network portion of the IP address must match properly on all computers within a network segment and that the subnet mask must be configured appropriately to ensure that the computer is able to determine whether the computer to which it is attempting to connect is on the same or different subnet. For example, suppose you are at a computer configured with an IP address of 192.168.1.2 with a subnet mask of 255.255.255.0. If you want to reach a computer with the IP address of 192.168.2.1, the subnet mask indicates that this computer is located on a different subnet. Connection will take place across a router. Should the computer you are at be configured with the same IP address but a subnet mask of 255.255.248.0, this would indicate that the destination computer with the IP address of 192.168.2.1 is on the same subnet. If in fact this computer is located across a router on another subnet, you will fail to connect to it. Router problems could also cause a failure to access a computer on another subnet. These problems are beyond the scope of the 70-620 exam. For further information, consult a reference such as MCSA/MCSE Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 Network Infrastructure Exam Cram 2 (Exam 70-291) in the “Suggested Readings and Resources” section.

345

Troubleshooting Connectivity Issues

Unable to Connect to a DHCP Server If you configure your computer to automatically receive an IP address and the DHCP server is down, the computer will assign itself an IPv4 address in the 169.254.y.z range or an IPv6 link local unicast address on the fe80::/64 network. If you notice this when using ipconfig, check the connectivity to the DHCP server or contact an administrator responsible for this server. (You learn more about ipconfig in the section, “Using TCP/IP Utilities to Troubleshoot TCP/IP.”)

Duplicate IP Address If your computer is using an IP address that duplicates another computer on the network, you will be unable to connect to any computer on the network. When this happens, the first computer on the network performs properly but receives a message when the second computer joins the network. Ping your computer’s IP address to check for this problem. This problem cannot occur if you are using DHCP to obtain an IP address automatically or if your computer is configured for an IP address using APIPA.

Unable to Configure an Alternate TCP/IPv4 Configuration The Alternate Configuration tab of the TCP/IPv4 Properties dialog box (refer to Figure 6.4) enables you to configure an alternate IPv4 address, which is useful in situations where you need to connect to a second network—for example, when you are using a portable computer and traveling to a branch office of your company. However, to use the alternate configuration, your primary connection must be set to obtain an IP address automatically. If this is not the case, this tab does not appear. Note that this alternate configuration ability is not available when using IPv6.

Using Event Viewer to Check Network Problems One of Windows Vista’s standard troubleshooting tools is Event Viewer, which is incorporated into the Computer Management console. You can rely on this utility to be able to see errors and system messages. The ones that would be of most concern for a network problem are in the System Event log. You learn about Event Viewer in more detail in Chapter 8, “Maintaining and Optimizing Systems That Run Windows Vista.”

Using TCP/IP Utilities to Troubleshoot TCP/IP The TCP/IP protocol suite includes a number of tools that can help you isolate the source of connectivity problems. Windows Vista incorporates these tools as command-line executables. Each tool is different in what information it provides and when you might want to use it. When you are troubleshooting a connectivity problem, remember that sometimes the problem is the hardware—a failed network adapter, a failed port on the hub, a failed switch, and so on. If the communication is between two different physical segments, it could be a problem

346

Chapter 6: Configuring Network Connectivity

with the router between them. And if you were able to communicate in the past and now cannot, the most likely suspect is a configuration change on one of the computers, and the second most likely is that a piece of equipment has failed. To check whether there is an adapter failure, you can look at Device Manager.

ARP After data reaches the segment on which the IP address resides, it needs to discover the Media Access Control (MAC) address of the machine. The address resolution Protocol (ARP) is the protocol in the TCP/IP suite that resolves IP addresses to MAC addresses by creating an Address Resolution table in each host that transmits data on the network segment. The TCP/IP suite provides a utility called Arp that can check the table for errors. You should use the Arp utility when data is sent to a computer unexpectedly.

Finger If you want to finger the culprit when a user has intentionally caused a problem, you can use Finger. This utility queries the computer about the services and users that are running on it and is typically used to query remote computers that are running non-Microsoft operating systems such as UNIX. Each operating system returns different output to the Finger command.

FTP and TFTP File Transfer Protocol (FTP) and Trivial File Transfer Protocol (TFTP) are not considered to be troubleshooting tools. Sometimes you need to make certain that a protocol is able to move data from one network segment to another, and these two utilities can help out in a pinch because they verify TCP and UDP specifically, as well as all the protocols down to the Physical layer of the stack. If you want to verify whether the Transport Control Protocol (TCP) is functioning across a router, you can use FTP to download a file from an FTP server on another subnet. If you want to verify whether the User Datagram Protocol (UDP) is functioning across a router, you can use TFTP to download a file from a TFTP server on another subnet.

ipconfig Windows Vista uses the ipconfig utility to display information about the IP address configuration of its network adapters. When you are experiencing a problem with connectivity, this is the first thing you should check (besides the link lights on the network adapter). If you are using DHCP, you can see whether the adapter was able to obtain an IP address lease. If you are using a static IP address, you can verify and validate whether it has been configured correctly. You can use ipconfig with the following switches: . ipconfig /all—Displays all IP address data for all network adapters. Use this com-

mand to see whether an adapter has been misconfigured, or the adapter did not receive a DHCP lease.

347

Troubleshooting Connectivity Issues . ipconfig /release—Releases the current DHCP lease. Use this command to remove

an IP address that is misconfigured, or when you have moved from one network to another and the wrong IP address is still leased to the adapter. . ipconfig /release6—Same as the /release switch for IPv6. . ipconfig /renew—Renews (or tries to renew) the current DHCP lease. Use this com-

mand to see whether the computer can contact the DHCP server. . ipconfig /renew6—Same as the /renew switch for IPv6. . ipconfig /displaydns—Displays the contents of the DNS cache. Use this command

when the computer connects to the wrong network. . ipconfig /flushdns—Flushes the contents of the DNS cache. Use this command

when the computer connects to the wrong network and you see incorrect entries after using the ipconfig /displaydns command. . ipconfig /registerdns—Renews (or tries to renew) all adapters’ DHCP leases and

refreshes the DNS configuration. Use this command when the network has temporarily disconnected and you have not rebooted the PC. . ipconfig /showclassid adapter—Shows the DHCP class ID. If you use the asterisk

(*) in place of adapter, you see the DHCP class ID for all adapters. . ipconfig /setclassid adapter—Changes the DHCP class ID for an adapter. If you

use the asterisk (*) in the place of adapter, you set the DHCP class ID of all adapters. To determine whether the IP address the computer is using has been provided by APIPA, you can check the address of the interface by using the ipconfig command at a command prompt. The syntax for this command, which shows you the configuration of all network adapters, is ipconfig /all

In the resulting text, you can see whether the line Autoconfiguration Enabled is Yes or No. If Yes, and the IP address is 169.254.0.1 through 169.254.255.254, you are using an APIPA address.

Nbtstat The Nbtstat utility is used on networks that run NetBIOS over TCP/IP. This utility checks to see the status of NetBIOS name resolution to IP addresses. You can check current NetBIOS sessions, add entries to the NetBIOS name cache, and check the NetBIOS name and scope assigned to the computer.

Netstat The Netstat command-line tool enables you to check the current status of the computer’s IP connections. If you do not use switches, the results are protocol statistics and current TCP/IP

348

Chapter 6: Configuring Network Connectivity

connections. You should use Netstat to look for the services that are listening for incoming connections, if you have already checked the IP configuration and, though it is correct, the computer still displays a connectivity problem.

Nslookup Name Server Lookup, or NSLookup, is a command-line utility that communicates with a DNS server. There are two modes to Nslookup: interactive and non-interactive. The interactive mode opens a session with a DNS server and views various records. The non-interactive mode asks for one piece of information and receives it. If more information is needed, a new query must be made.

Ping Packet InterNet Groper (Ping) is a valuable tool for determining whether there is a problem with connectivity. The ping command uses an Echo packet at the Network layer—the default is to send a series of four echoes in a row—transmitting the packets to the IP address specified. The Echo returns an acknowledgment if the IP address is found. The results are displayed in the command window. If an IP address is not found, you see only the response Request timed out. You see similar results to those shown in Figure 6.21, where the first address that was pinged was not found and the second address was found. The ping command indicates how long each packet took for the response. You can use the ping command to determine whether a host is reachable and to determine whether you are losing packets when sending/receiving data to a particular host.

FIGURE 6.21 The ping command displays its results in a command window.

You can use the ping command to determine whether the internal TCP/IP protocol stack is functioning properly by pinging the loopback testing address. The command for IPv4 is ping 127.0.0.1

For IPv6, the command is ping ::1

349

Troubleshooting Connectivity Issues

Tracert When you have a problem communicating with a particular host, yet you have determined that your computer is functioning well, you can use Tracert (Trace Route) to tell you how the data is moving across the network between your computer and the one that you are having difficulty reaching. The Tracert command offers a somewhat higher level of information than Ping. Rather than simply tell you that the data was transmitted and returned effectively, as Ping does, Tracert logs each hop through which the data was transmitted. Figure 6.22 shows the results of a Tracert command. Keep in mind that some network routers strip out or refuse to reply to Tracert requests. When this happens, you see Request timed out messages.

FIGURE 6.22 The tracert command provides detailed information about the path that data travels between two IP hosts.

NOTE Understand the typical response to a connectivity problem The Microsoft troubleshooting process for TCP/IP is 1. Verify the hardware is functioning. 2. Run Ipconfig to validate the IP address, mask, default gateway, and DNS server, and whether you are receiving a DHCP leased address. 3. Ping 127.0.0.1 or ::1, the loopback address, to validate that TCP/IP is functioning. 4. Ping the computer’s own IP address to eliminate a duplicate IP address as the problem. 5. Ping the default gateway address, which tells you whether data can travel on the current network segment. 6. Ping a host that is not on your network segment, which shows whether the router will be able to route your data. 7. FTP a file from an FTP server not on your network, which tells you whether higher-level protocols are functioning. TFTP a file from a TFTP server on a different network to determine whether UDP packets are able to cross the router.

350

Chapter 6: Configuring Network Connectivity

Troubleshooting Wireless Networks Many problems associated with wireless networking are similar to those with wired networking. You might need to utilize one or more of the TCP/IP utilities to check connectivity or Windows utilities such as Device Manager or Event Viewer. This section takes a brief look at several additional problems you might encounter with wireless networking.

Windows Switches Randomly Between Access Points Many corporate wireless networks have more than one access point configured to provide adequate signal strength across a large floor area or a multistory building. In this case, you will have more than one wireless network visible in the Manage Wireless Networks dialog box previously shown in Figure 6.18. So that random switching between wireless networks does not take place, you should ensure that the network corresponding to the best access point for your normal work location is listed at the top of the list in Figure 6.18. In addition, you should clear the check box labeled Connect to a More Preferred Network If Available, found on the Properties dialog box of your best wireless network and previously shown in Figure 6.19. Doing so ensures that your computer connects to the best access point when available and does not switch to another one.

Wireless Networks Are Unavailable If you are unable to connect to your wireless network, you should verify that it is available. Access the Network and Sharing Center and click Manage Network Connections from the Tasks list. Right-click your wireless adapter, select View Available Wireless Networks, and then verify that your network name or SSID is visible. If the wireless network name is visible, but you are unable to connect, one or more of the following might be the cause: . Improperly configured wireless network adapter settings. Right-click the wireless

adapter and choose Repair to attempt an automatic repair of the settings. If the SSID is visible but is incorrect, you should access the Wireless Networks tab and select the check box labeled Use Windows to Configure My Wireless Network Settings. Select your wireless network and then click Configure. On the Association tab, type the correct SSID and then click OK twice to close the dialog boxes. . Improper configuration of your wireless security settings. Check the WEP configura-

tion and ensure that it matches the settings specified on the access point. Temporarily disable your security settings and attempt to connect. If you are successful, you should check all security settings. . Improper configuration of the wireless access point. Can you connect to the access

point from another computer, or can others reach the access point? Check with someone responsible for configuring the access point. You might need to reboot the router.

351

Troubleshooting Connectivity Issues . Interference from other devices such as cordless phones or microwave ovens. Turn

these devices off temporarily or move them to another location. . Conflicts between your wireless network adapter and another network adapter on your

computer. Use Device Manager to check the status of the network adapters. You might need to disable the other network adapter. If the wireless network name fails to appear, check the following possibilities: . Improper configuration of the SSID on the wireless access point or the access point is

configured not to broadcast its SSID. You might need to type the network information manually as previously mentioned. From the Network and Sharing Center, click Set Up a Connection or Network and then select Manually Connect to a Wireless Network (refer to Figure 6.14). . Problems with the access point, such as hardware or power failure, wireless channel

number in use, data transmission rate, and so on. . Improper configuration of your wireless network adapter. Follow some of the sugges-

tions provided earlier. You might need to verify the channel number from the Advanced tab of your network adapter’s Properties dialog box. Also use Device Manager to check for conflicts as already mentioned.

CAUTION Remember to reenable your wireless security settings If you disable wireless security settings to check for problems, ensure that you re-enable these settings as soon as you’ve corrected the problems. Otherwise, you become more vulnerable to intruders.

For additional hints at troubleshooting wireless network connectivity, refer to How to troubleshoot wireless connection problems and A Support Guide for Wireless Diagnostics and Troubleshooting in the “Suggested Readings and Resources” section. Additional hints can be found in the Vista Help and Support Center.

Troubleshooting Hardware and Modem Problems If you are not able to connect to any network and the link light on your network card is not lit, you most likely have a hardware problem. The same is true if your modem is unable to dial out to an external network. You can use Device Manager to check for hardware problems. To open Device Manager, click Start, right-click Computer, and choose Properties. From the System applet in Control Panel, select Device Manager in the Tasks list and click Continue

352

Chapter 6: Configuring Network Connectivity

on the UAC prompt that appears. You can also type device in the Search text box in the Start menu. Device Manager informs you of problems that might exist as follows: . Disabled device—Indicated with a black downward-pointing arrow icon on the device

(see Figure 6.23). . Non-functional device—Indicated with a yellow triangle with an exclamation point on

the device. You should update the device driver if this icon appears.

Device Manager informs you when a device is disabled or nonfunctional.

FIGURE 6.23

You can view the properties of a device by right-clicking it in Device Manager and choosing Properties. The Properties dialog box shown in Figure 6.24 provides the following information (not all tabs are present for all devices): . General tab—Device type, manufacturer, and status. . Advanced tab—Additional properties related to the device. You can select a property

and change its value as required. Be sure you know what you are doing if you try to modify device properties here. . Driver tab—Provides details about the driver files and allows you to update or roll

back the driver or disable or uninstall the device. . Details tab—Provides additional details about device properties. . Resources tab—Provides information on hardware resources such as input/output (I/O)

range, memory range, and interrupt request (IRQ).

353

Troubleshooting Connectivity Issues

The Properties dialog box for a device provides information on the device’s configuration including driver options.

FIGURE 6.24

To update a device driver, right-click the device and choose Update Driver Software (or click Update Driver on the Driver tab of the Properties dialog box). The Update Driver Software dialog box shown in Figure 6.25 enables you to search the Internet or browse for drivers. Choose the appropriate option and follow the instructions provided.

The Update Driver Software dialog box enables you to search for an updated driver software.

FIGURE 6.25

Should an updated driver fail to function, you can roll back to the previous driver. Select Roll Back Driver from the Driver tab of the device’s Properties dialog box.

354

Chapter 6: Configuring Network Connectivity

For modem problems, you should also check the Phone and Modem Options applet in the Hardware and Sound category of Control Panel. From the Diagnostic tab, click Query Modem and watch for an entry to appear in the Command/Response list. If you receive an error message, check the modem’s properties in Device Manager (which you can also access from the Hardware and Sound category). For more information on troubleshooting hardware problems, see Chapter 7, “Configuring Applications Included with Windows Vista.”

Configuring Remote Access Objective:

Configure Remote Access. Connectivity is the single most valuable capability in a computer. By connecting to other computers, a computer is able to access other information, applications, and peripheral equipment. Businesses have long since discovered that their employees will work longer hours and greatly increase their productivity when they are able to connect to the company’s network from remote sites. For this reason, they provide remote access servers (RASs) with either dial-up modems or VPN servers and Internet connections. Windows Vista computers link up with the Internet or corporate networks using dial-up networking connections. After Windows Vista connects with a dial-up connection, the user can open files and folders, use applications, print to printers, and pretty much use the network just as if he or she were connected to the network through its network adapter. Standard protocols are used to make dial-up network connections: . Point-to-Point Protocol (PPP)—A dial-up protocol that can support multiple networking

protocols, such as TCP/IP and Internetwork Packet Exchange/Sequenced Packet Exchange (IPX/SPX), and can be used with compression and encryption. Note that support for the older Serial Line Interface Protocol (SLIP) has been removed from Windows Vista. . Point-to-Point Tunneling Protocol (PPTP)—A protocol used to transmit private network

data across a public network in a secure fashion. PPTP supports multiple networking protocols and creates a secure VPN connection. . Layer 2 Tunneling Protocol (L2TP)—A protocol used to transmit private network data

across a public network. L2TP supports multiple networking protocols. Used with IPSec, it creates a secure VPN connection.

355

Configuring Remote Access

Understanding Remote Access Dial-up networking connections are used for any type of connection—between two different computers, between a computer and a private network, between a computer and the Internet, and from a computer through the Internet to a private network using a tunneling protocol. You can share a dial-up connection using ICS. All these functions and features offer different ways of connecting computers across large geographical distances. When a computer connects to a remote access server, it performs functions nearly identical to logging on locally while connected to the network. The major difference is the method of data transport at the physical level because the data is likely to travel across a rather slow telephone line for dial-up and Internet connections. Another difference between a local network user and a remote access user is the way that the user’s identification is authenticated. If using Remote Authentication Dial-In User Service (RADIUS), the RADIUS server takes on the task of authenticating users and passing along their data to the directory service(s) in which the users’ accounts are listed. Don’t confuse remote access with remote control. Remote access is the capability to connect across a dial-up or VPN link, and from that point forward, to be able to gain access to and use network files, folders, printers, and other resources identically to the way a user could do on a local network computer. Remote control, on the other hand, is the capability to connect to a network remotely and then, through the use of an application (such as PCAnywhere, Citrix, or Remote Desktop) create a session with a host computer where the desktop for that host computer is displayed on your PC, often within the application’s window, although most of these applications enable you to run the session “full screen.”

Remote Access Authentication Protocols Authentication is the first perimeter of defense that a network administrator can define in a remote access system. The process of authenticating a user is meant to verify and validate a user’s identification. If the user provides invalid input, the authentication process should deny the user access to the network. An ill-defined authentication system, or lack of one altogether, can open the door to mischief and disruption because the two most common methods for remote access are publicly available: the Internet and the public services telephone network. Table 6.4 discusses the authentication protocols supported by Windows Vista’s dial-up network connections.

356

Chapter 6: Configuring Network Connectivity

TABLE 6.4

Authentication Protocols for Remote Access

Acronym

Name

Usage

Security

CHAP

Challenge Handshake Authentication Protocol

Client requests access. Server sends a challenge to client. Client responds using MD5 hash value. Values must match for authentication.

One-way authentication. Server authenticates client.

MS-CHAPv2

Microsoft Challenge Handshake Authentication Protocol version 2

Requires both the client and the server to be Microsoft Windows based. Does not work with LAN Manager. Client requests access, server challenges, client responds with an MD5 hash value and piggybacks a challenge to server. If a match is found, server responds with a success packet granting access to client, which includes an MD5 hash response to the client’s challenge. Client logs on if the server’s response matches what client expects. Note that the older MS-CHAP authentication protocol is no longer supported in Windows Vista.

Mutual (two-way) authentication

EAP

Extensible Authentication Protocol

Developed for PPP and can be used with IEEE802. Is capable of heading other authentication protocols, so improves interoperability between RAS systems, RADIUS servers, and RAS clients. Used with MD5-Challenge, smart cards, and certificate authentication in Windows Vista.

Not used to provide its own security; enables enhanced interoperability and efficiency of authentication process.

PAP

Password Authentication Protocol

Client submits a clear-text user identification and password to server. Server compares to information in its user database. If a match, client is authenticated.

Clear-text, one-way authentication. Least secure method.

Smart cards

Certificates

User must have knowledge of PIN and possession of smart card. Client swipes card, which submits smart card certificate and inputs PIN. Results are reviewed by server, which responds with its own certificate. If both client and server match, access is granted. Otherwise, error that credentials cannot be verified.

Certificate-based, two-way authentication.

357

Configuring Remote Access

EXAM ALERT Trusted publishers The 70-620 exam touches on certificate authentication and might ask you about the relationship between trusted resources and certificates. When using certificate authentication, the client computer must have a way of validating the server’s certificate. To ensure absolutely that this validation will work, you can import the server’s certificate into the client’s Trusted Publishers list. If there is no way for a client to validate the server’s certificate, an error displays stating that the server is not a trusted resource.

Remote Access Security Windows Vista can be configured in an assortment of ways to ensure that your remote access services meet your organization’s security criteria. Much of the configuration takes place on the server side of remote access. These security features are available on a Windows Vista computer when you configure it to receive remote access connections. You can access the Local Security Policies snap-in through Administrative Tools under Control Panel’s System and Maintenance category, or by typing secpol.msc in the Run dialog box. The policies defined in this utility affect all users on the computer, unless the policies allow you to configure them on a per-user or per-group basis. This snap-in is shown in Figure 6.26.

You can configure security policies that affect remote access in the Local Security Policy snap-in.

FIGURE 6.26

You might configure the Account Lockout Policy on the local computer to increase security. Under the Account Lockout Policy, you can configure how many bad passwords the computer will accept before it disables the user from logging on, how long the user will be locked out, and how long to wait before starting to count invalid logon attempts again. Remember that the Account Lockout Policy does not only affect remote access users, but all users who try to

358

Chapter 6: Configuring Network Connectivity

log on to the computer. The following list describes the various Account Lockout Policy options: . If you set the Account Lockout Threshold policy to 0, Windows Vista does not lock

out a user no matter how many times the user submits a bad password. You should set this policy to a number of invalid logon attempts that is acceptable, such as 3. . The Account Lockout Duration policy is the time period, in terms of minutes, that the

account will be locked out. The longer the time period, the more strict the security. The default suggested time period is 30 minutes. You cannot set a duration until the Account lockout threshold has been configured to a number greater than zero. . The Reset Account Lockout Counter After policy has a default term of 30 minutes.

This is the length of time that the computer waits after counting the last invalid logon attempt before resetting the counter. The longer the time period that this policy is set, the stricter the security. You should always consider that because the default time periods are known quantities, an experienced hacker attempting to gain access to one of these accounts is likely to try again at intervals that will allow retries without locking the compromised account. To counter this, you should always set the policies to a longer duration than 30 minutes. If your computer is configured to accept VPN connections, you will probably want to establish IPSec settings. IPSec is a protocol used for authentication and encryption and is often used in VPNs in conjunction with L2TP. Specifying callback settings is another method you can use to restrict misuse of a Windows Vista computer configured to accept incoming connections via dial-up. You can do this in the properties of the incoming connection. From the Network and Sharing Center, click Manage Network Connections to access the Network Connections applet and double-click the incoming connection. Click the Users tab. In the window, you see a list of users configured on the computer. By default, none of the users is enabled to log on to the computer through this connection. You can select the options for each user to whom you want to grant remote access. You can compel all users to use encryption by selecting the Require All Users to Secure Their Passwords and Data option. You can also eliminate the need for a password for incoming connections from handheld devices by selecting the Always Allow Directly Connected Devices Such As Palmtop Computers to Connect Without a Password option. Select a user and click the Properties button. Click the Callback tab. Select whether you want the user to provide a callback number (use this for travelers), or whether you want to set a permanent callback number. Using callback is a verification step to ensure the identity of the calling user. On the General tab, you can specify whether to allow a VPN connection by selecting the Allow Others to Make Private Connections to My Computer by Tunneling Through the Internet or Other Network option.

359

Configuring Remote Access

Using a VPN Connection to Connect to Computers We’ve already touched on VPN connections. The way a VPN works is rather interesting. The private network is connected to the Internet. An administrator sets up a VPN server that sits basically between the private network and the Internet. When a remote computer connects to the Internet, whether via dial-up or other means, the remote computer can connect to the VPN server by using TCP/IP. Then the PPTP or L2TP protocols encapsulate the data inside the TCP/IP packets that are sent to the VPN server. After the data is received at the VPN server, it strips off the encapsulating headers and footers and then transmits the packets to the appropriate network servers and resources. The two tunneling protocols, although similar and both supported by Windows Vista and Windows 2003 servers, act somewhat differently. PPTP incorporates security for encryption and authentication in the protocol. L2TP does not. Instead, you must use IPSec to secure the data. To establish the VPN client connection on Windows Vista, follow the instructions in Step by Step 6.9. To follow along with this exercise and to test it, you should have a client computer and a VPN server that can both connect to the Internet. These two computers should not be connected in any other way than through the Internet.

STEP BY STEP 6.9 Creating a VPN Connection 1. Click Start, Connect To. If you are informed that the computer is connected to a network, select Set Up a Connection or Network. This takes you to the Connect to a Network page previously shown in Figure 6.14. 2. Click Connect to a Workplace. 3. You are given the option for selecting a dial-up or a VPN connection. Click Use My Internet Connection (VPN). 4. On the Type the Internet Address to Connect to page (see Figure 6.27), type the name of the organization and the Internet address (DNS name, IPv4 address, or IPv6 address). Select the other options displayed on this page as required, and then click Next. 5. On the Type Your User Name and Password page, type the username and password you will use to access the network. If this is a domain-based network, type the domain name. To remember the password for future access, select the Remember This Password check box. Then click Create. 6. Vista displays a creation page as it creates the connection. When completed, it informs you that the connection is ready. Click Connect Now to connect.

360

Chapter 6: Configuring Network Connectivity

Type the Internet address and destination name of the network you want to access.

FIGURE 6.27

7. To connect later to your connection, right-click it in the Network Connections dialog box and choose Connect. Type the required information in the Connect VPN Connection dialog box shown in Figure 6.28 and then click Connect.

FIGURE 6.28

Use the Connect VPN Connection dialog box to access the connection you have configured.

After you have set up a VPN connection, you can modify its properties if required. Right-click the connection in the Network Connections folder and choose Properties. The connection’s Properties dialog box consists of the following tabs, each with different types of configurations: . General—This tab enables you to select which modem or device to use in the connec-

tion, and a Configure button leads to the device’s hardware configuration options. The

361

Configuring Remote Access

Phone Number section lets you change the phone number and, by clicking the Alternates button, insert additional phone numbers and place them in an order to be dialed. If you select the box to use the dialing rules, the connection can automatically insert the correct leading numbers, such as long distance information when the computer is dialing from a long distance number or the code that will cancel Call Waiting. . Options—This tab provides the presentation features, such as prompting for a name,

password, certificate, and phone number, as well as the Windows domain, and redialing options if the line is busy or the connection dropped. The PPP Settings button enables you to use link control protocol (LCP) extensions and software compression, or to negotiate multi-link (use of multiple dial-up lines for increased transmission speed) for single-link connections. . Security—As you can guess, the Security tab lets you select the security protocols to

use, including EAP (for smart cards, certificates already on this computer, or trusted root certification authorities), CHAP, MS-CHAPv2, PAP, and so on. You can also configure encryption to be optional, required, or required at maximum strength. . Networking—The networking dialog enables you to specify the use of TCP/IPv4 and

TCP/IPv6, as well as File and Printer Sharing for Microsoft Networks, QoS Packet Scheduler, and the Client for Microsoft Networks. Click Install to install additional features, including network clients, services, and protocols. To install these features, you should have an installation disc. . Sharing—This dialog lets you configure ICS in order to share the connection with

other computers on your local network. You can also select options to establish dial-up connections when other computers attempt to access the Internet or allow other users on the network to control or disable a shared connection. Click Settings to configure ICS. Configuration of ICS was discussed earlier in this chapter.

Connecting to the Internet by Using Dial-Up Networking Internet connections are configured identically to private network connections except that you must specify TCP/IP as the protocol. Most ISPs provide a CD-ROM with proprietary software to connect to and use the Internet. This software usually creates an Internet connection in the Network Connections applet for you. The reason ISPs do this is to make it very simple for a new user to configure a connection to his or her network. To configure your own connection to an ISP, you use the same wizard used for creating other remote access connections. Start by accessing the Connect to a Network wizard previously shown in Figure 6.14. Select Set Up a Dial-Up Connection. The resulting dialog box enables

362

Chapter 6: Configuring Network Connectivity

you to enter the required connection parameters. Type the phone number of the ISP, the name and password that the ISP provided you, and provide a name for the connection. Select the option for whether you want other people to use this connection. Click Create when you are finished and then Close when informed that the connection is ready for use. You can rightclick the connection and click Connect to then open up the Connect screen. If your ISP provided you with additional configuration information, you should click the Properties button to fine-tune your connection. After you have successfully created a dial-up connection, you can specify the configuration options to match those of your remote access server. Right-click the connection icon and select Properties from the shortcut menu. The Properties dialog box for a dial-up connection is similar to that described in the previous section for VPN connections.

Remote Desktop Windows Vista incorporates the Remote Desktop Protocol (RDP), which was originally introduced with Terminal Services and included with Windows XP Professional. The protocol allows any user to use the Remote Desktop application to run a remote control session of a Windows Terminal Server or of a Windows Vista computer that has been configured to provide Remote Desktop services. RDP also allows a remote session to be executed on a request basis so that an administrator can assist a user with a problem. This is called Remote Assistance, and it is located in the All Programs menu. When Windows Vista is configured to be a Remote Desktop host, there is a restriction for usage that does not apply to a Terminal Services computer. This restriction is that only one user can ever execute an interactive session on the computer at any one time. So if you run a Remote Desktop session and a user is already logged on to the Remote Desktop server, that user will be logged off (at your request) for your own session to run. However, that users’ session will be saved so that he can resume it later. You can run a Remote Desktop session with another computer running either Windows Vista or Windows XP. Follow the instructions in Step by Step 6.10.

STEP BY STEP 6.10 Connecting a Remote Desktop Session to a Windows XP or Vista Computer 1. Click Start, All Programs, Accessories, Remote Desktop Connection. The Remote Desktop Connection dialog box opens, as shown in Figure 6.29. 2. The Computer list shows only Windows Terminal Servers. Windows Vista computers do not advertise the Remote Desktop service, so you are required to know the full name or IP address of the computer. Type the name of the Windows XP or Windows Vista computer and click Connect. 3. You should see a remote session with a logon screen prompting you for a user ID and password.

363

Configuring Remote Access

The Remote Desktop Connection dialog requires you to know the name and/or IP address of the target computer.

FIGURE 6.29

4. Click the Options button. The General tab for the connection’s Properties dialog box opens. You can save the current logon settings or open a file containing previously saved settings, as well as change the computer name in this dialog box. 5. Click the Display tab. If your session is running slowly, you can increase performance by reducing the number of colors and size of the screen. 6. Click the Local Resources tab. You can choose whether to map sounds, disk drives, printers, clipboard, and serial ports. You can also select how the key combination Alt+Tab works when executing that key combination while in the remote session. 7. Click the Programs tab. If you would like to configure a connection that starts a single application, rather than all the applications, you can type the command line in this screen so that it executes automatically. 8. Click the Experience tab. This tab enables you to enable or disable various display behaviors to enhance the computer’s performance. 9. Click the Advanced tab. You can choose from three options that describe the behavior if authentication fails: Warn me (the default), always connect, or do not connect. You can also configure Terminal Services Gateway settings that apply for connections to remote computers located behind firewalls. 10. Click the Options button to return to the original logon screen. Type the information for your username and password and click OK to start the session. 11. If you are connecting to a Windows XP computer, you will receive the warning shown in Figure 6.30. Click Yes to proceed with the connection.

You are warned if the computer to which you are connecting is configured with a reduced security level.

FIGURE 6.30

12. If someone else is already logged on to the computer, you will be asked whether you should log off the existing user. Click Yes. The session begins.

364

Chapter 6: Configuring Network Connectivity

Configuring the server portion of a Remote Desktop connection involves configuring the System applet in Control Panel. You can access this applet by right-clicking Computer and selecting Properties, as well as by finding it in Control Panel. In the Tasks list, click Advanced System Settings and click Continue on the UAC prompt that appears. On the System Properties dialog box that appears, click the Remote tab to display the dialog box shown in Figure 6.31.

The Remote tab of the System Properties dialog box enables you to configure Remote Desktop and Remote Assistance settings.

FIGURE 6.31

In the Remote Desktop section, select one of the options for allowing Remote Desktop connections. The Network Level Authentication option is the most secure choice. It allows connections only from Windows Vista computers or older computers on which Network Level Authentication has been downloaded and installed. If you do not know the version of Remote Desktop being used on the remote computer, select the first option. Click the Select Users button. In the resulting dialog box, click the Add button and select the users who should be able to access the local computer.

NOTE Administrators can always connect using Remote Desktop Remote Desktop privileges are automatically granted to any member of the Administrators group.

You can configure the listening port from the default TCP 3389 to another port of your choice. When you do so, only the people who specify the port can connect and then run a remote session. In Windows Vista, you are able to adjust the port only by editing the Registry.

365

Configuring Remote Access

Open the Registry Editor, supply your UAC credentials, and navigate to the HKEY_LOCAL_MACHINE\System\_CurrentControlSet\Control\TerminalServer\ WinStations\RDP-Tcp key. Select the PortNumber value, click the Edit menu, and select

Modify. Click Decimal and type in the new port number. Click OK and close the Registry Editor. On the client computer, you then make a connection by opening the Remote Desktop Connection (click Start, All Programs, then Accessories, and finally Remote Desktop Connection). In the Computer text box, type the name or IP address of the Remote Desktop host computer, concatenated with a colon and the port number. For example, if you edited the Registry of the host computer named NANC511 with an IP address of 192.168.0.8 and changed the port number to 4233, then you would type either NANC511:4233 or 192.168.0.8:4233 in the Computer text box of the Remote Desktop Connection dialog box. Keep in mind that a Remote Desktop Connection functions across any TCP/IP link, whether dial-up, local, or otherwise. You can link to a host computer with older Windows versions— Windows 9x, Me, NT, 2000, or XP—but you need to have the client software to do so. You can install the client software from a Windows XP Professional CD-ROM or download it from Microsoft. When you configure a host computer, be sure to add users to the Remote Desktop users group and to create an exception for Remote Desktop traffic for the Windows Firewall. You should also create the exception on the client computer as well.

Remote Assistance First introduced with Windows XP, Remote Assistance allows a user running a Windows Vista computer on a network to request assistance online or for an expert to offer assistance remotely. Regardless of how the session is initiated, the result is that the expert can remotely view the user’s console and provide assistance to the user by taking control of the session or can simply view the session and give the user specific directions on how to fix the problem the he or she is experiencing. The requirements for Remote Assistance are that both computers must be configured to use it. If using an Active Directory network, Group Policy for Remote Assistance must also allow the user to accept Remote Assistance offers and must list from which experts the users can accept offers. An Active Directory network also requires both users to be members of the same or trusted domains. Windows Firewall can affect whether a user can receive Remote Assistance offers or use Remote Desktop. To configure Windows Firewall to use either or both of these features, click Start, Control Panel. In the Security Category, open the Security Center and select Windows Firewall from the task list. Select Allow a Program Through Windows Firewall and click Continue on the UAC prompt that appears. On the Exceptions tab of the Windows Firewall Settings dialog box select the Remote Assistance and Remote Desktop check boxes. (If you

366

Chapter 6: Configuring Network Connectivity

have made changes to the port number of any service, you must click the Edit button and change the port number appropriately.) Click OK to close the applet. To configure Windows Vista to accept Remote Assistance Offers, open the System applet in Control Panel and click the Remote tab. Select the Allow Remote Assistance Invitations to Be Sent from This Computer option in the Remote Assistance section (refer back to Figure 6.31). Click the Advanced button and select the Allow this Computer to be Controlled Remotely check box. If you want to allow connections only from computers running Windows Vista or Windows Server “Longhorn,” select the check box labeled Create Invitations that Can Only be Used from Computers Running Windows Vista or Later. To send a Remote Assistance invitation, you can click Start and then select Help and Support. Scroll down to the Ask Someone title, click Use Windows Remote Assistance to get help from a friend or offer help. Click Invite Someone You Trust to Help You. There are two options on the following page, shown in Figure 6.32: Use E-mail to Send an Invitation or Save the Invitation as a File.

Remote Assistance allows you to send invitations two ways.

FIGURE 6.32

Depending on from whom you are requesting information and how, you should make a selection that will best reach the expert user. Whichever method you select for use, you can passwordprotect the session. If you have created an invitation for assistance and want to cancel it before it expires, you can use the View Invitation Status option and cancel the invitation. After the expert receives the email or the invitation file, the expert is prompted for the password. When the password is supplied, the expert can initiate the session, and the user’s computer validates the password and invitation before the user is prompted to start the session.

367

Configuring Remote Access

The expert sees a Remote Assistance Expert console that provides a real-time view of the user’s session. This is called a shadow session. If remote control has been enabled, the expert can click the Take Control button, notifying the user that the expert is asking to share control of the keyboard and mouse. The user can prevent a remote control session by pressing the Escape key, pressing Ctrl+C, or clicking the Stop Control button in the chat window.

368

Chapter 6: Configuring Network Connectivity

Summary The Internet and TCP/IP offer an extensive array of tools, utilities, and applications that directly affect how Windows Vista interacts with other computers. By default, both versions 4 and 6 of TCP/IP are installed on all computers running Windows Vista, and these cannot be removed. The Network and Sharing Center enables you to configure and troubleshoot all your networking connections. You can configure TCP/IP with entirely different specifications on each network adapter. Users can route Internet traffic through their personal computer to a small network using Internet Connection Sharing (ICS). You can configure a large range of connectivity and security options for wireless networking in Windows Vista. You can share resources such as files, folders, and printers from the Network and Sharing Center or from a Windows Explorer window. You can grant shared resources the Full Control, Change, or Read permissions. You can also configure NTFS permissions for granular control on each file and folder as it pertains to each user and group. Remember that the most restrictive permissions always apply when accessing resources over the network. A Deny setting overrides all allowed settings. Windows Vista offers the Ipconfig utility and Event Viewer as tools for troubleshooting TCP/IP. The TCP/IP protocol suite provides many command-line utilities, including Ping, Tracert, Nslookup, Arp, Netstat, and Nbtstat. This chapter also looked at a variety of other problems that can occur with both wired and wireless networking. In Windows Vista, you can configure remote access for dial-up modems and broadband modems. You can create VPN connections and dial-up connections for linking directly to the Internet. Users can connect to other computers to run remote sessions with Remote Desktop or request help from an expert through Remote Assistance.

Key Terms . Advanced Encryption Standard (AES) . anycast IPv6 address . Automatic Private IP Addressing (APIPA) . Classless Inter-Domain Routing (CIDR) . default gateway . Domain Name System (DNS)

369

Key Terms . Dynamic Host Configuration Protocol (DHCP) . global unicast IPv6 address . host . Internet Connection Sharing (ICS) . Internet Protocol Security (IPSec) . IP version 4 (IPv4) . IP version 6 (IPv6) . IP address . Layer 2 Tunneling Protocol (L2TP) . link local IPv6 address . multicast IPv6 address . Network and Sharing Center . NTFS permissions . Point-to-Point Tunneling Protocol (PPTP) . Remote Assistance . Remote Desktop . Service Set Identifier (SSID) . share permissions . shared folders . site-local IPv6 address . subnet mask . virtual private network (VPN) . Windows Firewall . Windows Internet Naming Service (WINS) . Wired Equivalent Privacy (WEP) . Wi-Fi Protected Access (WPA)

370

Chapter 6: Configuring Network Connectivity

Apply Your Knowledge In the 70-620 exam, you are required to master the following networking skills: . Configuring and troubleshooting TCP/IP . Configuring and troubleshooting sharing . Configuring and troubleshooting dial-up networking connections to the Internet, pri-

vate networks, and VPN, using either a network adapter or modem . Configuring and troubleshooting wireless networks . Enabling Remote Desktop and Remote Assistance

You must gain these skills to pass the 70-620 exam. You can supplement the exercises and questions with hands-on practice of configuring the various connections to connect to a private network or the Internet, share the Internet connection, configure the Windows Firewall, and establish a remote session. You need two computers to connect the computers.

Exercises Remote Desktop enables you to connect to a Windows Vista computer from another computer running various versions of Windows. The 70-620 exam tests your knowledge of configuring and troubleshooting this important resource.

6.1 Installing Remote Desktop (optional) Remote Desktop is included with Windows XP Professional and Windows Vista Business, Enterprise, and Ultimate. You can install Remote Desktop on computers running most older versions of Windows to enable connection to a Vista computer. Perform Exercise 6.1 if you have a computer running Windows 2000, Windows Millennium Edition (ME), Windows 98, or Windows NT 4.0. Follow the instructions provided in this exercise if you have a Windows XP Professional CD-ROM available. Otherwise, you can download the Remote Desktop client software. Navigate to http://www.microsoft.com/windowsxp/downloads/tools/rdclientdl.mspx and follow the instructions provided to download the Remote Desktop client software. Then follow this exercise from step 2. Estimated time: 5 minutes. 1. At the older computer, insert the Windows XP Professional CD-ROM and select Perform Additional Tasks from the Welcome screen that appears. 2. Click Set up Remote Desktop Connection.

371

Apply Your Knowledge 3. The installation wizard starts with a Welcome screen. Click Next. 4. Accept the licensing terms and then click Next. 5. Type your username and organization, click Next, and then click Install to begin installation. 6. When the completion screen appears, click Finish and close the Welcome screen.

6.2 Configuring the Target Computer to Use Remote Desktop You must perform several activities on the target computer to enable use of Remote Desktop. First you need to enable Remote Desktop and allow Windows Firewall to pass the Remote Desktop communications. Then you must grant non-administrative users the permissions required to use Remote Desktop. Windows Vista provides the Remote Desktop Users group for this purpose. Perform this exercise on the Vista computer to which you will be connecting (the target computer). Estimated time: 10 minutes. 1. Log on to the Windows Vista computer as an administrator. 2. Click Start, right-click Computer, and choose Properties. 3. In the System applet, select Advanced System Settings from the Tasks list and click Continue in the UAC prompt. 4. Select the Remote tab. In the Remote Desktop section, select the option labeled Allow Connections from Computers Running Any Version of Remote Desktop (if both computers in this exercise are running Windows Vista, you can select the option labeled Allow Connections Only from Computers running Remote Desktop with Network Level Authentication). Then click OK. 5. Click Start and type firewall in the Search box. Select Windows Firewall from the program list. 6. From the task list, select Allow a Program Through Windows Firewall, and then click Continue in the UAC prompt. 7. On the Exceptions tab of the Windows Firewall Settings dialog box, select Remote Desktop and then click OK. Then close the Windows Firewall applet. 8. Click Start, right-click Computer, click Manage, and then click Continue in the UAC prompt that appears. 9. In the Computer Management snap-in, expand Local Users and Group and select Groups. 10. In the details pane, right-click Remote Desktop Users and select Add to Group. 11. Click Add and on the Select Users dialog box, type the username of the user you want to add. Click OK and then click OK again to close the Remote Desktop Users Properties dialog box.

372

Chapter 6: Configuring Network Connectivity

6.3 Configuring the Remote Desktop Connection Remote Desktop offers several configuration options that you can use to modify the parameters used for connecting to a remote (target) Windows Vista computer. This exercise examines several of these. Perform this exercise from the (local) computer running either Windows Vista or an earlier version of Windows. Estimated time: 5 minutes. 1. Click Start, All Programs (Programs on a computer running Windows 2000 or earlier), Accessories, Communications, Remote Desktop Connection. 2. Expand the Remote Desktop Connection dialog box by clicking Options. 3. On the General tab, type the computer name, username, and password in the text boxes provided. 4. Click the Display tab. Select the display size and color depth desired. 5. Click the Local Resources tab. Select the resources such as sound, disk drives, and printers on the target computer that you want available from the local computer. 6. Click the Programs tab. Select the check box and type c:\windows\system32\notepad.exe in the Program path and file name text box. 7. Click the Experience tab. This enables you to customize the connection according to the available speed. For connection across a LAN, select LAN (10 Mbps or higher). For using a crossover cable, select Broadband (128 Kbps–1.5 Mbps). Leave the Remote Desktop Connection dialog box open for the next exercise.

6.4 Using Remote Desktop It is a simple matter to connect to the target computer once you have installed and configured the Remote Desktop software on the local computer. In this exercise you will observe the Windows Vista interface on the target computer and create and copy a file from one computer to another. Except for step 4, perform this exercise from the local computer. Estimated time: 15 minutes. 1. In the Remote Desktop Connection dialog box, click Connect. 2. You are informed that disk drives might be made available to the remote computer and that this might be potentially unsafe. Click OK. 3. A Remote Desktop message box informs you that another user is logged on and has to disconnect and asks you whether you want to continue. Click Yes. 4. Go to the target computer. What appears? _________________________________________________________________________________ _________________________________________________________________________________ _________________________________________________________________________________

373

Apply Your Knowledge 5. Return to the source computer. What appears? _________________________________________________________________________________ _________________________________________________________________________________ _________________________________________________________________________________ 6. Click the Resize button to resize the Windows Vista desktop and enable viewing the local computer desktop. 7. Type some text into the Notepad window and save with a descriptive name. 8. Click Start, Documents, and find the file you just saved. Right-click this file and choose Copy. 9. Switch to the local desktop and open Documents (or My Documents). 10. In the Documents folder, right-click an empty area, and then click Paste (or press Ctrl+V). 11. On the local computer desktop, click the “X” button to close the Remote Desktop window. 12. You receive a Disconnect Windows Session message box. Click OK to terminate the Remote Desktop session. 13. If you receive a message informing you that Remote Desktop has terminated the session, click OK. Note that the file you copied is present on the local computer.

Exam Questions 1. You are the administrator for Seams Corp., which has implemented Internet Protocol version 6 (IPv6). The network uses a DHCP server on a Windows Server 2003 computer to assign IPv6 addresses from the global unicast address range 2008::/64 to client computers. A user named Jean reports that she is unable to connect to any network resources from her Windows Vista Business computer. On running ipconfig on her computer, you notice that her computer is configured with an address from the address range fe80::/64. What should you do first to correct this problem?

❍ A. On the Internet Protocol Version 6 (TCP/IPv6) Properties dialog box, select the Use the Following IPv6 Address option and manually specify an IPv6 address in the address range 2008://64.

❍ B. On the Internet Protocol Version 6 (TCP/IPv6) Properties dialog box, select the Alternate Configuration tab and specify an IPv6 address in the address range 2008://64.

❍ C. On the Internet Protocol Version 6 (TCP/IPv6) Properties dialog box, click Advanced to access the Advanced TCP/IP Settings dialog box. Under IP Address, type an IPv6 address in the address range 2008://64 and then click Add.

❍ D. Check the network connectivity from her computer to the DHCP server and verify that the DHCP server is operating normally.

374

Chapter 6: Configuring Network Connectivity 2. You are the network administrator for a company that operates a network consisting of two subnets separated by a router, as shown in the exhibit. 192.168.11.0/20

192.168.11.192/20

Subnet 1

Subnet 2

Evelyn

The subnets are configured with IPv4 addresses according to the network ranges shown in the exhibit. The router interfaces are configured with the IP addresses 192.168.11.1 and 192.168.11.193, respectively, and all client computers are configured with static IP addresses. A user named Evelyn reports that she is unable to access any computers on Subnet 2. She does not have any difficulty accessing computers and their shared resources on Subnet 1. You run ipconfig on her computer and notice that it is configured with the IP address 192.168.11.201, the subnet mask of 255.255.255.0, and the default gateway 192.168.11.1. How should you modify the configuration of Evelyn’s computer so that she is able to reach computers on Subnet B?

❍ A. Change the subnet mask on Evelyn’s computer to 255.255.240.0. ❍ B. Change the subnet mask on Evelyn’s computer to 255.255.0.0. ❍ C. Change the default gateway on Evelyn’s computer to 192.168.11.193. ❍ D. Access the Advanced TCP/IP Settings dialog box on Evelyn’s computer and configure an additional IP address on the 192.168.11.192/20 network. 3. You are the systems administrator for your company. Bill is a manager who wants to share files from his Windows Vista computer with his assistant across the network. He has set permissions on a share named VOLT, which is the C:\DATA\VOLT directory on his hard drive. The assistant logs on to Bill’s computer and can append data to the files locally. He can read the share from his own computer across the network, but he cannot make changes to the files from his computer. What should you do?

❍ A. Reset the NTFS permissions to allow Write. ❍ B. Reset the share permissions to deny Full Control. ❍ C. Reset the share permissions to allow Full Control. ❍ D. Reset the share permissions to deny Read.

375

Apply Your Knowledge 4. You are responsible for configuring wireless networking in your company. You install a wireless router and configure the company’s first wireless network. Using a test Windows Vista Business computer, you use the Connect to a Network wizard to configure the connection to the wireless router. When you access the Network Connections folder on the Vista computer, you notice that the new network appears with the name of Unnamed Network. How do you configure the network so that it appears on client computers with its proper name?

❍ A. Re-create the wireless network connection using the Manually Connect to a Wireless Network option.

❍ B. Configure the wireless network to broadcast its SSID. ❍ C. In the Wireless Network Properties dialog box, select the Connect Even If the Network is Not Broadcasting option.

❍ D. You do not need to reconfigure the network. Users should select the No Authentication (Open) option in the Security drop-down list when manually connecting to the network. 5. Kristin has just purchased a new portable computer that runs Windows Vista Ultimate and is setting up a new wireless connection that will enable her to access her company’s wireless access point, which uses the IEEE 802.1x authentication method and the TKIP encryption protocol. Kristin accesses the Manually Connect to a Wireless Network dialog box and enters the network name and passphrase. She needs to select a security type that will enable a connection using the TKIP encryption protocol by default without the need to enter a preshared key or passphrase. Which security type should she select?

❍ A. WPA-Personal ❍ B. WPA2-Personal ❍ C. WPA-Enterprise ❍ D. WPA2-Enterprise 6. Tom shares his apartment with a couple of other guys, Steve and Jim. Tom’s computer runs Windows Vista Home Premium and is connected to the Internet using a cable modem that hooks up to one of the two network adapters in his machine. Steve and Jim would like to connect to the Internet also from their computers. What should Tom do? (Each correct answer represents part of the solution. Choose two.)

❍ A. Configure TCP/IP on Steve and Jim’s computers to obtain an IP address automatically. ❍ B. Configure TCP/IP on each of the computers to use a static IP address. ❍ C. Enable Network Address Translation (NAT) on the network interface that is connected to the cable modem.

❍ D. Enable Internet Connection Sharing (ICS) on the network interface that is connected to the cable modem.

❍

E. Configure Internet Explorer on Steve and Jim’s computers to always dial for a connection to the Internet.

376

Chapter 6: Configuring Network Connectivity 7. You are a help desk administrator for Billbored’s LLC. The company’s network consists of an Active Directory forest with an “empty” root domain and two child domains: one that houses user and desktop accounts and the other that houses proprietary resources and the majority of administrative accounts. All employees are running Windows Vista computers and receive IP addresses from DHCP servers. The company has implemented folder redirection so that computers can be moved about the network without affecting users’ data. A new user calls the help desk because he cannot open his Documents folder. You ask him to open the Network folder, and he reports that the folder is empty. You then provide him with the instructions to run Ipconfig. He reports that the screen states: Windows IP Configuration Ethernet adapter Local Area Connection: Media State ......................: Media disconnected Connection-specific DNS Suffix: . : IP address .......................:192.168.0.88 Subnet Mask ......................:255.255.255.0 Default Gateway ..................: What should you instruct the user to do?

❍ A. Click Start, Run, type netstat -e in the Open text box, and press Enter. ❍ B. Plug the cable into the wall outlet and the other end into the Ethernet adapter of the computer, and if they are already connected, then ensure the connection is not loose. When they are firmly connected, open the command prompt window and type ipconfig /release and then follow that command with ipconfig /renew.

❍ C. Plug the cable into the wall outlet and the other end into the Ethernet adapter of the computer, and if they are already connected, then ensure the connection is not loose. When they are firmly connected, access the Network and Sharing Center. Click Manage Network Connections. Then right-click the local area connection and choose Diagnose, and in the dialog box that appears, click Reset the network adapter “Local Area Connection.”

❍ D. Click Start, Run, type cmd in the Open text box, and press Enter. At the command prompt, type nbtstat -RR and press Enter.

❍

E. Click Start, Run, type notepad c:\windows\system32\drivers\etc\hosts, and press Enter. Add the IP address of the DHCP server to the end of the HOSTS file.

377

Apply Your Knowledge 8. You are a technical support rep for your company. A user named Barbara uses a Windows Vista portable computer during her frequent travels to professional meetings and client locations. During these travels, she frequently needs to connect to the company LAN through a Windows Server 2003 computer running Routing and Remote Access (RRAS), which is configured as a VPN server. Barbara reports that she receives the error shown in the figure when she attempts to connect to the company VPN server. What should you do to enable her to connect to the server?

❍ A. On the Networking tab of the VPN Connection Properties dialog box, set the type of VPN to PPTP VPN.

❍ B. On the Networking tab of the VPN Connection Properties dialog box, set the type of VPN to L2TP IPSec VPN.

❍ C. On the Networking tab of the VPN Connection Properties dialog box, select IPSec Settings and then select Use Preshared Key for Authentication.

❍ D. On the Security tab of the VPN Connection Properties dialog box, click Advanced and then click Settings. On the Advanced Security Settings dialog box, select Optional Encryption (Connect even if no encryption).

378

Chapter 6: Configuring Network Connectivity 9. You are the enterprise administrator for MoneyCard. The network consists of three sites: New York, London, and Phoenix, each connected to the other two sites by a high-speed link. Each site filters traffic using an access control list (ACL) on the routers between the sites to prevent proliferation of malicious traffic. You have flown to London to deploy Windows Vista Business across the entire network. There is a Windows 2003 Server configured with Terminal Services in the New York office, and users are comfortable with using the Remote Desktop Connection application. One of the executives in London has had consistent errors on his computer, and you decide to enable Remote Desktop for your user account on his computer so that you can connect remotely and attempt to re-create the errors. Given the company’s strict Internet usage policy, you edit the Registry key HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\ TerminalServer\WinStations\RDP-Tcp and edit the PortNumber value to set the Remote Desktop TCP port to 4322. All computers use DHCP and Dynamic DNS, and when you execute Ipconfig, you discover that the exec’s current IP address is 192.168.33.82, and his DNS server’s IP address is 192.168.33.2 You determine that the name of the exec’s computer is LON182-EX. What steps should you take to connect to his computer from the Phoenix office? (Choose all that apply.)

❍ A. On each router between the sites, explicitly allow TCP port 4322 for both incoming and outgoing traffic.

❍ B. On your computer, open the Registry Editor and edit the PortNumber value in the Registry key HKEY_LOCAL__MACHINE\System\CurrentControlSet\ Control\TerminalServer\_WinStations\RDP-Tcp.

❍ C. On your computer, open the System Properties dialog box, click the Remote tab, and then click the Advanced button. On the dialog box that appears, ensure that the Create Invitations that Can Only be Used from Computers Running Windows Vista or Later check box is cleared.

❍ D. On the exec’s computer, open the System Properties dialog box, click the Remote tab, and then click the Advanced button. On the dialog box that appears, ensure that the Create Invitations that Can Only be Used from Computers Running Windows Vista or Later check box is cleared.

❍

E. On your computer, click Start, All Programs, Accessories, and select Remote Desktop Connection. In the text box, type 192.168.33.2 and click the Connect button.

❍

F. On your computer, click Start, All Programs, Accessories, and select Remote Desktop Connection. In the text box, type 192.168.33.82:4233 and click the Connect button.

❍ G. On your computer, click Start, All Programs, Accessories, and select Remote Desktop Connection. In the text box, type LON182-EX:4322 and click the Connect button.

❍ H. On your computer, click Start, All Programs, Accessories, and select Remote Desktop Connection. In the text box, type LON182-EX and click the Connect button.

379

Apply Your Knowledge 10. Louise is a computer consultant who provides assistance to several clients, working as much as possible from her home office, where she has a Windows Vista Business desktop computer. She has just entered into a new contract to provide support to a client named DLJ Software, a software company that specializes in high-end computer games as well as complex mathematical and graphical art programs. The company’s network is connected to the Internet through a firewall operated on a Windows Server 2003 computer. An employee named Andrew sends Louise a Remote Assistance invitation. Louise accepts the invitation but cannot connect to Andrew’s computer. Part of Louise’s contract is the providing of assistance to users in DLJ Software’s, clerical, human resources, and financial departments, most of whom are not very knowledgeable about advanced computer technologies. What should Louise do so she can fulfill her tasks?

❍ A. Ask Andrew to select the Allow Connections Only from Computers running Remote Desktop with Network Level Authentication (more secure) option.

❍ B. Ask Andrew to clear the Allow This Computer to be Controlled Remotely option. ❍ C. Ask Andrew to add Louise’s domain user account to the Remote Desktop Users local group on his computer.

❍ D. Request that a network administrator open TCP port 3389 on the firewall.

Answers to Exercises 6.4 Using Remote Desktop 4. You have been returned to the logon screen, and your user is indicated as being logged on at the (computername) computer. If you have logged on with a different user account, you receive a Remote Desktop Connection message informing you that the user wants to connect to your machine. Click OK to disconnect and enable the Remote Desktop session to proceed. 5. The source computer is displaying the Windows Vista interface from the target computer, and the Notepad program starts automatically.

Answers to Exam Questions 1. D. You should check the network connectivity from her computer to the DHCP server and verify that the DHCP server is operating normally. An IPv6 address in the range fe80::/64 is a link local unicast address, which is the IPv6 equivalent of an APIPA address. The computer configures itself with this address type when it is unable to access a DHCP server to obtain proper TCP/IPv6 information. You should not configure a manual IPv6 address because this might conflict with another address on the network and cause communication problems, so answer B is incorrect. The Alternate Configuration tab is available only for IPv4 and not for IPv6, so answer C is incorrect.

380

Chapter 6: Configuring Network Connectivity You cannot configure an IP address in the Advanced TCP/IP Settings dialog box if the computer is configured to obtain an IP address automatically; this configuration is reserved for computers requiring more than one IP address. Therefore answer C is incorrect. For more information, see the section, “Configuring IPv6 Addresses.” 2. A. You should change the subnet mask on Evelyn’s computer to 255.255.240.0. This subnet mask reserves the first 4 bits of the third octet as part of the network ID and the last 4 bits of this octet as part of the host ID. The subnet mask of 255.255.255.0 currently on her computer makes the computer think that IP addresses on Subnet 2 are actually on Subnet 1. Consequently, attempts to access Subnet 2 computers do not cross the router and these computers cannot be found. If you were to change the subnet mask to 255.255.248.0, Evelyn’s computer would still be unable to access Subnet 2 computers and would also be unable to access some Subnet 1 computers, so answer B is incorrect. The default gateway is correctly specified and changing it would not enable connection, so answer C is incorrect. It does not help to give Evelyn’s computer a second IP address on the Subnet 2 network; moreover, this option is not available when IP addresses are statically assigned. Therefore, answer D is incorrect. For more information, see the section, “Using the Network and Sharing Center to Configure TCP/IP.” 3. C. The problem is apparently a share permission that is more restrictive than the NTFS permissions because the assistant can log on locally and use the files but cannot make changes to them from across the network. This means that there is no need to make changes to NTFS permissions, so answer A is incorrect. It also means that the share permissions should be increased by allowing Full Control (your only option in this case) rather than denying Read or denying Full Control, which is why answers B and D are incorrect. For more information, see the section, “Modifying Shared Folder Properties.” 4. B. You should configure the wireless network to broadcast its SSID. If the network does not broadcast its SSID, Vista computers display the network on the Network Connections page as Unnamed Network. A user attempting to connect to this network must type the SSID in order to connect. The Manually Connect to a Wireless Network option enables you to connect to an infrastructure-based wireless network (a network with an access point). This option does not provide the name of the wireless network to client computers, so answer A is incorrect. The Connect Even If the Network is Not Broadcasting option determines whether a Vista computer can attempt to connect even if the network is not broadcasting its SSID. This does not enable display of the wireless network name, so answer C is incorrect. The No Authentication (Open) option enables Open system authentication with no encryption. This also does not enable display of the wireless network name; furthermore, it opens the network to transmitting data as unencrypted clear text. Therefore answer D is incorrect. For more information, see the section, “Managing Wireless Networks.” 5. C. Kristin should select the WPA-Enterprise security method. This security method uses TKIP as its default encryption type as well as 892.1x authentication. The WPA-Personal and WPA2Personal security methods both require preshared keys for authentication, so answers A and B are incorrect. The WPA2-Enterprise security method uses AES and not TKIP as its default encryption type, so answer D is incorrect. For more information, see the section, “Managing Wireless Networks.”

381

Apply Your Knowledge 6. A and D. Tom should enable ICS on the network interface of his computer that is connected to the cable modem, and configure TCP/IP on Steve and Jim’s computers to obtain an IP address automatically. ICS enables other users to connect to the Internet through a Windows Vista computer. ICS also functions as a DHCP allocator, automatically configuring other computers on the LAN with IP addresses on the 192.168.0.0/24 network. Tom should not configure the other computers with static IP addresses because the ICS computer provides them with their TCP/IP configuration, so answer B is incorrect. NAT is used on larger networks and requires the use of a server computer, so answer C is incorrect. Tom should select Never Dial a Connection on Steve and Jim’s computers, so answer E is incorrect. For more information, see the section, “Configuring and Troubleshooting Internet Connection Sharing.” 7. B. The ipconfig command revealed that the media was disconnected for the adapter, and because the discussion about BillBored’s LLC revealed that computers were often moved around the network, it is likely that the installers simply didn’t plug the network cable into the adapter or wall or didn’t plug it in firmly enough. When the adapter is connected, you can run ipconfig /release to remove the existing TCP/IP configuration information and then run ipconfig /renew to obtain a new IP address. Answer A is wrong because netstat –e will display the Ethernet statistics, but that isn’t possible to do without the adapter being connected. Answer C is incorrect because you do not need to reset the connection. Answer D is wrong because there is no need to check the NetBIOS statistics. Answer E is wrong because the DHCP process always uses a broadcast when a DHCP client asks for a lease of an IP address; you never need to know the IP address of the DHCP server until the middle of that process. For more information, see the section, “Using TCP/IP Utilities to Troubleshoot TCP/IP.” 8. A. You should set the type of VPN to PPTP VPN. The error message informed Barbara that the VPN connection was looking for a server certificate. This occurred because this connection type requires a machine certificate to operate. Selecting the L2TP IPSec VPN option will not work because this option requires a server certificate, so answer B is incorrect. The preshared key option would require the same key to be configured on the server. Furthermore, this would enable anyone knowing the key to connect, which would reduce the VPN network’s security. Therefore answer C is incorrect. Selecting the Optional Encryption option does not help because this is an authentication problem, not an encryption one; therefore answer D is incorrect. For more information, see the section, “Using a VPN Connection to Connect to Computers.” 9. A and G. To connect to the executive’s computer, you need to enable TCP port 4322 on each router by allowing it for incoming and outgoing traffic. Then, to connect to the computer via the new TCP port, you would use the computer’s NetBIOS name of LON182-EX concatenated with a colon (:) and the port number of 4322. Answer B is incorrect because the Registry key is only for listening for incoming connections, and you do not need to configure that on the client computer. Answers C and D are incorrect because the Create Invitations that Can Only be Used from Computers Running Windows Vista or Later check box option is used when configuring Remote Assistance and not Remote Desktop. Answer E is incorrect because the IP address is that of the DNS server. Answer F is incorrect because the IP address is the exec’s current IP address; at some point you would not be able to connect via the IP address if the computer leased a different IP address from the DHCP server, so you should use the NetBIOS name. In addition, the port in answer F is incorrectly identified as 4233, not 4322. Answer H is incorrect because the port number is not identified

382

Chapter 6: Configuring Network Connectivity in the Connect text box, so it defaults to TCP port 3389, and the exec’s computer is not listening to that port. For more information, see the section, “Remote Desktop.” 10. D. Louise should request that a network administrator open TCP port 3389 on the firewall. Both Remote Desktop and Remote Assistance are based on Terminal Services technology and use this port to establish remote connections. Most firewalls are configured to block incoming connections to this port; therefore, it is necessary to configure the firewall to open this port when using Remote Assistance. These connections usually fail in scenarios where the user requiring assistance is behind a firewall. Remote Assistance enables a user to create a shared connection with a remote expert, who can input information to the user’s computer and carry on a chat session with the user. Its chief purpose is to enable the expert (Louise in this case) to help a user (Andrew in this case) with a problem that he is having with his computer. Allow Connections Only from Computers running Remote Desktop with Network Level Authentication (more secure) option is used with Remote Desktop and not with Remote Assistance, so answer A is incorrect. The Allow This Computer to be Controlled Remotely option enables Louise to take control of Andrew’s desktop session so she can show him the steps to be followed or actually perform the steps for him. This option should be selected, so answer B is incorrect. The Remote Desktop Users list is used for enabling users to make a Remote Desktop connection, not a Remote Assistance connection, so answer C is incorrect. For more information, see the section, “Remote Assistance.”

Suggested Readings and Resources The following are some recommended readings on the subject of implementing, managing, and troubleshooting network protocols and services in Windows Vista: 1. Books . Barrett, Diane, Bill Ferguson, and Don Poulton. Implementing and Administering

Security in a Windows Server 2003 Network Exam Cram 2 (70-299). Indianapolis, IN: Que Publishing, 2004. . Chappell, Laura and Ed Tittel. Guide to TCP/IP, Second Edition. Cambridge, MA:

Course Technology, 2004. . Huggins, Diana. MCSA/MCSE Implementing, Managing, and Maintaining a

Windows Server 2003 Network Infrastructure Exam Cram 2 (Exam 70-291). Indianapolis, IN: Que Publishing, 2003.

383

Apply Your Knowledge 2. Course . Microsoft Official Curriculum course 5115, Installing and Configuring the

Windows Vista Operating System. Module 5, Configuring Advanced Networking; Module 7, Configuring Network Security; and Module 8, Configuring Internet Explorer 7.0. Information available at http://www.microsoft.com/learning/ syllabi/en-us/5115aprelim.mspx. 3. Websites . Microsoft Technet. IPv6. http://www.microsoft.com/technet/network/ipv6/

default.mspx. . Microsoft. When a DHCP server is unavailable on a Windows Vista-based computer,

Windows Vista uses an APIPA IP address much sooner than Windows XP does under the same circumstances. http://support.microsoft.com/kb/KB931550. . Davies, Joseph. Next Generation TCP/IP Stack in Windows Vista and Windows Server

2008. http://www.microsoft.com/technet/community/columns/cableguy/ cg0905.mspx. . Microsoft Technet. New Networking Features in Windows Server 2008 and Windows

Vista. http://www.microsoft.com/technet/network/evaluate/new_network.mspx. . Deering, S., and Hinden, R., RFC 2460—Internet Protocol Version 6 (IPv6)

Specification. http://www.ietf.org/rfc/rfc2460.txt. . Microsoft Technet. IPv6 Transition Technologies. http://www.microsoft.com/

technet/network/ipv6/ipv6coexist.mspx. . Davies, Joseph. Configuring IPv6 with Windows Vista. http://www.microsoft.com/

technet/community/columns/cableguy/cg0506.mspx. . Davies, Joseph. Network Location Types in Windows Vista. http://www.microsoft.com/

technet/community/columns/cableguy/cg0906.mspx. . Microsoft TechNet. New Networking Features in Windows Server 2008 and Windows

Vista. http://www.microsoft.com/technet/network/evaluate/new_network.mspx. . Microsoft. How to troubleshoot wireless connection problems. http://support.microsoft.com/

kb/831770/.

384

Chapter 6: Configuring Network Connectivity . Microsoft Technet. A Support Guide for Wireless Diagnostics and Troubleshooting.

http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/ wlansupp.mspx. . Microsoft. Wireless Networking in Windows Vista. http://www.microsoft.com/

downloads/details.aspx?FamilyID=eb958617-b3d3-42cf-a43487ad81259fc6&displaylang=en.

7

CHAPTER SEVEN

Configuring Applications Included with Windows Vista Objectives This chapter helps you to prepare for the exam by covering the following Microsoft-specified objectives for the Configuring Applications Included with Windows Vista section of the TS: Microsoft Windows Vista, Configuring exam:

Configure and troubleshoot media applications. . Windows Vista brings new advances in Windows Media Center, Windows Media Player, Windows Photo Gallery, and Windows Movie Maker. Many companies use media-related applications for various purposes such as advertising, and more home users are discovering what they can do with digital gadgets including cameras, TVs, DVD players, game boxes, and so on. Microsoft expects you to know how to configure and troubleshoot these applications.

Configure Windows Mail. . Windows Mail is the successor to Outlook Express and builds in additional security features including spam filtering, anti-phishing, and so on. With the importance of email as a business and personal communication medium, it is important that you keep abreast of the latest advances in this field.

Configure Windows Meeting Space. . Windows Meeting Space enables you to conduct small-scale meetings in places such as restaurants and airport lounges, as well as the more usual boardroom setting. You can share information, and users can insert comments and make edits. Microsoft expects you to know how to configure and troubleshoot this important resource.

Configure Windows Calendar. . Windows Calendar is a full-fledged task- and appointment-managing application. You can create multiple calendars and share and publish your calendars so that members of a work team or family can coordinate their activities. Because this is an important productivity tool, Microsoft expects you to acquire proficiency in its configuration.

Configure Windows Fax and Scan. . Windows Fax and Scan enables you to scan documents and send and receive faxes. As with Windows Mail, Fax and Scan can integrate with other applications to provide enhanced business and personal communication. Know how to configure this application and how it integrates with other applications including email and productivity suites.

Configure Windows Sidebar. . Windows Sidebar provides a series of mini-applications known as gadgets, which enable you to keep up-to-date while pursuing other activities on your computer. Know the various configuration options presented by this resource.

Outline Introduction Configuring and Troubleshooting Media Applications Windows Media Center

389

389

430

Setting Up Windows Meeting Space

431

Running Meetings

433

Sharing Information

435

389

Using Windows Media Center

390

Using Network Projectors with Windows Media Center

392

Windows Media Player

Configuring Windows Meeting Space

394

Configuring Windows Calendar

437

Navigating Windows Calendar

438

Managing Tasks and Appointments

439

Creating and Managing Appointments

439

Creating Tasks

441

Setting Up Windows Media Player

396

The Windows Media Player 11 Library

398

Windows Media Player Configuration Options

400

Additional Menu Bar Options

407

Group Policy and Windows Media Player

408

Fax Accounts

445

408

Sending and Receiving Faxes

446

Scanning Documents

448

Windows Photo Gallery Available File Commands in Windows Photo Gallery Editing Images in Windows Photo Gallery

Configuring Windows Mail

411

412 414

Configuring Mail Accounts

415

Managing Email Accounts

417

Configuring Mail Options

441

Sharing Calendars

443

Configuring Windows Fax and Scan

444

410

Additional Windows Photo Gallery Options 412 Windows Movie Maker and Windows DVD Maker

Using Multiple Calendars

419

File Menu

419

Edit Menu

420

View Menu

420

Tools Menu

421

Message Menu

425

Configuring Mail Security

425

Spam and Phishing

425

Additional Email Security Options

427

Configuring Windows Sidebar

448

Windows Sidebar Gadgets

449

Summary

452

Key Terms

452

Apply Your Knowledge

453

Exercises

453

Exam Questions

457

Answers to Exercises

461

Answers to Exam Questions

462

Suggested Readings and Resources

464

Study Strategies Windows Vista introduces many new features in the applications discussed in this chapter, and Microsoft likes to test your knowledge of new and changed features in its certification exams. You should practice the skills involved in the Step by Step and Apply Your Knowledge exercises until you are familiar with the productivity applications discussed in this chapter. . Experiment with the various media applications and learn how to perform tasks such as copying information from audio CDs and video and data DVDs to your computer, accessing the types of files found on these resources using Windows Media Center and Windows Media Player. Also experiment with using Windows Media Center, Windows Media Player, Windows Photo Gallery, and Windows Movie Maker to create CDs and DVDs containing various types of media content. . Set up email accounts and become familiar with the complete range of properties available in Windows Mail. If you have an email account that receives a lot of junk messages, watch its behavior as you modify the settings in the new junk mail filter. Also compare Windows Mail with Windows Fax and Scan and note the major similarities and differences in these applications. . Set up a meeting between two or three individuals, share some handouts, and observe what happens when users edit these handouts. Also share applications and your desktop and observe the interaction on the other computers. . Prepare, share, and publish a few calendars in Windows Calendar, configure some alerts, and try out the other features introduced by this application.

389

Configuring and Troubleshooting Media Applications

Introduction Microsoft has endowed Windows Vista with a rich set of built-in applications. You have already looked at many of the available features including the Security Center, Internet Explorer 7, Windows Defender, Windows Firewall, and the Network and Sharing Center. In this chapter, you learn about additional applications that Microsoft has built into various editions of Vista including media-based applications, Windows Mail, Windows Meeting Space, Windows Calendar, Windows Fax and Scan, and Windows Sidebar. Windows Vista Ultimate includes the complete set of these applications, and the other editions of Vista support various subsets or reduced functionality levels of these applications.

Configuring and Troubleshooting Media Applications Objective:

Configure and troubleshoot media applications. Windows Vista Home Premium and Windows Vista Ultimate contain the following mediabased applications that enable you to work with and enjoy your music, photos, videos, and TV programs on your computer: . Windows Media Center—Enables you to view all types of media and access other net-

worked media components, such as TVs and projectors, by means of Media Center Extenders . Windows Media Player—Enables you to play music, videos, movies, and so on . Windows Photo Gallery—Enables you to view and catalog your digital photo collection

and perform simple edits . Windows Movie Maker—Enables you to create professional-looking movies from digital

camcorder and image files The following sections describe each of these applications in greater detail.

Windows Media Center Included with the Home Premium and Ultimate versions of Windows Vista, Windows Media Center is a one-stop, complete multimedia application that lets you watch and record TV, listen to digital music, play games, listen to FM and Internet radio stations, or access content from online media services. You can also burn CDs and DVDs. Support is included for digital

390

Chapter 7: Configuring Applications Included with Windows Vista

and high-definition cable and satellite TV. Windows Media Center Extender devices enable you to enjoy digital media on any device connected to your home network. Windows Media Center includes the following features: . Enhanced TV experience—You can pause, record, and rewind multiple live TV programs

including HDTV if your computer is equipped with more than one TV tuner card. Windows Media Center supports two dual-tuners. . Media Center Extender support—You can communicate with any TV connected to your

home network when used with a device such as an Xbox 360. . Built-in TV and movie guides—You can locate TV programs and movies from broadcast,

cable, or satellite sources. . Enhanced developer program—Developers can utilize the Windows Media Center

Presentation Layer and Windows Presentation Foundation to create additional applications and services that can be used with a remote control and a Media Center Extender. . Photo, video, and music libraries—You can enjoy videos and photos on your TV, create

slide shows that include sound tracks, and burn photos and videos to DVD. You can sort music according to album or artist name, genre, song title, year, and so on. You can also burn music to CD or sync to portable music players. . DVD playback—You can quickly access your DVD movies including those stored on

external DVD changers. . Parental Controls—You can limit TV and movie viewing according to ratings estab-

lished by agencies such as the Motion Picture Association of America (MPAA).

NOTE Windows Media Center and Parental Controls The Parental Controls feature in Windows Media Center is separate from the Parental Controls feature discussed in Chapter 4, “Configuring and Troubleshooting Post-Installation System Settings.” You need to configure both features to protect children from unwanted content.

The following sections provide more details about setting up and running Windows Media Center, along with the use of a networked projector with Windows Media Center.

Using Windows Media Center Windows Media Center is available by default on the All Programs menu. To get started with Windows Media Center, follow the steps outlined in Step by Step 7.1.

391

Configuring and Troubleshooting Media Applications

STEP BY STEP 7.1 Setting Up Windows Media Center 1. Click Start, All Programs, Windows Media Center. You receive the setup options shown in Figure 7.1.

FIGURE 7.1 Windows Media Center provides three setup options when you first start it.

2. Select Express Setup, and then click OK. 3. Options available on the Setup screen depend on the hardware devices attached to your computer. If you have a TV tuner card installed, options for setting up the TV and watching recorded TV are available (see Figure 7.2).

FIGURE 7.2 Windows Media Center provides options for watching multimedia content according to the hardware installed on your computer.

392

Chapter 7: Configuring Applications Included with Windows Vista 4. To select an available option, click the arrows at the edge of the screen. To obtain additional options, select Music, TV + Movies, or Sports. The visible options depend on your selection as well as the available hardware.

After you have set up Windows Media Center, the screen in Figure 7.2 appears automatically when you start it. As you save media content to your computer, the screen displays available content. For example, if you have saved a set of music CDs to your computer, the CD cover images will appear, enabling you to play a CD by clicking its image. Windows Media Center also includes a Tasks option, which enables you to modify settings for TV, pictures, music, extenders, or library setup. From this option, you can also burn a CD or DVD, sync with external devices, add extenders, or access options for shutting down the computer. For additional information about Windows Media Center and Media Center Extenders, consult Windows Media Center in the “Suggested Reading and Resources” section at the end of this chapter and the Windows Vista Help and Support Center at Microsoft.com.

TIP Windows Firewall and Media Center Extenders If you experience problems with your Media Center Extenders connecting to your Windows Vista computer, ensure that Windows Firewall is allowing the extenders to communicate. On the Exceptions tab of the Windows Firewall Settings dialog box, ensure that the Media Center Extenders option is selected. You learned about Windows Firewall in Chapter 5, “Configuring Windows Security Features.” Refer to Figure 5.34 in the section, “Basic Windows Firewall Configuration.”

Using Network Projectors with Windows Media Center Windows Media Center facilitates the use of network projectors for giving business presentations or slide shows from your computer. The Connect to a Network Projector Wizard enables you to connect your network projector across a wired or wireless network. This wizard sets up and shares your projector in a similar fashion to other shared resources on your computer. Network communications are protected by Remote Desktop Protocol (RDP) encryption in a similar manner to that used by Terminal Services connections. If you are using a wireless network, security protocols configured on this network such as Wi-Fi Protected Access (WPA) and Wi-Fi Protected Access version 2 (WPA2) encrypt the communication. You learned about these protocols in Chapter 6, “Configuring Network Connectivity.” To connect a network projector, first ensure that it is turned on and connected to the same subnet to which your computer is connected. Then follow Step by Step 7.2.

393

Configuring and Troubleshooting Media Applications

STEP BY STEP 7.2 Connecting a Network Projector 1. Click Start and type network projector in the Search box. Then select Connect to a Network Projector to start the Connect to a Network Projector Wizard. (You can also select the wizard from the All Programs, Accessories menu.) 2. If communication with the projector across Windows Firewall is not enabled, the wizard starts by asking you to allow the network projector to communicate through Windows Firewall (see Figure 7.3). Click Yes, and then click Continue in the UAC prompt that appears.

FIGURE 7.3 You need to enable Windows Firewall to allow communication with a network projector.

3. The wizard asks whether you want to search for the projector or enter the projector address (see Figure 7.4). If you know the network address, select the Enter the Projector Address option and enter the Universal Naming Convention (UNC) or Hypertext Transfer protocol (HTTP) address of the projector. If the projector has a password, enter this password. Then click Next and skip to step 5.

FIGURE 7.4 The Connect to a Network Projector Wizard enables you to search for a projector or enter the projector address.

394

Chapter 7: Configuring Applications Included with Windows Vista 4. If you do not know the network address of the projector, select the Search for a Projector option. The wizard displays a Select a Network Projector page that displays the network location of any available projectors. Select the desired projector and then click Next. If necessary, click Search to locate your projector. 5. Follow the remaining instructions to connect and share your projector.

After you have completed the wizard, you receive the Network Presentation dialog box, from which you can perform the following actions: . Connect—Connects to the projector, which displays the desktop image of your comput-

er, with presentation settings optimized for best performance across the network. . Pause—Pauses the connection to the projector, which displays a still image. You can

perform other actions on the computer while continuing a verbal presentation. . Resume—Restarts a paused presentation. . Disconnect—Disconnects your computer from the projector. Any presentation software

in use on your computer still runs until you exit from it. If you encounter problems in connecting to the network projector, refer to the Help and Support Center for several troubleshooting suggestions.

TIP Presentation settings and media presentations When giving a presentation from a mobile computer, turn the screen saver off and turn presentation settings on. Also ensure that your computer is not going to enter Sleep mode during the presentation. Doing so prevents your display from going blank during a presentation. You can adjust presentation settings from the Windows Mobility Center. Refer to Chapter 9, “Configuring and Troubleshooting Mobile Computing” for information on the Windows Mobility Center.

Windows Media Player Windows Vista features version 11 of Windows Media Player, which offers a high level of choice and flexibility for managing digital media, including music, photos, and videos. The following are several of the more significant improvements in Windows Media Player 11 (see Figure 7.5): . Improved access to features—You can rapidly access common settings from the menu bar,

which offers activities such as Rip, Burn, and Sync. . Improved navigation—Integrated Back and Forward buttons enable you to move quick-

ly forward or backward between screens.

395

Configuring and Troubleshooting Media Applications

FIGURE 7.5 Vista’s Windows Media Player 11 offers several enhanced views that simplify your organizing and locating music and other media.

. Album art—Thumbnail views of album covers are displayed in the interface, assisting

you in locating items of your choice. Windows Media Player can locate missing album art or offer to add your own images. . Revamped playback controls—These controls are laid out in a simpler, more intuitive

fashion, enabling you to access options more rapidly. . Simplified media libraries—You can easily organize your music by properties such as

artists, albums, songs, genres, years, and ratings. Right-click Library and select Show More Views to add additional categories to the list. . Playlist options—You can display available playlists by selecting Playlists from the

options on the main screen. Right-click Playlists and select Create Playlist to create a new playlist. . URGE—The main control panel of Windows Media Player 11 includes a link to the

URGE online music store operated by the MTV music network. . Ripping and burning options—Select the Rip option from the menu bar to copy audio

CDs to your hard drive, or select Burn to burn an audio CD, a data CD, or DVD. . Synchronizing with other computers and external music players—Select the Sync option

from the menu bar to copy your music library to an external player or update the music on the player. You can also use manual sync to select the files and playlists to be synchronized. In addition, you can synchronize music with other computers or add music obtained elsewhere to your library.

396

Chapter 7: Configuring Applications Included with Windows Vista . Improved video experience—Windows Media Player 11 enhances the enjoyment of

DVDs. A DVD encoder eliminates the need to purchase an additional plug-in. Discs are played more smoothly and in full screen mode. . View options—You can customize your media library views with options that include

Icon, Tile, Expanded Tile, and Detail View. Furthermore, you can customize the layouts to provide any desired experience. The following sections provide more information on setting up and configuring Windows Media Player, along with the Media Center Library and the options available from the Options dialog box.

Setting Up Windows Media Player It is simple to set up and start enjoying the benefits of Windows Media Player 11, as Step by Step 7.3 shows.

STEP BY STEP 7.3 Setting Up Windows Media Player 1. Click Start, All Programs, Windows Media Player. You receive the setup options shown in Figure 7.6.

FIGURE 7.6 When you first start Windows Media Player, you receive a choice between express and custom settings.

397

Configuring and Troubleshooting Media Applications 2. To enable the functions described in the setup screen automatically, select Express Settings and then click Finish. To customize Windows Media Player, select Custom Settings and then click Finish. 3. If you select Custom Settings, you receive the Select Privacy Options screen shown in Figure 7.7. Make your choice from the selection options provided.

FIGURE 7.7 The Select Privacy Options screen enables you to select options related to playback experience, content provider services, usage data, and history.

4. To view privacy statements, click the Privacy Statement tab and then click the View Statement buttons provided. When finished, click Next to continue. 5. On the Customize the Installation Options screen, you receive choices to add shortcuts to the desktop and the Quick Launch bar. Select the desired options, and then click Next. 6. The Select the Default Music and Video Player screen asks whether you want to choose the file types played by Windows Media Player 11 or make Windows Media Player 11 the default music and video player. Make a choice and click Next. 7. If you select the Choose the File Types that Windows Media Player 11 Will Play option, the Set Associations for a Program dialog box shown in Figure 7.8 opens. Select the desired extensions, and then click Save. 8. The Choose an Online Store page enables you to choose an online store from which you can purchase music downloads. Select a choice, and then click Install to set up a store or Finish to complete the setup wizard without setting up an online store. 9. Windows Vista configures your options for Windows Media Player and opens the player after a few seconds (refer to Figure 7.5 shown previously).

398

Chapter 7: Configuring Applications Included with Windows Vista

The Set Associations for a Program dialog box enables you to choose which file extensions are opened by Windows Media Player. FIGURE 7.8

The Windows Media Player 11 Library Click the Library toolbar option on the main Library page of Windows Media Player to display the available navigation options, as shown in Figure 7.9: . Media type—Enables you to choose the media type currently displayed in the library by

selecting from Music, Pictures, Video, Recorded TV, and Other. . Add to Library—Displays the Add to Library dialog box, which enables you to select

folders to be monitored for media files. You can select your personal folders or all folders that you can access. Click Advanced Options to display additional options including adding or removing monitored folders. . Media Sharing—Enables you to share your media files with others or find media shared

by others. Click Networking to open the Network and Sharing Center for additional sharing options already covered in Chapter 6. . Apply Media Information Changes—Displays an Apply Changes dialog box that charts

the progress of applying the changes you have specified. When completed, click Close. . Add Favorites to List When Dragging—When selected, you can rapidly create playlists of

favorite songs by dragging categories such as an album or genre from the Details pane to the List pane.

399

Configuring and Troubleshooting Media Applications . More options—Displays the Options dialog box shown in Figure 7.10, which offers the

options described in the next section. . Help with Using the Library—Opens the Help and Support Center to a page displaying

recommended links for using the media player.

FIGURE 7.9 The Library toolbar menu provides navigation options that assist you to locate the desired media.

The Options dialog box enables you to configure a large range of Windows Media Center options.

FIGURE 7.10

400

Chapter 7: Configuring Applications Included with Windows Vista

Windows Media Player Configuration Options Select More Options from the Library menu to display the Options dialog box, from which you can configure the options provided by the following tabs (you can also bring up this dialog box by pressing Alt to display a pop-up menu and then selecting Tools, Options): . Library tab . Plug-Ins tab . Privacy tab . Security tab . DVD tab . Network tab . Player tab . Rip Music tab . Devices tab . Burn tab . Performance tab

The next sections describe each tab in detail. Library Tab The Library tab, shown previously in Figure 7.10, enables you to configure settings for organizing and sharing your digital media. The following options are available: . Sharing—Enables you to share your media with other networked computers and media

devices. Click Configure Sharing to open the same Media Sharing dialog box as accessed from the Media Sharing option in the Library toolbar. . Update Library by Monitoring Folders—Enables you to select which folders are moni-

tored for digital media files. Click Monitor Folders to display the Add to Library dialog box as described previously. You can also delete media files when removed from the library by selecting the check box provided. . Automatic media information updates for files—Enables you to specify how media infor-

mation is downloaded from the Internet, how music files are set up for ripping, and how star ratings are maintained.

401

Configuring and Troubleshooting Media Applications

Plug-Ins Tab Plug-ins enable you to modify the display appearing in the Windows Media Player window as your songs are playing. This tab enables you to search for plug-ins and visualizations on the Internet according to preconfigured category lists. Click Properties to modify available properties for some plug-ins or Remove to remove plug-ins from the list. Privacy Tab Shown in Figure 7.11, the Privacy tab enables you to configure the following privacy options: . Display Media Information from the Internet—Select this check box to obtain information

about CDs and DVDs that you play. Windows Media Player sends an identifier to a Windows Media database or database used by the online music store you have specified. . Update Music Files by Retrieving Media Info from the Internet—Select this check box to

automatically obtain and update media information for music files in your library. . Download Usage Rights Automatically When I Play or Sync a File—Select this check box to

automatically download usage rights, which enable you to perform actions on media files, such as playing a song, burning it to an audio CD, or synching it to a portable device. Usage rights, which utilize Microsoft Digital Rights Management technology, preserve the rights of copyright holders for protecting music or video products. If this check box is not selected, Windows Media Player does not automatically acquire usage rights, but rather prompts you to download usage rights. . Automatically Check If Protected Files Need to Be Refinished—Select this check box to scan

your library for files that have missing or expired usage rights as well as those that are about to expire. It then attempts to download these rights from the Internet. . Set Clock on Devices Automatically—Select this check box to verify the time and date on

a portable device being synched. . Enhanced Content Provider Services—Select the check box provided to uniquely identify

your copy of Windows Media Player to web servers, enabling them to perform tasks such as monitoring your connection, obtaining statistics, and enabling access to content. The servers will place cookies on your computer to facilitate this access. Select Cookies to open the Privacy tab of the Internet Properties dialog box and configure which cookies are accepted or read. . Windows Media Player Customer Experience Improvement Program—Select the check box

provided to join this program, which helps to improve the quality, reliability, and performance of software such as the Media Player. . History—Select the check box provided to keep a history of your most recently played

media files. Select the command buttons provided to clear the accumulated history or cached media information about devices connected to the computer.

402

Chapter 7: Configuring Applications Included with Windows Vista

The Privacy tab of the Options dialog box enables you to configure a large range of privacy options.

FIGURE 7.11

Security Tab Shown in Figure 7.12, the Security tab enables you to configure several enhanced security options that govern the playback of media by Windows Media Player: . Run Script Commands When Present—Select this check box to enable script commands

to run when you play digital media content containing these commands. While script commands can enhance your playback experience, malicious scripts can run without your knowledge and perform improper actions. . Run Script Commands and Rich Media Streams When the Player Is in a Web Page—Select

this check box to enable scripts to run when you play digital media content from a web page. Clearing this check box might prevent rich-media streams such as those containing HTML, a PowerPoint slide show, or digital media content from playing. . Play Enhanced Content that Uses Web Pages Without Prompting—Select this check box to

prompt you when you play digital media content that is enhanced with web pages. This enables you to verify that you want to view the enhanced content and helps to avoid playing content containing malicious web pages. . Show Local Captions When Present—Select this check box to enable Windows Media

Player to locate and display Synchronized Accessible Media Interchange (SAMI) captions of media content from all content zones. When not selected, SAMI captions are displayed from the Internet zone only. . Security Zone—Click Zone Settings to open the Security tab of the Internet Options

dialog box as described previously in Chapter 5.

403

Configuring and Troubleshooting Media Applications

The Security tab of the Options dialog box enables you to configure security options related to script commands and rich media streams.

FIGURE 7.12

For more information on Windows Media Player security options, refer to Security and Windows Media Player 11 in the “Suggested Readings and Resources” section. DVD Tab The DVD tab enables you to prevent users from playing DVDs according to ratings established by the MPAA. You can also specify default language settings to be used for audio language, lyrics, captions, and subtitles, and the DVD menu. Network Tab The Network tab enables you to specify how Windows Media Player accesses the Internet to obtain and play streamed digital media content. The following settings are available: . Protocols for MMS URLs—Select the check boxes in this section to specify which proto-

cols Windows Media Player uses when receiving a MMS URL. You can choose any or all or Real Time Streaming Protocol (RTSP)/User Datagram Protocol (UDP), RTSP/ Transmission Control Protocol (TCP), and Hypertext Transfer Protocol (HTTP). . Multicast Streams—Select the check box provided to enable Windows Media Player to

receive media content in multicast streams. . Streaming proxy settings—Specifies settings for protocols used by Windows Media

Player when your computer connects to the Internet through a proxy server. Select the desired protocol and then click Configure to specify the proxy settings for the selected protocol. By default, Windows Media Player is configured to use proxy settings specified in the Internet Options dialog box.

404

Chapter 7: Configuring Applications Included with Windows Vista

NOTE Windows Firewall and Windows Media Player Windows Firewall might block UDP and multicast streams when you are on a public network such as a Wi-Fi hotspot. To enable reception of these streams, open the Exceptions tab of the Windows Firewall Properties dialog box and select the Windows Media Player check box.

Player Tab The Player tab enables you to specify how often Windows Media Player checks for updates as well as several additional player settings. You can select the following options: . Automatic Updates—Select the appropriate radio button to check for updates daily,

weekly (the default), or monthly. You can also choose to download codecs (software programs used to compress or decompress media files) for unrecognized file types automatically. . Keep the Player on Top of Other Windows—Select this check box to keep Windows Media

Player in the foreground when you run other programs. This is useful for selecting the playback controls rapidly. . Allow Screen Saver During Playback—Select this check box to allow the screen saver to

appear after the number of minutes specified in the Screen Saver tab of the Display Properties dialog box. When cleared, the screen saver cannot appear when you are playing long media files such as movies. Clear this check box to avoid interruption of these media types. . Add Media Files to Library When Played—Select this check box to automatically add files

from your computer or the Internet (such as downloaded .mp3 files) to your library if they are not already present. Files played from removable storage or shared network locations are not added. . Connect to the Internet (overrides other commands)—Select this check box for automatic

connection to the Internet, overriding other connection options. This is useful when working offline and you select a feature that requires Internet access. . Start the Mini Player for File Names that Contain This Text—Specifies which media files

will be played in Compact mode. Type a portion of the filename to be played in Compact mode in the text box provided. For example, you can play voice messages from your email by typing text from the filename here.

405

Configuring and Troubleshooting Media Applications

Rip Music Tab The settings in the Rip Music tab, shown in Figure 7.13, govern when and how Windows Media Player copies (rips) music files from an audio CD inserted in the computer’s CD-ROM drive. You can configure the following settings: . Rip Music to This Location—Specifies the location to which music is saved. By default,

this is C:\Users\<user_name>\Music. Click Change to specify a different location and click File Name to specify information to be included in default filenames. . Format—Click the drop-down list to specify which format is used by default. You can

choose from several Windows Media Audio formats, MP3, or WAV files. . Copy Protect Music—Select this check box to protect audio tracks when copied to your

computer. This means that media usage rights are required to play, burn, or sync the files, or copy them to another computer. This option is available only when you are using a Windows Media Audio format for ripping music. . Rip CD When Inserted—Select this check box to automatically start the copying of

music when you insert a CD if the Rip Music tab is displayed, or always, according to the option selected. . Audio Quality—Adjust the slider for your desired balance between high quality (large

file size) and smaller file size (reduced quality).

The Rip Music tab of the Options dialog box enables you to specify settings that govern the copying of music from audio CDs and DVDs.

FIGURE 7.13

406

Chapter 7: Configuring Applications Included with Windows Vista

Devices Tab The Devices tab enables you to specify the properties for CD and DVD drives, displays, speakers, and portable audio devices connected to your computer. Select the desired device and click Properties. Click Advanced to specify file synching options, including allowing files to convert in the background and temporary file storage location. Burn Tab The Burn tab enables you to configure settings for recording (burning) audio and data files to CD and DVD discs. The following settings are available: . Burn Speed—Select from Fastest, Fast, Medium, or Slow burning rate, and select the

check box provided to automatically eject the disk when burning is complete. Normally, you should keep this at the default Fastest rate; reduce the burn speed only if you are encountering problems burning. . Apply Volume Leveling Across Tracks on the CD—Select this check box to minimize the

volume differences between songs on audio CDs so that you do not need to adjust the volume while you are playing the CD. This option is selected by default. . Add a List of All Burned Files to the Disk in This Format—Selects the format used when

creating a playlist of all files on the disc. By default, this playlist is created in the .wpl format. If the device used for playing your disc does not support this format, select the .m3u format from the drop-down list. . Use Media Information to Arrange Files in Folders on the List—Select this check box to

organize files burned to CDs or DVDs into folders arranged according to media type, artist, album, and so on. This option is selected by default. If you clear this option, all burned files are placed in the root folder of the disc. . Fit More Music on the Disk by Converting to a Lower Bit Rate—When you select the

Convert To option, Windows Media Player converts files to the WMA format and compresses them according to the setting you select. Reducing file size enables you to fit more songs on a CD with possible loss of audio quality.

Performance Tab The Performance tab offers the following options that affect the performance of Windows Media Player 11. You should generally leave these options at their default settings, except for the video border color, which you can set according to your preference: . Connection Speed—Enables you to select the connection speed from a range of 28.8

Kbps dial-up to 10 Mbps LAN speeds. The default option sets the speed to that used by your network or Internet connection.

407

Configuring and Troubleshooting Media Applications . Network Buffering—Enables you to select the number of seconds of content to be

buffered. . DVD and Video Playback—Provides four options that control playback from these

devices. By default, playback controls are displayed when using full-screen mode. You can control video playback with a mouse that has extra thumb button controls by clearing the Display Full-Screen Controls check box. Refer to the Help and Support Center for more details. . Video Border Color—Enables you to modify the color used by Windows Media Player

when it is set to display in Full mode. Click Change to select from a palette of basic colors or define a custom color for your use.

Additional Menu Bar Options Windows Media Player provides additional options for rip, burn, and sync from the menu bar: . Rip—Copies, or rips, tracks from an audio CD to the default music location specified

in the Rip Music tab of the Options dialog box. When you insert an audio CD and select this menu item, Windows Media Player displays the title, artist, genre, and year of the album plus a list of songs on the CD. Ripping starts by default if you have configured this option. You can select the songs to be copied by selecting or clearing check boxes associated with each song. . Burn—Creates an audio CD, data CD, or DVD. Insert a blank disc and drag items to

the space provided in the right side of the screen. When you have completed the burn list, click Start Burn to copy the files to the disc. Windows Media Player creates a folder structure on the new disc according to the options you have selected in the Burn tab of the Options dialog box. . Sync—Synchronizes your media files to a portable device such as an mp3 player. When

you connect your device, the Sync section of the Windows Media Player window displays information about the device. You can then drag the desired items to the space provided in the right side of the screen. When you have completed the sync list, click Start Sync. You can also choose to copy your entire music library to your device, provided that the device has enough storage capacity (more than 4GB) to hold your library. If you select this option, Windows Media Player updates your device according to the content of your music library each time you connect it.

TIP Synching is two-way You can also sync files from your media device to your computer. This is worthwhile if you’ve used the device to purchase music directly or if you have synched to the device from another location such as a friend’s computer. Just click Start Sync to synchronize the device’s content with Windows Media Player.

408

Chapter 7: Configuring Applications Included with Windows Vista

Group Policy and Windows Media Player Group Policy in Windows Vista contains several settings related to Windows Media Player. Open the Group Policy Object Editor and navigate to User Configuration\Administrative Templates\Windows Components\Windows Media Player to display the following options, which are shown in Figure 7.14: . Networking—Includes settings for configuring HTTP and RTSP proxies, hiding the

Network tab of the Options dialog box, configuring network buffering and streaming media protocols. For more information refer to the “Network Tab” section. . Playback—Contains settings for allowing the screen saver to appear and preventing the

download of codecs. . User Interface—Contains settings for preventing the anchor window from being dis-

played, hiding the Privacy and Security tabs of the Options dialog box and locking Windows Media Player in Skin mode. . Prevent (category) Retrieval—Includes settings to prevent media information from being

downloaded automatically from the Internet, according to the three categories of media shown in Figure 7.14.

Group Policy Object Editor offers policy settings that govern the behavior of Windows Media Player.

FIGURE 7.14

For further information on all policies, double-click a policy to view its Properties dialog box and select the Explain tab.

Windows Photo Gallery Windows Vista introduces a new media application designed to manage the growing collections of digital photos anyone with a digital camera rapidly amasses. Freed from the restrictions imposed by running out of film or the costs of film processing, most of us rapidly accumulate hundreds to thousands of photos and start to have difficulty locating and cataloging these great numbers of shots.

409

Configuring and Troubleshooting Media Applications

Windows Photo Gallery enables you to import photos and videos from cameras, scanners, removable media, other computers on the network, or the Internet. You can view the images, add or edit metadata, assign ratings, catalog the images to facilitate searching for them later, and burn them to CD or DVD. You can even apply simple fixes to your images. Click Start, All Programs, Windows Photo Gallery to open the application as shown in Figure 7.15. The toolbar provides the following commands: . File—Enables you to perform actions such as importing photos and performing general

file management activities. Available commands are discussed later in this section. . Fix—Enables you to perform simple repair activities on the selected photo including

adjusting its exposure and color, cropping, and fixing red eye. . Info—Enables you to display and edit metadata. . Print—Enables you to print your photos on a local or network printer or order prints

from an online service. . E-mail—Enables you to resize the selected photos to a size suitable for insertion in

an email message and then opens Windows Mail and attaches the images to a new message. . Burn—Enables you to create a CD or DVD containing the selected images.

Windows Photo Gallery is a convenient means of accessing and working with your digital photo collection. (All photos by the author.)

FIGURE 7.15

410

Chapter 7: Configuring Applications Included with Windows Vista

Controls at the bottom of the gallery enable you to magnify portions of the image, view it at actual size, rotate it clockwise or counterclockwise, or delete the image. You can also move to the next or previous image or play a slide show of your images. By default, Windows Photo Gallery displays images according to the folder in which they are located. You can use the View, Group By command to change group images according to one of several metadata properties, including date taken, file size, image size, camera, and tags. (Note that a tag is a descriptive keyword that enables you to locate photos with common attributes, such as an individual in the photograph.)

Available File Commands in Windows Photo Gallery Table 7.1 summarizes the commands available from the File menu in Windows Photo Gallery. TABLE 7.1

Windows Photo Gallery File Commands

Command

Purpose

Add Folder to Gallery

Enables you to select a folder containing pictures and videos to be included in the gallery. Browse to the desired location and then click OK.

Import from Camera or Scanner

Enables you to select a device containing photos to be imported from a dialog box listing all available devices such as cameras, scanners, or memory card readers. Windows Photo Gallery uses the new Media Transfer Protocol (MTP) for importing images. MTP offers enhanced capabilities including support for additional devices such as portable media players and cellular phones, faster transfer of files, support for wireless connectivity to supported devices, and improved support for audio and video formats.

Delete, Rename, Copy, and Select All

Function exactly as the corresponding commands in any window’s File menu.

Screen Saver Settings

Brings up the Screen Saver tab of the Display Properties dialog box. You can select images from your gallery to be used in a custom screen saver.

Share with Devices

Brings up the Media Sharing dialog box, which enables you to share music, pictures, and videos on the network. This dialog box is similar to the Media Sharing dialog box included with Windows Media Player.

Properties

Displays a Properties dialog box for the selected image. By default, the Details tab appears, which provides detailed information including metadata recorded by the camera when the photo was taken.

Options

Brings up the Windows Photo Gallery Options dialog box, which enables tooltips, copies of originals after you perform fixes, and checks for updates to Windows Photo Gallery. The Import tab of this dialog box provides options that govern the importing of images from cameras, scanners, CDs, and DVDs.

Exit

Exits Windows Photo Gallery.

411

Configuring and Troubleshooting Media Applications

Editing Images in Windows Photo Gallery When you select an image and click Fix, Windows Photo Gallery displays the selected image along with a series of commands, as shown in Figure 7.16.

Windows Photo Gallery enables you to perform simple fixes on your photo. (Photo by the author.)

FIGURE 7.16

You can perform the following actions on the selected image: . Auto Adjust—Attempts to perform automatic fixes of the image’s exposure and color

values. You can use other controls to override the fix performed by this control. . Adjust Exposure—Provides two sliders with which you can adjust an image’s brightness

and contrast. . Adjust Color—Provides three sliders in which you can adjust an image’s color tempera-

ture, tint, and saturation. . Crop Picture—Enables you to crop the image. . Fix Red Eye—Enables you to remove the red appearance of a subject’s eyes frequently

found in flash photos where the flash has reflected back from the retinas of the subject’s eyes. You can also undo or redo changes by selecting the options at the bottom of this list.

412

Chapter 7: Configuring Applications Included with Windows Vista

Additional Windows Photo Gallery Options Windows Photo Gallery also includes the following options: . Searching for images—Type text into the Search box at the top of the gallery, and

Windows Photo Gallery will display images containing the text as a tag, filename, or caption. . Image Preview—Hover your mouse over an image to view an enlarged thumbnail with

simple date. Double-click any image to preview it. The image is enlarged and displayed along with assigned tags and star ratings. You can use the controls at the bottom of the gallery to enlarge, rotate, or delete an image, move through the images, or start a slide show. . Play a slide show—Use the control at the bottom of the gallery to start a slide show. The

show displays at full screen resolution. To control slide show behavior, right-click to obtain a pop-up menu, which enables you to pause or resume the show, step forward or back by one image, or adjust the speed of the show. You can choose the Shuffle option to play images in random order or click Exit to return to the photo gallery. . Display an image as your desktop wallpaper—Right-click the desired image and choose Set

as Desktop Background. . Create or add image tags—Use tags to classify your images and search for them. From

the navigation bar located at the left side of the window, click Create a New Tag. A box appears in which you can type the name of the tag. To add tags to an image, right-click the image and choose Add Tags. This displays the image and its tags at the right side of the gallery and enables you to add additional tags. You can even add a non-existent tag, and the tag will be created and added to the Tags list in the navigation bar. . Assign ratings and display images by rating—Assign a rating to an image by selecting the

image and clicking Info. Then select the number of stars desired. View images with a specific rating by selecting the number of stars under Ratings from the navigation bar. Return to displaying images regardless of rating by selecting All Pictures and Videos at the top of the navigation bar. . View photos by folder or by date taken—Select the desired action from the navigation bar.

Select All Pictures and Videos to return to displaying all images.

Windows Movie Maker and Windows DVD Maker Windows Movie Maker and its companion application, Windows DVD Maker, enable you to create, import, manage, and edit digital videos in regular or high-definition format. You can view these videos on ordinary DVD players, so that you can share them with family and

413

Configuring and Troubleshooting Media Applications

others. These applications are included with the Home Premium and Ultimate editions of Windows Vista. Click Start, All Programs, Windows Movie Maker to display the interface shown in Figure 7.17. This program is intuitive and contains a full set of tools for creating and working with your videos. You can even add titles, special effects, and transitions—enough accessories to enable almost anyone to create movies easily. Developers can use a Microsoft software development kit to create additional styles and transitions for even more creativity.

Windows Movie Maker enables you to create home videos and burn them to DVD.

FIGURE 7.17

The following are several important features of Windows Movie Maker and Windows DVD Maker: . Support for high-definition video—You can use Windows Movie Maker to create, edit,

and manage high-definition videos. . Simplified importing of videos from digital camcorders—Windows detects these devices as

soon as you connect them, and Windows Movie Maker includes a wizard that facilitates the importation of videos. . Integration with Windows Photo Gallery—You can use the sorting and filtering capabili-

ties built into Windows Photo Gallery to locate pictures and videos. You can also view and manage your videos from this application. . DVD authoring and burning—You can transfer videos from your digital camcorder onto

professional-looking DVDs that you can share with others. You can also burn your photos and data files to data DVDs.

414

Chapter 7: Configuring Applications Included with Windows Vista . High quality graphics capabilities—Windows Movie Maker leverages the power of graph-

ical processing units (GPUs), thus enabling the CPU to concentrate on other activities. Consequently you receive improved graphics performance in all actions including those involving high-definition video creation.

REVIEW BREAK You have looked at the media applications that come standard with Windows Vista and should be aware of the following major points: . Windows Media Center is a one-stop location for managing all types of media includ-

ing high-definition TV. You can use Windows Media Center Extender devices to network your computer with various entertainment devices on your home network. . Windows Media Player version 11 enables you to view and manage your music, videos,

and photos. You can import media files from various sources, including ripping songs from audio CDs, view your collection library, sort items by album, artist, year, genre, and so on, burn new audio CDs as well as data DVDs, and sync your collection with portable devices. . Windows Media Player also includes a comprehensive set of management tools that

includes options such as privacy, digital rights, rip and burn behavior, and networking. You can also configure options in Group Policy that govern the operation of Windows Media Player. . Windows Photo Gallery enables you to manage your digital image collection. You can

view and sort images, import them from sources such as digital cameras, memory cards, network locations, and the Internet, perform simple editing tasks, tag images with descriptive keywords, and create CDs and DVDs. . Windows Movie Maker and Windows DVD Maker enable you to create professional-

looking videos from sources such as digital camcorders and write these to DVDs that anyone can view on home DVD players.

Configuring Windows Mail Objective:

Configure Windows Mail. Windows Mail is the successor to Outlook Express, which was the default email client in versions of Windows prior to Vista. With the present email concerns such as the proliferation of

415

Configuring Windows Mail

unsolicited junk messages (spam), email-borne viruses, and phishing attacks, Microsoft revamped the email client to come up with a more secure, easy-to-use mail application. The following are several of the more important improvements introduced with Windows Mail: . Improved reliability—Windows Mail utilizes new technology to improve the handling of

large email messages and data files containing thousands of messages. . Instant search—As with other bundled applications, you can rapidly search across thou-

sands of email messages, even those that are years old. In addition, the Instant Search feature on the Start menu locates email messages along with other retrieved items. . Spam filter—Windows Mail screens and analyzes incoming messages to spot and

remove junk email. It can identify junk messages from the very first time you start using it. . Phishing filter—Windows Mail checks for messages containing fraudulent links to

phishing websites and helps protect users from scams and identity theft. . Improved newsgroup capabilities—You can more easily manage and contribute to news-

groups and discussion groups.

Configuring Mail Accounts The first time you open Windows Mail, it starts a wizard that simplifies the input of your email account information (see Figure 7.18). Follow Step by Step 7.4 to set up the first email account.

Windows Mail provides a wizard that simplifies the creation of your first email account.

FIGURE 7.18

416

Chapter 7: Configuring Applications Included with Windows Vista

STEP BY STEP 7.4 Configuring the First Email Account 1. On the Your Name page, type your name as you would like it to appear in the From field of the outgoing message, and then click Next. 2. On the Internet E-Mail Address page, type the email address to be associated with this account, and then click Next. 3. On the Set Up E-Mail Servers page, type the fully qualified DNS domain name (FQDN) of the incoming and outgoing servers. Ensure that the incoming email server type drop-down list displays the protocol (POP3, IMAP, or HTTP) used by the mail server. If the outgoing email server requires authentication, select the check box provided. Then click Next. 4. On the Internet Mail Logon page, type the username and password provided by your email provider, and then click Next. 5. On the completion page, select the check box provided if you do not want to download your email now, and then click Finish.

After you have configured your first email account, Windows Mail displays the default view shown in Figure 7.19.

Windows Mail provides a simple, intuitive interface by default.

FIGURE 7.19

It is simple to configure additional email accounts, as Step by Step 7.5 shows.

417

Configuring Windows Mail

STEP BY STEP 7.5 Creating New Email Accounts 1. From the Tools menu of Windows Mail, select Accounts. The Internet Accounts dialog box appears and displays your configured email and news accounts. 2. Click Add. Windows Mail starts a wizard that asks you to select the type of account you want to set up (see Figure 7.20).

Windows Mail enables you to create three types of accounts.

FIGURE 7.20

3. Select E-mail Account, and then click Next. 4. Follow the instructions provided in Step by Step 7.4 to create the account.

Managing Email Accounts Every account in Windows Mail has a complete set of properties associated with it. To access these properties, click Tools, Accounts to display the Internet Accounts dialog box shown in Figure 7.21. To specify which email account should be used as a default when sending email messages, select it and click Set As Default. To configure account properties, select it and click Properties. From the Properties dialog box that appears, you can configure the following properties: . General tab—Enables you to modify the user information, including name, organiza-

tion, email address, and reply address. The reply address option is used if you want replies to your messages sent to a different account from that used for sending—for

418

Chapter 7: Configuring Applications Included with Windows Vista

example, if you send work-related messages from your home email account and want replies to go to your work email account. . Servers tab—Enables you to change the FQDN of the incoming and outgoing email

servers. You can also change the username and password required to connect to the email server, specify account logon using Secure Password Authentication, and configure authentication properties for the outgoing email server. . Connection tab—By default, Windows Mail uses the same connection properties used by

Internet Explorer. If you require the use of a LAN or VPN connection, you can specify these settings here. . Security tab—Enables you to specify digital certificates to be used for signing and

encrypting messages, as well as an encryption algorithm. . Advanced tab—Enables you to modify the port numbers used by the incoming and out-

going servers, specify the use of Secure Sockets Layer (SSL) for server connections. You can specify a length of time (one minute by default) that Windows Mail tries to access the server before issuing a timeout message, break apart messages larger than a specified size, and leave copies of messages on the email server. The latter option is useful if you are checking your messages from a remote location and want to download them later when you return to the office.

You can manage all email and newsgroup accounts from the Internet Accounts dialog box.

FIGURE 7.21

EXAM ALERT Default ports By default, the outgoing mail (SMTP) server uses TCP port 25. The incoming mail server uses TCP port 110 if configured with the POP3 protocol, and TCP port 143 if configured with the IMAP4 protocol. You should know these common port numbers for the exam. If you have modified these port numbers in error, click the Use Defaults button on the Advanced tab of the account’s Properties dialog box.

419

Configuring Windows Mail

Configuring Mail Options You can configure various aspects of Windows Mail using the toolbar menu options. The following list and subsequent sections present the more important Windows Mail options you should be aware of: . File menu . Edit menu . View menu . Tools menu . Message menu

File Menu Besides standard file options including the creation of new messages, saving, printing, and so on, you can create and modify the folder structure into which messages are saved. The Save As option enables you to save a copy of a message as a different file type such as plain text or Microsoft Word document. You can also view the properties of the selected message and specify that you want to work offline. The Import command enables you to import the following items into Windows Mail: . Windows Contacts—You can import contacts from a previous address book in any of the

following formats: . comma-separated (CSV) values . Lightweight Directory Import File (LDIF) values from a Lightweight Directory

Access Protocol (LDAP) server such as an Active Directory domain controller . vCard . Windows Address Book File (contacts stored in Outlook Express on an older

computer) Click Import and specify the path to the file to be imported. . Messages—You can import email messages from any of Microsoft Exchange, Outlook,

Outlook Express 6, and Windows Mail 7. Specify the required format, click Next, and confirm the location displayed or type the proper location. . Mail Account Settings—You can import the configuration information associated with

other email accounts. . News Account Settings—You can import the configuration information associated with

other newsgroup accounts.

420

Chapter 7: Configuring Applications Included with Windows Vista

The Export command enables you to export the following items: . Windows Contacts—You can export Windows contacts to CSV or vCard files, thereby

enabling another user to use them with another program or an older version of Windows. . Messages—You can export email messages to Microsoft Exchange or another copy of

Windows Mail.

NOTE Default newsgroup in Windows Mail Windows Mail contains a preconfigured account for Microsoft’s msnews.microsoft.com news server, which hosts more than 2,000 microsoft.public.* newsgroups. You can configure accounts for receiving newsgroup postings from other sources if you want. If you have a Hotmail or other Microsoft Passport account, you can rate messages on the Microsoft newsgroups.

The Identities command starts a wizard that informs you that identities are no longer used because individual user accounts improve email security. This wizard enables you to import account information and messages from identities used in previous Outlook Express versions including those associated with a different Windows account.

Edit Menu The Edit menu contains all the common editing commands plus commands that enable you to mark messages as read or unread, mark conversations as read, and mark all messages as read. You can move or copy messages to different folders, delete messages, and empty the Deleted Items folder.

View Menu The View menu enables you to customize the appearance of the Windows Mail interface. Click View, Layout to obtain the dialog box shown in Figure 7.22 and select the components you want to hide or display. In addition, you can modify the current view to show all messages, hide read messages, hide read or ignored messages, or create a customized view. The latter opens a dialog box that enables you to specify which conditions should be met for messages to appear in the message list. You can sort messages according to several characteristics, modify the size of text used to display messages, and the character encoding used in message display.

421

Configuring Windows Mail

The Windows Layout Properties dialog box enables you to select which items will be displayed on the Windows Mail interface.

FIGURE 7.22

Tools Menu Step by Step 7.5, “Creating New Email Accounts,” mentioned the configuration of Windows Mail accounts from the Tools menu. This menu also enables you to send and receive messages immediately, synchronize all mail accounts, access Windows Contacts and Windows Calendar, add the sender of the current message to the Contacts list, configure message rules for email and newsgroup messages, and access options related to junk messages. Windows Calendar is discussed later in this chapter in the section, “Configuring Windows Calendar.” Click Tools, Options to access the Options dialog box shown in Figure 7.23. From the tabs in this dialog box, you can configure the following options.

The Options dialog box enables you to configure an extensive range of options for Windows Mail.

FIGURE 7.23

422

Chapter 7: Configuring Applications Included with Windows Vista

General Tab The General tab contains the following three sections that relate to newsgroups, the sending and receiving of messages, and default email and newsgroup programs: . General section—Select these options to configure newsgroup behavior. . Send/Receive Messages—Choose from settings that determine how Windows Mail

checks for incoming messages and notifies you. . Default Messaging Programs—Specify whether you want Windows Mail as your default

program for handling email and newsgroups.

Read Tab The Read tab contains the following options that pertain to the reading of email and newsgroup messages: . Reading Messages—You can specify the number of seconds that elapse before Windows

Mail considers a newly displayed message to have been read. You can also automatically expand grouped messages, download messages viewed in the preview pane, and show tool tips in the message list for items whose title is too long to appear in the message list. You can also specify that all messages are to be displayed in plain text; selecting this option can guard against execution of HTML-based viruses or worms or malicious scripts but renders display of formatted email in a less intuitive fashion (see Figure 7.24).

If you display messages as plain text, messages can be hard to read but HTML-based viruses are avoided.

FIGURE 7.24

423

Configuring Windows Mail . News—You can specify how many headers are downloaded at a time (the default is 300,

and the maximum is 1000) and mark all messages as read when you exit the newsgroup. . Fonts—You can specify which font is used for viewing messages by default, as well as

settings that determine how international messages are encoded and displayed.

Receipts Tab The Receipts tab enables you to request a read receipt for messages you send to verify that the recipient has received and read the message. You can also choose when you send read receipts for messages others have requested receipts for—the choices are to notify me for each request (the default), never send a receipt, or always send a receipt. Click the Secure Receipts button to bring up the Secure Receipt Options dialog box that enables you to request secure receipts for digitally signed messages or choose from options for sending secure receipts that are similar for those for regular read receipts. Send Tab The Send tab, shown in Figure 7.25, contains largely self-explanatory options that govern how messages you create are sent. To send mail or news messages in HTML format, select the appropriate option and click the HTML Settings dialog box. Options on this dialog box enable you to specify the format of MIME-encoded text, send pictures with messages, and indent messages on reply. Plain text settings also enable you to specify MIME-encoded formatting options, automatically wrap text at a specified number of characters, and use the “<” character when indenting original text that you are replying to or forwarding.

The Send tab of the Options dialog box contains a series of options that govern messages you send.

FIGURE 7.25

424

Chapter 7: Configuring Applications Included with Windows Vista

Compose Tab The Compose tab enables you to specify the following options for messages you are preparing to send: . Compose Font—Specify the default font to be used when creating mail and newsgroup

messages. . Stationery—To use a background stationery for message display, select the check box

provided (for mail and/or news) and then click Select. From the Select Stationery dialog box, select the desired pattern or click Create New to access a wizard that helps you create a customized pattern such as a letterhead. . Business Cards—Enables you to include your business card when creating mail and

newsgroup messages. Select the check box provided and then click Edit.

Signatures Tab The options on the Signatures tab enable you to add a signature to all outgoing messages. The signature is a text message that is automatically appended to all messages when you select the Add Signatures to Outgoing Messages option. If you do not want the signature added to replied or forwarded messages, select the Don’t Add Signatures to Replies and Forwards option. You can also select a file that contains a text- or HTML-based file to be used as your signature. Spelling Tab Select the check box provided in the Spelling tab to use the Microsoft Word standard and custom dictionaries to spell-check your messages before sending them. You can also choose whether or not uppercase words, words with numbers, original text in a replied or forwarded message, or Internet addresses should be spell-checked. Select the Language drop-down list to access a comprehensive set of languages to be used for spell checking. Connection Tab The Connection tab contains options for connecting to the Internet when sending and receiving messages. By default, a dial-up link asks before switching connections; you can disable this option if desired. You can also specify that a dial-up connection hangs up after sending and receiving messages. This tab also provides a link to the Internet Explorer connection settings, which Windows Mail uses. Click the Change button to access the Connections tab of the Internet Properties dialog box. Advanced Tab The Advanced tab, shown in Figure 7.26, contains a series of settings that configure attachment conversion, IMAP settings, message threads, reply/forward behavior, and use of pictures

425

Configuring Windows Mail

associated with Windows Contacts. Click the Maintenance button to access the Maintenance dialog box, which enables you to choose how old messages are cleaned up and the saving of commands from mail, news, and IMAP servers in log files for troubleshooting purposes.

The Advanced tab of the Options dialog box contains additional email settings as well as a link to a Maintenance dialog box.

FIGURE 7.26

Message Menu The Message menu contains options for creating new messages, replying to and forwarding messages, creating message rules from messages you have received, flagging messages, and handling junk mail. You learn more about the handling of junk mail in the next section.

Configuring Mail Security In these days of a seemingly unrelenting barrage of malware, spam, phishing, and other types of attacks against computer systems worldwide, email security is of paramount importance to individuals and companies alike. In recent years, many companies have backed off from using email as a prime communications medium because of the occurrence of these attacks. In addition, recent security legislation such as the Health Insurance Portability and Privacy Act (HIPPA) and Sarbanes-Oxley has underscored the importance of data security and proper data retention, including that of email. With these concerns at hand, Microsoft has upgraded the security of email handled by Vista’s Windows Mail application to handle many new concerns.

Spam and Phishing You can think of spam as any email message you did not request—in other words, unsolicited commercial email. Despite recent legislation in the United States and elsewhere regulating such email, spam still accounts for a large percentage of total email messages.

426

Chapter 7: Configuring Applications Included with Windows Vista

Microsoft has incorporated junk email options from Outlook into Windows Mail. Briefly stated, these options assess incoming messages for characteristics common to junk email. Any messages flagged as junk are placed in the Junk E-mail folder and do not reach your Inbox. The Junk E-mail folder is found in the main Windows Mail window (refer to Figure 7.19), from which you can check the messages in case a legitimate message has been improperly sent there. From the Tools menu, select Junk E-mail Options to access the Junk E-mail Options dialog box shown in Figure 7.27.

The Junk E-mail Options dialog box contains settings that govern the level used by Windows Mail in detecting whether an email message should be considered junk mail.

FIGURE 7.27

From the Options tab, select one of the four options for spam protection. If you are receiving large quantities of spam, select the High option, but as the dialog box advises, you should check the Junk E-mail folder frequently for messages that have been misclassified as junk. Only select the check box for permanently deleting junk messages if you are positive that the junk mail filter is not catching any legitimate messages. The Safe Senders tab enables you to create a Safe Senders list. Addresses or email domain names that appear on this list whose messages are never to be treated as junk. Click Add to enter email addresses or Internet domain names. By default, messages from contacts in Windows Contacts are always trusted; you can also add the addresses of those to whom you send messages to the Safe Senders list. The Blocked Senders tab enables you to create a Blocked Senders list, which contains address or email domain names whose messages are always treated as junk. The International tab enables you to always block email sent from foreign countries with toplevel DNS domain codes that you select from a list accessed from this tab. This is useful because many spammers operate from Third-World countries and send millions of messages

427

Configuring Windows Mail

around the world in seconds. Such spammers frequently use language characters that are encoded in special character sets. From this tab you can also select encoding sets that should always be blocked (see Figure 7.28).

You can block messages encoded in international encoding formats from being received in your Inbox.

FIGURE 7.28

The Phishing tab enables the Phishing Filter contained in Internet Explorer to check links contained in incoming messages for suspected phishing websites, thereby providing an extra level of protection against data and identity theft. You can flag messages containing links to suspected phishing websites or move these messages directly to the Junk E-Mail folder.

Additional Email Security Options Open the Options dialog box and select the Security tab shown in Figure 7.29 to access options related to virus protection, downloading of images, and the digital signing and encryption of outgoing email messages. Virus Protection Anyone whose computer has ever been infected by an email-borne virus will fully appreciate the new options provided by Windows Mail. The Virus Protection section of this dialog box provides several options that help to protect you against these types of viruses and worms. This section provides the following options: . Select the Internet Explorer Security Zone to Use—You can choose either the Internet

zone or Restricted Sites zone. By default, Windows Mail uses the Restricted Sites security zone, which disables scripting of active content. You should keep this option selected unless you are certain that content in a legitimate message requires this capability to function properly.

428

Chapter 7: Configuring Applications Included with Windows Vista . Warn Me When Other Applications Try to Send Mail as Me—Viruses and worms often

attempt to replicate by sending copies of themselves to others on your contacts list. When selected, this option displays a warning message if activity of this type happens. . Do Not Allow Attachments to Be Saved that Could Potentially Be a Virus—Windows Mail

checks attachments for file types used by virus authors to distribute their code. If it finds such a file type, it disables opening or saving of the file and displays a warning message informing you of this fact.

You can configure a range of email security options from the Security tab of the Options dialog box.

FIGURE 7.29

File Extensions Blocked By Windows Mail Windows Mail uses Internet Explorer’s built-in unsafe file list to determine which file extensions should be blocked. By default, this list includes the following extensions: .ad, .ade, .adp, .bas, .bat, .chm, .cmd, .com, .cpl, .crt, .exe, .hlp, .hta, .inf, .ins, .isp, .js, .jse, .lnk, .mdb, .mde, .msc, .msi, .msp, .mst, .pcd, .pif, .reg, .scr, .sct, .shb, .shs, .url, .vb, .vbe, .vsd, .vss, .vst, .vsw, .wsc, .wsf, .wsh. If you receive an email with an attachment from the blocked files list, verify with the sender that he has sent you a legitimate message. Then clear the Do Not Allow Attachments to Be Saved or Opened that Could Potentially Be a Virus option. Close and reopen the message and save the file. Then return to the Security tab and re-enable this option.

429

Configuring Windows Mail

Download Images Keep the option in the Downloaded Images section selected to prevent images and other external content included with HTML email messages from being downloaded. These types of content have been known to contain malicious code; they can also inform a spammer that your email address is legitimate, thereby resulting in your receiving more junk messages. Windows Mail displays an information bar to inform you that some images have been blocked. Click this bar to display the images in the selected message. Secure Mail The Secure Mail section enables you to configure the use of digital certificates for signing or encryption of your email messages. A digital ID or certificate enables recipients of your email messages to verify your identity and ensure that you actually sent the message. Encryption of your messages prevents unauthorized individuals from viewing or modifying your messages in transit. If someone attempts to modify the message, the recipient is informed. To obtain a digital ID, click the Get Digital ID command button. This opens Internet Explorer to a Microsoft web page that contains links to certification authorities such as VeriSign and Thawte. Follow the instructions provided. Once you’ve received your certificate, click the Digital IDs command button. This displays the dialog box shown in Figure 7.30, which enables you to view and manage your digital certificates. Click Import to import your certificate and follow the instructions in the wizard that starts. Also click Advanced and select the Secure Email option in the Certificate Purposes section of the Advanced Options dialog box that appears.

The Certificates dialog box enables you to view details of and manage your digital certificates.

FIGURE 7.30

After you have installed your certificate, you can choose to digitally sign and/or encrypt any or all messages you send. To sign or encrypt all messages, select the appropriate check boxes in the Secure Mail section. To digitally sign a single message, compose the message and then

430

Chapter 7: Configuring Applications Included with Windows Vista

click Tools, Digitally Sign. This attached your digital ID so that the recipient can verify your identity. To encrypt a single message, click Tools, Encrypt. The recipient must have a copy of your digital ID to read the encrypted message; Windows Mail displays a help screen the first time the recipient opens or previews an encrypted message. Microsoft suggests that your recipient should send you a digitally signed message beforehand. If a digitally signed or encrypted message is altered in transit, Windows Mail displays a security warning containing information about the problem that has occurred. Read the message and use the information provided to decide whether to open the message. For additional information regarding email security in Windows Vista, refer to Windows Mail and Resulting Internet Communication in Windows Vista, in the “Suggested Readings and Resources” section.

Configuring Windows Meeting Space Objective:

Configure Windows Meeting Space. New to Windows Vista is Windows Meeting Space, which is a new collaboration tool that enables face-to-face interaction among small groups of users in any location using a wired or wireless network. You can initiate a session and then use the People Near Me feature to invite others to share the same view of your applications and data and collaborate in real time. You can also configure a password that helps to prevent unauthorized users from joining your meeting.

NOTE Windows Meeting Space and Office Live Meeting Windows Meeting Space is a peer-to-peer application that functions directly between Windows Vista computers used by individuals attending the meeting without the need for servers. This program is designed to support collaboration across small groups of up to 10 simultaneous users in any location anytime. If you are conducting large-scale meetings that involve collaboration across multiple locations and over the Internet, you should use Microsoft Office Live Meeting.

The following list introduces several of the more important features in Windows Meeting Space: . Total support for wireless networking—Supports both infrastructure (connection through

an access point) and ad hoc (direct connection between computers) wireless networking. . Shared control of presentations—Enables the meeting facilitator to pass control to others,

who can perform revisions even while the facilitator is broadcasting the original document from his computer.

431

Configuring Windows Meeting Space . Compatibility—Enables users to broadcast all files or applications; you are not limited to

data created using Microsoft applications. . People Near Me—Enables you to check availability of others across the network and

invite them to join your meeting. . Sessions Near Me—Enables you to search for meeting sessions and ask to join them. . File sharing among multiple users—Enables all users to modify and save files. If one user

saves a change, this change is replicated immediately to others in the meeting.

EXAM ALERT All users require Windows Vista computers Users joining a meeting must have any version of Windows Vista installed on their computers. The user starting a meeting can have any version of Vista except Home Basic; persons with Vista Home Basic can join but not start a meeting in Windows Meeting Space. A question could present options that involve users of older Windows computers.

The following sections describe setting up Windows Meeting Space, conducting meetings, and sharing and editing handouts.

Setting Up Windows Meeting Space The first time you use Windows Meeting Space, you have to go through a setup routine. This process automatically configures Windows Firewall to allow communication and enables People Near Me and file replication. Step by Step 7.6 outlines the procedure.

STEP BY STEP 7.6 Setting Up Windows Meeting Space 1. Click Start, All Programs, Windows Meeting Space. You see the screen shown in Figure 7.31.

Windows Meeting Space provides a setup routine when you first start it.

FIGURE 7.31

2. Select Yes, Continue Setting Up Windows Meeting Space. Because this procedure involves configuring security-enabled applications such as Windows Firewall, you must accept a UAC prompt to continue.

432

Chapter 7: Configuring Applications Included with Windows Vista 3. After several seconds, the Set Up People Near Me dialog box appears (see Figure 7.32). Confirm that your username appears or type the proper name. Select the appropriate option in the Allow Invitations From drop-down list as shown, and then click OK.

Windows Meeting Space invites you to set up the People Near Me application.

FIGURE 7.32

4. Windows Meeting Space starts and presents the screen shown in Figure 7.33. If Windows Meeting Space finds meetings within the range of your network, it displays these meetings. To join a meeting, select Join a Meeting Near Me.

FIGURE 7.33

Windows Meeting Space enables you to start a new meeting or join an existing one.

433

Configuring Windows Meeting Space

Running Meetings As noted in the previous section, after you have set up Windows Meeting Space, you can start a new meeting or join an existing one. Running a meeting using Windows Meeting Space is simple, as Step by Step 7.7 shows.

STEP BY STEP 7.7 Using Windows Meeting Space 1. Click Start, All Programs, Windows Meeting Space. From the screen shown in Figure 7.33, select Start a New Meeting. 2. Accept the meeting name provided or type a descriptive name of your choosing. Then type a password of at least eight characters and click the green arrow. You should follow the customary rules for creating a strong password. 3. A progress bar appears as the meeting is created, and then the screen shown in Figure 7.34 appears.

Windows Meeting Space enables you to facilitate a small meeting.

FIGURE 7.34

4. To invite others to join your meeting, click the Invite People icon or click Invite from the menu bar. The Invite People dialog box displays the names of individuals who are signed in to People Near Me on the network. Select the people you want to invite and then click Send Invitations. This sends instant messages to those you selected. 5. If you want to invite others not on the list, click Invite Others, to display the Windows Meeting Space dialog box shown in Figure 7.35. This dialog box enables you to choose between email or an invitation file for inviting others to your meeting.

434

Chapter 7: Configuring Applications Included with Windows Vista

Windows Meeting Space enables you to create emails or invitation files.

FIGURE 7.35

6. If you choose the email option, Windows Meeting Space creates an invitation file, opens a new message in Windows Mail, and attaches the invitation. As shown in Figure 7.36, the message includes instructions for the recipient for joining the meeting. Type the email address of the person you have invited, and then click Send.

Windows Meeting Space prepares and emails invitations to others.

FIGURE 7.36

7. If you choose the invitation file option, the Save As dialog box appears. Accept the filename or type one of your choosing, and then click Save. By default, the file is saved to your Documents folder unless you click Browse Folders to select a different folder. You can copy the file to a shared folder or floppy disk and deliver it to the desired individuals or use instant messaging to send the invitations.

Accepting an invitation to join an existing meeting is simple, as Step by Step 7.8 shows.

435

Configuring Windows Meeting Space

STEP BY STEP 7.8 Joining a Meeting in Windows Meeting Space 1. You receive a message box informing you that someone is inviting you to use Windows Meeting Space. Click Accept to accept the invitation. 2. Windows Meeting Space starts. Type the password issued by the facilitator to join the meeting. 3. If you have received an emailed invitation (or the invitation file delivered by other means), open the file. Type the password, and Windows Meeting Space starts automatically.

As people join the meeting, all attendees see the names of those who have joined in the participants list in Windows Meeting Space. If people leave the meeting, their names are automatically removed. You can also join meetings in session near you without receiving an invitation. When you start Windows Meeting Space, the Join a Meeting Near Me option displays any meetings it is able to locate on your network. Select the meeting you want to join, and then type the password established by the meeting facilitator.

Sharing Information Windows Meeting Space enables you to share handouts, applications running on your computer, or your entire desktop with others in your meeting. Handouts are any document files created using a program such as Microsoft Office or even a non-Microsoft program that you want others to view and possibly edit. By sharing programs or your entire desktop, you can perform actions such as demonstrating the program or any other action that you might perform on your computer. Step by Step 7.9 outlines procedures that you can follow to share information.

STEP BY STEP 7.9 Sharing Information in Windows Meeting Space 1. To share handouts with others, click Add a Handout (or click Add in the menu bar). You receive a message box informing you that handouts will be copied to each participant’s computer. 2. Click OK, and then in the Select Files to Add dialog box, select or browse to the desired files. Then click Open. The filename of the handout appears in the Handouts section of the Windows Meeting Space window. Meeting attendees can edit handouts while they are shared. 3. To share a program or deliver a presentation, start the program on your computer.

436

Chapter 7: Configuring Applications Included with Windows Vista 4. Click Share a Program or Your Desktop (or click Share in the menu bar). You receive a message box asking you whether you want other people to see your desktop. 5. Click OK, and then in the Start a Shared Session dialog box shown in Figure 7.37, select the appropriate option and click Share.

The Start a Shared Session dialog box enables you to share a program or your Windows desktop.

FIGURE 7.37

The program or desktop you have shared is opened in a window on top of the Windows Meeting Space window on all participants’ computers. The title bar of the shared program on your desktop displays a Currently Sharing message to remind you that the program is shared. 6. To conclude the meeting, select Meeting from the menu bar and then click Exit. Click Yes to save the handouts or No to close the meeting without saving changes users have made to the handouts. If you save the handouts, choose a location to save them and then click Save.

CAUTION Only one person can edit a handout at a time If more than one person edits a handout at the same time, only those changes made by the last person are saved. As each person saves changes, they overwrite changes made by previous users. If another person is editing the handout, wait until she is finished before you add your edits.

You can also communicate in the meeting session by passing text notes or ink notes to a single person. Right-click the person to whom you want to send a note and select Pass a Note for a text note or Ink for an ink note. Type the message you want to send, and then click Send.

CAUTION Keep shared programs on top When sharing a program, you should keep the program window on top of your desktop. If another window on your desktop appears on top of the shared program window, other meeting participants will see a large black area on their desktop.

437

Configuring Windows Calendar

Configuring Windows Calendar Objective:

Configure Windows Calendar. Windows Calendar is a full-fledged calendar application that enables you to keep track of meetings and appointments. It enables you to create tasks and appointments, create alerts to remind you of scheduled items, create task lists, and share calendars with coworkers or family members. The following are several important features of Windows Calendar: . Managing a personal schedule—Windows Calendar enables you to create and keep track

of appointments, events, and tasks. You can include all-day events as well as recurring ones. . Scheduling and prioritizing of tasks—You can create a task list and include priority flags

and completed flags. . Sharing of calendars—You can create multiple calendars and share them with others in

your workgroup or family so that everyone knows what others have scheduled. . Alerts—Windows Calendar can remind you of approaching meetings or appointments

or tasks that you should be completing soon. . Calendar publication—Windows Calendar uses the open-standard iCalendar format,

which enables you to publish your calendar on the Web for others to view. . Invitations—Windows Calendar enables you to send and receive invitations to events

and appointments by means of email attachments. To start Windows Calendar, click Start, All Programs, Windows Calendar. You can also type calendar in the Search box or select Windows Calendar from the Tools menu of Windows Mail. Any of these actions brings up the Windows Calendar as shown in Figure 7.38. The Windows Calendar interface is divided into the following sections: . Date—Shows the current month’s calendar. You can use the arrows to move to other

months or select a date in the visible month to schedule tasks or events on that date. The current date is marked with a colored box. . Calendars—Displays a list of available calendars and enables you to access multiple cal-

endars (for example, business and personal calendars). . Sharing of calendars—Enables you to create multiple calendars and share them with

others in your workgroup or family so that everyone knows what others have scheduled.

438

Chapter 7: Configuring Applications Included with Windows Vista . Tasks—Displays the tasks you have configured. . Events—The central part of the calendar displays an hourly view of the date selected in

the Date area with the appointments and meetings you have scheduled. . Details—Enables you to create new appointments and tasks and configure properties

for these items.

Windows Calendar enables you to keep track of meetings, appointments, and tasks.

FIGURE 7.38

Navigating Windows Calendar Windows Calendar makes it simple to navigate between dates, months, and years by providing several view methods. Follow Step by Step 7.10 to navigate Windows Calendar.

STEP BY STEP 7.10 Navigating Windows Calendar 1. To jump to the next or previous month, click the right- or left-pointing arrows at the top of the Date section. 2. To move to another month in the current year, click the Month, Year title at the top of the Date section. The view changes to a year view, from which you can select the desired month. 3. To move to the next or previous year, click the right- or left-pointing arrows. Or to move to another year, click the year at the top of the Date section to display the years in the current decade and select the desired year.

439

Configuring Windows Calendar 4. Repeat this procedure to move to another decade if desired. 5. Click the required decade, the required year, and then the required month to move to the desired date. 6. To return to the current date at any time, select Today from the toolbar or from the View menu.

You can also move to a specific date by selecting Go to Date from the View menu. Type the desired date or use the drop-down arrow to browse to the desired month. Then click OK. You can also modify the view displayed in the central panel of the calendar. Click the downward pointing arrow at View from the toolbar to obtain the following options: . Day—The default view, shows the current or selected day with hourly blocks. . Work Week—Displays Monday to Friday of the current or selected week with hourly

blocks. . Week—Displays the entire current or selected week in hourly blocks. . Month—Displays the current or selected month.

From this location, you can also toggle the view of the navigation (date, calendars, and tasks) and details panes on or off. Click the View toolbar button to toggle the central panel between the four available views.

Managing Tasks and Appointments Windows Calendar provides several tools that enable you to create appointments, all-day events, and tasks.

Creating and Managing Appointments To create a new appointment, navigate to the date of the desired appointment and then perform one of the following tasks: . In the Events pane, click the time of the desired appointment and then type a descrip-

tive title. . Click New Appointment in the toolbar and type a descriptive title. . From the File menu, select New Appointment. Then type a descriptive title.

By default, Windows Calendar creates the appointment in the hour that includes the current time. To create an appointment at a different hour, select the desired hour and then perform one of the preceding actions.

440

Chapter 7: Configuring Applications Included with Windows Vista

After you have created a new appointment, the Details pane enables you to add detailed information about the appointment, including the following: . Details—Type additional information regarding the purpose of the appointment.

Anything you type here will be added to the appointment title in the View pane. . Location—Type the location of the appointment. . Calendar—If you have more than one calendar, select the desired calendar from this

list. . URL—Add an Internet or intranet address related to the appointment if you have one. . Appointment Information—Type or scroll to the appropriate start and end dates and

times. To schedule an all-day appointment, select the check box provided. To schedule a multi-day appointment such as a vacation, select the check box and then type the appropriate start and end dates. . Recurrence—To schedule a recurring appointment, select the appropriate option from

this drop-down list. You can select None, Every Day, Weekly, Monthly, Yearly, or Advanced. The Advanced option displays a dialog box that enables you to specify the interval of repetition and the number of times or expiry date. . Reminder—Click the drop-down list to display a length of time before the appointment

start that you will be notified. By default, no reminder is specified. You can select zero minutes or time intervals ranging from five minutes to two weeks. When you have specified an interval, an alarm clock icon is displayed on the appointment in the View panel. When the reminder time comes up, you receive a dialog box like the one shown in Figure 7.39. You have the following options: . Dismiss All—Closes all the displayed reminders. . View Item—Displays details of the item in the Details panel. . Dismiss—Closes this reminder. . Snooze—Closes the reminder but redisplays it again after the selected interval (five

minutes by default; click the drop-down list to choose another interval). . Participants—Add the email addresses of meeting attendees by typing them or adding

them from your contacts list and send invitations. . Notes—Add additional information related to the current appointment.

441

Configuring Windows Calendar

Windows Calendar reminds you of approaching events.

FIGURE 7.39

Creating Tasks Windows Calendar enables you to create a list that helps you to remember important tasks. To create a task, click New Task from the toolbar or select New Task in the File menu. Then type a descriptive title. The task is displayed in the Tasks panel, and details of the task appear in the Details panel. You can specify the following details about the task in the Task Information section: . Completed—Select this check box when you complete the task. . Priority—Select none (the default), low, medium, or high. Tasks are prioritized in the

Tasks list according to the options you select here. . Start and due dates—Specify start and due dates for the task.

As with appointments, you can place the task in a specific calendar, include a URL associated with the task, and set a reminder.

Using Multiple Calendars You can use more than one calendar if you want to keep tasks and appointments related to different activities separate. For example, you can create a business calendar and a personal one or different calendars for different clients. Step by Step 7.11 shows how to create a new calendar.

442

Chapter 7: Configuring Applications Included with Windows Vista

STEP BY STEP 7.11 Creating a New Calendar 1. From the File menu, select New Calendar. The new calendar appears in the Calendars pane, and information about the calendar appears in the Details pane. 2. Type a descriptive name for the calendar. 3. Select a color for highlighting calendar events from the Color list that appears in the Details pane. 4. After you have created another calendar, you can use the normal cut and paste tools to move or copy events from one calendar to another.

As shown in Figure 7.40, Windows Calendar displays all events configured for your calendars in the Events panel, color-coded according to the colors you have specified for each calendar. If you want to view only events configured for a specific calendar, clear the check boxes in the Calendars panel for those calendars whose events you do not want to appear.

You can configure multiple calendars in Windows Calendar and display events associated with each calendar in a different color.

FIGURE 7.40

In addition, you can import and export calendars in Windows Calendar. Select File, Import to display the Import dialog box. Specify the filename in the Import File text box and select the destination of the imported calendar (you can merge events into an existing calendar or create a new one). To export a calendar, click File, Export. Specify a filename and click Save. Files are imported and exported in the iCalendar (.ics) format.

443

Configuring Windows Calendar

Sharing Calendars If you belong to work groups or teams in which the members need to coordinate their activities to facilitate the planning of meetings and get-togethers, Windows Calendar enables you to share and publish your calendars. Others can subscribe to your calendar and add it to their list of calendars, and you can do the same with calendars belonging to others. Follow Step by Step 7.12 to publish your calendar.

STEP BY STEP 7.12 Publishing a Calendar 1. Select the calendar to be published from the Calendars pane. Information on the calendar appears in the Details pane. 2. Click the Click Here to Publish link. You can also click Publish from the Share menu. 3. The Publish Calendar dialog box shown in Figure 7.41 appears. Modify the calendar name if required and select a location to publish the calendar, such as a web page or shared folder location.

The Publish Calendar dialog box enables you to publish a calendar and select the details to be published.

FIGURE 7.41

4. Select the calendar details to be shown in the published calendar and if desired, select the check box to automatically publish changes. Then click Publish. 5. Windows Calendar copies your calendar to the specified location and informs you that it has finished its task. Click Finish. 6. After you have shared your calendar, the Details pane displays sharing information when no events are selected. Select the check boxes provided to publish changes automatically and include items such as notes, reminders, and tasks in the published changes.

444

Chapter 7: Configuring Applications Included with Windows Vista

You can also share a calendar by email. From the Share menu, select Send via E-mail. Windows Mail opens a New Message window with the selected calendar file attached. Type the recipient’s email address and add any relevant information in the body of the message, and then click Send. It is simple to subscribe to another user’s published calendar, as Step by Step 7.13 shows.

STEP BY STEP 7.13 Subscribing to a Published Calendar 1. In the Share menu, select Subscribe. The Subscribe to a Calendar dialog box appears. 2. Type the address of the shared calendar and then click Next. 3. In the Calendar Subscription Settings dialog box that appears, edit the calendar name if desired and select an update interval. Also select the Include Reminders and Include Tasks options if desired, and then click Finish.

After you have shared your calendar or subscribed to another user’s published calendar, you can synchronize changes to your calendars. In the Share menu, click Sync to synchronize the selected calendar or Sync All to synchronize all published and subscribed calendars. The Share menu item also enables you to stop publishing or unsubscribe from shared calendars. Select Share, Stop Publishing to stop publishing the selected calendar and click Unpublish. Also select the check box provided to delete your calendar from the server if desired. To stop subscribing to a published calendar, select it and click Delete from the menu bar (or press the Delete key). Click Yes to confirm your actions.

Configuring Windows Fax and Scan Objective:

Configure Windows Fax and Scan. Windows Fax and Scan simplifies the tasks of sending and receiving faxes, scanning images and documents, and sharing these items with others. You can perform all these tasks and manage these items from a single location. Windows Fax and Scan recognizes different user accounts on your computer and identifies the sender of faxes accordingly. The following are several key features of Windows Fax and Scan: . Single-click faxing and scanning—Enables you to fax or scan documents as easily as it is

to use email.

445

Configuring Windows Fax and Scan . Simplified routing of faxes and scanned documents—Enables you to create routing lists of

server shares and email addresses for receiving copies of faxed and scanned documents. . Drag-and-drop functionality—Simplifies the task of filing and sorting your faxes and

scanned documents. . Live preview capability—Enables you to see how documents will look prior to scanning

so that you can modify settings as required. Click Start, All Programs, Windows Fax and Scan to start this application. As you can see in Figure 7.42, Windows Fax and Scan shares many characteristics with Windows Mail. The Inbox, Outbox, and Sent Items folders function in the same way as the corresponding folders in Windows Mail. The Incoming folder holds information about faxes currently being received and the Drafts folder saves copies of faxes that you’re creating but haven’t yet sent.

Windows Fax and Scan shares many similarities with Windows Mail.

FIGURE 7.42

Fax Accounts When you first open Windows Fax and Scan, you need to create fax accounts for each person who will be using the application. Follow Step by Step 7.14 to set up fax accounts.

STEP BY STEP 7.14 Creating Fax Accounts 1. On the Tools menu, select Fax Accounts. 2. The Fax Accounts dialog box opens and reminds you that you need to have an account to send or receive a fax. Click Add.

446

Chapter 7: Configuring Applications Included with Windows Vista 3. The Fax Setup Wizard starts and displays the Choose a Fax Modem or Server page. Select one of the following choices: . Connect to a Fax Modem—Enables you to use a fax modem attached to your computer. Type a name that identifies the modem and then click Next. . Connect to a Fax Server on My Network—Type the network (UNC) address of the fax server and then click Next. 4. On the Choose How to Receive Faxes page, select one of the following options. If you receive a UAC prompt, click Continue. . Answer Automatically (Recommended)—Automatically answers incoming calls after five rings. . Notify Me—Displays a message when a call is received. . I’ll Choose Later; I Want to Create a Fax Now—Enables you to configure this option later. 5. If you receive a security alert from Windows Firewall, click Unblock, and then click Continue on the UAC prompt that appears. 6. The Fax Accounts dialog box displays the fax account you have just created. Click Close. 7. To specify default sender information such as name, company, address, phone and fax numbers, and so on that will be included on the cover page of any faxes you send, click Sender Information and type the relevant information in the text boxes provided. Click OK when done.

TIP Fax receive options You can modify fax receive options at any time from the Fax Settings dialog box. Click Tools, Fax Settings, and then click Continue on the UAC prompt that appears. The General tab enables you to select a device if you have more than one fax device. You can choose to manually answer an incoming call or specify the number of rings after which the call is automatically answered.

Sending and Receiving Faxes You can send simple faxes consisting of the cover page only or multi-page faxes that include the cover page plus pages from a document. To send a simple fax, follow the procedure outlined in Step by Step 7.15.

447

Configuring Windows Fax and Scan

STEP BY STEP 7.15 Sending a Fax 1. From the Windows Fax and Scan toolbar, click New Fax. Or click File, New, Fax. 2. Select a cover page from the following (or select None for no cover page): . Confident—Adds the word “Confidential” to the cover page . FYI—Adds the phrase “For Your Information” to the cover page . Generic—Does not add special text (for normal faxes) . Urgent—Adds the word “Urgent” in large, 52-point font to the cover page to inform the user that the fax requires immediate action 3. Type the recipient’s fax number in the To text box. To specify a dialing rule (such as adding “9” for an outside line), select it in the Dialing Rule list box. 4. Type the message to be included on the cover page in the field provided. 5. To include a document, click the Attach (paper clip) icon in the toolbar or choose File Attachment from the Insert menu. In the Insert Attachment dialog box, navigate to the required document and click Attach. You can also drag the document from a document window to the body of the fax to attach it. 6. To access additional options for sending the fax, select options from the Tools menu in the New Fax dialog box (not the Windows Fax and Scan dialog box). From the dialog box that appears, you can specify delivery receipts, fax priority, and fax scheduling. Click OK when finished. 7. Click Send to send the fax.

You can also send a fax document directly from many applications such as Microsoft Word. Windows Fax and Scan includes a fax printer driver that renders your document as a fax and sends it to your fax modem. After creating the document, select File, Print and then select Fax from the printer list in the application’s Print dialog box. This displays the New Fax dialog box, from which you can follow the steps outlined in Step by Step 7.15 to send the fax. When you receive a fax, Windows Fax and Scan alerts you by playing a sound and displaying a Review Fax Status message box as the fax comes in. When this message box disappears, the fax appears in your inbox, from which you can process it in much the same manner as you would do with an incoming email message. You can even reply to the fax sender or forward it to another fax number. In either of these cases, Windows Fax and Scan creates a new fax message, which you can send in the same manner as described in Step by Step 7.15.

448

Chapter 7: Configuring Applications Included with Windows Vista

Scanning Documents Windows Fax and Scan enables you to scan documents and images from scanners attached to your computer or located on the network. The Live Preview feature in Windows Fax and Scan shows you how the scanned document will appear on your computer before you perform the final scan so that you can modify settings if required. To scan a document, follow the procedure in Step by Step 7.16.

STEP BY STEP 7.16 Scanning a Document 1. Ensure that the scanner is connected and turned on, and then click New Scan from the Windows Fax and Scan toolbar (or select New, Scan from the File menu). 2. The New Scan dialog box appears. Click Preview to preview your document. 3. If you need to modify any settings, click the profile list in the New Scan dialog box and then click Documents. Modify the settings as required, and then click Preview again. 4. When you are satisfied with the preview, click Scan. When the scan is finished, Windows Fax and Scan displays the document and enables you to save it.

You can also scan and fax a document in a single step. From the File menu, choose New, Fax from Scanner. Follow the instructions of Step by Step 7.16 to scan the document and Step by Step 7.15 to fax it. The scanned document is automatically attached to the fax.

Configuring Windows Sidebar Objective:

Configure Windows Sidebar. Windows Sidebar is a pane that appears by default on the right side of your display and includes a variety of items known as gadgets. Included by default are an analog clock, a slide show, and a link for viewing news feeds. You can also display web-based information such as news updates, traffic or weather maps, and so on. You can download additional gadgets from an online gadget gallery to customize the sidebar view. Follow Step by Step 7.17 to configure Windows Sidebar properties.

449

Configuring Windows Sidebar

STEP BY STEP 7.17 Configuring Windows Sidebar Properties 1. If Windows Sidebar does not appear on your desktop, click Start, All Programs, Accessories, Windows Sidebar to open it. 2. Right-click an empty area in the sidebar and choose Properties. The Properties dialog box shown in Figure 7.43 appears.

You can configure several options that determine how Windows Sidebar appears from its Properties dialog box.

FIGURE 7.43

3. Select the appropriate options from this dialog box. If you want the Sidebar to always appear even when you have a large number of windows open, select the Sidebar Is Always on Top of Other Windows option. If you have multiple monitors, you can choose to display Sidebar on any monitor you want by selecting its number from the drop-down list. 4. To see which gadgets are currently running, click View List of Running Gadgets. The dialog box that appears shows which gadgets are running. Click Remove to remove unwanted gadgets from the sidebar.

Windows Sidebar Gadgets Windows Vista includes a default set of gadgets, of which only the three already mentioned appear by default. You can add additional gadgets by right-clicking an empty area of the Sidebar and choosing Add Gadgets. The dialog box shown in Figure 7.44 appears.

450

Chapter 7: Configuring Applications Included with Windows Vista

Windows Vista includes additional gadgets that enable you to customize the appearance of Windows Sidebar.

FIGURE 7.44

To add a gadget, right-click it and choose Add Gadget. To remove an added gadget, right-click it and choose Close Gadget, and then click Close Gadget in the message box that appears. You can also download additional gadgets. To do so, select the Get More Gadgets Online link. This opens Internet Explorer to a Microsoft web page that enables you to download additional gadgets from a large number of categories including fun and games, lifestyle, mail and contacts, news and feeds, safety and security, search tools, tools and utilities, and so on. Developers can even create their own gadgets and post them to the web page (check this on the link provided).

TIP Viewing additional gadgets If you have added more gadgets to the Sidebar than can be displayed at any one time, a right-pointing arrow appears at the top of the Sidebar. Click this arrow to view the hidden gadget or gadgets. Click the left-pointing arrow to return to the original set of gadgets.

Some gadgets have configurable properties. Right-click a gadget and choose Options. As shown in Figure 7.45, you can modify the behavior of a gadget using these options.

451

Configuring Windows Sidebar

You can modify the properties of some gadgets from their Options dialog box.

FIGURE 7.45

TIP Closing the Sidebar If you need to close the Sidebar to obtain additional viewing space, right-click a blank area within the Sidebar and choose Close Sidebar. This minimizes the Sidebar into an icon in the notification area. This is particularly useful if you have configured the Sidebar to always appear on top of other windows. To make the sidebar reappear, click this icon.

452

Chapter 7: Configuring Applications Included with Windows Vista

Summary In this chapter, you learned about some of the native applications included with most editions of Windows Vista. Windows Vista Home Premium and Ultimate include the Windows Media Center, which provides a one-stop, complete multimedia application that lets you watch and record TV, listen to digital music, play games, listen to FM and Internet radio stations, or access content from online media services. These two editions of Vista also include the Windows DVD Maker, which enables you to create DVDs containing videos, photos, and/or data. All editions of Vista include the Windows Media Player, which enables you to manage most types of digital media such as music and videos, the Windows Photo Gallery, which helps you manage your collection of digital photos, and the Windows Movie Maker, which enables you to create, import, manage, and edit digital videos. Windows Mail is the successor to Outlook Express and provides a complete package for sending, receiving, and keeping track of email messages. Windows Mail includes new security capabilities such as the ability to filter junk email (spam) messages, block phishing messages, and protect against viruses. You can configure Windows Mail to digitally sign and encrypt your outgoing messages. Windows Meeting Space enables you to conduct small meetings between users of networked computers. You can share handouts, applications, and your Windows desktop among meeting attendees, and attendees can edit handouts. Windows Calendar enables you to schedule and manage tasks and appointments. You can create multiple calendars and share calendars with others such as coworkers and family members. Windows Fax and Scan enables you to send and receive messages and documents from your computer through an attached fax modem. This application shares many of the characteristics of Windows Mail. You can scan documents and even fax scanned documents to other locations. Windows Sidebar is a pane that appears on your desktop and includes gadgets such as a clock, mini-slide show, and news feeds. You can modify the set of gadgets that are displayed and even download additional gadgets from the Internet.

Key Terms . Burn . Gadget . Handout . Rip

453

Apply Your Knowledge . Spam filter . Windows Calendar . Windows DVD Maker . Windows Fax and Scan . Windows Mail . Windows Media Center . Windows Media Player . Windows Meeting Place . Windows Movie Maker . Windows Photo Gallery . Windows Sidebar

Apply Your Knowledge Windows Meeting Space in Windows Vista enables you to conduct meetings in a location where several users can assemble together and connect their computers in a wired or wireless fashion. Here you run a meeting, perform a presentation, and share some handouts. You should have two or three computers running Windows Vista to perform these exercises. Each computer should be configured with a different username, and these users should be members of the Administrators group.

Exercises 7.1 Setting Up Windows Meeting Space This exercise prepares computers for using Windows Meeting Space. Perform this exercise on each of the computers. If you have already performed this exercise, you do not need to do it again. Estimated Time: 5 minutes per computer. 1. Click Start, All Programs, Windows Meeting Space. 2. In the Setup window that appears, click Yes, Continue Setting Up Windows Meeting Space, and then click Continue in the UAC prompt that appears. 3. In the Set Up People Near Me dialog box, confirm the username that appears or type the desired name. Ensure that the Allow Invitations From drop-down list reads Everyone, and then click OK. Windows Meeting Space starts.

454

Chapter 7: Configuring Applications Included with Windows Vista

7.2 Joining People Near Me This exercise logs you in to People Near Me so that others can find you in the meeting. Perform this exercise at each of the computers. Estimated Time: 5 minutes per computer. 1. Click Start, type people near me in the Search box, and press Enter. After a few seconds, the People Near Me dialog box appears. 2. If it is not displayed, type your username in the text box provided and select the Make My Picture Available check box. 3. Click the Sign in tab. Ensure that the Sign in to People Near Me radio button is selected. 4. Click OK.

7.3 Starting a Meeting and Sharing an Application In this exercise, you start a meeting in Windows Meeting Space, invite other users, and share an application with these users. This exercise assumes that your computer is running a program such as Microsoft Word. Perform this exercise from the first Windows Vista computer. Estimated Time: 10 minutes. 1. In Windows Meeting Space, click Start a New Meeting. 2. Type Sample Meeting as a meeting name and P@ssw0rd as a password. 3. Click Invite People. 4. You should see the names of the others who have signed in to People Near Me. Select these people and then click Send Invitations. 5. Back in the Windows Meeting Space window, click Share a Program or Your Desktop. 6. Windows Meeting Space asks you whether you want other people to see your desktop. Click OK to accept this prompt. 7. In the Start a Shared Session dialog box, select a program such as Microsoft Word. If the program does not appear on the list, click Browse for a File to Open and Share, and in the Open dialog box locate the desired program, and then click Open. 8. Leave the program open while the other users join the meeting.

455

Apply Your Knowledge

7.4 Joining a Meeting In this exercise, the other participant or participants join the meeting. Perform this exercise from the other computer or computers. Estimated Time: 5 minutes per computer. 1. The computer should display a message informing you that someone is inviting you to use Windows Meeting Space. Click Accept. 2. In Windows Meeting Space, type P@ssw0rd. 3. Note that Windows Meeting Space displays Microsoft Word (or other application) being shared from the first computer.

7.5 Demonstrating and Viewing Activities In this exercise, you present a demonstration on the program active on your computer and view the results on the other computer or computers. Perform the steps of this exercise from the computers indicated. Estimated Time: 5 minutes. 1. At the facilitator’s computer, open a document in the application in use. 2. Perform several actions on this document. 3. After each action, verify that the other computer or computers display the results of the action. 4. When you have done this two or three times, close the application. 5. Note that the application no longer appears on the other computer or computers.

7.6 Sharing a Handout In this exercise, you share a handout with the other meeting attendees. Perform this exercise from the facilitator’s computer. Estimated Time: 5 minutes. 1. In Windows Meeting Space, click Add a Handout. 2. Click OK to accept the message displayed, and then in the Select Files to Add dialog box, select a Word document or other file. If you do not have Microsoft Word, you can use a simple text file that is editable in Notepad. You should select a type of file that is editable by applications installed on all computers. 3. Click Open and note that the filename of the handout is displayed in the Handouts section of the Windows Meeting Space window.

456

Chapter 7: Configuring Applications Included with Windows Vista

7.7 Editing a Handout In this exercise, the other participant or participants edit the handout. Perform this exercise at the indicated computers. This exercise is most effective with two other computers, but you can use the facilitator’s computer as one of these computers if you have only two. Estimated Time: 10 minutes. 1. At the second computer, double-click the handout to open it in its associated application. 2. Make some changes to the handout and leave the application open. 3. At the third (or facilitator’s) computer, open the handout and make additional changes. Then save the changes and close the handout. 4. Return to the second computer and save the handout from this computer. 5. Return to the third computer and open the handout again. What changes can you see? Why? Make further changes, save the handout, and close it. ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ 6. Open the handout on the facilitator’s computer. Which changes have been saved? Why? ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ 7. Close the handout.

7.8 Ending the meeting In this exercise, you complete the meeting on all computers. Perform the steps at the indicated computers. Estimated Time: 5 minutes. 1. At the facilitator’s computer, click Meeting, Leave Meeting. 2. Click Yes to save the handouts, and then click OK to accept the folder shown in the Browse For Folder dialog box. 3. Click Copy and Replace to replace the original handout file with the edited version. 4. The meeting is closed and you are returned to the initial Windows Meeting Space window. Close this window. 5. At the other computer or computers, note that these users are informed that the meeting is completed. Close their Windows Meeting Space windows.

457

Apply Your Knowledge

Exam Questions 1. Shirley installs a TV tuner card in her Windows Vista Home Premium computer and configures Windows Media Center for watching TV programs and recording video to DVD. The next week, a blockbuster movie is playing at the same time as her favorite sitcom, so she decides to record the movie while watching the sitcom. However, after starting Windows Media Center to record the movie, she discovers that she is unable to receive the sitcom. What should Shirley do so that she can watch one show and record another one at the same time on her computer?

❍ A. Upgrade the operating system to Windows Vista Ultimate. ❍ B. Use Windows Media Player to record the movie on DVD. ❍ C. Use Windows Media Player to watch the sitcom. ❍ D. Install a second TV tuner card in her computer. 2. You are using Windows Media Player to watch a DVD movie on your Windows Vista Ultimate computer. Half an hour into the movie, the screen saver appears on your desktop, and you discover you must eject the DVD and start watching the movie from the beginning to clear the screen saver. What should you do to prevent this from happening again?

❍ A. Select More Options from the Library menu. On the Player tab of the Options dialog box, clear the Allow Screen Saver During Playback check box.

❍ B. Select More Options from the Library menu. On the Devices tab of the Options dialog box, select Display and click Properties. On the dialog box that appears, clear the Allow Screen Saver During Playback check box.

❍ C. Select More Options from the Library menu. On the Performance tab of the Options dialog box, clear the Allow Screen Saver During Playback check box.

❍ D. Right-click the movie in Windows Media Player and choose Properties. Then clear the Allow Screen Saver During Playback check box.

458

Chapter 7: Configuring Applications Included with Windows Vista 3. You have created an audio CD from a series of tracks belonging to three different performers in your Windows Media Player library on your Windows Vista Home Premium computer. When your wife inserts the CD in the CD-ROM drive of her computer, which runs Windows XP Home Edition, she notices that the audio tracks are arranged randomly without distinguishing between the performers. She asks you to prepare another audio CD with the tracks belonging to the various performers separated. What should you do to complete this action with the least effort?

❍ A. Create a new folder in Windows Explorer with subfolders for each of the performers. Drag the tracks to the appropriate subfolders and then burn the CD from this folder.

❍ B. On the Burn tab of the Options dialog box, select the Use Media Information to Arrange Files in Folders on the Disc option.

❍ C. On the Rip Music tab of the Options dialog box, select the Windows Media Audio option.

❍ D. Use Windows Media Center to burn the CD rather than Windows Media Player. 4. Jim has purchased a new digital camera and a laptop computer running Windows Vista Home Premium. After shooting several dozen photos, he downloads them to his computer and opens Windows Photo Gallery. He notices that many of his flash photos are either too dark or the subjects have red eyes. Some of his photos are also slightly unsharp. He would like to improve the images but has overspent his budget and cannot afford to purchase an image-editing program. He would also like to play a slide show of his photos so that members of his family can view the photos he has taken. Which of the following actions can he perform in Windows Photo Gallery without purchasing another program? Choose all that apply.

❍ A. Take the red out of his subjects’ red eyes ❍ B. Lighten the dark photos ❍ C. Sharpen his photos ❍ D. Play a slide show of his photos

459

Apply Your Knowledge 5. Karen has upgraded her office computer from Windows XP Professional to Windows Vista Ultimate and has configured her email account in Windows Mail. A few days later, she receives a phone call from an important client asking her why she has not replied to several urgent email messages the client has sent, and she tells the client she has not yet received any messages. So the client re-sends the email messages; however, Karen still has not received the messages when she comes to work the next morning. Karen notices that Windows Mail has a Junk E-mail folder, so she checks this folder and finds that all the client’s messages are in this folder. What should she do so that the client’s messages appear in the Inbox instead?

❍ A. In the Options tab of the Junk E-Mail Options dialog box, select the No Automatic Filtering option.

❍ B. In the Phishing tab of the Junk E-Mail Options dialog box, clear the Move Phishing E-Mail to the Junk Mail Folder option.

❍ C. Add the email address of the client to the Safe Senders list in the Junk E-Mail Options dialog box.

❍ D. On the Security tab of the Options dialog box, clear the Block Images and Other External Content in HTML E-Mail option. 6. You are a consultant who works from home using a computer that runs Windows Vista Ultimate. Because you work with sensitive information that you must send back and forth to several clients, you have obtained a digital ID and supplied copies of this ID to these clients. At the same time, you use your computer to correspond with friends and family. What should you do to protect communications with your clients while using the least administrative effort and not disrupting communications with friends and family?

❍ A. On the Security tab of the Options dialog box, select the Digitally Sign All Outgoing Messages option.

❍ B. On the Security tab of the Options dialog box, select the Encrypt Contents and Attachments for All Outgoing Messages option.

❍ C. While composing an email message to a client, select Digitally Sign from the Tools menu of the New Message dialog box.

❍ D. While composing an email message to a client, select Encrypt from the Tools menu of the New Message dialog box.

460

Chapter 7: Configuring Applications Included with Windows Vista 7. You are a desktop administrator for your company. A supervisor named Norman is using Windows Meeting Space to conduct a group meeting in a company boardroom, which is equipped with a Wi-Fi hotspot. Seven employees are using computers running Windows Vista Business, and two other employees are using computers running Windows XP Professional. The two using Windows XP computers report that they are unable to access the meeting handouts Norman has distributed. What should you do to enable these employees to participate properly in the meeting?

❍ A. Upgrade the Windows XP computers to Windows Vista Home Premium. ❍ B. Upgrade the Windows XP computers to Windows Vista Business. ❍ C. Upgrade Norman’s computer to Windows Vista Ultimate. ❍ D. Ensure that the Wi-Fi hotspot is broadcasting its SSID. ❍

E. Ask Norman to print the handouts because it is not possible to distribute them in this manner.

8. You are the manager of a work section that consists of 20 employees. You are using a Windows Vista Business computer and have set up Windows Calendar to keep track of business and family appointments. Employees in your work section must know when you are available for consultation, but you want to ensure that employees are not able to see your personal schedule. What should you do?

❍ A. Publish your calendar to a shared folder so that your employees can subscribe to this calendar.

❍ B. Create two calendars named Business and Personal in Windows Calendar and publish the Business calendar to a shared folder so that your employees can subscribe to this calendar.

❍ C. Create two calendars named Business and Personal in Windows Calendar and email the Business calendar to the employees on a daily basis.

❍ D. Delete the personal appointments from your calendar. Then publish the calendar to a shared folder so that your employees can subscribe to the calendar and ensure that the Automatically Publish Changes check box is cleared. After you have published the calendar, add the personal appointments back to the calendar.

461

Apply Your Knowledge 9. Brian has created a document in Microsoft Word that he needs to send by fax to several recipients. The document contains several formatting styles, graphs, and illustrations. His computer runs Windows Vista Home Premium and has an attached fax modem. Which of the following actions should he perform? (Each correct answer is a complete solution. Choose three answers.)

❍ A. Open the New Fax window in Windows Fax and type initial comments. Then attach the Word document and send the fax.

❍ B. In Microsoft Word, select File, Copy. Open the New Fax window in Windows Fax and type initial comments. Then select File, Paste, and send the fax.

❍ C. Open Windows Explorer to the folder containing the document to be faxed. Then drag the document to the New Fax window in Windows Fax and Scan, type initial comments, and send the fax.

❍ D. From Microsoft Word, select File, Print, and then select Fax from the Printers list and click Print. Type initial comments in Windows Fax and Scan and send the fax. 10. You are using a Windows Vista Ultimate computer with two monitors installed. You have added a series of gadgets to Windows Sidebar, including one downloaded from an external website. Now the default gadgets no longer appear on Windows Sidebar. How can you view the default gadgets while retaining all the gadgets you have added?

❍ A. Click the arrow at the top of the Sidebar. ❍ B. Right-click a different gadget and choose Move. Then move the gadget elsewhere on the desktop.

❍ C. Right-click a blank area of the Sidebar and choose Properties. Click the View List of Running Gadgets button, select the gadget you downloaded from an external website, and then select Remove.

❍ D. Right-click a blank area of the Sidebar and choose Properties. Change the Display Sidebar on Monitor setting to view the Sidebar on the second monitor.

Answers to Exercises 7.7 Editing a Handout 5. The changes that were made at the second computer have been saved, and those that

were originally made at this computer have been lost. This happened because more than one user cannot edit the handout at the same time. If they do, only the changes made by the last user to save them are retained. 6. Both the changes that were made at the second computer and the second (but not the

first) set of changes made at the third computer have been saved. This happened because the latest edit was done after the changes made from the second computer were saved to all computers.

462

Chapter 7: Configuring Applications Included with Windows Vista

Answers to Exam Questions 1. D. Shirley should install a second TV tuner card in her computer. Windows Media Center enables her to watch and record TV shows on her computer, but she cannot do both at the same time without a second TV tuner card. The second TV tuner card would also enable her to record two TV shows at the same time, assuming she is not trying to watch anything at that time. Windows Vista Home Premium contains all the features of Windows Media Center, so Shirley does not need to upgrade to Windows Vista Ultimate. Therefore answer A is incorrect. Shirley cannot circumvent this problem by either watching or recording a show with Windows Media Player, so answers B and C are incorrect. For more information, see the section, “Windows Media Center.” 2. A. By clearing the Allow Screen Saver During Playback check box, you can prevent the screen saver from appearing while you are watching a DVD movie in Windows Media Player. To access this check box, you need to open the Options dialog box to the Player tab. Note that besides the Library menu, you can also access this dialog box by pressing Alt, which displays a small menu from which you can access Options from the Tools submenu. Neither the Devices nor Performance tab of this dialog box contains the Allow Screen Saver During Playback check box, so answers B and C are incorrect. The right-click menu for an item in the Library view does not contain a Properties option, so answer D is incorrect. For more information, see the section, “Windows Media Player Configuration Options.” 3. B. You should select the Use Media Information to Arrange Files in Folders on the Disc option, which is found on the Burn tab of the Options dialog box. You could create folders in Windows Explorer for each performer and copy the tracks to the respective folder, but this would take more effort, so answer A is incorrect. The Rip Music tab pertains to copying music from audio CDs to the computer and not to creating audio CDs, so answer C is incorrect. You can burn audio CDs from Windows Media Center, but the tracks would not be arranged according to performer, so answer D is incorrect. For more information, see the section, “Windows Media Player Configuration Options.” 4. A, B, D. Windows Photo Gallery enables Jim to remove the red eye, lighten the dark photos, and play a slide show of his photos, among other actions that he can perform on them. Windows Photo Gallery does not enable Jim to sharpen his photos, so answer C is incorrect. For more information, see the section, “Editing Images in Windows Photo Gallery.” 5. C. Karen should put the email address of the client into the Safe Senders list in the Junk E-Mail Options dialog box. By doing so, all messages from the client are routed to her Inbox without first being checked for characteristics common to junk email (spam). If she were to select the No Automatic Filtering option on the Options tab of the Junk E-Mail Options dialog box, she would receive messages from the client in her Inbox, but she could also receive junk email messages containing undesirable content, so answer A is incorrect. If she were to clear the Move Phishing EMail to the Junk Mail Folder option, she could receive messages that attempt to hijack personal information in her Inbox. At the same time, messages from her client could still go to the Junk Email folder, so answer B is incorrect. If she were to clear the Block Images and Other External Content in HTML E-mail option, messages from her client could still go to the Junk E-mail folder, so answer D is incorrect. For more information, see the section, “Configuring Mail Security.” 6. D. You should select Encrypt from the Tools menu of the New Message dialog box when you are composing each message to a client. This option uses your digital ID to encrypt the message and any

463

Apply Your Knowledge attachments included with the message. The option to digitally sign a message confirms to a recipient that you were the person who actually sent the message. However, it does not protect the message from being viewed or altered during transit; therefore, answers A and C are incorrect. If you were to select the Encrypt Contents and Attachments for All Outgoing Messages option, all outgoing email messages including those to your friends and family would be encrypted. These individuals would be unable to read your messages without having a copy of your digital ID, so answer B is incorrect. For more information, see the section, “Configuring Mail Security.” 7. B. You need to upgrade the Windows XP computers to Windows Vista Business. Windows Meeting Space is a new feature of Windows Vista and is available in all editions. Because it is not included and cannot be installed in Windows XP, the users of these computers cannot access the meeting until their computers are upgraded to Windows Vista Business or Ultimate. It is not possible to upgrade a Windows XP Professional computer to Windows Vista Home Premium, so answer A is incorrect. Norman’s computer is fully capable of hosting a meeting using Windows Vista Business, so you do not need to upgrade it to Windows Vista Ultimate; therefore, answer C is incorrect. Access to the Wi-Fi hotspot is not a concern in this scenario, so answer D is incorrect. Windows Meeting Space enables Norman to distribute handouts to other meeting participants without the need for printing them, so answer E is incorrect. For more information, see the section, “Sharing Information.” 8. B. You should create two calendars named Business and Personal in Windows Calendar and publish the Business calendar to a shared folder so that your employees can subscribe to this calendar. Windows Calendar includes the capability of creating more than one calendar so that you can keep appointments of different types separate but still view them together. If you publish your calendar to a shared folder without creating separate calendars, your employees will be able to view your personal appointments, so answer A is incorrect. Because Windows Calendar enables you to share and publish calendars, you do not need to email the Business calendar to your employees, so answer C is incorrect. You could delete the personal appointments, publish the calendar, and then reinsert the personal appointments with the Automatically Publish Changes option cleared; however this would take far more effort than needed and you would need to repeat this action each time you had to reshare the calendar, so answer D is incorrect. For more information, see the section, “Configuring Windows Calendar.” 9. A, C, D. Brian can drag the Word document to the New Fax window. He can also insert it as an attachment or print it to the fax from Microsoft Word. If he copies the document and tries to paste it into the New Fax window, he might lose some of the formatting. Furthermore, the Copy and Paste commands are found in the Edit menu and not the File menu. Therefore, answer B is incorrect. For more information, see the section, “Configuring Windows Fax and Scan.” 10. A. You should click the arrow at the top of the Sidebar. This arrow appears when you have installed more gadgets than will fit on the Sidebar. Right-clicking a gadget and choosing Move enables you to move the gadget elsewhere on the sidebar but not elsewhere on the desktop, so answer B is incorrect. Removing gadgets might make the default gadgets appear, but you will no longer have the gadgets you have added visible, so answer C is incorrect. Moving the Sidebar to a second monitor does not change the viewable area of the Sidebar unless this monitor is capable of higher resolution. This does not necessarily enable you to view the default gadgets, so answer D is incorrect. For more information, see the section, “Windows Sidebar Gadgets.”

464

Chapter 7: Configuring Applications Included with Windows Vista

Suggested Readings and Resources The following are some recommended readings on the subject of configuring applications included with Windows Vista: 1. Course . Microsoft Official Curriculum course 5116, Configuring Windows Vista

Application and Tools. Module 2, Configuring Windows Vista Media Applications; and Module 3, Configuring Windows Vista Productivity Applications. Information available at http://www.microsoft.com/learning/syllabi/en-us/5116aprelim.mspx. 2. Websites . Microsoft. Windows Media Center. http://www.microsoft.com/windows/products/

windowsvista/features/details/mediacenter.mspx . Microsoft. Security and Windows Media Player 11 http://www.microsoft.com/

windows/windowsmedia/player/11/security.aspx . Microsoft TechNet. Windows Mail and Resulting Internet Communication in Windows

Vista. http://technet2.microsoft.com/WindowsVista/en/library/3682f7a1-e91949c8-bdd1-715b56995cba1033.mspx . Microsoft TechNet. Windows Vista Windows Meeting Space Step by Step Guide.

http://technet.microsoft.com/en-us/windowsvista/aa905127.aspx

8

CHAPTER EIGHT

Maintaining and Optimizing Systems That Run Windows Vista Objectives This chapter helps you to prepare for the exam by covering the following Microsoft-specified objectives for the Maintaining and Optimizing Systems That Run Windows Vista section of the TS: Microsoft Windows Vista, Configuring exam:

Troubleshoot performance issues. . The performance of a computer is dependent on several factors, any of which can cause a slowdown. Microsoft includes this objective to measure your understanding of the factors that affect a computer’s performance over time and how they interact with one another. You also need to know how to optimize the computer’s performance and troubleshoot problems and bottlenecks that can occur from time to time.

Troubleshoot reliability issues by using built-in diagnostic tools. . Windows Vista provides the System Configuration tool, Task Manager, and Event Viewer for diagnosing and troubleshooting problems that you might encounter. You should know what each of these tools can accomplish and when to utilize them.

Configure Windows Update. . The Microsoft Windows Update website enables you to keep your computer up-to-date with the latest security patches and productivity enhancements. Know how to configure the options available that govern how Windows Update functions on your computer and across a network.

Configure data protection. . Data protection is an important concern that Microsoft expects you to understand. Know how to back up and restore files and folders or your entire computer. Also know when and how to encrypt your data.

Outline Introduction

468

Troubleshooting Performance Issues

468

Reliability and Performance Monitor Resource Overview

Configuring Windows Update

501

Working with Windows Update

502

468

Using a WSUS Server with Windows Vista

504

469

Windows Update Group Policies

504

Performance Monitor

470

Reliability Monitor

473

Data Collector Sets

475

Optimizing and Troubleshooting Memory Performance

Using Windows Backup to Protect Your Data

508

479

Optimizing and Troubleshooting Processor Utilization

Using Windows Backup to Recover Data

511

481

Optimizing and Troubleshooting Disk Performance

Using Windows Backup to Restore Your Computer

512

482

The Backup Status and Configuration Utility

Command-Line Utilities

485

New Vista Technologies for Enhancing System Performance 486

Configuring Data Protection

Data Security

507

514 515

Encrypting File System

516 516

Windows SuperFetch

486

Encrypting File System Basics

Windows ReadyBoost

486

Preparing a Disk for EFS

518

488

Encrypting Files

519

Decrypting Files

520

Windows ReadyDrive Troubleshooting Reliability Issues by Using Built-in Diagnostic Tools System Configuration Utility General Tab Boot Tab

BitLocker Drive Encryption 489 489

Preparing Your Computer to Use BitLocker

521

490

Enabling BitLocker

523

490

Disabling BitLocker

526

Services Tab

491

Startup Tab

492

Tools Tab

492

Task Manager Configuring Application Priority

492 494

Configuring the Relative Priority of Foreground and Background Tasks 495 Configuring Multiprocessor Computers Event Viewer

521

496 496

Viewing Logs in Event Viewer

497

Customizing Event Viewer

499

Creating Tasks from Events

500

Summary

527

Key Terms

528

Apply Your Knowledge

528

Exercises

529

Exam Questions

530

Answers to Exam Questions

536

Suggested Readings and Resources

539

Study Strategies Windows Vista introduces new performance monitoring and optimization features and provides an updated Backup and Restore Center to handle data backups. Vista also introduces a new BitLocker system volume encryption feature. You should practice the skills involved in the Step by Step and Apply Your Knowledge exercises until you are familiar with the features discussed in this chapter. . Monitor the performance of a Windows Vista computer as you perform various tasks such as running memory-intensive programs, copying and moving data, browsing the Internet, and so on. Create a baseline log that you can use later for comparing your computer’s performance at different times. If you have access to the Windows 2000 Professional Resource Kit, use the Leakyapp.exe and Cpustress.exe programs to create artificial memory and processor loads on your computer and observe the effects. . Configure several alerts and leave them running while you are working with your computer so that you become familiar with their actions. Play a few processor-intensive or memory-intensive games to trigger the alerts if you desire. . Experiment with ReadyBoost, SuperFetch, and ReadyDrive so that you understand the capabilities of each of these tools, their differences, and the situations in which you should employ them. . Try out various startup options in the System Configuration Utility and observe the results. . If you have a computer that can utilize BitLocker, enable this feature. Then try to access your data from another operating system and observe the results.

468

Chapter 8: Maintaining and Optimizing Systems That Run Windows Vista

Introduction When you set up a brand new Windows Vista computer with a baseline set of applications, you will generally find that it performs very capably. As you install additional applications, store data, and work with the computer, its performance can slow down. Factors that affect a computer’s performance include memory, processor, disks, and applications. Windows Vista provides tools such as the Performance Console, Reliability Monitor, and Task Manager to monitor and troubleshoot computer performance. This chapter looks at monitoring the computer’s performance with these tools and keeping it working at a level close to that observed when you first set it up. Microsoft is continually releasing new updates for its operating systems, mainly as vulnerabilities are discovered. This chapter looks at the configuration and use of the Windows Update feature including the use of a server running Microsoft Windows Server Update Services (WSUS) for updating computers on a network. In this day and age of highly mobile workforces and risk for data theft and its often dire consequences, protection of data is of utmost importance. This chapter looks at new protection technologies introduced by Microsoft including the BitLocker drive encryption tool. Another technique that is vital for protection of data is the backup. If you do not have backup copies of data stored on a computer, valuable data can be lost forever. Windows Vista provides a Backup tool that you can use to create backup copies of data on a variety of media including disk, CDROM, DVD, and shared network drives.

Troubleshooting Performance Issues Objective:

Troubleshoot performance issues. Windows Vista includes several tools that are used for monitoring, optimizing, and troubleshooting performance. These include the revamped Reliability and Performance Monitor and the new optimization tools introduced with Vista.

Reliability and Performance Monitor The Windows Vista Reliability and Performance Monitor console replaces and updates the Performance Console tool found in Windows 2000 and XP. As shown in Figure 8.1, it includes the following monitoring tools: . Performance Monitor—Provides a real-time graph of computer performance, either in

the current time or as logged historical data.

469

Troubleshooting Performance Issues . Reliability Monitor—Performs an overall reliability analysis of computer stability over

time. . Data Collector Sets—Known as Performance Logs and Alerts in Windows 2000/XP, this

component records computer performance information into log files. Data collectors are grouped into groups that you can use for monitoring performance under different conditions. . Reports—Included as the Report function of the System Monitor console in Windows

2000/XP, this component creates performance report data.

FIGURE 8.1 The Reliability and Performance Monitor console includes several tools for monitoring and logging your computer’s performance.

This section introduces the Resource Overview pane that appears as part of the Reliability and Performance Monitor console before describing each of the monitoring tools in more detail.

Resource Overview When you first start the Reliability and Performance Monitor, it displays the Resource Overview panel previously shown in Figure 8.1. This overview provides a summary of CPU, disk, network, and memory performance statistics including mini-graphs of recent performance of these four components. Click the downward-pointing arrow to display additional information about a component similar to that shown for CPU in Figure 8.2.

470

Chapter 8: Maintaining and Optimizing Systems That Run Windows Vista

FIGURE 8.2 You can expand each component in Resource Overview to obtain a summary of its performance information.

For each of the four components, the information provided includes the application whose resource usage is being monitored (known as the image) and the process identifier number (PID) of the application instance. The following additional information is provided for each of the four components: . CPU—A brief description of the monitored application, the number of threads per

application, the CPU cycles currently used by each application instance, and the average CPU resulting from each instance as a percentage of total CPU usage. . Disk—The file being read or written by each application instance, the current read and

write speeds in bytes/minute, and the total disk input/output (I/O) in bytes/minute. . Network—The IP address of the network component with which the computer is

exchanging data, the amount of data (bandwidth) in Kbps (sent, received, and total) by each instance. . Memory—Current hard faults per second and memory usage information in kilobytes

for committed, working set, sharable, and private memory components.

Performance Monitor Performance Monitor, which is shown in Figure 8.3, provides a real-time graph of computer performance and enables you to perform tasks such as the following: . Identify performance problems such as bottlenecks . Monitor resource usage

471

Troubleshooting Performance Issues . Track trends over time . Measure the effects of changes in system configuration . Generate alerts when unusual conditions occur

FIGURE 8.3 Performance Monitor displays a realtime graph of activity for selected objects and counters.

Before you learn more about the Performance Monitor tool, you need to be familiar with the following terms, which are used in a specific manner when referring to performance metrics: . Object—A specific hardware or software component that the Performance Console is

capable of monitoring. It can be any component that possesses a series of measurable properties. Windows Vista comes with a defined set of objects; applications such as Internet Information Services (IIS) installed on Windows Vista might add more objects to the available set. . Counter—One of a series of statistical measurements associated with each object. . Instance—Refers to multiple occurrences of a given object. For example, if your com-

puter has two hard disks, two instances of the PhysicalDisk object will be present. These instances are numbered sequentially, starting with 0 for the first occurrence. An instance labeled “_Total” is also present, yielding the sum of performance data for each counter. Note that not all objects have multiple instances.

472

Chapter 8: Maintaining and Optimizing Systems That Run Windows Vista

Information on objects and counters is displayed in the following format: Object (_instance)\Counter. For example, Processor (_0)\%Processor Time measures the %Processor time on the first processor. The instance does not appear if only a single instance is present. Performance Monitor enables you to obtain a real-time graph of computer performance statistics. Step by Step 8.1 shows you how.

STEP BY STEP 8.1 Configuring Performance Monitor 1. Click Start and type performance in the Start Search text box. You can also start the Reliability and Performance console from the Computer Management console, accessed by right-clicking Computer and choosing Manage. 2. Click Continue on the User Account Control (UAC) prompt. 3. In the Reliability and Performance console, click Performance Monitor. As previously shown in Figure 8.3, Performance Monitor displays the Processor\%Processor Time counter. 4. To add objects and counters, click the “+” icon on the toolbar. 5. In the Add Counters dialog box that appears (see Figure 8.4), ensure that the Select Counters from Computer drop-down list reads for monitoring the local computer performance. Then select the desired object and instance from the lists directly below the Select Counters list. 6. Expand the desired object to display a list of available counters from which you can select one or more counters, as shown in Figure 8.5. To add counters to the graph, select the counter and click Add. 7. Repeat steps 5 and 6 to add more counters. You learn about suitable counters in the following sections. 8. When you are finished, click OK.

FIGURE 8.4 You can select from a large number of objects from the Performance Object drop-down list in the Add Counters dialog box.

473

Troubleshooting Performance Issues

FIGURE 8.5

Expanding a performance object enables you to select from the available counters for that object.

TIP You can highlight individual counters in System Monitor To highlight an individual counter in the System Monitor display, select it from the list at the bottom of the details pane and click the highlight icon (looks like a highlighter pen) in the taskbar. You can also press the Backspace key to highlight the counter. The highlighted counter appears in a heavy line. You can use the up or down arrow keys to toggle through the list of counters and highlight each one in turn. This feature helps you to find the desired counter from a graph that includes a large number of counters.

Reliability Monitor Reliability Monitor is a new component in Windows Vista that utilizes the built-in Reliability Analysis Component (RAC) to provide a trend analysis of your computer’s system stability over time. As shown in Figure 8.6, Reliability Monitor provides the System Stability Chart, which correlates the trend of your computer’s stability against events that might destabilize the computer. Events tracked include Windows updates; software installations and removals; device driver installations, updates, rollbacks, and removals, as well as driver failure to load or unload; application hangs and crashes; disk and memory failures; and Windows failures such as boot failures, crashes, and sleep failures. This chart enables you to track a reliability change directly to a given event.

474

Chapter 8: Maintaining and Optimizing Systems That Run Windows Vista

FIGURE 8.6 The System Stability Chart provides a trend indication of your computer’s stability.

NOTE Reliability Monitor limitations To display data in the System Stability Chart, you must run your computer for at least 24 hours after the first installation of Windows Vista. For the first 28 days, Reliability Monitor uses a dotted line on the Stability Chart graph, indicating that the data is insufficient to establish a valid baseline for this index.

Follow Step by Step 8.2 to use Reliability Monitor.

STEP BY STEP 8.2 Using Reliability Monitor 1. Ensure that you are logged on as an administrator or have administrator credentials available. 2. Click Start and type performance in the Start Search text box. You can also start the Reliability and Performance console from the Computer Management console, accessed by right-clicking Computer and choosing Manage. 3. Click Continue on the UAC prompt. The Reliability and Performance Monitor console opens. 4. In the console tree, click Reliability Monitor to display this snap-in.

475

Troubleshooting Performance Issues 5. As shown previously in Figure 8.6, events that cause the performance index to drop are marked in one of the event rows. Click a date containing one of these marks and then expand the appropriate section to obtain more information for the following categories: . Software (Un)installs—Installation or removal of programs including Windows updates and drivers, plus system actions such as generic volume shadow copies. Information provided includes the name of the software program, Windows update name, or driver name; its version; the activity (install or uninstall); its success or failure; and the date the event took place. . Application Failures—Software programs that hang or crash. Information provided includes the name of the program, its version number, the type of failure, and the date. . Hardware Failures—Failures of components such as disks or memory. Information provided includes the device that failed, the failure type, and the date. . Windows Failures—Problems such as operating system crashes, boot failures, and sleep failures. Information provided includes the type of failure, the operating system and service pack version, the Stop code or detected problem, and the failure date. . Miscellaneous Failures—Other types of failures such as improper shutdowns. Information includes the failure type, details, and date.

Data Collector Sets A data collector set is a set of performance objects and counters that enables you to log computer performance over time while you are performing other tasks. Such logging is important because changes in computer performance often occur only after an extended period of time. Best practices state that you should create a performance baseline, which is a log of computer performance that you can save for comparing with future performance and tracking any changes that might have occurred over time. In this way you can identify potential bottlenecks in computer performance and take any required corrective measures. You can also monitor the effectiveness of any changes you make to a computer’s configuration. The Data Collector Sets feature was known as Performance Logs and Alerts in previous Windows versions. Creating Data Collector Sets Data collector sets are binary files that save performance statistics for later viewing and analysis in the Performance Monitor snap-in; you might also export them to spreadsheet or database programs for later analysis. Vista creates a series of data collector sets by default. The default data collector sets enable you to log default sets of performance counters for various purposes, including system diagnostics, LAN diagnostics, system performance, wireless diagnostics, event trace sessions, and startup event trace sessions. To view these sets, expand the branches under the Data Collector Sets node of the Reliability and Performance Monitor. Right-click any available data collector set and choose Properties to view information on the selected data collector set.

476

Chapter 8: Maintaining and Optimizing Systems That Run Windows Vista

You might also create your own user-defined data collector set. Follow Step by Step 8.3 to create a data collector set.

STEP BY STEP 8.3 Creating a Data Collector Set 1. In the console tree of the Reliability and Performance Monitor snap-in, select and expand Data Collector Sets. 2. Select User Defined. 3. To create a new data collector set, right-click a blank area of the details pane and select New, Data Collector Set. The Create New Data Collector Set Wizard starts. 4. In the New Log Settings dialog box, provide a name for the new log. Select either Create from a Template (Recommended) or Create Manually (Advanced) and then click Next. If you select the Create Manually (Advanced) option, refer to Step by Step 8.4 for the remainder of this procedure. 5. If you select the Create from a Template option, you receive the dialog box shown in Figure 8.7, which enables you to use one of the following templates: . Basic—Enables you to use performance counters to create a basic data collector set, which you can edit later if necessary. . System Diagnostics—Enables you to create a report that contains details of local hardware resources, system response times, and local computer processes. System information and configuration data are also included. . System Performance—Enables you to create a report that provides details on local hardware resources, system response times, and local computer processes.

FIGURE 8.7 The Create New Data Collector Set Wizard enables you to use several different templates.

477

Troubleshooting Performance Issues 6. Select the desired template and click Browse to locate a template file (XML format) if one exists. Then click Next. 7. Select a location to which you would like the data to be saved (or accept the default location provided), and then click Next. 8. You receive the Create the Data Collector Set page shown in Figure 8.8. To run the set as a different user, click Change and select the desired user. To start logging now or configure additional properties, select the option provided. Then click Finish.

The Create the Data Collector Set page enables you to run the set as another user or open the properties of the data collector set. FIGURE 8.8

To create a custom data collector set, use the Create Manually (Advanced) option in step 4 of Step by Step 8.3, and then follow Step by Step 8.4 to complete the procedure.

STEP BY STEP 8.4 Creating a Manually Configured Data Collector Set 1. After selecting the Create Manually (Advanced) option and clicking Next, you receive the screen shown in Figure 8.9, which enables you to specify the following options: . Performance Counter—Enables you to select performance objects and counters to be logged over time. Click Next to specify the performance counters to be logged and the desired sampling interval. . Event Trace Data—Enables you to create trace logs, which are similar to counter logs, but they log data only when a specific activity takes place. Counter logs track data continuously for a specified interval. . System Configuration Information—Enables you to track changes in Registry keys. Click Next to specify the desired keys.

478

Chapter 8: Maintaining and Optimizing Systems That Run Windows Vista . Performance Counter Alert—Enables you to display an alert when a selected counter exceeds or drops beneath a specified value. Click Next to specify the counters you would like to alert and the limiting value (see Figure 8.10 for an example).

FIGURE 8.9 You can create several types of logs or alerts from the Create Manually option in the Create New Data Collector Set Wizard.

You can create an alert that informs you when the Processor\% Processor Time value exceeds 80%.

FIGURE 8.10

2. After clicking Next, you receive the same dialog box shown previously in Figure 8.8. Make any changes needed, and then click Finish.

Using Performance Monitor to Create a Data Collector Set Perhaps the simplest method to create a data collector set is to use a set of counters you have already configured in Performance Monitor. Step by Step 8.5 shows you how.

479

Troubleshooting Performance Issues

STEP BY STEP 8.5 Creating a Data Collector Set from Performance Monitor 1. After using Step by Step 8.1 to create a performance graph, right-click Performance Monitor in the console tree and select New, Data Collector Set. The Create New Data Collector Set Wizard starts, as previously described in Step by Step 8.3. 2. Provide a name for the data collector set, and then click Next. 3. Accept the location to which the data is to be saved, or type or browse to the location of your choice and click Next. 4. In the Create the Data Collector Set page, select any required options, and then click Finish.

The data collector set is created and placed in the User Defined section. If you select the option to start the data collector set now, logging begins immediately and continues until you right-click the data collector set and choose Stop.

Optimizing and Troubleshooting Memory Performance The Memory object includes counters that monitor the computer’s physical and virtual memory. Table 8.1 discusses the most important counters for this object. TABLE 8.1

Important Counters for the Memory Object

Counter

What It Measures

Interpretation and Remedial Tips

Pages/sec

The rate at which data is read to or written from the paging file

A value of 20 or more indicates a shortage of RAM and a possible memory bottleneck. To view the effect of paging file performance on the system, watch this counter together with LogicalDisk\% Disk Time. Add RAM to clear the problem.

Available Bytes

The amount of physical memory available

A value consistently below 4MB indicates a shortage of available memory. This might be due to memory leaks in one or more applications. Check your programs for memory leaks. You might need to add more RAM.

Committed Bytes

The amount of virtual memory that has been committed to either physical RAM or running processes

Committed memory is in use and not available to other processes. If the amount of committed bytes exceeds the amount of RAM on the computer, you might need to add RAM. (continues)

480

Chapter 8: Maintaining and Optimizing Systems That Run Windows Vista

TABLE 8.1 Continued Counter

What It Measures

Interpretation and Remedial Tips

Pool Nonpaged Bytes

The amount of RAM in the nonpaged pool system memory (an area holding objects that cannot be written to disk)

If this value exhibits a steady increase without a corresponding increase in computer activity, check for an application with a memory leak.

Page Faults/sec

The number of data pages that must be read from or written to the page file per second

A high value indicates a lot of paging activity. Add RAM to alleviate this problem.

In addition to these counters, the Paging File\% Usage counter is of use when troubleshooting memory problems. This counter measures the percentage of the paging file currently in use. If it approaches 100%, you should either increase the size of the paging file or add more RAM. Lack of adequate memory might also have an impact on the performance of other subsystems in the computer. In particular, a large amount of paging, or reading/writing data from/to the paging file on the hard disk results in increased activity in both the processor and disk subsystems. You should monitor counters in these subsystems at the same time if you suspect memory-related performance problems. You learn more about monitoring counters later in the section “Optimizing and Troubleshooting Processor Utilization.” The paging file is an area on the hard disk that is used as an additional memory location for programs and data that cannot fit into RAM (in other words, virtual memory). By default, the paging file is located at %systemdrive%\pagefile.sys and has a default initial size of the amount of RAM in the computer plus 300MB and a default maximum size of three times the amount of RAM in the computer. To improve performance on a computer equipped with more than one physical hard disk, you should locate the paging file on a different hard disk than that occupied by the operating system. You can also increase the size of the paging file or configure multiple paging files on different hard disks. Any of these configurations help to optimize performance by spreading out the activity of reading/writing data from/to the paging files. Note that you should retain a paging file on the system/boot drive to create a memory dump in case of a crash. This memory dump is useful for debugging purposes. Follow Step by Step 8.6 to modify the configuration of the paging file.

STEP BY STEP 8.6 Configuring the Paging File 1. Right-click Computer, choose Properties, and then select Advanced System Settings from the Tasks list in the System applet. Click Continue in the UAC prompt that appears.

481

Troubleshooting Performance Issues 2. On the Advanced tab of the System Properties dialog box, select Settings under Performance. 3. Select the Advanced tab of the Performance Options dialog box. 4. In the Virtual memory section of this tab, click Change. 5. As shown in Figure 8.11, the Virtual Memory dialog box displays the disk partitions available on the computer and the size of the paging file on each. To add a paging file to a drive, first clear the Automatically Manage Paging File Size for All Drives dialog box. Select the drive and choose Custom Size to specify an initial and maximum size in megabytes or System Managed Size to obtain a default size. To remove a paging file, select the drive holding the file and click No Paging File. Note that some programs might not work properly if you choose the No Paging File option. Then click Set.

You can modify paging file properties from the Virtual Memory dialog box.

FIGURE 8.11

6. Click OK three times to apply your changes and to close the Performance Options and System Properties dialog boxes. 7. Click Restart Now to restart your computer if so prompted.

Optimizing and Troubleshooting Processor Utilization The processor is the “heart” of the system because it executes all program instructions, whether internal to the operating system or in user-executed applications. The Processor object contains counters that monitor processor performance. Table 8.2 discusses the most important counters for this object.

482

Chapter 8: Maintaining and Optimizing Systems That Run Windows Vista

TABLE 8.2

Important Counters for the Processor Object

Counter

What It Measures

Interpretation and Remedial Tips

% Processor Time

The percentage of time the processor is executing meaningful actions (excludes the Idle process)

If this value is consistently greater than 85%, the processor could be causing a bottleneck. You should check the memory counters discussed previously; if these are high, consider adding more RAM. Otherwise, you should consider adding a faster processor (or an additional one if supported by your motherboard).

Interrupts/sec

The rate of service requests from I/O devices that interrupt other processor activities

A significant increase in the number of interrupts, without a corresponding increase in system activity, might indicate some type of hardware failure. Brief spikes are acceptable.

You should also look at the System\Processor Queue Length counter. If the value of this counter exceeds 2, a processor bottleneck might exist, with several programs contending for the processor’s time. As mentioned in Table 8.2, memory shortages might frequently manifest themselves in high processor activity. It is usually much cheaper and easier to add RAM to a computer than to add a faster or additional processor. Consequently, you might want to consider this step first when you are experiencing frequent high processor activity.

Optimizing and Troubleshooting Disk Performance Disk performance is measured by two processor objects: The PhysicalDisk counters measure the overall performance of a single physical hard disk rather than individual partitions. LogicalDisk counters measure the performance of a single partition or volume on a disk. These counters include the performance of spanned or striped volumes that cross physical disks. PhysicalDisk counters are best suited for hardware troubleshooting. Table 8.3 describes the most important counters for this object.

483

Troubleshooting Performance Issues

TABLE 8.3

Important Counters for the PhysicalDisk Object

Counter

What It Measures

Interpretation and Remedial Tips

% Disk Time

The percentage of time that the disk was busy reading or writing to any partition

A value of more than 50% suggests a disk bottleneck. Consider upgrading to a faster disk or controller. Also check the memory counters to see whether more RAM is needed.

Avg. Disk Queue Length

The average number of disk read and write requests waiting to be performed

If this value is greater than 2, follow the same suggestions as for % Disk Time.

Average Disk Sec/Transfer

The length of time a disk takes to fulfill requests

A value greater than 0.3 might indicate that the disk controller is retrying the disk continually because of write failures.

LogicalDisk counters are best suited for investigating the read/write performance of a single partition. Table 8.4 describes the most important counters for this object. TABLE 8.4

Important Counters for the LogicalDisk Object

Counter

What It Measures

Interpretation and Remedial Tips

% Disk Time

The percentage of time that the disk is busy servicing disk requests

A value greater than 90% might indicate a performance problem except when using a RAID device. Compare to Processor\% Processor Time to determine whether disk requests are using too much processor time.

Average Disk Bytes/Transfer

The amount of data transferred in each I/O operation

Low values (below about 20KB) indicate that an application might be accessing a disk inefficiently. Watch this counter as you close applications to locate an offending application.

Current Disk Queue Length

The amount of data waiting to be transferred to the disk

A value greater than 2 indicates a possible disk bottleneck, with processes being delayed because of slow disk speed. Consider adding another faster disk. (continues)

484

Chapter 8: Maintaining and Optimizing Systems That Run Windows Vista

TABLE 8.4 Continued Counter

What It Measures

Interpretation and Remedial Tips

Disk Transfers/ sec

The rate at which read or write operations are performed by the disk

A value greater than 50 might indicate a disk bottleneck. Consider adding another faster disk.

% Free Space

Percentage of unused disk space

A value less than about 15% indicates that insufficient disk space is available. Consider moving files, repartitioning the disk, or adding another disk.

TIP You should log disk activity to a different disk or computer The act of recording performance logs places an extra “hit” on performance for the disk on which logs are recorded. To obtain accurate disk monitoring results, record this data to a different disk or computer.

Challenge You are responsible for several hundred Windows Vista computers used by design engineers in your company’s design department. Each computer has a single hard disk with two partitions: Drive C: holds the operating system files, and drive D: holds applications and data files. Engineers use processor- and memory-intensive computer-assisted design (CAD) applications that create large graphics files. Frequently, system slowdowns cause engineers to sit waiting for output that normally appears within a minute or two at other times. The manager of the department requests that you set up a monitoring program to address the system slowdowns that have been plaguing the department so that he can prepare a budget for computer hardware upgrades that will address these problems in the most economical fashion. Your task is to design a program that addresses the problems in stages so that the manager has the information that he needs to produce an appropriate budget. Try to complete this exercise on your own, listing the performance objects and counters that you should monitor, along with the recommendations for optimizing performance of the affected computers. After you have completed the exercise, compare your results to the following: 1. Open the Reliability and Performance Monitor and select Performance Monitor from the console trees. 2. Use the procedure of Step by Step 8.1 to create and start a Performance Monitor graph with the following counters: . Processor\% Processor Time . Processor\Interrupts/Sec (continues)

485

Troubleshooting Performance Issues (continued)

. System\Processor Queue Length . LogicalDisk (_D)\% Disk Time . LogicalDisk (_D)\% Free Space . LogicalDisk (_D)\Avg. Disk Bytes/Transfer . LogicalDisk (_D)\Current Disk Queue Length . LogicalDisk (_D)\Disk Transfers/Sec . Memory\Pages/Sec . Memory\Available Bytes . Memory\Committed Bytes 3. Right-click Performance Monitor and choose New, Data Collector Set. Follow the instructions in the Create New Data Collector Set Wizard (see Step by Step 8.5) to create a data collector set that includes these counters, and ensure that the data collector set is started. 4. Log these counters while the engineers are performing their customary tasks and ask them to make a note of the time that they observe slowdowns. 5. Use Performance Monitor to observe the collected logs and locate the points in time that the engineers observed slowdowns, and relate these to the counter activity that occurred at that point in time. 6. To obtain additional confirmation data, configure a data collector set that contains alerts based on the logged results (refer to Step by Step 8.4). Run these alerts for a period of time while the engineers are keeping a record of what they were working on. Check the Application event logs to relate the appearance of alerts to the tasks being performed by the engineers.

Command-Line Utilities You can perform several tasks associated with performance monitoring and optimization from the command line. The following are several available tools: . Logman—Manages data collector logs. You can start, stop, and schedule the collection

of performance and trace data. . Relog—Creates new performance logs from data in existing logs by modify the sam-

pling rate and/or converting the file format. . Typeperf—Displays performance data to the command prompt window or to a log

file.

486

Chapter 8: Maintaining and Optimizing Systems That Run Windows Vista

You can also use the Perfmon command to start the Reliability and Performance Monitor from a command line. For information on running these tools, type the command name followed by /? at a command prompt.

New Vista Technologies for Enhancing System Performance New to Windows Vista are three technologies for enhancing system performance: Windows ReadyBoost, Windows SuperFetch, and Windows ReadyDrive. These three technologies are collectively known as Windows PC Accelerators. You learn about these technologies in this section.

Windows SuperFetch Included with all editions of Vista, Windows SuperFetch optimizes memory performance based on trends of most-used programs and data on the computer, enabling Vista to decide which content should be loaded into RAM at a particular time. SuperFetch also enables Vista to detect and avoid problematic memory usage scenarios that would otherwise remove content of higher priority from memory.

Windows ReadyBoost Included with all editions of Windows Vista, Windows ReadyBoost enhances your computer’s performance without adding additional RAM. ReadyBoost enables you to use a USB flash drive or a Compact Flash or Secure Digital (SD) memory card as an additional source of memory (also known as a cache) to improve your computer’s performance. The computer can access this cache more rapidly than it can access the paging file or other data on the hard drive. ReadyBoost can work with SuperFetch to dramatically enhance your computer’s performance. You can even use a portion of the flash drive for Windows ReadyBoost and the remainder for data storage. Microsoft recommends that you use one to three times the amount of RAM in your computer for optimum performance of Windows ReadyBoost. Devices used by Windows ReadyBoost must be USB 2.0-capable and be of at least 256MB capacity. The device must support a minimum read speed of 2.5 MB/s and a write speed of 1.75 MB/s. In addition, the USB host controller on the computer must accept the USB 2.0 standard. Windows ReadyBoost can use a cache of up to 4GB in size. Using Windows ReadyBoost is easy, as Step by Step 8.7 shows.

487

Troubleshooting Performance Issues

STEP BY STEP 8.7 Using Windows ReadyBoost 1. Insert the USB flash drive into an available port. Windows displays an AutoPlay message box with an option to use Windows ReadyBoost. 2. To use Windows ReadyBoost, select the Speed Up My System option. Windows tests the device to determine whether it can be used with ReadyBoost. 3. If you do not receive a prompt, or if you want to use a portion of the drive for data storage, open Computer. Right-click the USB drive and choose Properties. 4. On the ReadyBoost tab of the device’s Properties dialog box shown in Figure 8.12, ensure that the Use This Device option is selected, and then drag the slider to select the amount of space to be used for ReadyBoost. Then click OK.

The ReadyBoost tab of a device’s Properties dialog box enables you to select the space to be used by ReadyBoost. FIGURE 8.12

EXAM ALERT Fast and slow memory Most USB flash drives contain both fast and slow flash memory. ReadyBoost can use only the fast memory on a flash drive, so the maximum amount of memory displayed on the ReadyBoost tab is often less than the total capacity of the drive. You might receive an exam question that asks why ReadyBoost is unable to use the total amount of memory provided by the flash drive.

488

Chapter 8: Maintaining and Optimizing Systems That Run Windows Vista

NOTE Windows encrypts the cache To ensure that the ReadyBoost feature remains secure, Windows uses the Advanced Encryption Standard (AES) to encrypt data on the flash drive. So if you lose your flash drive, unauthorized individuals will be unable to access your data.

Windows ReadyDrive Windows ReadyDrive enables mobile computers equipped with a hybrid hard disk to achieve enhanced performance and improved battery life. A hybrid hard disk includes nonvolatile flash memory as a component in the hard disk; data is written to this cache where it can be accessed more rapidly and with less use of battery power (because the need for spinning the hard drive is dramatically reduced). Computers boot, hibernate, and resume from hibernation faster with Windows ReadyDrive. ReadyDrive can also work with SuperFetch for the best possible performance. To be used by ReadyDrive, the disk must have at least 50MB of nonvolatile cache that performs at a minimum speed of 4MB/s. The hybrid hard drive technology is just being perfected at the time of writing and is expected to be available in the near future. For more information on SuperFetch, ReadyBoost, and ReadyDrive, consult Windows PC Accelerators: Performance Technology for Windows Vista and references cited therein, included in the “Suggested Readings and Resources” section at the end of this chapter.

REVIEW BREAK You have learned about several aspects of monitoring, optimizing, and troubleshooting the performance of Windows Vista. You should be aware of the following major points: . Windows Vista offers several tools for monitoring and optimizing system performance. . The Reliability and Performance Monitor enables you to monitor system performance

through the use of a wide range of performance objects and counters. This tool contains Performance Monitor, which displays a real-time graph of system performance, Reliability Monitor, which displays a graph of system reliability and alerts you to potentially destabilizing events, and Data Collector Sets, which log performance data for later viewing and create alerts when conditions exceed preconfigured thresholds. . Objects are components of the computer for which you can collect performance infor-

mation. Important performance objects include Processor, LogicalDisk, PhysicalDisk, and Memory.

489

Troubleshooting Reliability Issues by Using Built-in Diagnostic Tools . Counters are individual statistical measurements available with each performance

object. . Instances are multiple occurrences of a given object such as two physical hard disks. . Windows Vista introduces three features that enhance the performance of computers.

Windows SuperFetch optimizes memory usage by analyzing program and data usage patterns. Windows ReadyBoost enables the use of flash drives and memory cards for additional memory. Windows ReadyDrive enables the use of hybrid hard drives for additional memory use.

Troubleshooting Reliability Issues by Using Built-in Diagnostic Tools Objective:

Troubleshoot reliability issues by using built-in diagnostic tools. Windows Vista contains several built-in tools that enable you to monitor, diagnose, and troubleshoot system reliability. You have already learned about the Reliability and Performance Monitor console and its components. In this section you look at the System Configuration Utility, Task Manager, and Event Viewer.

System Configuration Utility Microsoft has enhanced the System Configuration Utility to improve its capabilities for identifying problems that can prevent Windows from starting properly. System Configuration Utility enables you to disable common services and startup programs to selectively troubleshoot which items are preventing a normal startup. To start the System Configuration Utility, click Start, Run, type msconfig, and press Enter. Then click Continue on the UAC prompt that appears. You receive the dialog box shown in Figure 8.13.

490

Chapter 8: Maintaining and Optimizing Systems That Run Windows Vista

The System Configuration Utility enables you to troubleshoot problems that prevent Windows from starting normally.

FIGURE 8.13

The following sections describe the functions available on each tab.

General Tab Similar to the General tab on the Windows XP System Configuration tool, you can choose Normal Startup, which loads all drivers and services configured to start automatically; Diagnostic Startup, which loads basic drivers and services; or Selective Startup, which enables you to select the following options: . Load System Services—Starts all services that are configured for automatic startup. . Load Startup Items—Starts applications that have been configured to start at boot or

logon time. . Use Original Boot Configuration—Remains selected unless you modify default settings

on the Boot tab.

Boot Tab Shown in Figure 8.14, the Boot tab has been completely modified in Windows Vista. On a multi-boot computer, the display window contains entries for the different operating systems present. To choose which operating system boots by default, select the desired entry and click Set as Default. You have the following boot options available: . Safe Boot—Provides four options for booting your computer into Safe mode. The

Minimal option brings up the Windows GUI with only critical system services loaded and networking disabled. The Alternate Shell option boots to the command prompt and disables both the GUI and networking. The Active Directory repair option boots to the GUI and runs Active Directory as well as critical system services. The Network option boots to the Windows GUI with only critical services loaded and enables networking. . No GUI Boot—Starts Windows without displaying the Windows splash screen.

491

Troubleshooting Reliability Issues by Using Built-in Diagnostic Tools . Boot Log—Boots according to the other options selected and logs information from the

boot procedure to %systemroot%\Ntbtlog.txt. . Base Video—Uses standard VGA drivers to load the Windows GUI in minimal VGA

mode. . OS Boot Information—Displays driver names as the boot process loads them.

The Boot tab enables you to configure several options related to booting your computer.

FIGURE 8.14

In addition, the Timeout setting determines the number of seconds that the boot menu is displayed on a multi-boot computer, and the Make All Boot Settings Permanent option disables tracking of changes made in the System Configuration Utility. This option disables the ability to roll back changes by selecting the Normal Startup option from the General tab.

Services Tab The Services tab lists all Windows services available on the computer, including those installed by other applications running on the computer. You can enable or disable individual services at boot time when you think that running services might be causing boot problems. Clear the check box for those services you want to disable for the next boot, or click the Disable All command button to disable all nonessential services. To show only services installed by non-Microsoft programs, select the Hide All Microsoft Services check box. This enables you to more rapidly locate non-Microsoft services that might be contributing to boot problems.

CAUTION Ensure that you do not disable essential services You might encounter system stability problems or other malfunctions if you disable too many services. Ensure that services you disable are not essential to your computer’s operation. The Disable All option does not disable secure Microsoft services required at boot time.

492

Chapter 8: Maintaining and Optimizing Systems That Run Windows Vista

Startup Tab The Startup tab lists all applications that are configured to start automatically when the computer starts up. Information provided includes the manufacturer name, the path to the file that starts the application, and the Registry key or shortcut that starts the application. To prevent an application from starting on the next boot, clear its check box. To enable it to start on subsequent boots, select its check box or select the Normal Startup option from the General tab.

Tools Tab Shown in Figure 8.15, the Tools tab enumerates all diagnostic applications and other available tools. It provides a convenient location from which you can start a program; to do so, select the desired program and click Launch.

The Tools tab enables you to start a program from a comprehensive list of Windows diagnostic utilities.

FIGURE 8.15

Task Manager Task Manager provides data about currently running processes, including their CPU and memory usage, and enables you to modify their priority or shut down misbehaving applications. You can use any of the following methods to start Task Manager: . Click Start, type taskmgr in the Search box, and select Task Manager from the pro-

grams list. . Press Ctrl+Shift+Esc. . Press Ctrl+Alt+Delete and select Task Manager from the Windows Security

dialog box. . Right-click a blank area on the taskbar and then select Task Manager.

493

Troubleshooting Reliability Issues by Using Built-in Diagnostic Tools

As shown in Figure 8.16, Task Manager has six tabs that perform the following tasks: . Applications—Displays all applications running on the computer. You can terminate an

ill-behaved program by selecting it and clicking End Task. . Processes—Provides information on resources consumed by processes running on the

computer. New to Windows Vista is the Description column, which provides a detailed description of each process running on your computer. You can modify the property of a running application or terminate an ill-behaved process or one that is consuming a large amount of processor time. To obtain additional information, select the Select Columns option from the View menu. This displays the Select Process Page Columns dialog box shown in Figure 8.17, from which you can choose to display a large number of variables associated with each process. . Services—New to Vista, provides information on services installed on the computer.

You can view which services are running or stopped, the service group to which they belong, and descriptive information about each service. Click the Services command button and provide UAC credentials to access the Services snap-in, which enables you to configure service startup type and properties. You can also determine whether a service is associated with a particular process by right-clicking the service name and selecting Go To Process. This opens the Processes tab and highlights the appropriate process. . Performance—Provides a limited performance monitoring function, showing processor

and physical memory usage statistics. This tab is ideal for providing a quick snapshot of computer performance. The memory graph now displays actual memory usage instead of the page file usage displayed in Windows XP. If your computer is equipped with dual processors or a dual-core processor, the CPU usage history graph is split to show the activity of both cores or processors. You can also access the Resource Monitor application described earlier in this chapter. . Networking—Provides information on network utilization across the local area inter-

face. . Users—Displays the users that have sessions, active or disconnected, running on the

local computer. You can access additional options from the menu bar of Task Manager. In particular, you can start a new process from the File menu. Doing so is equivalent to using the Run dialog box and is useful if the Explorer process has terminated or is misbehaving. The Options menu allows you to keep the Task Manager window always visible on the desktop. The View menu allows you to adjust the refresh rate of the graphs on the Performance and Networking tabs. It also allows you to modify what data is displayed on the Processes, Networking, and Users tabs.

494

Chapter 8: Maintaining and Optimizing Systems That Run Windows Vista

Task Manager enables you to troubleshoot applications that are currently running, including closing ones that are not responding.

FIGURE 8.16

The Select Process Page Columns dialog box enables you to select the information that is displayed on the Process tab of Task Manager.

FIGURE 8.17

Configuring Application Priority You can modify application behavior by adjusting its priority in Task Manager or by starting the application at a different priority. Windows Vista offers the following application priorities, arranged in decreasing order: . Realtime—The highest priority level. Use extreme caution when selecting this priority

because it can hang the computer.

495

Troubleshooting Reliability Issues by Using Built-in Diagnostic Tools . High—The highest useful priority level. Devotes a high level of priority to the applica-

tion without disrupting essential services. . AboveNormal—Runs the application at a priority slightly higher than default. . Normal—The default priority. All processes run at this priority unless configured

otherwise. . BelowNormal—Runs the application at a priority slightly lower than default. . Low—The lowest priority.

You can modify an application’s priority in either of the following ways: . From Task Manager—From the Processes tab, right-click the required process and

choose Set Priority. Then select one of the priorities shown. If you are unsure of the process associated with a given application, right-click the application in the Applications tab and select Go to Process. This switches you to the Processes tab, with the required process selected. . From a command prompt—Type Start /option executable_name, where option

refers to one of the priorities shown in the preceding list, and executable_name refers to the program’s name.

Configuring the Relative Priority of Foreground and Background Tasks Depending on your computer’s usage, you might be able to improve computer performance by changing the relative priority of foreground and background applications. As Step by Step 8.8 describes, you can accomplish this action from the Advanced tab of the Performance Options dialog box.

STEP BY STEP 8.8 Configuring Performance Optimizing Options 1. Follow steps 1 to 3 of Step by Step 8.6 to access the Advanced tab of the Performance Options dialog box. 2. Under Processor Scheduling, choose one of the following options: . Programs—Assigns more processor resources to programs currently running in the foreground (active programs). This is the default. . Background Services—Assigns equal amounts of resources to all programs, including those such as disk backup or defragmentation that are running in the background.

496

Chapter 8: Maintaining and Optimizing Systems That Run Windows Vista

Configuring Multiprocessor Computers Windows Vista includes built-in capability for computers with two processors. Under most conditions, dual-processor computers provide enhanced computing power; however, you should be aware of several considerations that exist with regard to dual-processor computers: . Use of Task Manager—As already mentioned, the Performance tab of Task Manager

shows processor usage information for both processors by splitting the graph of CPU Usage History into two portions. . Running 16-bit legacy applications—Windows Vista uses a special 32-bit application

called a Windows NT Virtual DOS Machine (Ntvdm.exe) to emulate the older 16-bit environment. You can have multiple instances of the Ntvdm.exe process on a single computer; however, by default Windows Vista runs all 16-bit applications in a single instance of Ntvdm.exe (also called a single memory space). This can cause two problems: First, if one application crashes or becomes unresponsive, all 16-bit applications are halted. Second, on a dual-processor computer, all 16-bit applications run on the same processor, thereby resulting in the possibility of this processor being overloaded while the other processor is underutilized. To run 16-bit applications in separate memory spaces, click Start, Run, and type start /separate application.exe, where application.exe is the name of the 16-bit application. . Configuring processor affinity for each application—This capability enables you to specify on

which processor a given process will execute and can be utilized to distribute activity evenly across more than one processor. You can set processor affinity from Task Manager. Simply right-click the process from the Processes tab and choose Set Affinity. Then select the appropriate processor.

CAUTION Legacy applications The 64-bit editions of Windows Vista do not support 16-bit DOS applications. If you are purchasing 64-bit computers, make sure that you have upgraded all such applications to at least 32 bits.

Event Viewer One of Windows Vista’s standard troubleshooting tools is Event Viewer, which is incorporated into the Computer Management console. You can rely on this utility to be able to see errors and system messages. This tool enables you to view events from multiple event logs on the local computer or another computer to which you can connect, save event filters as custom views for future usage, schedule tasks to run in response to events, and create and manage event subscriptions.

497

Troubleshooting Reliability Issues by Using Built-in Diagnostic Tools

You can open Event Viewer by using any of the following methods: . Click Start, right-click Computer, and select Manage. . Click Start, Control Panel, System and Maintenance, View Event Logs. . Click Start and type event viewer in the Search box. Then select Event Viewer from

the Programs list. In each case, you must click Continue or supply an administrative username and password on the UAC prompt that appears. The Event Viewer snap-in opens and displays a summary of recent administrative events in the details pane, as shown in Figure 8.18.

Event Viewer records events that have occurred on your computer.

FIGURE 8.18

The following sections provide more detail with regard to several aspects of working with Event Viewer.

Viewing Logs in Event Viewer To view the actual event logs, expand the Event Viewer node in the console tree and then expand the Windows Logs subnode. Windows Vista records events in the following five types of logs: . Application—Logs events related to applications running on the computer, including

alerts generated by data collector sets. . Security—Logs events related to security-related actions performed on the computer.

To enable security event logging, you must configure auditing of the types of actions to be recorded.

498

Chapter 8: Maintaining and Optimizing Systems That Run Windows Vista . Setup—Logs events related to setup of applications. . System—Contains events related to actions taking place on the computer in general,

including hardware-related events. See Figure 8.19. . Forwarded events—Contains events logged from remote computers. To enable this log,

you must create an event subscription. . Applications and Services logs—Contained in its own subnode, these logs store events

from single applications or components, as opposed to events with potential systemwide impact. Logs might include categories such as Distributed File Service (DFS) replication, hardware events, Internet Explorer events, Key Management service events, and Media Center events.

Most Event Viewer logs record errors, warning events, and informational events.

FIGURE 8.19

NOTE Additional event logs If you are looking at Event Viewer on a server, you might observe additional event logs added by applications such as Active Directory and DNS. Installed applications on servers and even on Windows Vista might add additional event logs to Event Viewer.

Most logs in Event Viewer record the three types of events—errors, warnings, and informational events—as previously shown in Figure 8.19. As you can see, error messages are represented by a red circle with a white exclamation mark in the center. Information messages are represented by a balloon with a blue “I” in the center, and warning messages are represented by a yellow triangle with an exclamation mark in the center. Although not always true, an

499

Troubleshooting Reliability Issues by Using Built-in Diagnostic Tools

error is often preceded by one or more warning messages. A series of warning and error messages can describe the exact source of the problem, or at least point you in the right direction. To obtain additional information about an event, select it. The bottom of the central pane displays information related to the selected event. You can also right-click an event and select Event Properties to display information about the event in its own dialog box that can be viewed without scrolling.

Customizing Event Viewer If you have selected a large number of auditable events, the Event Viewer logs can rapidly accumulate a large variety of events. Windows Vista provides capabilities for customizing what appears in the Event Viewer window. To customize the information displayed, right-click Event Viewer in the console tree and choose Create Custom View. This displays the Create Custom View dialog box shown in Figure 8.20.

You can create custom views that filter event logs according to several categories.

FIGURE 8.20

Options available from this dialog box include the following: . Logged—Select the time interval that you want to examine. . Event Level—Choose the type(s) of events you want to view. Select Verbose to view

extra details related to the viewed events. . By Log—Select the Windows logs or Applications and Services logs you want to

include. . By Source—Select from an extensive range of Windows services, utilities, and compo-

nents whose logs you want to include.

500

Chapter 8: Maintaining and Optimizing Systems That Run Windows Vista . Task Category—Expand the drop-down list and select the categories you want to view. . Keywords—Select the keywords you want to include in the customized view. . User and Computer(s)—Select the usernames of the accounts to be displayed and the

names of the computers to be displayed. Separate the names in each list by commas. . XML tab—Enables you to specify an event filter as an XML query.

When you have made your selections, click OK and type a name for the custom view in the Save Filter to Custom View dialog box that appears. After you have saved the custom view, you can use this view at a future time by right-clicking Event Viewer in the console tree and choosing Import Custom View.

Creating Tasks from Events Another new feature in Event Viewer for Windows Vista is the ability to associate tasks with events. Event Viewer integrates with Task Scheduler to make this action possible. To do so, right-click the desired event and choose Attach Task to This Event. Follow the instructions in the Create a Basic Task Wizard that opens, as shown in Figure 8.21. Actions that you can take include starting a specified program, sending an email, and displaying a message.

The Create a Basic Task Wizard enables you to specify an action that will be taken each time a specific event takes place.

FIGURE 8.21

For more information on Event Viewer, refer to Event Viewer Overview and links contained therein in the “Suggested Readings and Resources” section.

501

Configuring Windows Update

REVIEW BREAK You have looked at several aspects of troubleshooting reliability issues in Windows Vista. You should be aware of the following major points: . The System Configuration Utility lets you configure custom startup options that speci-

fy which programs and services start when you boot your computer. It is useful in troubleshooting situations where some program or component prevents normal startup. . Task Manager enables you to observe performance of programs and processes running

on the computer. You can shut down programs that are not responding properly, configure application priority, and monitor network performance and users on the computer with this tool. . Event Viewer enables you to view errors, warnings, and other events that take place on

the computer. Vista enables you to track a large range of system, application, and security-related events on the local or networked computer, save customized views of the interface and schedule actions to take place when a specified event occurs.

Configuring Windows Update Objective:

Configure Windows Update. Chapter 3, “Upgrading to Windows Vista,” introduced the concept of automatically receiving updates from the Windows Update website. This section takes a closer look at the options available in Windows Update and using a server running Windows Server Update Services (WSUS) to receive and distribute updates to Windows Vista computers on a network. Windows Update enables you to maintain your computer in an up-to-date condition by automatically downloading and installing critical updates as Microsoft publishes them. By default, your computer automatically checks for updates at the Windows Update website. Critical updates are automatically installed on a daily basis, and you are informed about optional updates that might be available. The following are several key features of Windows Update: . Windows Update scans your computer and determines which updates are applicable to

your computer. These updates include the latest security patches and usability enhancements that ensure your computer is kept as secure and functional as possible. . Updates classified by Microsoft as High Priority and Recommended can be down-

loaded and installed automatically in the background without interfering with your work. At the same time, Windows Update can inform you about optional updates and Windows Ultimate Extras.

502

Chapter 8: Maintaining and Optimizing Systems That Run Windows Vista . Windows Update informs you if a restart is required to apply an update. You can post-

pone the restart so that it does not interfere with activities in progress. Should an update apply to a software program with files in use, Vista can save the files and close and restart the program. For additional information about Windows Update, refer to Windows Update and Resulting Internet Communication in Windows Vista in the “Suggested Readings and Resources” section.

Working with Windows Update The System and Maintenance category in Control Panel includes the Windows Update applet, which enables you to configure and work with the various options that are offered. Follow Step by Step 8.9 to work with Windows Update.

STEP BY STEP 8.9 Using Windows Update 1. Click Start, Control Panel, System and Maintenance, Windows Update. You can also click Start and type update in the Search box and then click Windows Update in the Programs list. Either method opens the applet shown in Figure 8.22.

The Windows Update applet in Control Panel enables you to configure the various functions available or manually check for updates.

FIGURE 8.22

503

Configuring Windows Update 2. To perform a manual check for updates, click Check for Updates. Windows Update checks on the Microsoft website. After a minute or two, it informs you of any available updates and offers to install them. 3. To modify the way Windows Update performs automatic checking and installation of updates, click Change Settings. From the Choose How Windows Can Install Updates page shown in Figure 8.23, select one of the following options: . Install Updates Automatically (Recommended)—Automatically downloads and installs updates at the day and time specified in the drop-down list boxes provided. You should ensure that your computer is on and connected to the Internet at the time you specify. This is the default setting. . Download Updates but Let Me Choose Whether to Install Them—Downloads updates when they are available and informs you by means of an icon in the notification area. You can select which updates should be installed by clicking this icon and choosing Install. . Check for Updates but Let Me Choose Whether to Download and Install Them—Provides an icon in the notification area to inform you that updates are available from the Windows Update website. You can download these updates by clicking this icon and choosing Start Download. After the updates are installed, you can select Install to install them. . Never Check for Updates (Not Recommended)—You are not informed of any available updates and need to access the Windows Update website regularly to check for updates. You can do this by means of the link provided.

The Choose How Windows Can Install Updates page enables you to configure options related to downloading and installation of updates.

FIGURE 8.23

4. By default, Windows Update checks for both critical and recommended updates including updated definition files for Windows Defender. To limit the check to critical updates only, clear the check box labeled Include Recommended Updates When Downloading, Installing, or Notifying Me About Updates.

504

Chapter 8: Maintaining and Optimizing Systems That Run Windows Vista 5. To review the history of updates installed on your computer, return to the main Windows Update applet and select View Update History. You receive a list of the updates installed on your computer including definition updates for Windows Defender. 6. If an update is causing problems and you want to remove it, click the Installed Updates link. On the Uninstall an Update page that appears, select the update you want to uninstall and then click Uninstall. Follow the instructions provided to complete this task. 7. Updates might become hidden if you have asked Windows not to notify you or install updates automatically. To view and restore any hidden updates that might be available, select Restore Hidden Updates. On the page that appears, select the updates to be installed and then click Restore. 8. If you are running Windows Vista Ultimate, click Learn about Windows Ultimate Extras to view information about additional programs, services, and premium content available to users of this edition of Vista.

Using a WSUS Server with Windows Vista WSUS is a server-based component that enables you to provide update services to computers on a corporate network without the need for individual computers to go online to the Microsoft Windows Update website to check for updates. It saves valuable bandwidth because only the WSUS server actually connects to the Windows Update website to receive updates, while all other computers on the network receive their updates from the WSUS server. Furthermore, WSUS provides network administrators with the ability to test updates for compatibility before enabling computers on the network to receive the updates, thereby reducing the chance of an update disrupting computer or application functionality across the network. You can download version 3.0 of WSUS from Microsoft and install it on a computer running Windows Server 2003 or Windows Server 2008. Configuration of the WSUS server is beyond the scope of the Windows Vista exams and is not discussed here.

Windows Update Group Policies Group Policy in Windows Vista provides a series of policies that govern the actions performed by Windows Update. To view and configure these policies, open the Group Policy Object Editor by typing gpedit.msc in the Run dialog box and accepting the UAC prompt that appears. Navigate to the Computer Configuration\Administrative Templates\Windows Components\Windows Update node to obtain the policy settings shown in Figure 8.24.

505

Configuring Windows Update

Group Policy in Windows Vista provides a series of settings that govern the operation of Windows Update.

FIGURE 8.24

To use Group Policy to specify the behavior of automatic updates, double-click the Configure Automatic Updates policy setting to receive the Properties dialog box shown in Figure 8.25. Select Enabled and then choose one of the following settings from the Configure Automatic Updating drop-down list: . 2 - Notify for Download and Notify for Install—Windows Update notifies you when

updates are available by displaying an icon in the notification area and a message stating that updates are available for download. The user can download the updates by clicking either the icon or the message. When the download is complete, the user is informed again with another icon and message; clicking one of them starts the installation. . 3 - Auto Download and Notify for Install—Windows Update downloads updates in the

background without informing the user. After the updates have been downloaded, the user is informed with an icon in the notification area, and a message stating that the updates are ready for installation. Clicking one of them starts the installation. This is the default option. . 4 - Auto Download and Schedule the Install—Windows Update downloads updates auto-

matically when the scheduled install day and time arrive. You can use the drop-down lists in the Configure Automatic Updates Properties dialog box to specify the desired days and times, which, by default, are daily at 3:00 a.m. . 5 - Allow Local Admin to Choose Setting—Enables local administrators to select a config-

uration option of their choice from the Automatic Updates control panel, such as their own scheduled time for installations.

506

Chapter 8: Maintaining and Optimizing Systems That Run Windows Vista

The Configure Automatic Updates Properties dialog box offers four choices for configuring automatic updating of Vista computers.

FIGURE 8.25

The following describes several of the other more important available policy settings shown in Figure 8.24: . Enabling Windows Update Power Management to automatically wake up the system to install

scheduled updates—Uses features of Windows Power Management to wake computers up from hibernation to install available updates. . Specify intranet Microsoft update service location—Enables you to specify a WSUS server

for hosting updates from the Microsoft Windows Update site, as described in the previous section. . Automatic Updates detection frequency—Specifies the length of time in hours used to

determine the waiting interval before checking for updates at an intranet update server. You need to enable the Specify Intranet Microsoft Update Service Location policy to have this policy work. . Allow non-administrators to receive update notifications—Enables users who are not admin-

istrators to receive update notifications according to other Automatic Updates configuration settings. . Allow Automatic Updates immediate installation—Enables Automatic Updates to immedi-

ately install updates that neither interrupt Windows services nor restart Windows. . Turn on recommended updates via Automatic Updates—Enables Automatic Updates to

include both important and recommended updates.

507

Configuring Data Protection . No auto-restart for scheduled Automatic Updates installations—Prevents Automatic Updates

from restarting a client computer after updates have been installed. Otherwise, Automatic Updates notifies the logged-on user that the computer will automatically restart in five minutes to complete the installation. . Reprompt for restart with scheduled installations—Specifies the number of minutes from the

previous prompt to wait before displaying a second prompt for restarting the computer. . Delay Restart for scheduled installations—Specifies the number of minutes to wait before a

scheduled restart takes place. . Reschedule Automatic Updates scheduled installations—Specifies the length of time in minutes

that Automatic Updates waits after system startup before proceeding with a scheduled installation that was missed because a client computer was not turned on and connected to the network at the time of a scheduled installation, as previously specified by option 4 of the Configure Automatic Updates policy (Auto download and schedule the install). . Enable client-side targeting—Enables you to specify a target group name to be used for

receiving updates from an intranet server such as a WSUS server. The group name you specify is used by the server to determine which updates are to be deployed. . Do not display “Install Updates and Shut Down” option in Shut Down Windows dialog box—

Prevents the appearance of this option in the Shut Down Windows dialog box, even if updates are available when the user shuts down his computer. . Do not adjust default options to “Install Updates and Shut Down” option in Shut Down

Windows dialog box—When enabled, changes the default shut down option from Install Updates and Shut Down to the last shut down option selected by the user. For more information on these policies, consult the Explain tab of each policy’s Properties dialog box.

Configuring Data Protection Objective:

Configure Data Protection. Windows Vista provides enhanced backup tools that are designed to help protect data from accidental loss due to hardware failure or other disaster. In addition, Vista includes encryption tools that protect data on computers against unauthorized access. This is especially important for portable computers that could be lost or stolen, resulting in data falling into the wrong hands. In this section, you first look at backup and restore solutions and then at data encryption.

508

Chapter 8: Maintaining and Optimizing Systems That Run Windows Vista

Using Windows Backup to Protect Your Data Microsoft has rewritten the backup program completely in Windows Vista, introducing the Backup and Restore Center and the Backup Status and Configuration utility to facilitate backup and restoration of data. You can back up all data on a disk or a portion thereof to a variety of media, including tapes, shared network drives, CD-ROM drives, and so on. First introduced with Windows XP Professional and continued in Windows Vista is the concept of volume shadow copies, which create a shadow copy of the original volume at the instant the backup starts. This enables you to back up all files, including those an application might have open currently. Previous versions of Windows skipped any open files, thereby risking incomplete backups. Follow Step by Step 8.10 to perform a backup of selected files.

STEP BY STEP 8.10 Backing Up Selected Files in Windows Vista 1. Click Start, Control Panel, Back Up Your Computer. As shown in Figure 8.26, the Backup and Restore Center opens and offers you options to back up files or create a Windows Complete PC Backup and Restore image. 2. Click Back Up Files, and then click Continue in the UAC prompt that appears.

The Backup and Restore Center enables you to perform different types of backup procedures.

FIGURE 8.26

509

Configuring Data Protection 3. On the Back Up Files screen shown in Figure 8.27, select a location to save your backup and then click Next. If you choose a network location, you will need to provide the appropriate administrative credentials valid on the computer selected.

The Back Up Files screen enables you to save your backup to a hard disk, CD, DVD, or network shared folder.

FIGURE 8.27

4. If your computer contains more than one partition, you receive the Which Disks Do You Want to Include in the Backup screen. Select the disks that you want to back up, and then click Next. 5. The Which File Types Do You Want to Back Up screen shown in Figure 8.28 enables you to select the types of files to be backed up. Clear the check boxes next to any file types you do not want to back up, and then click Next.

The Which File Types Do You Want to Back Up screen enables you to select which types of files are to be backed up.

FIGURE 8.28

510

Chapter 8: Maintaining and Optimizing Systems That Run Windows Vista 6. The How Often Do You Want to Create a Backup screen shown in Figure 8.29 enables you to specify how frequently files will be backed up. You can choose daily, weekly, or monthly and specify the day and time the backup should run. Make a selection and then click Save Settings and Start Backup to perform the first backup.

You have several options that determine how frequently your data is backed up.

FIGURE 8.29

7. Backup displays a message box containing a progress chart as files are backed up to the location you selected. If you choose to save the backup to a CD or DVD, you are prompted for additional discs as required. 8. You are informed when the backup is completed. Click Finish to return to the Backup and Restore Center, which now displays details of the completed backup.

Performing a Windows Complete PC Backup and Restore image enables you to fully restore your computer in the event of a hardware failure. This procedure replaces the System State backup used in Windows 2000/XP and backs up your data at the same time. The procedure to do this is similar to that of backing up selected files, as Step by Step 8.11 shows.

STEP BY STEP 8.11 Backing Up Your Entire Computer 1. From the Backup and Restore Center, select the Back Up Computer option and click Continue on the UAC prompt that appears. 2. The Where Do You Want to Save the Backup screen enables you to save the backup to a hard disk or to one or more DVDs. Make a selection and then click Next.

511

Configuring Data Protection 3. The Which Disks Do You Want to Include in the Backup screen enables you to select the disks to be backed up. Select the required disks and then click Next. 4. The Confirm Your Backup Settings shows which disks will be backed up and to what location. Verify that these are correct and then click Start Backup to perform the backup. 5. Windows displays a progress chart as the backup is performed. When you are informed that it is completed, click Close. 6. The Backup and Restore Center now displays the date and time that the complete Windows PC Backup was performed.

The following sections discuss the use of the Backup and Restore Center to restore files and folders or your entire computer, as well as the use of the Backup Status and Configuration Utility for configuring and performing backups.

Using Windows Backup to Recover Data After you have performed a backup, the Backup and Restore Center makes it simple to restore data in the event of a hardware or software failure of some kind. Follow Step by Step 8.12 to restore data.

STEP BY STEP 8.12 Restoring Files and Folders 1. In the Backup and Restore Center previously shown in Figure 8.26, click Restore Files. 2. On the Restore Files screen, select the option to restore from the latest backup or an older backup as required and then click Next. 3. If you select the option to restore from an older backup, the Select the Data to Restore From screen appears. Select a date and time, and then click Next. 4. From the Select the Files and Folders to Restore screen shown in Figure 8.30, select the appropriate command button to locate the files or folders to be restored. The selected folders are added to the list. When finished, click Next. 5. The Where Do You Want to Save the Restored Files screen shown in Figure 8.31 enables you to select a location to save the restored files. Make an appropriate selection and then click Start Restore to restore the files. 6. Windows displays a message box that charts the progress of file restoration. When completed, it informs you. Click Finish.

512

Chapter 8: Maintaining and Optimizing Systems That Run Windows Vista

The Select the Files and Folders to Restore screen enables you to choose which files and folders are to be restored.

FIGURE 8.30

The Where Do You Want to Save the Restored Files screen enables you to select a location to save the restored files. FIGURE 8.31

Using Windows Backup to Restore Your Computer The Backup and Restore Center also enables you to restore all files and settings on your computer from a Windows Complete PC Backup and Restore image. This procedure replaces the System State restore used with Windows 2000/XP and also restores data files. Follow Step by Step 8.13 to do so.

513

Configuring Data Protection

STEP BY STEP 8.13 Restoring Your Entire Computer 1. In the Backup and Restore Center, select Restore Computer from the options previously shown in Figure 8.26. 2. You receive the message box shown in Figure 8.32, outlining the steps to be performed. Follow these steps to load the Windows Recovery Environment.

You need to follow a special procedure to use the Windows Recovery Environment for restoring your entire computer from backup. FIGURE 8.32

The Backup and Restore Center also enables you to perform the following restoration tasks. You will need to supply UAC credentials to perform any of these operations: . Perform an advanced restore—Click Advanced Restore to restore files from a backup

performed on a different computer or to restore files for all users of this computer. . Use System Restore to fix problems and undo changes to Windows—Click the link provided

in the Tasks menu or at the bottom of the Backup and Restore Center to restore system files and settings to an earlier point in time. Follow the instructions provided to perform this restore. . Create a restore point or change settings—Create a restore point that System Restore can

use. Select this option from the Tasks menu to open the System Properties dialog box to the System Protection tab. Click Create, type a descriptive name to identify the restore point, and then click Create again.

514

Chapter 8: Maintaining and Optimizing Systems That Run Windows Vista

NOTE Vista and the Ntbackup utility The restore tool in Vista’s Backup and Restore Center is not compatible with the .bkf files created using Windows NT/2000/XP/Server 2003 Ntbackup program. However, Microsoft makes a version of this utility available for download, should you need to restore backups created on an older Windows computer. You can download this utility from http://www.microsoft.com/downloads/ details.aspx?FamilyID=7da725e2-8b69-4c65-afa3-2a53107d54a7&DisplayLang=en. You can navigate to this page by searching for “Windows NT Backup—Restore Utility” at Microsoft.com.

The Backup Status and Configuration Utility You can also configure and perform backups from the Backup Status and Configuration Utility. From the Backup and Restore Center, click Change Settings in the Back Up Files or Your Entire Computer section to reveal the dialog box shown in Figure 8.33. You can also access this tool by clicking Start, All Programs, Accessories, System Tools, Backup Status and Configuration.

The Backup Status and Configuration utility enables you to perform many of the same procedures available from the Backup and Restore Center.

FIGURE 8.33

You can perform the following actions from the Backup Status and Configuration dialog box: . Back Up Now—Performs an incremental backup of files and folders according to set-

tings you have configured in the Back Up Files and Folders section of the Backup and Restore Center. An incremental backup procedure backs up only those files and folders that have changed since the previous backup. This procedure also marks these files as having been backed up. . Change Backup Settings—Starts the wizard previously described in Step by Step 8.10,

enabling you to modify the settings for backing up files and folders.

515

Configuring Data Protection . Restore Files—Click the link on the left side of the dialog box to reveal the options

shown in Figure 8.34, which enable you to perform the same restore procedure previously described in Step by Step 8.12 or perform an advanced restore of backup files from another computer or files for all users of the local computer. . Complete PC Backup—Creates a Windows Complete PC Backup and Restore image

according to the procedure previously described in Step by Step 8.11.

The Backup Status and Configuration dialog box also enables you to perform file and folder restores.

FIGURE 8.34

CAUTION Make a habit of testing your backups and restores You should ensure that you are creating valid backups by performing test restores on a regular basis. Use the In the Following Location option referred to in Step by Step 8.12 and shown in Figure 8.31 to restore data to a different folder and verify that the restored data is present. Otherwise you might not realize something is wrong with your backups until it is too late.

Data Security You often hear news reports that mention thefts of laptop computers containing valuable data. In one such case, a computer stolen from a doctor’s car in Toronto contained the records of thousands of patients, exposing them to misuse and potential identity theft. The computer was protected with a password, but the data was not encrypted. Besides the Encrypting File System (EFS) introduced with Windows 2000 and continued with Windows XP, Windows Vista includes a new technology called BitLocker Drive Encryption, which encrypts a computer’s entire system partition. This section takes a look at these technologies.

516

Chapter 8: Maintaining and Optimizing Systems That Run Windows Vista

For further information on both of these technologies, consult Microsoft Windows Vista Security Enhancements in the “Suggested Reading and Resources” section.

Encrypting File System EFS enables users to encrypt files and folders on any partition that is formatted with the NTFS file system. The encryption attribute on a file or folder can be toggled the same as any other file attribute. When you set the encryption attribute on a folder, all its contents, whether subfolders or files, are also encrypted. The encryption attribute, when assigned to a folder, affects files the same way that the compression attribute does when a file is moved or copied. Files that are copied into the encrypted folder become encrypted. Files that are moved into the encrypted folder retain their former encryption attribute, whether or not they were encrypted. When you move or copy a file to a file system that does not support EFS, such as FAT16 or FAT32, the file is automatically decrypted.

EXAM ALERT EFS requirements The file system must be set to NTFS if you want to use EFS, and no file can be both encrypted and compressed at the same time. You might be presented with a scenario where a user is unable to use EFS or file compression on a FAT32 volume; the correct answer to such a problem is to convert the file system to NTFS, as described in the section “Preparing a Disk for EFS.”

Encrypting File System Basics Windows Vista has the capability to encrypt files directly on any NTFS volume. This ensures that no other user can use the encrypted data. Encryption and decryption of a file or folder is performed in the object’s Properties dialog box. Administrators should be aware of the rules to put into practice to manage EFS on a network: . Only use NTFS as the file system for all workstation and server volumes. . Keep a copy of each user’s certificate and private key on a floppy disk or other remov-

able media. . Remove the user’s private key from the computer except when the user is actually using it. . When users routinely save documents only to their Documents folder, make certain

their documents are encrypted by having each user encrypt his or her own Documents folder. . Use two recovery agent user accounts that are reserved solely for that purpose for each

Active Directory organizational unit (OU) if computers participate in a domain. Assign the recovery agent certificates to these accounts.

517

Configuring Data Protection . Archive all recovery agent user account information, recovery certificates, and private

keys, even if obsolete. . When planning a network installation, keep in mind that EFS does take up additional

processing overhead and plan to incorporate additional CPU processing power in your plans. EFS uses certificates to manage the encryption. When a file is encrypted, the user’s encryption certificate is assigned to the file. When the user opens the file, the encryption certificate is checked, and the user is allowed to open and work with the file. When another user attempts to open the file, the user is unable to do so. Therefore, EFS is suitable for data that a user wants to keep private but not for files that are shared. A unique encryption key is assigned to each encrypted file. You can share an encrypted file with other users in Windows Vista, but you are restricted from sharing an entire encrypted folder with multiple users or sharing a single file with a security group. This is related to the way that EFS uses certificates, which are applicable individually to users, and how EFS uses encryption keys, which are applicable individually to files. New to Windows Vista is the ability to store keys on smart cards. If you are using smart cards for user logon, EFS automatically locates the encryption key without issuing further prompts. EFS also provides wizards that assist users in creating and selecting smart card keys. You can use different types of certificates with EFS: third party–issued certificates, certificates issued by certification authorities (CAs) including those on your own network, and self-signed certificates. If you have developed a security system on your network that utilizes mutual authentication based on certificates issued by your own CA, you can extend the system to EFS to further secure encrypted files. For more information on using certificates with EFS, refer to the Windows Vista Help and Support Center.

How Did They Encrypt That? EFS uses algorithms that scramble and encode the data within a file. The application program interface, named CryptoAPI, is the EFS component that generates the encryption. When a person encrypts a file for the first time, a pair of keys—one public, one private—is randomly created. This pair of keys works both to generate the encryption on the file, and later, to unlock the file to decrypt it. Designated recovery agents are user accounts authorized to decrypt encrypted files. When a user account is designated as a recovery agent, you essentially are granting it a copy of the key pair. If you lose the key pair or they become damaged, and if there is no designated recovery agent, there is no way to decrypt the file, and the data is permanently lost.

518

Chapter 8: Maintaining and Optimizing Systems That Run Windows Vista

Preparing a Disk for EFS Unlike previous versions of Windows, the system and boot partition in Windows Vista must be formatted with NTFS before you can install Vista, as you learned in Chapter 2, “Installing Windows Vista.” However, a data partition can be formatted with the FAT or FAT32 file systems. But you must ensure that such a partition is formatted with NTFS before you can encrypt data using EFS. If it is not, you can convert the hard disk format from FAT to NTFS or format the partition as NTFS. There are two ways to go about this: . Use the command-line Convert.exe utility to change an existing FAT16 or FAT32

partition that contains data to NTFS without losing the data. . Use the graphical Disk Management utility to format a new partition, or an empty

FAT partition, to NTFS. If the volume contains data, you will lose it. (You can also use the command-line Format.exe utility to format a partition as NTFS.) The Convert.exe utility is simple to use and typically problem-free, although you should make certain to back up the data on the partition before you convert it as a precaution. Follow Step by Step 8.14 to use this utility.

STEP BY STEP 8.14 Using Convert.exe to Convert the Hard Disk Partition to NTFS 1. Log on to the computer as an administrator. Know which drive letter represents the partition that you plan to convert because only the partition that contains the encrypted files needs to be formatted with NTFS. For example, if users store all their data on drive D: and want to encrypt those files, you will convert drive D: to NTFS. 2. Click Start, Run, type cmd in the Open text box, and press Enter. 3. The Command Prompt window opens. At the prompt, type CONVERT D: /FS:NTFS. 4. The conversion process begins. If you are running the Convert.exe utility from the same drive letter prompt as the partition you are converting, or a file is open on the partition, you are prompted with a message that states Convert cannot gain exclusive access to D:, so it cannot convert it now. Would you like to schedule it to be converted the next time the system restarts (Y/N)? Press Y at the message.

5. Restart the computer. The disk converts its format to NTFS. This process takes considerable time to complete, but at completion, you can open the Command Prompt window and type chkdsk D: to display the type of file system with which the partition is now formatted.

519

Configuring Data Protection

Encrypting Files You can use either the cipher command line utility or the advanced attributes of the file or folder to encrypt a file. To use the cipher utility for encrypting a file named Myfile.txt located in the C:\MYDIR folder, the full command to use is cipher /e /s:c:\mydir\myfile.txt

To change the Advanced encryption attribute of a file, open Computer and navigate to the file. Right-click the file and select Properties. On the General tab, click the Advanced button in the Attributes section. The Advanced Attributes dialog box opens, as shown in Figure 8.35.

The Advanced Attributes dialog box enables you to either compress or encrypt a file.

FIGURE 8.35

Check the box next to Encrypt Contents to Secure Data and click OK. Then click OK again to close the file’s Properties sheet. You are given a warning dialog that lets you choose between encrypting just the file that you had selected or both the file and its parent folder. Select one of the options and click OK.

NOTE Mutually exclusive advanced attributes In the Advanced Attributes dialog box, if you select the Compress Contents to Save Disk Space check box, the check mark disappears from the Encrypt Contents to Secure Data check box. These two attributes are mutually exclusive—you can select only one.

After a file has been encrypted, you can view its encryption attribute details by again rightclicking the file, selecting Properties, and clicking the Advanced button on the General tab. In the Advanced Attributes dialog box, click the Details button. The User Access To dialog box opens, as shown in Figure 8.36.

520

Chapter 8: Maintaining and Optimizing Systems That Run Windows Vista

After a file has been encrypted, you can add other users to access the file.

FIGURE 8.36

You can see who is able to open the encrypted file, and you can add other user accounts to share the encrypted file and view the designated data recovery agent, if any. Click the Add button to share the encrypted file. A dialog box listing all the EFS-capable certificates for users opens. If a user has never been issued a certificate, the user’s account does not appear in this dialog box. After a file is encrypted, an unauthorized user attempting to open the file is given an error message that says the user does not have access privileges. If an unauthorized user tries to move or copy an encrypted file, the user receives an Access is denied error message.

Decrypting Files The process of decryption is the opposite of encryption. You can either use the cipher command or change the Advanced attribute for encryption on the file. To use the cipher command to decrypt the file, click Start, Run, type cmd in the Open text box, and press Enter. At the command prompt, type cipher /d /s:c:\myfolder\myfile.txt and press Enter. The file will be decrypted. To use the Advanced Attributes method, open Computer and navigate to the file. Right-click the file and select Properties. On the General tab, click the Advanced button. In the ensuing Advanced Attributes dialog box, clear the Encrypt the Contents to Secure Data check box. Click OK and then click OK again. If you are not the person who originally encrypted the file, or if you are not the designated recovery agent, then you will receive an error for applying attributes that says the access is denied.

521

Configuring Data Protection

BitLocker Drive Encryption Windows Vista introduces a hardware-enabled data encryption feature named BitLocker that serves to protect data on a computer that is exposed to unauthorized access. Available on the Enterprise and Ultimate editions of Vista, BitLocker encrypts the entire Windows volume, thereby preventing unauthorized users from circumventing file and system permissions in Windows or attempting to access information on the protected partition from another computer or operating system. BitLocker even protects the data should an unauthorized user physically remove the hard drive from the computer and use other means to attempt access to the data. BitLocker utilizes the Trusted Platform Module (TPM) version 1.2 to provide secure protection of encryption keys and checking of key components when Windows is booting. You can store keys and password on a USB flash drive that the user must insert to boot the computer. You can also employ an option that requires the user to supply a PIN code, thereby requiring multifactor authentication before the data becomes available for use. If an unauthorized individual has tampered with or modified system files or data in any way, the computer will not boot up.

NOTE Trusted Platform Modules At the time of writing, very few computers on the market are equipped with a TPM. While most computer manufacturers can include a TPM in new computers, you cannot retrofit existing computers with TPMs. For this reason, this section emphasizes the procedure for employing BitLocker on computers that are not equipped with TPMs.

You can store encryption keys and restoration password on a USB flash drive or a separate file for additional data security and recovery capability. Should a user need to recover data using BitLocker’s recovery mode, she merely needs to enter a recovery password to access data and the Windows operating system.

Preparing Your Computer to Use BitLocker To use BitLocker your computer must have at least two partitions: a system partition or volume of at least 1.5GB size and a boot (Windows) partition or volume. The BitLocker procedure will encrypt the Windows partition. You can use a computer that does not have a TPM module if you have a USB flash drive to store the encryption keys and password. Step by Step 8.15 outlines the procedure for setting up a new computer for BitLocker and installing Vista on this computer.

522

Chapter 8: Maintaining and Optimizing Systems That Run Windows Vista

CAUTION Do not use a computer containing important data If your computer contains any data you want to retain, back this data up before performing Step by Step 8.15. Note that if your computer already has two valid partitions as described in this section, you do not have to perform Step by Step 8.15.

STEP BY STEP 8.15 Preparing a New Computer to Use BitLocker 1. Use the Windows Vista DVD to start the computer. 2. On the Install Windows screen, confirm the settings displayed and then click Next. 3. Click System Recovery Options to access the System Recovery dialog box. 4. On the System Recovery Options dialog box, ensure that no operating system is selected (clear the highlight if one is present) and then click Next. 5. On the next System Recovery Options dialog box, select Command Prompt. 6. Type diskpart and press Enter. 7. Type select disk 0. 8. Type clean. This erases the existing partition table. 9. Type create partition primary size=1536 to create a 1.5GB primary system partition. 10. Type assign letter=C to provide a drive letter. 11. Type active to set this partition as active. 12. Type create partition primary to create a second primary partition on which you will install Vista. 13. Type assign letter=D to provide a drive letter. 14. Type list to verify the configuration of each of these partitions. 15. Type exit to close diskpart. 16. Type format c: /y /q /fs:NTFS to format the C partition. 17. Type format d: /y /q /fs:NTFS to format the D partition. 18. Type exit to close the command prompt. 19. Close the System Recovery Options window without shutting down or restarting the computer. 20. Click Install now. Follow the procedure previously described in Chapter 2 to install Vista on the D partition.

523

Configuring Data Protection

TIP BitLocker Drive Preparation Tool Microsoft makes available the BitLocker Drive Preparation Tool, which can be downloaded from the Windows Update website as an available extra. At this location, select BitLocker and EFS Enhancements and then click Install. This tool repartitions your Windows partition to add the required 1.5GB system partition. For more information, refer to Description of the BitLocker Drive Preparation Tool in the “Suggested Readings and Resources” section.

Enabling BitLocker Because most computers that are currently available on the market or already in users’ hands do not contain a TPM module, this section covers the procedure for enabling BitLocker on such a computer. Step by Step 8.16 outlines the procedure for doing so.

STEP BY STEP 8.16 Enabling BitLocker on a Computer Without a TPM 1. Click Start, Run, type gpedit.msc, and then press Enter. 2. Click Continue on the UAC prompt that appears. 3. In the Group Policy Object Editor, navigate to Computer Configuration\Administrative Templates\ Windows Components\BitLocker Drive Encryption. 4. Double-click Control Panel Setup: Enable Advanced Startup Options, enable this policy, select the Allow BitLocker Without a Compatible TPM option, and then click OK. 5. Close the Group Policy Object Editor. 6. Click Start, Run, type Gpupdate /force, and then press Enter. This forces Group Policy to apply immediately. 7. Click Start, Control Panel, Security, BitLocker Drive Encryption, and then click Continue on the UAC prompt that appears. 8. On the BitLocker Drive Encryption applet shown in Figure 8.37, click Turn On BitLocker. You receive the Set BitLocker Startup Preferences dialog box shown in Figure 8.38. 9. Ensure that your USB flash drive is inserted, and then select Require Startup USB Key at Every Startup. 10. You receive the Save the Recovery Password dialog box, which provides the three options shown in Figure 8.39 for saving your recovery password. Use one or more of these options to save the recovery password. If you print it, ensure that you save the printed document in a secure location. If you save it to a USB flash drive, you will see the dialog box shown in Figure 8.40. Click Save. 11. You receive the Encrypt the Volume dialog box shown in Figure 8.41. Ensure that the check box labeled Run BitLocker System Check is selected and then click Continue to proceed.

524

Chapter 8: Maintaining and Optimizing Systems That Run Windows Vista

The BitLocker Drive Encryption applet in Control Panel enables you to encrypt your drive.

FIGURE 8.37

The Set BitLocker Startup Preferences dialog box provides options for starting your computer.

FIGURE 8.38

12. You will need to restart your computer to proceed. Click Restart Now. 13. On restarting your computer, you will receive a message to remove the USB flash drive storage media. Remove the USB drive and allow Vista to boot.

525

Configuring Data Protection

The Save the Recovery Password dialog box provides three options for saving your password.

FIGURE 8.39

Ensure that you save the recovery password to an appropriate USB drive.

FIGURE 8.40

14. Encryption takes place, and Vista displays an icon in the notification area. You can track the progress of encryption by hovering your mouse pointer over this icon. This icon disappears when encryption is complete.

526

Chapter 8: Maintaining and Optimizing Systems That Run Windows Vista

FIGURE 8.41

Select Continue to encrypt your partition.

After you have completed this procedure, you must have the USB drive to start your computer. Alternately, you can use the recovery mode and type the recovery password that was automatically created while enabling BitLocker. BitLocker provides the BitLocker Drive Encryption Recovery Console to enable you to insert the USB drive that contains the recovery password or press Enter, type the recovery password, and press Enter again.

CAUTION Ensure that you do not lose the recovery password If you lose the recovery password, your Windows installation and all data stored on its partition will be permanently lost. You will need to repartition your hard drive and reinstall Windows. Consequently, you should create at least two copies of the password as described in Step by Step 8.16 and store these in a secure location. Do not leave the USB flash drive in your laptop bag; attach it to your key chain or store it elsewhere on your person.

Disabling BitLocker Should you need to turn BitLocker off for any reason, the BitLocker Drive Encryption applet in Control Panel enables you to do so. This procedure decrypts your volume and discards all encryption keys. To do so, access the BitLocker Drive Encryption applet (you will need to accept a UAC prompt) and select Turn Off BitLocker. On the BitLocker Drive Encryption dialog box, select Disable BitLocker Drive Encryption or Decrypt the Volume as required. This action begins immediately without further prompts. You will be able to monitor the decryption action from an icon in the notification area.

527

Summary

Summary In this chapter, you learned about performance monitoring and optimization, using the builtin diagnostic tools to troubleshoot reliability problems, configuring Windows Update, backup and restore, and file encryption. Windows Vista provides the Reliability and Performance Monitor console for monitoring, optimizing, and troubleshooting desktop performance. You can use Performance Monitor to monitor counters related to performance objects associated with different hardware and software components of the system. Reliability Monitor provides a trend analysis of events that can potentially destabilize your computer. You can create data collector sets to log performance counters over a period of time for a permanent record of computer performance. Vista provides three new technologies that enhance system performance. Windows SuperFetch optimizes memory performance based on trends of most-used programs and data. Windows ReadyBoost enables you to use a USB flash drive or memory card as an additional source of memory. Windows ReadyDrive enables mobile computers equipped with a hybrid hard drive to improve their performance and battery life. Vista provides several tools for troubleshooting reliability issues. System Configuration Utility enables you to start your computer with a reduced set of services and startup programs to troubleshoot problematic startups. You can use Task Manager to provide a quick view of computer performance. Task Manager enables you to shut down misbehaving applications and processes and start applications at different priority levels. Event Viewer logs errors, warning, and informational events that take place on the computer. You can also schedule actions to take place should a given event be logged. Windows Update enables you to keep your computer up-to-date with security patches, Windows Defender definition updates, and other enhancements available from the Microsoft Windows Update website. On a network you can configure a WSUS server to download updates and make them available to network computers and configure policies that govern the behavior of computers obtaining updates. Vista provides enhanced backup and restore tools in the Backup and Restore Center that help to prevent data loss resulting from hardware failure and other disasters. You can back up selected files and folders or your entire computer and schedule backups to take place at preconfigured intervals. Vista provides two solutions for protecting data against unauthorized access by means of encryption. EFS encrypts files and folders on any NTFS volume of your computer, and BitLocker encrypts the entire system volume.

528

Chapter 8: Maintaining and Optimizing Systems That Run Windows Vista

Key Terms . alert . Backup and Restore Center . BitLocker . Compatibility mode . data collector sets . Encrypting File System (EFS) . Event Viewer . object . paging file . performance counter . Performance Monitor . performance object . Reliability Monitor . System Configuration Utility . Task Manager . Windows ReadyBoost . Windows ReadyDrive . Windows SuperFetch . Windows Update

Apply Your Knowledge Backing up and restoring crucial data is one of the most important responsibilities for anyone using modern computers. Windows Vista’s backup tools simplify the task of backing up files, folders, or the entire computer to hard disks, CD-ROMs, DVD-ROMs, and network locations.

529

Apply Your Knowledge

Exercises 8.1 Backing Up a Folder Windows Vista provides the Documents folder as a default location used by many applications to store data. In this exercise you back up this folder to a network location and then delete its contents. You need two computers running Windows Vista for this exercise. Estimated Time: 15 minutes. 1. At the computer that will receive the backed up data, create and share a folder named Backup. Ensure that this folder is shared with at least the Change shared folder permission. Refer to Chapter 6 if you have forgotten how to do this step. 2. At the computer from which you will be backing up data, click Start, Control Panel, Back Up Your Computer. 3. In the Back Up and Restore Center, click Back Up Files and then click Continue on the UAC prompt that appears. 4. On the Back Up Files screen, select On a Network, and then type the UNC path to the shared folder on the other computer. 5. On the Which File Types Do You Want to Back Up screen, select Documents and clear all other check boxes. Then click Next. 6. Leave the defaults selected on the How Often Do You Want to Create a Backup screen and click Save Settings and Start Backup. 7. Wait for the backup to be completed. Assuming you are using this computer for testing and study purposes only, this should not take more than a few minutes. 8. When informed that the backup is completed, click Finish. 9. Click Start, Documents to display the contents of this folder. 10. Press Ctrl+A to select all the files in the folder and press the Delete key. On the Delete Multiple Items message box, click Yes. 11. Minimize the Backup and Restore Center to reveal the desktop, right-click the Recycle Bin icon, and choose Empty Recycle Bin. Then click Yes to confirm permanent deletion of its contents.

8.2 Restoring Data You just deleted the contents of the Documents folder. This would be big trouble if this were your company’s accounts receivable folder—or even your personal stock of precious digital photographs. Such things occasionally happen, whether by accident, disk failure, or other cause. Here you restore the contents of this folder from backup. Estimated Time: 10 minutes.

530

Chapter 8: Maintaining and Optimizing Systems That Run Windows Vista 1. Press Alt+Tab to bring the Backup and Restore Center back up. If you have closed this tool, repeat step 1 of the previous exercise. 2. Click Restore Files. 3. On the Restore Files screen, select Files from the Latest Backup and then click Next. 4. On the next screen, click Add Folders. 5. Select Documents and then click Add. This folder is added to the list in the Restore Files dialog box. 6. Click Next. 7. On the Where Do You Want to Save the Restored Files screen, ensure that In the Original Location is selected, and then click Start Restore. 8. Wait while the progress of the restore is charted in the Restore Progress dialog box. When informed that files were successfully restored, click Finish and close the Backup and Restore Center. 9. Click Start, Documents, and confirm that the contents of this folder have been properly restored.

Exam Questions 1. Your Windows Vista computer has been running slowly once or twice a day when performing processor-intensive or memory-intensive tasks, and you suspect that you might need to upgrade your processor. You have added additional RAM to the computer but need to be informed of potential processor bottlenecks, so you want to configure the computer to inform you should processor utilization exceed 85%. What should you do? (Each correct answer represents part of the solution. Choose two.)

❍ A. Configure Performance Monitor to generate an alert when the Processor\%Processor time counter exceeds 85%.

❍ B. Configure a data collector set to generate an alert when the Processor\%Processor time counter exceeds 85%.

❍ C. Configure Reliability Monitor to generate an alert when the Processor\%Processor time counter exceeds 85%.

❍ D. View the Application log in Event Viewer to determine whether any alerts have been generated.

❍

E. View the System log in Event Viewer to determine whether any alerts have been generated.

❍

F. In Computer Management, ensure that the Alerter service is configured to start automatically. You will then receive a message box on your desktop when an alert is generated.

531

Apply Your Knowledge 2. Ryan is concerned with the performance of his Windows Vista computer because it does not appear to be responding as rapidly as it did a few months ago. He creates a data collector set and logs his performance over the period of a workday. Then he uses Performance Monitor to display the collected data and notices the following results: . Memory\Pages/sec: 62 . Processor\% Processor Time: 71 . LogicalDisk\% Disk Time: 74 . PhysicalDisk\% Disk Time: 63 . System: Processor Queue Length: 3 Which of the following system upgrades should Ryan do first?

❍ A. Add a faster hard disk. ❍ B. Add a larger hard disk. ❍ C. Add additional memory. ❍ D. Install a faster processor. ❍

E. Install a second processor.

3. Kristin is a photo enthusiast who is using a computer running Windows Vista Home Premium that is equipped with 1GB RAM and a 2.4GHz processor. When she edits large photo files from her 8megapixel digital camera, her computer runs slowly. She needs to improve the performance of her computer, so she purchases a 1GB USB flash drive and investigates the new features available to Windows Vista. Which of the following should she utilize to improve her computer’s performance?

❍ A. Windows SuperFetch ❍ B. Windows ReadyBoost ❍ C. Windows ReadyDrive ❍ D. She cannot use any of these features. She should add more RAM instead.

532

Chapter 8: Maintaining and Optimizing Systems That Run Windows Vista 4. Brent’s Windows Vista computer is experiencing startup problems, and he believes that it is due to one of several new programs he has recently downloaded from the Internet and installed on his computer. These programs are configured to start automatically when Brent starts his computer. He wants to find out which program is causing the problem, so he boots the computer in Safe mode and accesses the System Configuration utility. Which of the following should he do first?

❍ A. From the Boot tab, select Advanced Options and then clear the options for starting the new programs automatically.

❍ B. From the General tab, select the Diagnostic Startup option. ❍ C. From the General tab, select the Selective Startup option and clear the Load System Services check box.

❍ D. From the General tab, select the Selective Startup option and clear the Load Startup Items check box. 5. Debbie is the desktop administrator for an engineering company. All servers run Windows Server 2003, and all client computers run Windows Vista Ultimate. Several users in the Design department run a simulation application that requires several hours to process its data. These users report that when they run this application, the performance of other engineering programs becomes considerably slower. What should Debbie instruct the users to do so that the simulation application can run with the least impact on other engineering programs being run at the same time?

❍ A. Configure the simulation program to have BelowNormal priority. ❍ B. Configure the simulation program to have AboveNormal priority. ❍ C. Configure all other engineering programs to have High priority. ❍ D. Configure all other engineering programs to have RealTime priority.

533

Apply Your Knowledge 6. Connie has experienced problems in the past with updates downloaded from the Microsoft website causing applications to fail unexpectedly. So she has configured Windows Update on her computer to check for updates but to let her choose whether to download and install them. A few months later, Connie realizes that an optional patch that her work colleagues have received is missing from her machine, and its performance has suffered as a consequence. What should she do to view and restore this update while retaining the option to let her choose whether to download and install future updates?

❍ A. From the Windows Update applet in Control Panel, click Change Settings, and then select the check box labeled Include Recommended Updates When Downloading, Installing, or Notifying Me About Updates.

❍ B. From the Windows Update applet in Control Panel, click Change Settings, and then select the Install Updates Automatically (Recommended) option.

❍ C. From the Windows Update applet in Control Panel, click View Update History, select the update, and then click Restore.

❍ D. From the Windows Update applet in Control Panel, click Restore Hidden Updates, select the update, and then click Restore. 7. You want to create a backup of the Windows settings including the Registry on your computer. You also want to back up your applications and data at the same time, so you access the Backup and Restore Center. Which of the following options should you select?

❍ A. Back Up Files ❍ B. Back Up System State ❍ C. Back Up Computer ❍ D. Create a Restore Point or Change Settings

534

Chapter 8: Maintaining and Optimizing Systems That Run Windows Vista 8. You are using a Windows Vista Home Premium computer at home and a Windows Vista Business computer in the office. You are working on a large, urgent project that needs to be completed by next week, but the weather office has issued a blizzard warning for the next two days. Anticipating that you will be unable to go to the office, you use Windows Backup to back up all the folders required for the project to a DVD-ROM and take this DVD-ROM home. Which of the following procedures should you follow to restore these folders to your home computer?

❍ A. From the Backup and Restore Center, select Restore Files and then select the option to save the files in the following location and choose an appropriate folder on your computer.

❍ B. From the Backup and Restore Center, select the option to perform an advanced restore. ❍ C. From the Backup and Restore Center, select the option to create a restore point or change settings.

❍ D. From the Backup and Restore Center, select the option to load the Windows Recovery Environment.

535

Apply Your Knowledge 9. Lance is the team leader of a field research group for an environmental research company. The company is working on a new system for toxic contaminant removal from municipal sewage effluents. Researchers in his group have stored experimental data on a Windows Vista Business laptop computer that they regularly take to the field when performing measurements at several sites. They record their measurements into a folder named Effluents. The network administrator at the company has created a group named Field and added the user accounts for Lance and the other field researchers to this group. Lance’s boss is concerned that the laptop could be stolen and the data could fall into the wrong hands, so he decides to use EFS to encrypt the Effluents folder on the laptop. He needs to enable the other researchers in his group to access data on this folder while in the field. All researchers have valid certificates for using EFS. Lance right-clicks the data folder, chooses Properties, clicks the Advanced button, and then selects the Encrypt Contents to Secure Data option. What else does Lance need to do so that all users of the laptop can access the experimental data?

❍ A. In the Advanced Attributes dialog box for the Effluents folder, click Details. In the Encryption Details dialog box that appears, click Add and add the other researchers individually to the list of users who can transparently access the folder.

❍ B. In the Advanced Attributes dialog box for the Effluents folder, click Details. In the Encryption Details dialog box that appears, click Add and add the Field group to the list of users who can transparently access the folder.

❍ C. Right-click each file in the Effluents folder and choose Properties. Click the Advanced button and in the Advanced Attributes dialog box for the file, click Details. In the User Access to Effluents dialog box that appears, click Add and add the other researchers individually to the list of users who can transparently access the file.

❍ D. Right-click each file in the Effluents folder and choose Properties. Click the Advanced button and in the Advanced Attributes dialog box for the file, click Details. In the User Access to Effluents dialog box that appears, click Add and add the Field group to the list of users who can transparently access the file.

536

Chapter 8: Maintaining and Optimizing Systems That Run Windows Vista 10. Nancy is a sales representative for a high technology firm that includes aerospace and defense firms as well as the U.S. military among its clients. She uses a notebook computer running Windows Vista during her visits to client locations. This computer holds confidential data for all clients including data that could provoke a national security incident should the notebook fall into the wrong hands. Nancy decides to use BitLocker drive encryption to secure the contents of the notebook, which is not equipped with a TPM module. The computer already contains several folders with important data files. Which of the following does she need to do in order to enable BitLocker on her notebook without losing any existing data? (Each correct answer represents part of the solution. Choose two.)

❍ A. Use the Windows Vista DVD-ROM to access the System Recovery Options dialog box and select the Command Prompt option. Then repartition the hard drive in the notebook to hold a 40GB Windows partition and a single partition that holds all data files.

❍ B. Use the Windows Vista DVD-ROM to access the System Recovery Options dialog box and select the Command Prompt option. Then repartition the hard drive in the notebook to hold a 1.5GB system partition and a single partition that holds both operating system files and the data files.

❍ C. Use the BitLocker Drive Preparation Tool to repartition the hard drive in the notebook to hold a 40GB Windows partition and a single partition that holds all data files.

❍ D. Use the BitLocker Drive Preparation Tool to repartition the hard drive in the notebook to hold a 1.5GB system partition and a single partition that holds both operating system files and the data files.

❍

E. Use a USB flash drive to hold the encryption keys and access password.

❍

F. Use a floppy disk to hold the encryption keys and access password.

Answers to Exam Questions 1. B and D. To have the computer generate an alert when a certain condition occurs (for example, when the Processor\%Processor time counter exceeds 85%), you need to create a manually configured data collector set and access the Performance Counter Alert option. Doing so enables alerts to be recorded in the Application log, which you can view from Event Viewer. You can watch the counter values in real time from System Monitor, but this application does not generate an alert, so answer A is incorrect. Reliability Monitor displays a computer reliability graph but does not generate any alerts, so answer C is incorrect. You need to look in the Application log and not the System log to find alerts, so answer E is incorrect. You cannot configure the Alerter service to display alerts to your desktop, so answer F is incorrect. For more information, see the section, “Data Collector Sets.” 2. C. Ryan should add more RAM. A value of Memory\Pages/sec that is consistently greater than 20 indicates a shortage of RAM and a potential bottleneck. LogicalDisk\% Disk Time and

537

Apply Your Knowledge PhysicalDisk\% Disk time report the percentage of time that the disk was busy servicing disk requests; in this situation, the high amount of paging results in a busy disk. When PhysicalDisk\% Disk time is above 50%, it is sometimes necessary to upgrade to a faster hard disk; however, if memory counters are also high, you should add RAM first to improve computer performance. Therefore answers A and B are incorrect. Paging activity and disk requests might cause an increase in the Processor\% Processor time; however, the value of 71 for this counter is within acceptable limits. Therefore answers D and E are incorrect. For more information, see the section, “Optimizing and Troubleshooting Memory Performance.” 3. B. Kristin can use Windows ReadyBoost to improve the performance of her computer. ReadyBoost enables her to use a USB flash drive or memory card with at least 256MB free space as an additional memory source that responds much faster than the paging file on her hard disk. Windows SuperFetch optimizes memory performance based on recent data and program usage. It works automatically and does not use a USB flash drive, so answer A is incorrect. Windows ReadyDrive enables mobile computers equipped with a hybrid hard drive to achieve enhanced performance. It also does not use a USB flash drive, so answer C is incorrect. Because Kristin can use her USB flash drive with Windows ReadyBoost, she does not need to add RAM, so answer D is incorrect. For more information, see the section, “Windows ReadyBoost.” 4. D. Brent should access the General tab of the System Configuration utility, select the Selective Startup option, and clear the Load Startup Items check box. Doing so prevents all applications configured to load at startup from running. He can then check the performance of the computer at startup, after which he can selectively start programs from the Startup tab. The Advanced Options dialog box accessed from the Boot tab does not contain options for starting programs automatically, so answer A is incorrect. The Diagnostic Startup option loads basic devices and services only but does not modify application startup, so answer B is incorrect. Clearing the Load System Services check box prevents nonessential services from starting but does not prevent programs from starting automatically, so answer C is incorrect. For more information, see the section, “System Configuration Utility.” 5. A. Debbie can resolve this problem by configuring the simulation program to run at a lower priority (either Low or BelowNormal). Doing so causes more computer resources to be allocated to other engineering applications, thereby improving their performance while still allowing the simulation program to run. Configuring the simulation program to run at a higher priority would take resources away from the other programs, so answer B is incorrect. Configuring all other programs to run at High priority might help to solve the problem but requires more effort than changing the priority of a single program, so answer C is incorrect. Configuring programs for RealTime priority can cause the computer to become unstable, so answer D is incorrect. For more information, see the section, “Configuring Application Priority.” 6. D. Connie should access the Windows Update applet in Control Panel. She should click Restore Hidden Updates, select the update, and then click Restore. Updates might become hidden if she has asked Windows not to notify her or install updates automatically. Selecting the check box labeled Include Recommended Updates When Downloading, Installing, or Notifying Me About Updates enables her to include updated definition files for Windows Defender in the updates downloaded from the Microsoft Windows Update website. This option (which is selected by default)

538

Chapter 8: Maintaining and Optimizing Systems That Run Windows Vista does not enable her to restore a hidden update, so answer A is incorrect. Connie should not select the Install Updates Automatically (Recommended) option because she wants to retain the option to let her choose whether to download and install future updates, so answer B is incorrect. The View Update History option enables her to view installed updates but not access hidden updates, so answer C is incorrect. For more information, see the section, “Working with Windows Update.” 7. C. You should select the Back Up Computer option. This option enables you to create a Windows Complete PC Backup and Restore image of your entire computer. This image contains your Windows files and Registry, and you can use it to recover from a hardware failure. The Back Up Files option enables you to back up selected files and folders but not the Windows files or Registry, so answer A is incorrect. The Back Up System State option existed in Windows 2000/XP for backing up items such as the Registry, system files, and boot files. It has been replaced by the Complete PC Backup and Restore option in Vista, so answer B is incorrect. The Create a Restore Point or Change Settings option enables you to create a point that can be used for rolling back your computer settings to a previous point in time. It does not create a backup of any type, so answer D is incorrect. For more information, see the section, “Using Windows Backup to Protect Your Data.” 8. B. You should select the option to perform an advanced restore. In the Backup and Restore Center, click Advanced Restore and select the option to restore a backup that was created on a different computer. The option to save the restored files in a specified location enables you to create a new copy of files or folders backed up on the same computer, so answer A is incorrect. The option to create a restore point or change settings enables you to create a point that can be used for rolling back your computer settings to a previous point in time. It does not restore files from either the same computer or a different one, so answer C is incorrect. The option to load the Windows Recovery Environment is used to restore your entire computer from a Windows Complete PC Backup and Restore image. This does not restore files from another computer, so answer D is incorrect. For more information, see the section, “Using Windows Backup to Restore Your Computer.” 9. C. Lance should access the User Access to Effluents dialog box, click Add and add the other researchers individually to the list of users that can transparently access the file. Windows Vista enables you to enable additional users to access files and folders that are encrypted with EFS. Lance can authorize the users in his group to access the data files in this folder by following the procedure in this option for each of the files in turn. The Encryption Details dialog box does not contain an option for enabling additional users to access the encrypted files, so answers A and B are incorrect. Lance cannot add a group to the list of users who can access the file on the User Access dialog box, so answer D is incorrect. For more information, see the section, “Encrypting Files.” 10. D and E. Nancy should use the BitLocker Drive Preparation Tool to repartition the hard drive in the notebook to hold a 1.5GB system partition and a single partition that holds both operating system files and the data files. She should then use a USB flash drive to hold the encryption keys and access password while she enables BitLocker from the BitLocker Drive Encryption applet in Control Panel. If Nancy were to repartition the hard drive by using the command prompt available from the System Recovery Options dialog box, her data would be lost. Therefore answers A and B are incorrect. If she were to repartition the hard drive to hold a 40GB Windows partition and the

539

Apply Your Knowledge remainder of the drive as a data partition, her data would not be protected. Therefore answer C is incorrect. It is not possible to store the encryption keys and access password on a floppy disk, so answer F is incorrect. For more information, see the section, “BitLocker Drive Encryption.”

Suggested Readings and Resources The following are some recommended readings on the subject of monitoring and optimizing computer performance and reliability, and configuring Windows Update and data protection: 1. Course . Microsoft Official Curriculum course 5116, Configuring Windows Vista Application

and Tools. Module 1, Maintaining and Optimizing Windows Vista Systems. Information available at http://www.microsoft.com/learning/syllabi/en-us/5116aprelim.mspx 2. Websites . Microsoft Technet. Overview of Windows Reliability and Performance Monitor.

http://technet2.microsoft.com/WindowsVista/en/library/44daefa4-407d-4763b42f-b613a261da541033.mspx . Microsoft. Windows PC Accelerators: Performance Technology for Windows Vista.

http://www.microsoft.com/whdc/system/sysperf/accelerator.mspx . Microsoft Technet. Event Viewer Overview. http://technet2.microsoft.com/

WindowsVista/en/library/4229f239-16a6-4ecd-b3cf-aec03dc08cd51033.mspx . Microsoft Technet. Windows Update and Resulting Internet Communication in

Windows Vista. http://technet2.microsoft.com/WindowsVista/en/library/2acc52406223-453f-8409-4c020311a1ae1033.mspx . Microsoft. Security Enhancements in Windows Vista. http://www.microsoft.com/

downloads/details.aspx?FamilyID=6fb28358-68d9-43e9-b5746a0d377bba34&DisplayLang=en . Microsoft. Description of the BitLocker Drive Preparation Tool. http://support.

microsoft.com/kb/930063 . Microsoft Technet. Windows BitLocker Drive Encryption Step-by-Step Guide.

http://technet2.microsoft.com/WindowsVista/en/library/c61f2a12-8ae6-4957b031-97b4d762cf311033.mspx

This page intentionally left blank

9

CHAPTER NINE

Configuring and Troubleshooting Mobile Computing Objectives This chapter helps you to prepare for the exam by covering the following Microsoft-specified objectives for the Configuring and Troubleshooting Mobile Computing section of the TS: Microsoft Windows Vista, Configuring exam:

Configure Mobile Display Settings. . Windows Vista provides a series of display settings that are more pertinent to users of mobile computers as opposed to desktop computers. With the increasing use of mobile computers in today’s workforce, Microsoft added this objective to ensure that you are familiar with settings for purposes such as attaching external monitors, using an auxiliary display, and so on.

Configure Mobile Devices. . Windows Vista provides a feature-complete environment for all types of mobile computers, including laptops, notebooks, and Tablet PC devices. Microsoft expects you to be able to perform basic configuration and troubleshooting tasks on these types of devices for the 70-620 exam.

Configure Tablet PC software. . The Tablet PC is a new type of computer that is gaining use by people who require enhanced note- and order-taking capabilities. Microsoft has developed new software that facilitates the use of the Tablet PC for these purposes and wants you to be familiar with its capabilities.

Configure Power Options. . Mobile computers need to rely on battery power when used away from locations where AC power is available. Microsoft expects you to be able to configure mobile computers for optimizing power use according to different requirements and to configure the appropriate options for scenarios such as offices, client locations, and in the field.

Outline Introduction

544

Summary

586

Configuring Mobile Devices

544

Key Terms

587

Mobile PC Control Panel

544

Windows Mobility Center

545

Apply Your Knowledge

587

547

Exercises

588

VPN Connection Security

547

Exam Questions

590

Synchronizing with Network Folders

Answers to Exam Questions

594

548

Suggested Readings and Resources

596

Use of the Sync Center

551

Configuring Infrared Devices

555

Networking with Mobile Computers

Configuring Mobile Display Settings

556

Presentation Settings

556

Using a Networked Projector

558

External Monitors

560

Windows SideShow

561

Using Windows SideShow

562

Windows SideShow Device Security

563

Configuring Tablet PC Software

564

Tablet PC Settings Tablet PC Input Panel

565 567

Input Panel Options

567

Pen Flicks

569

Additional Pen Options

571

Handwriting Recognizer

571

The Snipping Tool

575

Touch Screen Support

575

Configuring Power Options Power Plans

576 577

Additional Power Plan Options

578

Advanced Power Settings

579

Battery Meter

581

Power Management and Group Policy 583

Study Strategies Windows Vista provides a comprehensive set of features designed with users of mobile computers in mind, and Microsoft expects you to be familiar with these features for the 70-620 exam. You should practice the skills involved in the Step by Step and Apply Your Knowledge exercises until you are familiar with the features discussed in this chapter. . Play with the options presented by the Windows Mobility Center and ensure that you know which actions you can or cannot perform from this location. . Configure one computer to share a folder and make this shared folder available offline. Connect to this share from another computer and work with the Sync Center to familiarize yourself with the options provided. Make changes to a file stored on the first computer and then make other changes to an offline copy of the same file on the second computer. Then use the Sync Center to synchronize the folder containing this file and note the results. . Attach an external monitor to a laptop computer and experiment with the different modes available for using this monitor. If you have a digital projector available, attach it and observe the effects. Turn presentation mode on and off and observe what happens. . If you have a Tablet PC computer available, experiment with changing the display orientation. Then open the Tablet PC Input Panel and experiment with training it to your handwriting style. Use the various options available to refine its response to your writing until you are satisfied that it produces an acceptable text copy. Even if you do not have a Tablet PC, you can still experiment with the Input Panel and try writing with mouse movements. . Practice configuring a laptop computer for different power schemes and observe the results when running on battery power. Also configure the computer for sleep and hibernation, and observe what happens when you place the computer into these modes. If you have only a desktop computer available, you can still practice some of these exercises and observe factors such as when certain components of the computer shut down.

544

Chapter 9: Configuring and Troubleshooting Mobile Computing

Introduction Mobile computing has entered the mainstream of everyday business activity, with modern notebook or laptop computers presenting an unprecedented level of computing power. You can do almost as much on a notebook or laptop computer as on a desktop with the added convenience of portability to any workplace, client, hotel, or home as the demand requires. Microsoft has designed Windows Vista to accommodate a large range of mobile features such as the Windows Mobility Center, improved power management, presentation settings, and Windows SideShow. Furthermore, tablet computers are supported in a highly improved fashion with additional options and settings such as an enhanced input panel and improved handwriting recognition software. This chapter introduces you to these portable computer features.

Configuring Mobile Devices Objective:

Configure Mobile Devices. Windows Vista provides a feature-complete environment for all types of mobile computers, including laptops, notebooks, and Tablet PC devices. Included are features for connecting your portable computer with wired and wireless networks and sharing data with these networks in a secure fashion.

Mobile PC Control Panel New to Windows Vista is the Mobile PC Control Panel, which provides a centralized location for performing many of the configuration activities associated with portable computing. This Control Panel component appears only on mobile computers, including Tablet PC devices. Open the Control Panel and select Mobile PC to display the window shown in Figure 9.1, which features the following applets: . Windows Mobility Center—Enables you to configure common mobile computer settings

such as display settings, speaker volume, and battery status . Power Options—Enables you to configure power use for specific conditions including

connecting your computer to an AC outlet or running it on battery power . Personalization—Similar to the Personalization applet found in the display settings of

other Windows Vista computers

545

Configuring Mobile Devices . Tablet PC Settings and Pen and Input Devices—Enable you to configure properties specif-

ic to tablet computers . Sync Center—Synchronizes data on your mobile computer with other network devices

including servers, desktop computers, and other portable computers

FIGURE 9.1 Portable computers feature the Mobile PC Control Panel category for performing activities specific to mobile computing.

Windows Mobility Center Previous Windows versions required you to navigate to different locations to perform actions specific to portable computers such as adjusting the display properties, power conservation, wireless networking, and so on. Windows Vista centralizes these features in a new component called the Windows Mobility Center. This application enables you to configure a large range of features specific to notebook computers. Follow Step by Step 9.1 to access the Windows Mobility Center.

STEP BY STEP 9.1 Configuring the Windows Mobility Center 1. Click Start and type mobility in the Start Search text box. You can also click Start, Control Panel, Mobile PC, Windows Mobility Center. The Windows Mobility Center opens, as shown in Figure 9.2.

546

Chapter 9: Configuring and Troubleshooting Mobile Computing

FIGURE 9.2 Windows Mobility Center enables you to control several features related to portable computers.

2. Select the control provided by the appropriate applet. The following might be available, depending on the edition of Vista and the capabilities of your computer: . Brightness—Adjust the slider provided to control the brightness of your portable computer display. . Volume—Adjust the slider to control your computer’s speaker volume or select the Mute check box to turn it off. . Battery Status—Displays the current charge level of your computer’s battery. You can also select a power scheme from the drop-down list provided, which might include custom settings set up by the computer manufacturer if available. Power options are discussed later in this chapter. . Wireless Network—Provides the current connection status and signal strength. Select the command button provided to toggle the wireless network on or off. You learned about configuring wireless network settings in Chapter 6, “Configuring Network Connectivity.” . Screen Orientation—Available on Tablet PC devices only, enables you to toggle the display orientation between horizontal (landscape) and vertical (portrait) modes. . External Display—Enables you to connect an external monitor to your mobile computer or its docking station and configure its properties. . Sync Center—Displays your current synchronization settings. Select the command button provided to view synchronization activities or modify the settings. . Presentation Settings—Select the command button provided to turn on and modify settings for giving presentations.

NOTE Mobility Center controls depend on your computer’s features Vista does not display modules associated with features not supported by your mobile computer. In addition, certain editions of Vista do not support and therefore do not display certain portability features. Furthermore, computer manufacturers might add additional modules to the Mobility Center.

547

Configuring Mobile Devices

EXAM ALERT Windows Mobility Center settings Some of the settings available from Windows Mobility Center are also available from other Control Panel applets. The exam might ask you for more than one way to perform an action using a phrase such as, “Each correct answer represents a complete solution. Choose two.”

Networking with Mobile Computers The mobile nature of these computers presents unique situations—for example, you might be connected to your office network in the morning; travel to a client or conference location in the afternoon and access a different network; and then at home in the evening, connect to your home desktop computer or even back to the office via a virtual private network (VPN) connection. This section expands upon networking situations introduced in Chapter 6 to include items of primary concern to mobile computer users.

VPN Connection Security Chapter 6 introduced you to VPN connections and showed you how to set up a connection using either the Point-to-Point Tunneling Protocol (PPTP) or Layer 2 Tunneling Protocol (L2TP). Either of these protocols enables you to set up a tunneled connection from a remote location across the Internet to servers in your office network and access shared resources as though you were located on the network itself. Recall that PPTP includes built-in security for encryption and authentication, whereas L2TP does not. You must use IP Security (IPSec) to secure data being sent across an L2TP connection. An issue that you should be aware of concerns the encryption levels used by client and server computers when establishing a VPN connection. If these encryption levels fail to match, you might receive an error code 741 accompanied by the message stating that The local computer does not support encryption or an error code 742 with the message The remote server does not support encryption. This problem occurs if the server is using an encryption level different from that of your mobile computer. Servers running Windows 2000 Server or Windows Server 2003 use Rivest Cipher 4 (RC4) encryption at a level of either 40-bits or 56bits. By default, Vista uses 128-bit encryption. Follow Step by Step 9.2 to modify the encryption level.

STEP BY STEP 9.2 Configuring VPN Encryption Levels 1. Click Start and click Connect To. 2. Right-click the desired VPN connection and select Properties.

548

Chapter 9: Configuring and Troubleshooting Mobile Computing 3. On the VPN Connection Properties dialog box, select the Security tab, select Advanced (Custom Settings), and then click Settings. 4. On the Advanced Security Settings dialog box shown in Figure 9.3, select Maximum Strength Encryption (Disconnect If Server Declines), and then click OK. 5. Click OK to close the VPN Connection Properties dialog box.

The Advanced Security Settings dialog box enables you to specify the level of encryption used in a VPN connection. FIGURE 9.3

Synchronizing with Network Folders The Offline Files feature in Windows Vista originated with Windows 2000 and XP. It replaces the My Briefcase feature included with Windows 9x/NT and works only on Microsoft-based networks. The Offline Files feature enables a user to access and work with files and folders stored on a network share when the user is disconnected from that share. For example, such a situation could occur when the user is working from a laptop on the road or at home. This feature ensures that users are always working with the most recent version of their files. When you enable Offline Files, the feature makes anything you have cached from the network available to you. It also preserves the normal view of network drives, shared folder and NTFS permissions, and so on. When you reconnect to the network, the feature automatically synchronizes any changes with the versions on the network. In addition, changes made to your files while online are saved to both the network share and your local cache. Offline files are stored on the local computer in a special area of the hard drive called a cache. More specifically this is located at %systemroot%\CSC, where CSC stands for client-side caching. By default, this cache takes up 10% of the disk volume space.

549

Configuring Mobile Devices

You need to configure both the client computer and the server to use the Offline Files feature. Keep in mind that the “server” in this sense refers to any computer that holds a shared folder available to users of other computers. This might be a computer running Windows 2000 or XP Professional, Vista Business, Enterprise, or Ultimate, as well as a server running Windows 2000 Server, Windows Server 2003, or Windows Server 2008. Client Computer Configuration By default, the Offline Files feature is enabled on the client computer. Step by Step 9.3 shows you how to configure the available client options.

STEP BY STEP 9.3 Configuring Offline Files at the Client Computer 1. Click Start, Control Panel, Network and Internet, Offline Files. 2. From the General tab of the Offline Files dialog box shown in Figure 9.4, select the following options as required: . Disable Offline Files—Select this command button if you do not want to use Offline Files. You must accept a User Account Control (UAC) prompt and then restart your computer to disable offline files. If Offline Files are disabled, this command button enables you to enable Offline Files. . Open Sync Center—Opens the Sync Center. . View Your Offline Files—Opens a Windows Explorer window displaying the contents of the Offline Files folder.

FIGURE 9.4 You can configure offline files at the client computer from the Offline Files dialog box.

550

Chapter 9: Configuring and Troubleshooting Mobile Computing 3. Select the Disk Usage tab to configure the amount of disk space currently used for storing offline files. By default this is 10% of the drive space. Click Change Limits and click Continue on the UAC prompt that appears to modify this setting. Click Delete Temporary files to delete locally stored files. You receive a Confirm File Delete dialog box displaying the shared folders from which you have cached files and an option to delete only the temporary files or both the temporary files and those that are always available offline. 4. Select the Encryption tab and then click Encrypt to encrypt offline files. This feature uses the Encrypting File System (EFS) to encrypt offline files, keeping them secure from unauthorized users. By default, offline files are not encrypted. 5. Select the Network tab to check for slow network connections. You can specify the number of minutes (five by default) at which Vista checks for a slow connection. 6. When finished, click OK or Apply.

When you have enabled your computer for Offline Files, copies of files and folders you access across the network are stored automatically in your cache area according to the server configuration parameters in effect. These parameters are discussed in the next section. You can also automatically cache all available files from a network share to which you have connected. Right-click the shared folder icon and choose Make Available Offline. This automatically caches all available files without your having to open them first. You can also synchronize your cached files manually when you are connected to the network share. To do so, right-click the shared folder icon and choose Synchronize. Server Configuration To enable the caching of files stored on a shared folder, you need to configure the shared folder on the server and specify the type of caching available. Step by Step 9.4 shows you how to perform these tasks on a Windows Vista computer.

STEP BY STEP 9.4 Configuring a Shared Folder for Offline Use 1. Right-click the shared folder and choose Properties. 2. On the Sharing tab of the folder’s Properties dialog box, click Advanced Sharing and then click Continue in the UAC prompt that appears. 3. On the Advanced Sharing dialog box, click Caching to open the Offline Settings dialog box shown in Figure 9.5.

551

Configuring Mobile Devices

FIGURE 9.5 The Offline Settings dialog box provides two options for enabling offline caching in Windows Vista.

4. Select from the following options, and then click OK: . Only the Files and Programs that Users Specify Will Be Available Offline—Requires that a user connecting to the share specifically indicate the files to be made available for caching. This is the default setting. . All Files and Programs that Users Open from the Share Will Be Automatically Available Offline— Makes every file in the share available for caching by a remote user. When a user opens a file from the share, the file is downloaded to the client’s cache and replaces any older versions of the file. . Optimized for Performance—Enables expanded caching of shared programs so that users can run them locally, thereby improving performance. . Files or Programs from the Share Will Not Be Available Offline—Effectively disables the Offline Files feature. 5. Click OK to close the Advanced Sharing dialog box, and then click Close to close the Properties dialog box for the shared folder.

Use of the Sync Center New to Windows Vista is the Sync Center, which enables you to manage cached offline files and folders once you have configured them as described in the previous sections. Shown in Figure 9.6, Sync Center enables you to perform the following actions: . Synchronization with different device types—Sync Center enables you to synchronize data

with other computers and with devices such as smart phones, digital media devices, personal data assistants (PDAs), and so on. . Multiple synchronization—You can synchronize files and folders with a single device or

all available devices.

552

Chapter 9: Configuring and Troubleshooting Mobile Computing . Manage synchronization activities—You can initiate manual synchronization, stop actions

in progress, check device connectivity status, view the status of activities, and be notified about possible conflicts. . Conflict resolution—If different users have performed conflicting edits on a file such as a

Word document, Sync Center informs you and enables you to save multiple copies of the edited file for later analysis. . Sync partnerships—Sync Center establishes sync partnerships for all shared folders that

you have cached locally. You can configure these partnerships to specify how and when the folders are synced.

FIGURE 9.6 The Sync Center enables you to view and manage file and folder synchronization.

Follow Step by Step 9.5 to view sync partnerships and synchronize files.

STEP BY STEP 9.5 Using the Sync Center to View and Synchronize Offline Files 1. Use one of the following methods to open the Sync Center: . From the Windows Mobility Center, click Sync Settings. . Click Start, Control Panel, Mobile PC, Sync Center.

553

Configuring Mobile Devices . Click Start, Control Panel, Network and Internet, Sync Center. . Click Start and type sync in the Search text box. Click Sync Center in the Programs list. . From the Offline Files dialog box previously shown in Figure 9.4, click Open Sync Center. 2. In the task list on the left side of the Sync Center, click View Sync Partnerships to display configured partnerships. 3. To synchronize all available partnerships, click Sync All. 4. To synchronize a specific network share, select its partnership, and then click Sync.

Sync Center also enables you to schedule synchronization activities to take place at any of the following actions: . At a specified time and synchronization interval . When you log on to your computer . When your computer has been idle for a specified number of minutes (15 minutes by

default) . When you lock or unlock Windows

Follow Step by Step 9.6 to create a schedule.

STEP BY STEP 9.6 Using the Sync Center to Schedule Synchronization 1. In Sync Center, select the required synchronization partnership, and then click Schedule. 2. On the Offline Files Sync Schedule dialog box that appears, select the items to be synced on this schedule, and then click Next. 3. To specify a time for the sync to begin, select At a Scheduled Time. To initiate synchronization when an event such as logging on to the computer occurs, select On an Event or Action and then select the desired action or actions. 4. If you select At a Scheduled Time, Sync Center automatically provides the current date and time as a start time and a one-day repeat interval (see Figure 9.7). Accept these or specify a different date, time, and interval as required, and then click Next. 5. Specify a descriptive name for the scheduled synchronization and then click Save Schedule.

554

Chapter 9: Configuring and Troubleshooting Mobile Computing

FIGURE 9.7

You can specify the date, time, and synchronization interval for your sync schedule.

After you have created a synchronization schedule, the Offline Files Sync Schedule dialog box provides additional options for viewing or editing an existing sync schedule or deleting the schedule. If different users modify a synchronized file while working on different computers, a synchronization conflict occurs. Sync Center informs you when conflicts have occurred. To view information about sync conflicts, click View Sync Conflicts in the Tasks pane. As shown in Figure 9.8, Sync Center informs you about the file or files that are in conflict.

FIGURE 9.8 Sync Center informs you when synchronization conflicts occur.

To resolve a conflict, select it and click Resolve. As shown in Figure 9.9, Sync Center enables you to keep either or both versions by using an altered filename, thereby allowing you to compare them and resolve differences at a later time.

555

Configuring Mobile Devices

FIGURE 9.9 Sync Center enables you to decide which version of a file you want to keep, or keep both versions.

Configuring Infrared Devices Many laptops are equipped with Infrared Data Association (IrDA) ports and can create ad hoc peer-to-peer network connections. An ad hoc network is one that does not need a central access point to direct traffic. Instead, each computer creates a mesh network of links to all other computers. Performance is typically lower in ad hoc networks than in those using access points. Not only can two IrDA computers create a network link, but a computer can connect to peripheral devices, such as digital cameras and printers, through the same IrDA port. Using IrDA to link up to peripheral devices eliminates the need for cables, so it is very convenient. Windows Vista should automatically detect and install IrDA devices. However, if the device is not detected, you can install it manually using the procedure in Step by Step 9.7.

STEP BY STEP 9.7 Manually Installing an IrDA Device 1. Click Start, Control Panel, and select Classic View from the Tasks pane. 2. Double-click the Add Hardware applet and then click Continue in the UAC prompt that appears. 3. Click Next in the first screen. 4. On the next page, ensure that the Search For and Install the Hardware Automatically (Recommended) option is selected, and then click Next. The wizard begins to scan for new hardware devices by design.

556

Chapter 9: Configuring and Troubleshooting Mobile Computing 5. If the IrDA device is turned on and available, click Yes, I Have Already Connected the Hardware, and then click Next. 6. Select Infrared Devices from the list and click Next. 7. Select the manufacturer and device. If it is not listed, and you have downloaded a driver from the manufacturer, click Have Disk. Then click Next. 8. You are informed that the wizard is ready to install the device. Click Next to proceed. 9. After completing any further instructions, click Finish.

To connect an IrDA device after it has been installed, you need to be within a fairly close range of the device—typically about three to four feet—with the infrared transceivers pointing toward each other. After the two devices are aligned, Vista alerts you to an IrDA link, by means such as providing an icon on the taskbar. You can also synchronize an infrared device by using the Sync Center. You can monitor IrDA devices in Control Panel in the Wireless Link utility, which appears only after an IrDA device is installed. The Hardware tab of the Wireless Link dialog box shows the IrDA devices installed. Right-click the device and select Properties to view the device’s current status. If your IrDA device does not appear to be working, it might be disabled. You can use the Device Manager to check its status. Open the Infrared Devices node to locate the device, right-click it, and select Enable.

Configuring Mobile Display Settings Objective:

Configure Mobile Display Settings. Windows Vista enables you to configure the display on your mobile computer for various circumstances. You can set up presentation settings, attach a projector to your computer, use an external monitor as either a primary or secondary display, or use the Windows SideShow feature on a computer equipped with an auxiliary display on the lid. You look at configuring and troubleshooting these settings in this section.

Presentation Settings The Windows Vista Mobility Center enables you to configure your mobile computer for presentation settings, which enables you to set up your computer rapidly for giving presentations. Gone are the days when your computer would display system notifications or even go to sleep

557

Configuring Mobile Display Settings

while you were presenting an important event. The Presentation Settings feature looks after actions such as the following: . Disabling Sleep mode—Prevents the computer from entering Sleep mode. . Disabling the screen saver—Prevents the screen saver from appearing while you are

explaining an elaborate point. . Disabling system notifications—Prevents the audience from being distracted by alerts for

items such as incoming email messages or available updates. . Speaker volume—Adjusts your computer’s speaker volume so that the audience can hear

recorded items clearly. . Modifies the desktop appearance—Enables you to select an appropriate nondistracting

desktop such as a professional logo or even a blank wallpaper. Follow Step by Step 9.8 to configure presentation settings.

STEP BY STEP 9.8 Configuring Presentation Settings 1. In the Presentation Settings pane of the Windows Mobility Center, click Turn On. 2. Click the Presentation Settings icon (the projector icon) to display the Presentation Settings dialog box shown in Figure 9.10.

The Presentation Settings dialog box enables you to configure settings to be used during a presentation.

FIGURE 9.10

558

Chapter 9: Configuring and Troubleshooting Mobile Computing 3. Configure the settings provided according to your preferences. 4. If you are using an attached monitor, click Connected Displays to modify the display configuration as required. You learn about the use of external monitors later in this chapter. 5. Click OK. The presentation settings you have specified will take effect whenever you turn them on from the Mobility Center.

When you are finished presenting, simply return to the Mobility Center and click Turn Off in the Presentation Settings panel.

TIP Another way to activate Presentation Settings You can also toggle presentation settings on and off by selecting or clearing the check box labeled I Am Currently Giving a Presentation in the Presentation Settings dialog box.

Using a Networked Projector Many conference rooms and boardrooms nowadays are equipped with a networked digital projector, which you can access in a manner similar to any other networked resource. This facilitates the giving of presentations by a user with a mobile computer, no matter where the presenter, her computer, or the projector are located. Windows Vista provides the Connect to a Networked Projector Wizard to simplify the action of using a networked projector, as Step by Step 9.9 illustrates.

STEP BY STEP 9.9 Using a Networked Projector 1. Click Start, All Programs, Accessories, Connect to a Network Projector. Alternately, you can simply type projector in the Start menu Search box and select Connect to a Network Projector. 2. If you have not previously connected to a networked projector, you receive the Permission to Connect to a Network Projector dialog box shown in Figure 9.11. Click Yes to modify Windows Firewall settings to allow communication to the projector. 3. Click Continue to accept the UAC prompt. 4. The How Do You Want to Connect to a Network Projector page shown in Figure 9.12 provides two options for locating the projector. If you know the network address (UNC path or URL) of the projector, select Enter the Projector Address; otherwise select Search for a Projector (Recommended).

559

Configuring Mobile Display Settings

The Permission to Connect to a Networked Projector asks you to confirm changes to Windows Firewall.

FIGURE 9.11

The wizard provides two choices for locating the projector to which you want to connect.

FIGURE 9.12

5. If you select Search for a Projector, the wizard searches the network and displays the addresses of available projectors on the next page. Security-enabled projectors require a password and are represented by an icon that includes a lock. Select the desired projector and click Next. 6. If you select a security-enabled projector, enter its password when requested. Then click Connect.

After you have connected to the projector, the wizard provides the Network Presentation dialog box, from which you can control your presentation. This dialog box enables you to pause or resume your presentation as required and to disconnect from the projector when you are finished. You can also choose to mirror or extend your display on the projector, in a fashion similar to that described in the next section for an external monitor.

560

Chapter 9: Configuring and Troubleshooting Mobile Computing

NOTE Networked projectors and Windows Meeting Space The presentation feature and use of network projectors described in these sections integrate seamlessly with Windows Meeting Space. For more information on Windows Meeting Space, refer to Chapter 7, “Configuring Applications Included with Windows Vista.”

External Monitors If your notebook computer or its docking station is equipped with a VGA monitor port, you can attach an external monitor and configure it in either of the following ways: . Mirror your notebook display—Provides a copy of the laptop display that others can view

as you perform tasks or enables you to use a higher-quality display for precise work. . Extend your notebook display—Enables you to work as you would on a desktop computer

equipped with multiple monitors. After you have attached the external monitor, you can either mirror your notebook’s display or extend it onto the attached monitor. Step by Step 9.10 shows you how.

STEP BY STEP 9.10 Using an External Monitor 1. Connect the monitor to your VGA port. 2. In the Windows Mobility Center (refer back to Figure 9.2), click Connect Display. 3. Windows detects the monitor and displays the New Display Detected dialog box, as shown in Figure 9.13.

The New Display Detected dialog box enables you to specify how your external monitor will function.

FIGURE 9.13

561

Configuring Mobile Display Settings 4. Configure the following settings as required: . Duplicate My Desktop On All Displays (Mirrored)—Copies the desktop to the external monitor so that others can view it or you can take advantage of a higher-quality monitor. . Show Different Parts of My Desktop on Each Display (Extended)—Extends your desktop to the external monitor. . Show My Desktop on the External Display Only—Blanks out the notebook display and transfers the desktop to the external display. Useful for working from a higher-quality monitor and for conserving battery life by turning off your notebook display. . Display Settings link—Enables you to modify the properties of the external display from the Control Panel Display applet. 5. When you are finished, click OK or Apply.

To disconnect the external display, simply remove its cable. Windows Mobility Center automatically detects the removal and reports it in the External Display module.

Windows SideShow Many new mobile computers manufactured nowadays incorporate a small auxiliary display into the notebook lid. Such a display can alert you to events such as incoming email, actions scheduled in Windows Calendar, invitations to meetings run on Windows Meeting Space, and so on. You can even receive alerts when your computer is in Sleep mode or turned off. The auxiliary display functions independently of the main computer actions by means of an embedded memory cache, which saves copies of pertinent information such as email messages. Windows SideShow is a new application in Windows Vista that enables the auxiliary display to perform all these functions and others. It is available in all editions of Vista except Home Basic and operates by means of a series of gadgets that are not unlike the gadgets included in the Windows Sidebar. Windows SideShow can work with the following two types of devices: . Integrated devices—These include small displays on the mobile computer’s lid or mono-

chrome displays embedded in the keyboard of a desktop computer. . External devices—External wireless LCD displays, mobile phones, and even TVs that

have Windows SideShow capabilities can interact with your mobile computer to display SideShow gadgets. You need a device that is compatible with Windows SideShow and then install this device to use it. For more information on compatible devices and how to install them, refer to the Windows SideShow website and the device manufacturer’s website.

562

Chapter 9: Configuring and Troubleshooting Mobile Computing

Using Windows SideShow Step by Step 9.11 shows you how to work with Windows SideShow.

STEP BY STEP 9.11 Using Windows SideShow 1. Click Start, Control Panel, Hardware and Sound, Windows SideShow. Alternately, you can type sideshow in the Start Menu Search box, and then select Windows SideShow from the program list. Either of these actions opens the applet shown in Figure 9.14.

The Windows SideShow applet enables you to configure gadgets used with this application.

FIGURE 9.14

2. By default, Windows SideShow includes gadgets for Windows Mail and Windows Media Player. You can add certain sidebar gadgets as well as download additional gadgets from the Internet. 3. To add a sidebar gadget, it must be currently running on Windows Sidebar. Select the gadget and drag it to the Windows SideShow applet. 4. To turn on a new gadget after adding it, select its check box. To turn it off, clear the check box. 5. To remove a gadget from Windows SideShow, select it and press the Delete key, and then confirm the deletion when requested. 6. To add gadgets from remote locations, select the Get More Gadgets Online link. This connects you to a web page at Microsoft that displays links to available Windows SideShow gadgets. Follow the instructions provided. 7. To keep information on compatible devices up-to-date when your computer is in Sleep mode, select Set My Computer to Wake Automatically. Then select Automatically Wake My Computer, specify when this action should occur, and then click OK.

563

Configuring Mobile Display Settings

EXAM ALERT Updating Windows SideShow Data You can view data from Windows SideShow on your laptop’s auxiliary display at any time because this data is stored in the display’s cache and the cache is powered separately from the computer. However, you cannot update Windows SideShow data if your laptop is powered off or in Sleep mode or if you are not logged on to the computer. If you encounter a problem where data is not being updated, any of these reasons might be the problem. An exam question might test you on this fact.

Windows SideShow Device Security On a portable computer that could be lost or stolen, security of information on a Windows SideShow device, including an auxiliary display, is of importance. Security functions such as BitLocker do not protect information stored in the device’s cache. You can protect information on your device by locking it, as described in Step by Step 9.12, or delete information from it, as described in Step by Step 9.13.

STEP BY STEP 9.12 Locking a Windows SideShow Device 1. In the left pane of the Windows SideShow applet, select the device for which you want to change settings. 2. Select the Lock the Device check box, and then select the time interval after which the device locks. 3. Type and confirm a PIN in the text boxes provided, and then click OK.

STEP BY STEP 9.13 Clearing Information from a Windows SideShow Device 1. In the left pane of the Windows SideShow applet, select the device for which you want to change settings. 2. Select the check box labeled Delete Information on the Device When I Log Off from Windows. Then click OK.

564

Chapter 9: Configuring and Troubleshooting Mobile Computing

REVIEW BREAK You have looked at several aspects of mobile computing in Windows Vista. You should be aware of the following major points: . Vista provides the Windows Mobility Center, which is a one-stop configuration loca-

tion for a large number of actions pertinent to mobile computers. . You can synchronize files and folders between computers and external devices from the

Windows Sync Center. This center supports offline file synchronization and performs tasks such as detecting conflicts between copies of a file that have been edited on different computers. You can synchronize files manually or schedule synchronization to take place at predestined times or when specified events occur. . Vista detects infrared (IrDA) devices and configures them automatically in most cases.

You can add IrDA devices manually if necessary, enable, and disable them. . Presentation settings enable you to configure your desktop for presentation situations

by performing such tasks as disabling the screen saver and notification messages, modifying the speaker volume, and displaying an alternate desktop. You can also connect to a networked projector. . Vista enables you to work with an external monitor attached to your portable comput-

er. You can mirror your display on the external monitor, extend your display, or use the external monitor as your sole display. . Windows SideShow enables an auxiliary display on the lid of your mobile computer or

on an external device to receive notifications of items such as incoming email. You can select from a series of gadgets that provide various types of information to the auxiliary display.

Configuring Tablet PC Software Objective:

Configure Tablet PC software. A Tablet PC is essentially a small notebook computer equipped with a pressure-sensitive touch screen and a digital pen. In addition, you can physically reorient the screen so that it lies on top of the machine and acts like a pad of paper (hence the term “Tablet PC”). Many Tablet PCs do not even have a keyboard; rather, you enter data by writing on the screen with the digital pen, and handwriting recognition software assumes the job of creating text. If you’ve ever signed your credit card bill on a screen with an attached input pen, you’ve used a Tablet PC

565

Configuring Tablet PC Software

device. The digital pen also assumes the role of the mouse; hence, you see the wording “tap” for “click” used throughout this section. Windows Vista has improved greatly on the technology that enables a Tablet PC to function. All editions except Vista Home Basic support Tablet PC. The following are several of the more important features that Vista provides to Tablet PC: . Personalized handwriting recognition—You can customize the handwriting recognition

software to fit your personal writing style. You can also turn on automatic learning so that this tool collects information about your writing habits and vocabulary. . AutoComplete—When Tablet PC recognizes your handwriting, it can display lists of

possible completions for items such as email addresses, filenames, and URLs. . Handedness—You can configure Tablet PC to work properly with either left- or right-

handed users. . Touch screen support—You can easily access small interface elements such as check boxes,

radio buttons, and drop-down lists at a tap of the digital pen. . Visual pen feedback—Tablet PC provides distinct icons for single-tap, double-tap, and

right-click actions. . Pen flicks—You can use the digital pen to rapidly navigate menus and shortcuts. These

include scroll up, scroll down, page forward, and page back. You can also perform editing actions such as cut, copy, paste, and delete, as well as other customized activities. . Snipping Tool—You can capture a snip, or screen shot, of any screen object that you can

save, paste into documents, or perform other actions with the image. The following sections provide additional details on configuring Tablet PC settings, working with the Tablet PC Input Panel, the Snipping Tool, and touch screen support.

Tablet PC Settings Tap Start, Control Panel, Mobile PC, Tablet PC Settings to access the Tablet PC Settings dialog box shown in Figure 9.15. Settings available from this dialog box enable you to control the following basic behavior of Tablet PC: . Handedness—Enables you to locate the screen menus so that your writing hand does

not obscure them. Select Right-handed to make the menus appear to the left and Lefthanded to make them appear to the right. . Calibration—Enables you to improve the accuracy of the digital pen tracking items on

the screen. Tap Calibrate and follow the instructions provided.

566

Chapter 9: Configuring and Troubleshooting Mobile Computing . Handwriting recognition—Improves the accuracy with which your computer recognizes

your personal writing style. Handwriting recognition is discussed in more detail later in this section. . Display—Enables you to change the orientation of the screen. You have the following

four choices: . Primary Landscape—The default orientation places the taskbar at the bottom of the

display when oriented with the long side horizontal. . Primary Portrait—Places the taskbar at the bottom of the display when oriented

with the long side vertical. . Secondary Landscape—Places the taskbar at the top of the display when oriented

with the long side horizontal. . Secondary Portrait—Places the taskbar at the top of the display when oriented with

the long side vertical. . Other—Provides a link to the Pen and Input Devices applet, which enables you to con-

figure pen and input device settings.

The Tablet PC Settings dialog box enables you to configure basic Tablet PC behavior.

FIGURE 9.15

You can also select any of the four display orientations from the Windows Mobility Center, which includes a Screen Orientation panel on a Tablet PC. Tap Rotate Screen and then choose the desired option.

567

Configuring Tablet PC Software

Tablet PC Input Panel The Tablet PC Input Panel enables you to use the digital pen rather than the keyboard to enter handwritten text. It consists of a writing pad and a character pad that converts handwriting into typed text. An on-screen keyboard enables you to type individual characters with the pen. You can display the Tablet PC Input Panel as shown in Figure 9.16 in any of the following ways: . Tablet PC provides an Input Panel icon in a small tab docked to the left edge of the

screen. Hover the pointer over this tab to display the icon, and then tap it to display the Input Panel. . Move the pen to any area where you can enter text, such as a text box or a Microsoft

Word document. Tap the icon that appears. . Tap Start and type tablet in the Search box and then select Tablet PC Input Panel

from the Programs list.

The Tablet PC Input Panel enables you to use the digital pen or mouse to enter handwritten text.

FIGURE 9.16

TIP You can add a Tablet PC Input Panel icon to the taskbar Right-tap the taskbar and select Toolbars, Tablet PC Input Panel. This places an icon on the taskbar, which you can tap to display the Input Panel quickly.

Besides a Tools menu and a Help menu, the title bar of the Tablet PC Input Panel contains three icons that control what is displayed by the Input Panel. The first one, which is selected by default, displays the writing pad, in which you can write words that Tablet PC translates into text for you. The second icon displays the Character Pad, in which you can write individual letters, numbers, or special characters. Tablet PC translates each character as you write it. The third icon displays the on-screen keyboard, enabling you to type by tapping the desired key with your pen.

Input Panel Options Tap Options from the Tools menu in the Input Panel to display the Options dialog box shown in Figure 9.17, which provides the following settings for controlling the Input Panel:

568

Chapter 9: Configuring and Troubleshooting Mobile Computing

The Options dialog box enables you to configure the Tablet PC Input Panel to match your usage style.

FIGURE 9.17

. Settings tab—Enables you to choose the location and action of the Insert button for

inserting text. You can also turn on AutoComplete and reset the Input Panel to its default settings. . Opening tab—Enables you to determine how the Input Panel is opened. It contains the

following items: . Actions that open Input Panel—You can choose to open the Input Panel by either

pointing to the Input Panel icon or tapping it. . Displaying the Input Panel icon—Positions the Input Panel icon as close as possible

to the text entry area. You also have the option to display an Input Panel icon on the taskbar. . Displaying the Input Panel tab—You can choose to display the Input Panel tab and

specify its default location. . Writing Pad tab—Controls the pen action when writing text into the Input Panel. You

can select your ink thickness, automatically insert text characters after a pause, and control how close to the end of the writing line you want to write before a new line is started. . Character Pad tab—Controls the ink thickness when inserting characters and converts

characters to text after a pause.

569

Configuring Tablet PC Software . Gestures tab—Enables you to choose the desired gesture for scratching out written

text. You can choose a horizontal straight or wavy line, an M- or W-shaped gesture, circular gestures, or angled straight or wavy lines. You can also restrict the scratch-out gesture to the Z-shaped gesture that was available in the Windows XP Tablet PC Edition. . Advanced tab—Enables you to control the password security level used by Vista when

you use the pen to enter a password into a password text box. This helps to prevent others from viewing your passwords.

Pen Flicks Pen flicks are actions that you can use with the pen to navigate a document or perform editorial actions. Click Start, Control Panel, Mobile PC, Pen and Input Devices (or type pen in the Start Menu search field) to bring up the Pen and Input Devices dialog box. Click the Flicks tab to display the dialog box shown in Figure 9.18.

The Flicks tab of the Pen and Input Devices dialog box enables you to define pen actions used for navigation and document editing.

FIGURE 9.18

You have the following default navigational actions: . Scroll up—Move the pen upward in a straight line. . Scroll down—Move the pen downward in a straight line.

570

Chapter 9: Configuring and Troubleshooting Mobile Computing . Navigate forward—Move the pen to the right in a straight line to navigate forward in

Windows Explorer or Internet Explorer. . Navigate back—Move the pen to the left in a straight line to navigate back in Windows

Explorer or Internet Explorer. In addition, if you select the Navigational Flicks and Editing Flicks option, you have the following default editing actions: . Copy—Move the pen up and to the left in a straight line. . Paste—Move the pen up and to the right in a straight line. . Delete—Move the pen down and to the right in a straight line. . Undo—Move the pen down and to the left in a straight line.

If you want to substitute other editing or navigational actions for these defaults, tap Customize to display the dialog box shown in Figure 9.19. Tap the drop-down list corresponding to the action you want to modify (for example, to substitute Cut for Undo, select it as shown in Figure 9.19). Tap OK to apply your change, which brings up the Pen and Input Devices dialog box, or tap Restore Defaults to return the flick actions to their defaults.

You can customize the actions initiated by pen flicks to suit your own desires.

FIGURE 9.19

571

Configuring Tablet PC Software

Additional Pen Options The Pen Options tab of the Pen and Input Devices dialog box enables you to define pen actions that correspond to mouse actions. As shown in Figure 9.20, single and double taps of the pen correspond to single and double clicks, while pressing and holding the pen corresponds to a right-click. You can also control actions initiated by use of the pen button or the top of the pen, where available.

The Pen Options tab of the Pen and Input Devices dialog box defines how Tablet PC responds to various actions with the pen.

FIGURE 9.20

In addition, Tablet PC provides feedback on tapping the pen and use of the pen button. These appear as visual icons on the screen as defined in the Pointer Options tab of the Pen and Input Devices dialog box. If you do not want these feedback actions to appear, clear the corresponding check boxes in Figure 9.21.

Handwriting Recognizer Tablet PC includes a handwriting recognition software package that you can train to translate your handwritten words accurately into typed text. This facilitates the use of your Tablet PC computer in situations where it is more convenient to write notes into your computer rather than typing, such as during a meeting or interview. Individual differences in handwriting style can result in improper translation of often-confused characters such as the capital “I”, lowercase “l” and number “1”, the uppercase “O” and number “0”, and so on. Follow Step by Step 9.14 to train the handwriting recognizer.

572

Chapter 9: Configuring and Troubleshooting Mobile Computing

The Pointer Options tab of the Pen and Input Devices dialog box enables you to receive visual feedback on various pen actions.

FIGURE 9.21

STEP BY STEP 9.14 Training the Handwriting Recognizer 1. From the Tools menu of the Tablet PC Input Panel, select Personalize Handwriting Recognition to open the Handwriting Personalization dialog box shown in Figure 9.22.

The Handwriting Personalization dialog box enables you to train the handwriting recognizer according to your writing style.

FIGURE 9.22

573

Configuring Tablet PC Software 2. The best way to start training the handwriting recognizer is to select the Teach the Recognizer Your Handwriting Style option, which brings up the dialog box shown in Figure 9.23.

You can enter numbers, symbols, and letters, or entire sentences when training the handwriting recognizer.

FIGURE 9.23

3. Select Sentences and use the tablet pen to write the sentence supplied in your natural handwriting style. When finished, tap Next and repeat as many times (up to 50) as desired. 4. To train the recognizer specifically on individual numerals and letters, return to the dialog box shown in Figure 9.23 and select Numbers, symbols, and letters. Use the tablet pen to write the characters supplied in your natural handwriting style. 5. Repeat these steps as often as desired. Repetition improves the accuracy of the recognition process by providing additional samples that demonstrate the variability inherent in your writing style. 6. When finished, tap Update and then tap Exit to add your handwriting samples to the recognition library.

After you have used the Tablet PC Input Panel several times and noted that it fails to recognize certain characters properly, you can improve the training by returning to the Handwriting Personalization dialog box shown in Figure 9.22 and selecting Target Specific Recognition Errors. This brings up the dialog box shown in Figure 9.24. Select the option that is most appropriate for the problem you are encountering and then follow the instructions provided.

574

Chapter 9: Configuring and Troubleshooting Mobile Computing

The handwriting recognizer provides two additional options that assist you in correcting specific recognition errors.

FIGURE 9.24

The Handwriting Recognition tab of the Tablet PC Settings dialog box previously mentioned has several additional controls that determine how the handwriting recognizer operates. You can configure the following options: . Use the Personalized Recognizer (Recommended)—Enables the handwriting recognizer to

collect samples of your personal handwriting as already described and store this data in your user profile. Clear this check box to suspend the use of the recognizer temporarily without deleting previously collected data. . Use Automatic Learning (Recommended)—Ensure that this radio button remains selected

to continue using the handwriting recognizer. . Don’t Use Automatic Learning and Delete Any Previously Collected Data—Select this radio

button and tap Apply to clear previous data from the handwriting recognizer. Use this option only if you need to start over again in training the handwriting recognizer for any reason. For more information on the handwriting recognizer and additional hints in its use, consult the Windows Vista Help and Support Center.

TIP Time is of the essence When training the handwriting recognizer, each exercise you complete improves the capability of the recognizer to provide accurate results. Keep working on this activity. Samples you provide are never thrown out unless you click or tap Cancel. Do this task when you do not have any other pressing activities at hand.

575

Configuring Tablet PC Software

The Snipping Tool The snipping tool enables you to capture an object from any application active on your screen. You can add a handwritten comment if desired and save it as an image file or paste it into a document such as a Microsoft Word file. Follow Step by Step 9.15 to use the snipping tool.

STEP BY STEP 9.15 Using the Snipping Tool 1. Tap Start, All Programs, Accessories, Snipping Tool. Alternately, you can type snip in the Start menu Search field, and then select the Snipping Tool from the Programs list to open the tool, as shown in Figure 9.25.

The Snipping Tool enables you to capture a circle, square, or freehand section of your screen as an image file.

FIGURE 9.25

2. Tap New and select one of the following options: . Free-form Snip—Captures the area within any freehand-drawn area. . Rectangular Snip—Captures a rectangular area. . Window Snip—Captures a dialog box or other window. . Full-screen Snip—Captures everything on the screen. 3. Tap and drag to select the desired item. The Snipping Tool displays a preview of the captured area and provides several options. 4. To save the captured area as a graphics file, tap File, Save As, and provide an appropriate path, filename, and file type (you can choose a .jpg, .gif, .png, or .mht file). To insert the capture into a document, select Edit, Copy (or press Ctrl+C). To add a handwritten note, tap Tools, Pen, select a color, and write the note. To highlight a part of the capture, tap Tools, Highlighter.

Touch Screen Support Some Tablet PC models possess touch screen capabilities, in which the screen responds to finger touches. You can use your finger to perform actions such as configuring screen items, navigating web pages, or even writing and using touch flicks in the same manner as pen flicks already described. Vista includes a new feature called the touch pointer, which is a mouse-like

576

Chapter 9: Configuring and Troubleshooting Mobile Computing

icon that floats on the screen below your finger when in use. It includes a drag area, a pointer area, and buttons for left- and right-clicking. Tablet PC in Windows Vista includes a Tablet PC Touch Training module, which assists you in working with the touch pointer. For more information, consult Vista Help and Support.

Configuring Power Options Objective:

Configure Power Options. The chief issue with system performance for mobile users is that of managing power consumption on laptop computers when running on battery power. Microsoft provides the Control Panel Power Options applet for configuring several power management options that enable you to configure energy-saving schemes appropriate to your hardware. Windows Vista replaces the Standby mode used in previous Windows versions with a new Sleep mode, which offers the following advantages compared to shutting down your computer: . Vista automatically saves your work and configuration information in RAM and turns

off the computer’s monitor, hard disk, and other system components. Should your battery be running low, Vista saves your work to the hard disk and turns off your mobile computer. . Entering the sleep state is rapid—it takes only a few seconds. . When you wake your computer, Vista restores your work session rapidly. You don’t

need to wait for your computer to boot up and restore your desktop after logging on.

NOTE Hibernation is still supported in Vista Hibernation is available in Windows Vista as an advanced power management setting. This option saves configuration information and data to the hard disk and turns off all computer components. You need an amount of free hard disk space equal to the amount of RAM on the computer to save the entire contents of the RAM. Waking from hibernation takes more time than waking from Sleep mode. You learn about advanced power management settings later in this section.

You can access the Power Options applet from the Hardware and Sound section of Control Panel. On a mobile computer, you can access the same applet from the Mobile PC section. This opens the dialog box shown in Figure 9.26, from which you can configure the options described in the following section.

577

Configuring Power Options

The Power Options Properties dialog box provides several options for configuring power management.

FIGURE 9.26

Power Plans Microsoft has supplied three preconfigured power plans that help to strike a balance between usability and power conservation. The high performance power plan optimizes the computer for performance at the expense of battery life and is suitable for individuals who run graphicsintensive or multimedia applications frequently. The power saver plan optimizes battery life by slowing the processor down and is suitable for those who use the computer primarily for purposes such as email, Web browsing, and word processing. The balanced plan strikes a balance between these extremes. You can edit one of these power schemes or create a new one if the preconfigured power schemes do not fulfill your needs. Table 9.1 compares the three preconfigured power plans. TABLE 9.1

Windows Vista Power Plans

Power Plan

When on Battery Power

When Plugged into AC Outlet

Balanced

Turns off display after 5 minutes Sleep after 15 minutes Display dimmed slightly

Turns off display after 20 minutes Sleep after 1 hour Display at full brightness

Power Saver

Turns off display after 3 minutes Sleep after 15 minutes Display dimmed slightly

Turns off display after 20 minutes Sleep after 1 hour Display at full brightness

High Performance

Turns off display after 20 minutes Sleep after 1 hour Display at full brightness

Turns off display after 20 minutes Does not sleep Display at full brightness

578

Chapter 9: Configuring and Troubleshooting Mobile Computing

CAUTION Do not use Sleep mode when on a commercial airplane Airline regulations forbid the use of electronic devices during takeoff and landing. Because a computer can wake to perform a scheduled task or other action, you should turn off your computer completely at these times.

Additional Power Plan Options Vista enables you to perform additional power management actions that you can use to tailor your computer’s power scheme to your needs. Selecting any of the top three options in the Power Options window previously shown in Figure 9.26 brings up the screen shown in Figure 9.27, which enables you to perform the following actions: . Power and sleep buttons and notebook lid—You can choose from Do Nothing, Sleep Mode,

Hibernation, and Shut Down for each of these actions on battery or AC power. The Shut Down option is not available for the sleep button. . Password protection on wakeup—You can choose whether or not to require a password

when the computer wakes from Sleep mode. To change this setting, you need to select the link provided and respond to a UAC prompt.

The Define Power Buttons and Turn on Password Protection dialog box enables you to define actions on closing the lid and configure password protection.

FIGURE 9.27

579

Configuring Power Options

You can also modify any of the existing power plans or create your own custom power plan. To do so, select the Change Plan Settings link under the desired power plan or any of the last three links on the left side of the Power Options window previously shown in Figure 9.26. You receive the window shown in Figure 9.28, focused on the power plan currently in use or the plan whose link you selected.

You can modify the settings for any of the predefined power plans.

FIGURE 9.28

Advanced Power Settings Click Change Advanced Power Settings to bring up the dialog box shown in Figure 9.29 for the following additional options, each of which you can define separately for operation on battery power or plugged in: . Hard disk—You can specify the number of minutes of inactivity after which the hard

disk is turned off. . Wireless adapter settings—You can specify a maximum performance, or low, medium, or

maximum power saving for the adapter. The more power saving you specify, the poorer the signal throughput might become. . Sleep—You can specify the number of minutes after which your computer enters Sleep

mode or hibernation. You can also turn on hybrid sleep, which saves all open documents to both memory and the hard disk. Should a power failure occur when in hybrid sleep, Windows can restore your data from the hard disk. If hybrid sleep is not enabled and a power failure occurs, your data is lost.

580

Chapter 9: Configuring and Troubleshooting Mobile Computing

The Power Options dialog box provides several options for configuring power management.

FIGURE 9.29

. USB Settings—You can enable the USB Selective Suspend setting, which enables Vista to

turn off the USB root hub when not in use. . Power buttons and lid—You can define the action that occurs when you close the lid or

press the power or sleep buttons, in a manner similar to that described previously. You can also define the action (sleep, hibernate, or shut down) that occurs when you select the power off button from the Start menu. . PCI Express—You can define the level of power savings for link state power management,

which controls the power management state for devices connected to the PCI Express bus if present in the computer. . Processor power management—You can control the minimum and maximum power status

of the processor, also known as throttling the processor. Reducing the processor power levels saves battery power at the expense of lengthening the time required to respond to keyboard and mouse actions. . Search and indexing—You can balance how actively indexing operations are performed,

and save power by allowing the index to be less up to date. . Display—You can control the display brightness and the length of time before it is

turned off. You can also enable Adaptive Display, which increases the waiting time before turning off the display if you wake the computer frequently. . Multimedia settings—You can control whether the computer enters Sleep mode when

sharing multimedia with other users. By setting this option to Prevent My Computer

581

Configuring Power Options

from Sleeping after a Period of Inactivity, the computer will not go to sleep if media is being shared with other computers or devices. . Battery—You can specify actions to take place when the battery power reaches a low or

critical level, as well as the battery level at which these events occur. By default, low battery level is at 10% and produces a notification but takes no action. The critical level is at 5%; you are notified and the computer is put into hibernation when running on battery power.

EXAM ALERT Configure power plans to turn off components after a period of inactivity If you set up a power plan to turn off components separately after an interval of nonuse, the computer progressively moves toward Sleep mode. This should happen if a user is away from his laptop for 20 or 30 minutes. At the same time, a user doing presentations should not have her computer go into Sleep mode. Remember that the user can enable presentation settings so that this and other actions do not occur. An exam question might ask you what to do if a user’s computer goes to sleep during a presentation.

You can customize a power plan to suit your needs if required. Follow Step by Step 9.16 to create a custom power plan.

STEP BY STEP 9.16 Creating a Custom Power Plan 1. From the left pane of the Power Options window previously shown in Figure 9.26, click Create a Power Plan. 2. On the Create a Power Plan dialog box that appears, select the default plan (balanced, power saver, or high performance) that is closest to your desired plan. 3. Provide a descriptive name for the plan, and then click Next. 4. On the Change Settings window, select the time interval after which the display is turned off and put to sleep, choose the display brightness, and then click Create. 5. You are returned to the main Power Options window. If you want to configure additional settings for the plan you just created, click Change Advanced Power Settings to display the dialog box previously shown in Figure 9.29.

Battery Meter Vista uses the battery meter to help you keep track of remaining battery life. This is represented by a battery icon in the notification area, which also contains a plug icon when the notebook

582

Chapter 9: Configuring and Troubleshooting Mobile Computing

is plugged in to AC power. Hover your mouse over this icon to view the percent battery power left and the power plan in use. To view the battery meter in full as shown in Figure 9.30, click the battery icon.

FIGURE 9.30

The battery meter informs you of the current battery charge

level.

From the battery meter, you can also perform the following tasks: . Select a power plan—Enables you to choose any of the default or custom power plans

configured on your computer. . Learn how to conserve power—Opens the Help and Support Center to a page with addi-

tional information on power conservation. . More power options—Opens the Power Options dialog box as previously described and

shown in Figure 9.26. . Windows Mobility Center—Opens the Windows Mobility Center as previously

described and shown in Figure 9.2. Note that this location also enables you to select a power plan. When the battery power drops below 25%, the notification area icon and the full battery meter display a yellow exclamation point triangle. When the power drops below 10% (or any other value configured in the Power Options dialog box), you receive the warning message shown in Figure 9.31, and the battery meter and icon display a red “X” icon. Some computers can sound an audible notification. You should plug your computer into AC power when this message appears.

583

Configuring Power Options

The battery meter warns you when you reach the low power threshold level.

FIGURE 9.31

Power Management and Group Policy New to Vista is the capability for configuring power management settings in Group Policy. When you configure policies for power management, a non-administrative user cannot modify the power settings. It is expected that Group Policy in Windows Server 2008 will include the capability of configuring domain- or organizational unit (OU)-wide policy settings that will improve power management in companies that possess a large number of mobile computers. Step by Step 9.17 shows you how to use Group Policy to configure power management settings.

STEP BY STEP 9.17 Using Group Policy to Configure Power Settings 1. Click Start, Run, type gpedit.msc, and press Enter. 2. Navigate to the Computer Configuration\Administrative Templates\System\Power Management node. You receive the policy groups shown in Figure 9.32.

Group Policy enables you to configure a large range of power management settings.

FIGURE 9.32

584

Chapter 9: Configuring and Troubleshooting Mobile Computing 3. Configure the following groups of settings as required: . Button Settings—Enables you to define the actions that occur when the power button, sleep button, or Start menu power button is pressed or the lid closed. You can define these separately for battery and AC power conditions. . Hard Disk Settings—Enables you to specify when the hard disk is turned off when plugged in or running on battery. . Notification Settings—Enables you to define the battery levels at which low and critical alarm notifications take place and the actions that will occur. . Sleep Settings—Includes settings for controlling when and how the computer enters sleep mode or reawakens. . Video and Display Settings—Enables you to specify how long the computer must be inactive before the display is turned off and whether the time interval is adjusted according to the user’s keyboard and mouse usage. . Power Plans—Enables you to select either an active power plan or specify a custom power plan to be active on all computers controlled by the Group Policy object. 4. When finished, close the Group Policy Object Editor.

Challenge You are a desktop administrator for a company that employs a large sales force. Employees have been issued new Windows Vista laptop computers that they use to perform presentations to prospective clients as well as collecting client information and processing new orders. In the past, employees have complained that at times their computers run out of battery power when they are processing orders from a large volume of customers. Employees have also complained that disk response is slow when first entering information about a customer or that information on the display disappears in less than 10 minutes if they do nothing for this time interval. At other times, they have been embarrassed when their computers have stopped responding or the screen saver has appeared during a presentation when they stop for a few minutes to explain a point or answer questions from the audience. Your task is to configure the computers so that they conserve battery power when users are processing client orders but stay fully responsive during presentations. Try to complete this exercise on your own, referring back to material presented earlier in this chapter as required. After you have completed the exercise, compare your results to the following: 1. Click Start, Control Panel, Power Options. 2. Ensure that the Balanced option is selected and click Change Plan Settings. 3. On the Change Settings for the Plan: Balanced screen, expand the drop-down list for turning off the display when on battery power and select 10 minutes. (continues)

585

Configuring Power Options (continued)

4. Click Change Advanced Power Settings. 5. Expand the Hard disk entry and increase the number of minutes to 20 under the Turn Off Hard Disk After entry for battery power, and then click OK. 6. Back in the Change Settings for the Plan: Balanced screen, click Save Changes to save your changes and return to the Power Options screen. 7. Open the Windows Mobility Center and click the projector icon in the Presentation Settings section. 8. Ensure that the Turn Off the Screen Saver option is selected, and then click OK. 9. Finally, ensure that each salesperson is aware that the Presentation Settings control in the Windows Mobility Center exists. Instruct them to turn presentation settings on before starting a presentation and turn it off when they finish presenting.

586

Chapter 9: Configuring and Troubleshooting Mobile Computing

Summary In this chapter, you learned about the new and improved features of Vista related to mobile computing. Microsoft has enhanced Vista to meet the needs of the increasing segment of the workforce that rely on laptop and notebook computers, as well as Tablet PC machines, for their everyday activities. Mobile computers feature the Mobile PC Control Panel, which provides a centralized location for performing many of the actions associated with mobile computing. Also included is the Windows Mobility Center, which provides a series of panels that enable you to perform several simple tasks such as adjusting your brightness and volume, checking your battery status and wireless network signal strength, setting your computer up for giving presentations, and so on. You can synchronize your mobile computer with network folders stored on a server or client computer and configure shared folders for use when offline. The Sync Center manages all aspects of synchronizing offline files and folders and warns you when version conflicts exist. By configuring your computer for presentation, you can disable system notifications, the screen saver, and Sleep mode, adjust the speaker volume, and modify the desktop appearance for giving presentations. You can also connect to a networked projector and use an external monitor. Windows SideShow enables you to view information such as incoming email messages, scheduled actions, meeting invitations, and so on, on an auxiliary display or an external device. Windows SideShow employs gadgets similar to those used with the Sidebar. Vista provides a comprehensive set of actions for use on a Tablet PC computer. You can use the digital pen to write text or as a mouse to tap actions normally associated with mouse clicks. The Tablet PC Input Panel facilitates the use of the pen as a writing tool, and the Handwriting Recognizer translates written input into text. You can train the Handwriting Recognizer to your individual writing style. The Snipping Tool enables you to capture items from the screen and save these as image files or paste them into documents. Vista provides power options that enable you to configure your computer for power saving or enhanced performance as the task at hand dictates. You can choose from three preconfigured power plans, edit these power plans, or design your own custom power plan. The battery meter informs you of the current battery level and warns you when this level drops below warning and critical power levels so that you can save your work and connect to an AC outlet.

587

Apply Your Knowledge

Key Terms . battery meter . cache . Handwriting Recognizer . hibernation . Infrared Data Association (IrDA) . Mobile PC Control Panel . offline files . pen flicks . power plans . Presentation Settings . Sleep mode . Snipping Tool . Sync Center . synchronization conflicts . synchronizing files . Tablet PC Input Panel . Windows Mobility Center . Windows SideShow

Apply Your Knowledge Windows Vista provides tools and options designed to accommodate the needs of mobile computer users who must rely on their computers in a large range of situations. The following exercises are designed to reinforce your knowledge of Vista features specifically designed for mobile computing.

588

Chapter 9: Configuring and Troubleshooting Mobile Computing

Exercises 9.1 Using the Windows Mobility Center The Windows Mobility Center provides a centralized location for configuring several actions important to mobile computing. This exercise introduces you to the available actions. You need a laptop or notebook computer or a Tablet PC computer to perform this exercise. Not all steps might be possible depending on your computer’s configuration. Estimated Time: 15 minutes (plus wait time to demonstrate the action of Presentation Settings). 1. Click Start, Control Panel, Mobile PC, Windows Mobility Center. 2. To adjust your screen brightness, drag the slider in the Display Brightness sections, and observe the results. 3. To adjust the speaker volume, drag the slider in the Volume section. 4. Click the speaker icon to display the Sound applet. 5. From the Sound applet, click the Sounds tab and test several of the available sounds. Click OK when finished. 6. On the Battery Status section, click the drop-down list to select a power plan. 7. Click the battery icon to display the Power Options applet. 8. Click Choose What the Power Buttons Do. 9. Note the actions available for pressing the power button, pressing the sleep button, and closing the lid on either AC or battery power. 10. Select Hibernate as the action to be performed on closing the lid for both power sources, and then click Save Changes. 11. Close the lid of your computer and wait for about one minute. 12. Open the lid and press the power button to restart your computer. 13. Log back on to your computer and note that the Windows Mobility Center and Power Options windows are restored. 14. Restore your previous settings if desired, and then close the Power Options dialog box. 15. In the Wireless Network panel of the Windows Mobility Center, click the wireless icon. 16. Note that you can choose the wireless network to which you connect, set up a new connection or network, or open the Network and Sharing Center. Click Cancel. 17. In the External Display panel, click the monitor icon. Note that this opens the Display Settings dialog box, enabling you to change the display settings if desired. 18. In the Sync Center panel, click the sync icon. Note that the Sync Center opens and you can view sync partnerships, sync conflicts, or sync results, and set up new sync partnerships.

589

Apply Your Knowledge 19. In the Presentation Settings section, click the projector icon. Select I Am Currently Giving a Presentation, and then click OK. Note that the Windows Mobility Center indicates that you are currently giving a presentation. 20. If desired, ensure that your computer is plugged into AC power. Leave your computer running in Presentation mode, have lunch, and return. Note that the screen saver has not appeared and that the computer has not gone to sleep. 21. Click Turn Off to turn off Presentation mode. 22. Leave the Windows Mobility Center open for the next exercise.

9.2 Using an External Monitor Vista provides several options for using an external monitor with your mobile computer. You need a laptop or notebook computer plus an additional monitor to do this exercise. Estimated Time: 15 minutes. 1. Connect the external monitor to your computer’s VGA port. 2. In the External Display section of the Windows Mobility Center, click Connect Display. 3. In the New Display Detected dialog box that appears, click Duplicate My Desktop on All Displays (Mirrored). Note that the external monitor displays the same desktop as that of the mobile computer. 4. Select Show Different Parts of My Desktop on Each Display (Extended), select Right or Left according to the relative positions of your portable computer and external monitor, and then click Apply. 5. Drag an open window to the external monitor, and note that the external monitor displays additional desktop space. 6. Click the Display Settings link. 7. On the Display Settings dialog box, select the external monitor (labeled “2”) and then click This Is My Main Monitor. Note that the Start menu, taskbar icons, and desktop icons appear on the external monitor. 8. Click the portable display (labeled “1”) and then click This Is My Main Monitor to return the display to its default condition. 9. Drag the window back to the portable computer display. 10. Select Show My Desktop on the External Display Only. Note that the portable computer display goes blank and your windows appear on the external monitor. 11. Disconnect the external monitor. The desktop and windows reappear on the portable computer display.

590

Chapter 9: Configuring and Troubleshooting Mobile Computing

Exam Questions 1. You use a notebook computer running Windows Vista Home Premium to connect to your office’s network using a virtual private network (VPN) connection that employs the Point-to-Point Tunneling Protocol (PPTP). However, you receive the error message The local computer does not support encryption. Which of the following is the most probable reason for receiving this error?

❍ A. The encryption on your computer does not match the encryption being used by the VPN server.

❍ B. Your computer is configured for VPN connections running the Layer 2 Tunneling Protocol (L2TP) only.

❍ C. A domain-based Group Policy object (GPO) is set to require encryption for all communications with the VPN server.

❍ D. Computers running Windows Vista Home Premium do not support encryption, so you must update your computer to Vista Ultimate. 2. You are a consultant who frequently visits client sites and requires up-to-date copies of equipment specifications and job progress charts to keep projects running properly. You have configured your notebook computer running Windows Vista Ultimate to synchronize offline files from several different clients by setting up multiple synchronization relationships in the Sync Center. One of your clients has made numerous changes to a specification document on her desktop computer, which saves the changes to a shared folder on a Windows Server 2008 computer in her office. Meanwhile, you have made several changes to the same document on your notebook computer. When you arrive at the client’s office, you connect your computer to the client network and synchronize files. What do you need to do to ensure that all changes to the specification document have been incorporated, using the least amount of effort?

❍ A. Download the client’s version to your notebook and save it under a new filename. Then edit the document to incorporate your changes into the newly saved version.

❍ B. Download the client’s version to your notebook and save it under a new filename. Then manually type your edits into this version.

❍ C. From the Sync Center, perform a manual synchronization. Then manually type your edits into the synchronized document.

❍ D. From the Sync Center, perform a manual synchronization. Choose the option to save both versions of the document and then edit the newly saved document to incorporate your changes.

❍

E. Rename your version of the document before opening the Sync Center. Then perform a manual synchronization and edit the synchronized document by copying changes from the renamed version.

591

Apply Your Knowledge 3. Brian is the desktop administrator for a company that operates a network with a single Active Directory domain. All company and user data is stored on file servers. Sales associates have mobile computers that run Windows Vista Business. When they visit customer locations, they need the ability to use company data files even though they are not connected to the network. Brian has enabled caching of offline files on all shared folders on the file servers. All mobile computers used by sales associates are configured for offline files. In addition, these users select several folders to be made available offline. However, sales associates report that the offline files are not available to them when they are out of the office. What should Brian do to ensure that the offline files are available to the sales associates, even when they are not connected to the network?

❍ A. Change the caching options for the shared folders to All Files and Programs that Users Open from the Share Will Be Automatically Available Offline.

❍ B. On the Disk Usage tab of the Offline Files folder on each sales associate’s computer, increase the amount of disk space to use for temporary offline files.

❍ C. In the Sync Center in each sales associate’s computer, select Schedule, then select At a Scheduled Time, and then select a time and interval that allows for frequent synchronization of offline documents.

❍ D. In the Sync Center in each sales associate’s computer, select Schedule, then select On an Event or Action, and then select Start Sync When I Log On to My Computer. 4. Nancy has purchased a new laptop computer running Windows Vista Home Premium. She frequently makes presentations to charity groups and needs to ensure that her computer never goes to sleep during her presentations. At the same time, she would like to optimize her computer’s battery usage so that she can view TV programs or movies when she is waiting for the time that her presentation will start. What should she do?

❍ A. Before the time of her presentation, she should open the Windows Mobility Center and select Power Saver under Battery Status. When she is ready to begin her presentation, she should select Balanced.

❍ B. Before the time of her presentation, she should open the Windows Mobility Center and ensure that the Presentation Settings are set to Not Presenting. When she is ready to begin her presentation, she should click Turn On.

❍ C. Before the time of her presentation, she should open the Windows Mobility Center and select Balanced under Battery Status. When she is ready to begin her presentation, she should select High Performance.

❍ D. She should purchase an extra battery for her computer and insert it just before beginning her presentation.

592

Chapter 9: Configuring and Troubleshooting Mobile Computing 5. You have purchased a new Windows Vista laptop computer that is equipped with an auxiliary display on its lid. You have configured Windows Mail with your email account properties and have configured the Windows SideShow email gadget to inform you when new messages arrive. Before going to lunch, you close the lid of your computer and take it with you. You are expecting an important email message from your best business client to arrive during lunch, but you have not received any notification before finishing lunch. What should you do first to determine whether the message has arrived?

❍ A. Turn the computer on and log on to your user account. ❍ B. Configure the computer for Sleep mode when the lid is closed. ❍ C. Configure the computer for hibernation when the lid is closed. ❍ D. Phone your client. 6. Norman has purchased a new Tablet PC computer running Windows Vista. He has downloaded several large documents and needs to scroll through them with the digital pen to locate important information. Which features should he use? (Each correct answer presents a complete solution. Choose two.)

❍ A. Handwriting recognizer ❍ B. Tablet PC Input Panel ❍ C. Snipping tool ❍ D. Pen flicks 7. Laurie has been entering samples of her handwriting into her Tablet PC computer on several recent occasions and has collected a large database of her writing. She wants to temporarily stop using the personalized handwriting recognizer but does not want to lose any of the data it has collected. What should she do?

❍ A. She should access the Handwriting Recognition tab of the Tablet PC Settings dialog box and clear the Use the Personalized Recognizer (Recommended) check box.

❍ B. She should access the Handwriting Recognition tab of the Tablet PC Settings dialog box and select the Don’t Use Automatic Learning, and Delete Any Previously Collected Data option.

❍ C. From the Tools menu of the Tablet PC Input Panel, she should select Options. On the Settings tab, she should click Restore.

❍ D. From the Tools menu of the Tablet PC Input Panel, she should select Personalize Handwriting Recognition. In the Personalize Handwriting Recognition dialog box, she should select Delete Handwriting Samples that You Provided for the Current Language.

593

Apply Your Knowledge 8. You are the systems administrator for your company. All desktop and portable computers in the company run Windows Vista Business. Users in the Research department bring their portable computers to the conference room for a biweekly planning meeting. These users require a simple means of manually placing their computers in a low-power condition without using the Start menu. In addition, they need their computers to resume normal operating condition as rapidly as possible. How should you configure the Power Options properties to accomplish these needs?

❍ A. Configure the computers to use the Power Saver power plan. ❍ B. Configure the computers to use the High Performance power plan. ❍ C. Configure the Critical Battery Alarm on the computers to enable Sleep mode when the battery capacity drops to 5%.

❍ D. Configure the computers to enter Sleep mode when the lid is closed. ❍

E. Configure the power button on each computer to enable hibernation.

9. Peter has purchased a new notebook with Vista Home Premium installed. He discovers that the notebook appears to turn itself off if left inactive for more than an hour, even when it is plugged in to an AC outlet and the battery is fully charged. Peter would like to prevent this from happening but continue to optimize battery life when it is not plugged in. What should he do?

❍ A. In the Power Options dialog box, select the Change What the Power Buttons Do link, and then select Never under the When I Press the Power Button drop-down list for the Plugged In situation.

❍ B. In the Power Options dialog box, select the Change What the Power Buttons Do link, and then select Never under the When I Press the Power Button drop-down list for the On Battery situation.

❍ C. In the Power Options dialog box, select the Power Saver plan and click Change Plan Settings. On the Change Settings for the Plan dialog box, select Never under the Put the Computer to Sleep drop-down list for the On Battery situation.

❍ D. In the Power Options dialog box, select the Power Saver plan and click Change Plan Settings. For the Change Settings in the Plan dialog box, select Never under the Turn Off the Display drop-down list for the Plugged In situation.

❍

E. In the Power Options dialog box, select the Power Saver plan and click Change Plan Settings. For the Change Settings in the Plan dialog box, select Never under the Put the Computer to Sleep drop-down list for the Plugged In situation.

❍

F. In the Power Options dialog box, select the High Performance plan and click Change Plan Settings. For the Change Settings in the Plan dialog box, select Never under the Put the Computer to Sleep drop-down list for the Plugged In situation.

594

Chapter 9: Configuring and Troubleshooting Mobile Computing 10. You discover that your new Windows Vista Business laptop shuts itself down immediately after you receive the low battery warning. You do not have time to save your work before the shutdown occurs. What should you do?

❍ A. For the Change Settings in the Plan dialog box for the power plan in use, set the Put the Computer to Sleep setting to a higher value.

❍ B. From the battery meter, select the Power Saver power plan. ❍ C. Access the Battery section of the Power Options dialog box and increase the Low Battery Level setting.

❍ D. Access the Battery section of the Power Options dialog box and increase the Low Battery Notification setting.

Answers to Exam Questions 1. A. The error message The local computer does not support encryption appears when the encryption levels being used by the local computer and the VPN server do not match. Servers running Windows 2000 Server or Windows Server 2003 use RC4 encryption at a level of either 40-bits or 56-bits. By default, Vista uses 128-bit encryption; you need to modify this encryption level to make a successful connection. Your computer can use either PPTP or L2TP to connect to a remote VPN server, so answer B is incorrect. The issue does not concern the existence of a GPO that requires encryption, rather it concerns the encryption level, so answer C is incorrect. Computers running Vista Home Premium support encryption, so it is not necessary to upgrade to Vista Ultimate. Therefore answer D is incorrect. For more information, see the section, “VPN Connection Security.” 2. D. You should use the Sync Center to synchronize the document. The Sync Center will report that a conflict exists and offer options to save either or both versions of the document. Choose the option to save both versions, and then edit the newly saved document to incorporate your changes. The Sync Center makes it simple to incorporate edits from different locations by recognizing conflicts and providing this option. You do not need to download the client’s version of the document separately and then copy the changes from your version because the Sync Center facilitates the download process, so answer A is incorrect. You do not need to manually type in your corrections because the Sync Center can save both versions, so answers B and C are incorrect. You do not need to rename your version of the document because the Sync Center recognizes the conflicting changes, so answer E is incorrect. For more information, see the section, “Use of the Sync Center.” 3. C. Brian needs to ensure that synchronization takes place at a time and interval that allows for frequent synchronization of offline documents. This increases the probability that the sales associates will always have the most up-to-date versions of the files that they require when offline. Changing the caching options on the shared folders to All Files and Programs That Users Open from the Share Will Be Automatically Available Offline makes both files and applications always available; however, this action does not solve the current problem, so answer A is incorrect. If the disk space available were too low, the sales associates would observe that some files were available offline

595

Apply Your Knowledge while others were not. However they did not receive any files, so answer B is incorrect. Scheduling synchronization to take place when users log on would update the files at logon time but would not continue to update the files for any changes that subsequently take place before logging off, so answer D is incorrect. For more information, see the section, “Use of the Sync Center.” 4. B. Before the time of her presentation, Nancy should open the Windows Mobility Center and ensure that the Presentation Settings are set to Not Presenting. When she is ready to begin her presentation, she should click Turn On. Presentation Settings ensures that her computer does not enter Sleep mode during her presentation. It also can be set so that other actions such as displaying alerts and opening the screen saver do not occur. Nancy does not need to modify power settings before and after her presentation because the Presentation Settings option solves the problem for her, so answers A and C are incorrect. Nancy does not need to use an extra battery; furthermore, this action in itself would not prevent Sleep mode from kicking in, so answer D is incorrect. For more information, see the section, “Presentation Settings.” 5. A. You should turn the computer on and log on to your user account. Windows SideShow works by means of a separate cache that holds information when the computer is turned off or placed into Sleep or Hibernation mode. Vista can update the contents of this cache only when the computer is on and you are logged onto your user account. Vista cannot update the contents of the cache when the computer is in Sleep or Hibernation modes, so answers B and C are incorrect. Because the computer needs to be on and logged on to the user account to update the cache, you should not phone your client until after you have performed these tasks; therefore answer D is incorrect. For more information, see the section, “Using Windows SideShow.” 6. B and D. Norman can use either the Tablet PC Input Panel or pen flicks to scroll his documents. On the Input Panel he can select the on-screen keyboard and use his pen to tap the Home, End, PgUp, PgDn, or arrow keys to scroll his document. Pen flicks are actions that he can use with the pen to navigate a document or perform editorial actions. He can set up and customize pen flicks from the Flicks tab of the Pen and Input Devices dialog box. The handwriting recognizer enables him to translate handwriting into typed text accurately. It does not enable him to scroll his document, so answer A is incorrect. The Snipping Tool enables him to capture items from the display and save these as image files or copy them to documents. It does not enable him to scroll his document, so answer C is incorrect. For more information, see the sections “Tablet PC Input Panel” and “Pen Flicks.” 7. A. Laurie should access the Handwriting Recognition tab of the Tablet PC Settings dialog box and clear the Use the Personalized Recognizer (Recommended) check box. Doing this suspends the action of the personalized recognizer without loss of any data that she has collected. She can later return to this dialog box and select this check box to resume using the collected data. If she were to select the Don’t Use Automatic Learning, and Delete Any Previously Collected Data option from the Handwriting Recognition tab or the Delete Handwriting Samples that You Provided for the Current Language option from the Personalize Handwriting Recognition dialog box, she would lose all personalized handwriting data she has collected, so answers B and D are incorrect. If she were to select Restore from the Settings tab of the Options dialog box, default Handwriting Recognizer settings would be restored. This would continue to use the collected handwriting data, so answer C is incorrect. For more information, see the section, “Handwriting Recognizer.”

596

Chapter 9: Configuring and Troubleshooting Mobile Computing 8. D. By configuring the portable computers to enter Sleep mode when the lid is closed, you can enable the users to rapidly and manually place their computers in a low-power state from which the computers can resume normal operation rapidly. While the Power Saver and Balanced power plans enable Sleep mode after a preconfigured time interval, they do not enable the users to manually place their computers into Sleep mode, so answers A and B are incorrect. The Critical Battery Alarm also does not enable the users to manually place their computers in Sleep mode, so answer C is incorrect. The computers do not resume normal operating condition as rapidly from hibernation as they do from Sleep mode, so answer E is incorrect. For more information, see the section, “Power Plans.” 9. E. In this scenario, the computer is not actually turning itself off; it is going to sleep after an hour. To prevent this when running on AC power while optimizing battery life when running on battery power, Peter should access the Power Options dialog box. He should select the Power Saver plan and click Change Plan Settings. On the Change Settings for the Plan dialog box, he should select Never under the Put the Computer to Sleep drop-down list for the Plugged In situation. Selecting Never under the When I Press the Power Button drop-down list does not affect what the computer does when idle, so answers A and B are incorrect. Answer C is incorrect because this would prevent the computer from going to sleep when on battery and not when plugged in. Answer D is incorrect because this would shut down the display only and not prevent the computer from going to sleep. Answer F is incorrect because this would not optimize battery life when running on battery power. For more information, see the section, “Power Plans.” 10. C. You should access the Battery section of the Power Options dialog box and increase the Low Battery Level setting. You can reach this dialog box by selecting the Change Plan Settings link for the power plan in use and then selecting Change Advanced Power Settings. Increasing this setting enables you to receive a warning sooner and gives you more time to save your work. Setting the Put the Computer to Sleep setting to a higher value would cause the computer to remain active for a longer time, thereby actually increasing the chance of data loss from a sudden shutdown, so answer A is incorrect. Selecting the Power Saver power plan would allow the computer to run longer on battery power but in itself would not provide more warning of low battery levels, so answer B is incorrect. Increasing the Low Battery Notification setting is not possible. This is an on/off switch and is normally set to on. Turning it off would result in no warning at all, and the computer would shut down without warning; therefore answer D is incorrect. For more information, see the section, “Advanced Power Settings.”

Suggested Readings and Resources The following are some recommended readings on the subject of configuring and troubleshooting mobile computing in Windows Vista: 1. Book . Stanek, William R. Windows Vista Administrator’s Pocket Consultant. Chapter 7,

Managing Laptops and Traveling Users. Redmond, WA: Microsoft Press. 2007

597

Apply Your Knowledge 2. Course . Microsoft Official Curriculum course 5116. Configuring Windows Vista Mobile

Computing and Applications. Module 4, Configuring Mobile Computers, Module 5, Configuring Tablet PC Settings, and Module 6, Networking Mobile Computers. Information available at http://www.microsoft.com/learning/syllabi/en-us/ 5116afinal.mspx 3. Websites . Microsoft. Windows Mobility Center. http://www.microsoft.com/windows/

products/windowsvista/features/details/mobilitycenter.mspx . Microsoft. Windows Vista: 6 Hot New Features. http://www.microsoft.com/

australia/smallbusiness/issues/technology/vistamobility.mspx . Microsoft. Tablet PC Support. http://www.microsoft.com/windows/products/

windowsvista/features/details/tabletPC.mspx . MSDN. Mobile PCs. http://msdn2.microsoft.com/en-us/windowsvista/

aa905027.aspx . Microsoft. Power Policy Configuration and Deployment in Windows Vista. http://

download.microsoft.com/download/9/c/5/9c5b2167-8017-4bae-9fded599bac8184a/PMPolicy_Vista.doc

This page intentionally left blank

PART II

Final Review Fast Facts Practice Exam Answers to Practice Exam

This page intentionally left blank

Fast Facts The facts, methods, and skills you need to master have been covered in the preceding chapters in this book. You should have read the study materials presented in each chapter, worked through the exercises, and practiced using the study suggestions. When you have tackled all this material and applied your knowledge in a lab or in your workplace, you should be ready to take the exam. Exam days tend to be stressful, which can be compounded by procrastinating your studies and then cramming all the facts you can into your head at the last minute. Success usually isn’t the result of one big action that you perform a single time. Success is the culmination of consistent small actions. To successfully pass a certification exam, the best approach is to spend a minimum of 15 minutes every day studying. If you study longer, that’s great. However, the key is to never skip a day and to study for no less than 15 minutes each day. After you finish studying Chapters 1 through 9, you should be ready to sign up for the exam. A few days prior to and up until the day of the exam, you can brush up on your facts and skills by reading this chapter. This book was organized to bracket together the skills that Microsoft Exam 70-620 tests in the same groups Microsoft uses. These Fast Facts highlight the most essential points for you to recognize and process while you are taking the exam. They are by no means a substitute for the rest of this book, but they do provide excellent review material.

602

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring

Introducing Windows Vista . Microsoft initially developed two versions of desktop operating systems—Windows 9x

and Windows NT. Microsoft merged these two lines of operating systems in Windows XP, and Windows Vista represents the latest upgrade of the flagship Windows operating system. . Windows Vista is available in five editions, each suited for a different segment of the

general population: Windows Vista Home Basic, Windows Vista Home Premium, Windows Vista Business, Windows Vista Enterprise, and Windows Vista Ultimate. Table 1 summarizes the basic features available with each Vista edition. TABLE 1 Editions of Windows Vista Edition

Designed for

Notable Features

Home Basic

Home users who need only basic computing capabilities

Fundamental security capabilities such as Internet Explorer 7 and Windows Defender, as well as Windows Mail and Parental Controls

Home Premium

Enhanced home usage capability, including music, photo, and video usage

3D Aero desktop, photo and video handling and basic editing, DVD authoring, Mobility Center, and Windows Media Center

Business

Business users who need only basic computing capabilities

Windows Meeting Space, domain membership, advanced backup capabilities including shadow copy, business networking capabilities, and Remote Desktop

Enterprise

Business users who need advanced computing and security functions

BitLocker drive encryption and Multi-Language User Interface (MUI)

Ultimate

Home and business users who want the complete experience

All features included with Vista Home Premium and Vista Enterprise

. Microsoft also includes a Starter Edition that provides only very fundamental comput-

ing capabilities, and designed only for selected third-world overseas markets. . Vista provides numerous productivity enhancements including an improved user

interface and Start menu, new integrated search features, improved startup capabilities including the Restart Manager, Sleep mode, Windows Experience Index, improved stability features, improved hardware diagnostics, support for document metadata, and so on.

603

Fast Facts . Security enhancements in Windows Vista include Secure Startup, User Account

Control, an improved Windows Firewall, Windows Defender, Spam and Phishing Filters, Network Access Protection, Parental Controls, and Windows Service Hardening. . When you first log on to a new Windows Vista installation, the Welcome Center runs

and introduces you to many of the new and updated Vista features. . Microsoft has continued the category divisions in Control Panel and introduced many

new and enhanced features. The functions of the Control Panel categories are as follows: . System and Maintenance—Enables you to configure performance options and obtain

information about your computer . Security—Includes applets such as the Security Center, Windows Firewall,

Windows Update, Windows Defender, Internet Options, Parental Controls, and BitLocker Drive Encryption . Network and Internet—Includes the Network and Sharing Center as well as other

applets that enable you to configure options related to networking and the Internet . Hardware and Sound—Includes applets that enable you to configure all your com-

puter’s hardware components . Programs—Enables you to configure program-related actions such as programs

that execute at startup and the downloading, installation, and removal of programs . User Accounts and Family Safety—Includes the User Accounts, Windows CardSpace,

and Parental Controls features . Appearance and Personalization—Enables you to configure properties of your com-

puter related to how items appear on the display . Clock, Language, and Region—Enables you to configure time, date, time zone, dis-

play languages, and country-specific formatting . Ease of Access—Includes the Ease of Access Center and the Speech Recognition

applet, which enables you to configure microphones and train your computer to understand your voice . Service packs are a software bundle of patches and hotfixes plus additional features.

604

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring

Installing Windows Vista . The minimum supported and recommended hardware requirements for Windows

Vista are listed in Table 2. Minimum hardware will exhibit poor performance. TABLE 2 Hardware Requirements for Windows Vista Device

Minimum Supported

Premium Ready

Processor

Intel Pentium/Celeron running at 800MHz or higher

Intel Pentium II/Celeron running at 1GHz or higher, or 64-bit (x64) processor

RAM

512MB

1GB

Graphics processor

DirectX 9-capable

DirectX 9–capable with at least 128MB graphics memory

Hard disk

20GB with at least 15GB free space

40GB with at least 15GB free space

Monitor

SVGA (800×600)

1024×768 or higher resolution

Disk drives (for CD installations)

CD-ROM or DVD drive

CD-ROM or DVD drive at 12x or faster speeds

Other

Standard keyboard and mouse or other pointing device

Standard keyboard and mouse or other pointing device and audio output and Internet access capabilities

. Always check hardware for compatibility at Microsoft’s Windows Logo Program for

Hardware website before installing. . Ensure that software is compatible with Vista prior to installation. If an application is

not compatible, you should upgrade or replace it. Microsoft provides the Windows Application Compatibility Toolkit to assist you. . You can configure computers running Vista Business, Enterprise, or Ultimate to

belong to either a workgroup or an Active Directory domain. Computers running Vista Home Basic or Home Premium can belong to a workgroup only. . Ensure that network hardware and protocols are compatible with Vista. . Transmission Control Protocol/Internet Protocol (TCP/IP) is the standard (default)

network protocol in Windows Vista. The default configuration is as a Dynamic Host Configuration Protocol (DHCP) client. . To join a domain, open the System applet in Control Panel, click the Computer Name

tab, and then click the Network ID button to use the wizard or click the Change button.

605

Fast Facts . A computer that is not joined to a domain is a member of a workgroup. If other com-

puters are members of the workgroup, they act as a peer-to-peer network. Each computer can be configured to share printers and files, and each computer maintains a separate list of users and groups—unlike domains, which provide centralized management of users and network resources. . To interact with other computers on a network as a server, you can install File and

Printer Sharing, using the Network Connections applet in Control Panel. . File systems supported by Windows Vista are FAT16, FAT32, and NTFS. However,

Vista supports only the NTFS file system for its system and boot volumes. . The NTFS file system is required for access control permissions on files and folders. . As was the case in Windows XP, you are required to activate Vista by means of

Windows Product Activation within 30 days of installation. If you do not activate Vista within 30 days, it enters a “reduced functionality mode” in which you can only perform certain actions. Microsoft provides two systems for performing Volume Activation of large numbers of Vista installations: Multiple Activation Keys and Key Management Service. . Always check the BIOS compatibility with Windows Vista prior to installation. You

should upgrade the BIOS to the latest functional and compatible version. . Windows Vista requires Advanced Configuration and Power Interface (ACPI) capabili-

ty in the BIOS; you cannot use older power management systems such as Advanced Power Management. . It is simple to install Windows Vista by booting your computer from the Vista DVD-

ROM and following the instructions provided. . Unlike previous Windows versions, you can install Vista without providing a product

key. You can try out various editions of Vista for up to 14 days, after which you must supply a valid product key. . Unattended installations provide greater consistency compared to performing multiple

attended installations and reduce errors upon deployment. . Methods you can use for unattended installation are scripting through answer files,

using Windows Deployment Services (WDS), and cloning with Sysprep along with a third-party cloning tool. . Windows System Image Manager (SIM) enables you to create answer files from infor-

mation included in a Windows image (.wim) file and a catalog (.clg) file. . Sysprep is a utility that automates installation.

606

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring . Microsoft includes Windows PE, which is a minimal version of a 32-bit operating sys-

tem designed to facilitate the deployment of a Windows Vista image to multiple computers. . WDS is a server-based system for remotely installing Windows Vista or Windows

Server 2008 on computers. It replaces Remote Installation Services (RIS), which was formerly used with Windows 2000/XP/Server 2003. . WDS requires a network that includes Dynamic Host Configuration Protocol

(DHCP), Domain Name System (DNS), and Active Directory. You must have a server running Windows Server 2003 or 2008 on which WDS has been installed, as well as the Windows Automated Installation Kit (AIK) media either on the WDS server or an accessible network location. . You can zero in on the cause of an installation problem if you know at which stage an

error occurred. . Common problems encountered during installation of Windows Vista and their solu-

tions are listed in Table 3. TABLE 3 Windows Vista Setup Process Phase

Prompted Actions

Possible Problems

Boot into DOS mode

Load storage device drivers

Hardware incompatibility with the storage device; incompatible device driver; wrong device driver; no built-in device drivers; Windows Vista Setup does not detect the storage device, such as a SCSI hard disk.

Install Windows

Select Install Now, Repair Your Computer, or Quit

Accidental selection of Repair Your Computer or quitting Setup (F3).

EULA agreement

Accept the EULA

Not accepting the EULA.

Create partitions

Select or create a partition

Not creating or selecting a partition.

File system

Select a file system to format the drive

Disk errors prevent formatting the drive; formatting a partition that contains information; not using NTFS for the Windows partition.

File copy

Computer reboots after files are copied

Disk errors prevent files from copying; not enough space on the designated drive for files to be copied; source drive for file copy (network) does not contain all the necessary files/drivers for following installation phases.

607

Fast Facts

TABLE 3 Continued Phase

Prompted Actions

Possible Problems

Graphical mode

Setup detects and installs drivers

Source drive for file copy (network) does not contain the correct drivers.

Regional and language settings

Select the language to use

User installed from an incorrect language version of Windows Vista.

Name and organization

Enter a user’s name and company name

Information is later used by some applications, but this screen is not related to installation problems.

Product key

Input the product key

Not entering a product key can cause activation problems later.

Computer name

Enter a computer name

A duplicate computer name causes network conflicts. NetBIOS requires each computer name to have less than 15 characters, which cannot use special characters such as ; : “ < > * + = \ |?,

Dialup info

Enter modem and time zone information

Incorrect time zone information might cause application errors later, but this screen is not usually related to installation problems.

Network settings

Accept typical settings or choose custom settings

Computer cannot connect to the domain; computer has a network address conflict; computer cannot connect to some/all network devices; computer cannot share files or printers; network adapter drivers are incorrect; computer cannot obtain an IP address.

File copy

Setup completes file copying and cleans up temporary files

Hardware device drivers are loaded after Windows Vista restarts; an error after this point might be a hardware device driver error.

. The most common errors are caused by lack of compatibility with the hardware, the

BIOS, or drivers. In addition, lack of disk space, network errors, and name or IP address conflicts can cause a failure during setup. . When the installation DVD cannot be read, try it in a different drive. . When an indeterminate hardware-related error occurs during setup, remove all

nonessential adapters and peripherals. Install Windows Vista, and then add each adapter and peripheral back onto the computer one at a time, verifying that the computer functions until all are installed or the problem-causing device is discovered.

608

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring . Understand the logs that are created during setup and what types of information or

errors they will contain: . DtcInstall.log—Errors generated by the Microsoft Distributed Transaction

Coordinator (MSDTC) . Setupact.log—Chronological set of actions performed by Setup . Setupapi.log—All .inf device driver installation . Setuperr.log—All errors occurring during setup . WindowsUpdate.log—COM+ component installation information . Netsetup.log—Results of the computer joining a workgroup or domain . scesetup.log—Computer security settings . The System log displayed in Event Viewer displays errors that might have caused a

Blue Screen of Death (BSOD). . Driver signing is a process that Microsoft follows to validate files that a third-party

manufacturer creates for use in a Windows Vista computer. . Non-administrative users can install only drivers that have been signed by either a

Windows publisher or trusted publisher; they cannot install unsigned drivers. . Administrators can add the publisher’s certificate to the trusted certificates store, there-

by enabling standard users to install drivers signed by this publisher. . You can use sigverif to verify signatures on system device drivers. . The System Information utility, which can be opened by typing msinfo32 in the Run

dialog box or from the command line, provides a quick view of any resource conflicts. When you are in the utility, click Hardware Resources and then click Conflicts/ Sharing. . In Device Manager, you can click the Driver tab to update the driver, roll back the

driver to a prior version, remove the driver, and troubleshoot the device. . If a driver causes a problem, you can use the Rollback feature in Device Manager to

roll back the driver to a previous version.

Upgrading to Windows Vista . The only version of Windows that can be upgraded to Windows Vista Home Basic or

Home Premium is Windows XP Home Edition.

609

Fast Facts . Versions of Windows that can be upgraded to Windows Vista Business or Ultimate are

Windows XP Home Edition and Windows XP Professional. Any older desktop version of Windows cannot be upgraded without first being upgraded to one of these versions. . Server versions of Windows cannot be upgraded to Windows Vista. . Other operating systems cannot be upgraded to Windows Vista. You can perform only

a clean installation. . The Vista Upgrade Advisor produces a report that identifies any hardware or software

problems associated with the computer to be upgraded. . Applications to remove before upgrading are antivirus applications, disk compression

software, and known incompatible legacy software. . Before upgrading, install the latest service pack for Windows XP (SP2 at the time of

writing), plus any other updates that Microsoft has published. . File systems supported by Windows Vista are FAT16, FAT32, and NTFS. . If you are upgrading an installation of Windows XP on a FAT16 or FAT32 partition to

Vista, convert the file system to NTFS before upgrading. . The command to convert a FAT partition to NTFS is convert c: /fs:ntfs, where c:

is the drive letter for the disk partition that you are converting. You cannot convert an NTFS volume back to FAT. . All upgrades to Vista are permanent. Unlike Windows XP, you cannot revert to the

previous version of Windows in any circumstance. . As in previous versions of Windows, you can install Windows Vista alongside a differ-

ent version of Windows in a dual-boot configuration. . For dual-boot computers, both operating systems must support the file system to share

the partition. . When installing a computer to dual-boot between two operating systems, you should

install the older OS before installing Windows Vista. . Windows Vista introduces several new boot management programs, which replace the

older programs used with previous Windows versions. These include . Bootmgr.exe—Controls boot activities and displays a boot manager menu on a

dual-boot or multi-boot computer. . Bcdedit.exe—An editing application that enables you to edit boot configuration

data on Vista.

610

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring . Winload.exe—The operating system loader, included with each instance of

Windows Vista or Windows Server 2008 installed on any one computer. . Winresume.exe—Resumes the operating system from hibernation. . Microsoft provides several paths for upgrading one Vista edition to a higher one. You

can upgrade Vista Home Basic to either Vista Home Premium or Vista Ultimate, and you can upgrade Vista Home Premium, Vista Business, or Vista Enterprise to Vista Ultimate. . Windows Anytime Upgrade facilitates the process of upgrading one edition of Vista to

a higher one. . If you entered your product key during installation or upgrading, Vista is automatically

activated three days later. You can also activate Vista manually if desired. . The Windows Update website analyzes your computer and determines which updates

are required to keep your computer up-to-date and downloads and installs these updates automatically. . You have four options for determining how updates are downloaded to and installed on

your computer: . Download and install all updates automatically. . Download updates and inform you so that you can select which updates you want

to install. . Inform you that updates are available so that you can select which updates to

download and install. . Do not to check for updates at all.

Configuring and Troubleshooting PostInstallation System Settings . Vista provides the Startup Repair Tool (SRT), which attempts to automatically recover

a computer that will not start normally. It attempts to recover from problems such as missing or corrupted device drivers, boot configuration settings, Registry keys or data, or corrupted disk metadata such as the master boot table, boot sector, or partition table. . You can access the SRT by booting your computer from the Vista DVD-ROM. It pro-

vides a troubleshooting wizard that walks you through a series of steps to attempt a repair of your computer.

611

Fast Facts . Every time a user logs on successfully, Windows Vista makes a recording of the current

Registry settings, known as a control set. These settings are stored under HKEY_LOCAL_ MACHINE\SYSTEM\CurrentControlSet. This is made available as the Last Known Good Configuration the next time the computer is booted. . Whenever you log on successfully after having made a damaging change to the com-

puter, you cannot use the Last Known Good Configuration. . Safe mode starts your computer with a minimal set of drivers (mouse, VGA, and key-

board) so that you can start your computer when problems with drivers or other software are preventing normal startup. . Safe mode with Command Prompt starts the computer to a command prompt. This

can be useful if you cannot obtain a normal GUI. . Safe mode with Networking starts network drivers as well as the other basic drivers.

This is useful if you need to copy files from a network location. . You can use System Restore to restore your computer to a previous condition without

damaging any data files such as documents and email. It is useful if you are experiencing problems related to faulty device drivers, improper system settings, or incompatible applications. . Other available startup options include boot logging, low resolution video, debugging

mode, disabling automatic restart on system failure, and disabling device driver signing enforcement. . The tools within the Computer Management console include Task Scheduler, Event

Viewer, Shared Folders, Reliability and Performance, Device Manager, Disk Management, Services, and WMI Control. . The System Information utility, which can be opened by typing msinfo32 in the Run

dialog box or from the command line, provides a quick view of any resource conflicts. When you are in the utility, click Hardware Resources and then click Conflicts/ Sharing. . In Device Manager, you can click the Driver tab to update the driver, roll back the

driver to a prior version, remove the driver, and troubleshoot the device. . Table 4 describes common problems encountered when installing or using CD/DVD

drives and the appropriate solutions.

612

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring

TABLE 4 Troubleshooting CD or DVD Errors Device

Problem or Process

Utility/Solution

Response

Proprietary non-SCSI interface

Installing

Windows Vista Setup, Options menu, Add/Remove SCSI Adapters

Verify/install correct device driver.

CD-ROM drive

Can’t play audio CD; can read data CD

Device Manager, Sound, video, and game controllers category

Verify device is listed. Verify audio codecs.

CD or DVD drive

Disc reading problem

Physically inspect the disc

Verify that disc has no defects or scratches. Clean disc.

DVD drive

Can’t play DVD

Device Manager, device Properties, General tab

Verify device type is DVD drive, not CD-ROM drive.

CD or DVD drive

Disc reading problem

Alternate CD or DVD drive

Test disc in alternate drive.

CD or DVD drive

Error reading multiple discs

Special CD or DVD drive cleaning disc

Clean drive.

CD or DVD drive

Computer stops responding while reading disc

Task Manager (press Ctrl+Alt+Del), Performance tab

View performance. Exit unnecessary applications.

CD or DVD drive

Computer stops responding while reading disc

Perform a clean boot. Ensure that no Test the disc in the unnecessary applications drive again are running.

DVD drive

Cannot play a DVD movie disc

Device Manager, display adapter Properties, Driver tab, Update Driver button

Update the video driver. Install a DVD software decoder.

DVD drive

Analog copy protection error

Physical presence of video output cables or older device driver does not support copyright protection on disc. Device Manager, display adapter Properties, Driver tab, Update Driver button

Remove video output cables from video adapter or DVD drive. Update video adapter.

613

Fast Facts

TABLE 4 Continued Device

Problem or Process

Utility/Solution

Response

DVD drive

Low video memory

Device Manager, display adapter Properties, Driver tab, Update Driver button

Update the video driver.

DVD drive

Low video memory/poor resolution

Control Panel, Personalization, Display Settings utility, Advanced Settings button, Monitor tab

Lower the refresh rate.

DVD drive

Does not play DVD discs

Firmware version and DVD decoder software version— validate compatibility

Update the firmware version. Uninstall the DVD decoder software. Install a version that is compatible with Windows Vista. This can happen when a computer was upgraded from an older version of Windows.

. Watch out for questions on the exam that require you to know when to perform a

clean boot (press F8 on bootup), as well as the process to do so. You can customize how Windows Vista starts up by clicking Start, Run, typing msconfig in the Open text box, and pressing Enter. . There are several utilities that can help manage the disk partitions. You should be

logged in as an administrator-level user to make disk or volume configuration changes, such as when using Fsutil.exe or Disk Management. . Chkdsk.exe—Command-line utility that verifies and repairs FAT- or NTFS-

formatted volumes. . Cleanmgr.exe—Also known as Disk Cleanup, a GUI utility that deletes unused

files. . Defrag.exe—Also known as Disk Defragmenter, a command-line utility that

rearranges files contiguously, recapturing and reorganizing free space in the volume. Optimizes performance. . Dfrg.msc—Also known as Disk Defragmenter, a GUI utility that performs the

same actions as DEFRAG.EXE.

614

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring . Diskpart.exe—A command-line utility that can run a script to perform disk-

related functions. DISKPART’s nearest GUI counterpart is the Disk Management utility. . Fsutil.exe—A command-line utility that displays information about the file sys-

tem and can perform disk-related functions. . You can access the Disk Management graphical tool by right-clicking Computer and

selecting Manage or running Dskmgmt.msc. . Disk Management enables you to change from basic to dynamic disks, format a parti-

tion, manage volumes, change drive letters, and create striped or extended volumes. . Table 5 describes common disk errors and how to resolve them.

TABLE 5 Troubleshooting Disk Errors Error

Problem or Process

Possible Repairs

Non-system disk

Computer is trying to boot from a disk without a boot volume.

Remove any non-system disks from the floppy or CD-ROM drives. Repair the boot volume using Windows Recovery Console.

There is not enough memory or disk space to complete the operation

Disk is full.

Free up space on the hard disk by deleting files, removing applications, or compressing files. Add another disk and extend the volume to span both disks.

Missing Operating System

No active partition is defined.

Check the BIOS settings and configure if they incorrectly identify the boot disk. Boot up with a floppy. Use Diskpart.exe to mark the boot volume as active. Use Windows Vista Startup Repair Tool. Reinstall Windows Vista.

Non-System Disk or Disk Error

Basic Input Output System (BIOS) generates this error when the master boot record (MBR) or boot sector is damaged or when a different device is configured as the boot device in the BIOS.

Check the BIOS and reconfigure if necessary. Remove any nonbootable floppy disks from the PC. Repair the boot volume with Windows Vista Startup Repair Tool. Reinstall Windows Vista. Replace the hard disk.

615

Fast Facts

TABLE 5 Continued Error

Problem or Process

Possible Repairs

Invalid Media Type

Boot sector is damaged.

Repair the boot volume with Windows Vista Startup Repair Tool. Reinstall Windows Vista. Replace the hard disk.

Hard disk controller failure

BIOS’s disk controller configuration is invalid, or the hard disk controller has failed.

Check the BIOS and reconfigure controller. Replace the hard disk controller.

. When an application doesn’t function properly in Windows Vista, you can run it in

Compatibility mode by selecting the Compatibility tab of the application’s Properties dialog box and selecting one of the compatibility modes. . The Windows Easy Transfer tool assists you in migrating settings from an old comput-

er to your Windows Vista computer. It provides a wizard that facilitates transferring user accounts, folders and their files, application data and settings, email data, and Windows and Internet settings from a computer running Windows 2000 or later to the Vista computer. . The desktop scheme known as Aero is new to Vista. . Aero Glass, the enhanced version of Aero, is available on all editions of Vista except

Home Basic and requires a video card with at least 128MB of onboard RAM, a highquality graphics processor, and a bandwidth of at least 1800MB. It provides the following features: . Translucent title bars, which show a view of any windows or the desktop hidden

beneath them . Windows Flip, which provides thumbnail views of tasks running on the computer

when you press Alt+Tab . Windows Flip 3D, which provides a stacked view of tasks running on the comput-

er when you press the Windows key+Tab combination . An improved taskbar, which provides thumbnail views of tasks running on the

computer when you hover your mouse over a taskbar button . A more smoothly performing desktop, with redraw artifacts such as “tearing” and

reduction of graphics driver-related crashes. . The Windows Presentation Foundation (WPF) presents an enhanced platform that

supports media-rich applications that provide complete fidelity to systems such as the Xbox 360 Media Center Extender.

616

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring . You can enable or disable Aero from the Appearance Settings dialog box, which is

accessible by selecting Window Color and Appearance from the Control Panel Personalization category. This dialog box also enables you to select a variety of desktop schemes including one that is similar to the classic Windows 2000 appearance. . Table 6 describes common problems with Windows Aero and how to resolve them.

TABLE 6 Troubleshooting Windows Aero Problem

Cause and Possible Solution

Window borders are not translucent.

Press Windows+Tab. If you do not observe the Flip 3D view, your computer is not running Aero Glass. If you do observe the Flip 3D view, open the Window Color and Appearance dialog box and select the Enable Transparency option.

Aero Glass is not running.

Enable Windows Aero from the Color Scheme drop-down list in the Appearance Settings dialog box.

Aero Glass is unavailable.

Check your display adapter properties in Device Manager. Update the driver to a Windows Display Driver Model (WDDM)compliant one if available.

Glass or transparency might have been disabled in the Performance Options dialog box.

In Control Panel, open System and Maintenance, select Performance Information and Tools, and then select Adjust Visual Effects. In the Performance Options dialog box, select Adjust for Best Appearance.

Color depth might be insufficient.

In the Display Settings dialog box, ensure that the color quality is set to Highest (32-bit).

An application might be disabling Glass.

Application compatibility settings for older applications might disable the Aero Glass desktop.

. The Taskbar and Start Menu Properties dialog box enables you to configure properties

related to the taskbar, Start menu, notification area, and toolbars. . The new Parental Controls feature enables you to restrict children’s access to items

such as questionable websites, games, and so on. This feature is available in the Home Basic, Home Premium, and Ultimate editions and enables you to configure the following: . Filter web pages according to the type of content displayed. Content types such as

pornography, nudity, drugs, hate speech, and weapons are supported. You can also allow or block specific websites and block file downloads. . Limit the days and times that children are permitted to use the computer.

617

Fast Facts . Choose which applications children are permitted to access, thereby preventing

them from running programs such as your financial planner. . Choose which types of games children are permitted to play according to age lim-

its set by major game rating boards. You can also choose to permit or block specific games. . To enable Parental Controls on a child’s usage of the computer, each user must have

his own user account with a password. You can create user accounts from the Control Panel User Accounts and Family Safety applet. Select Add or Remove User Accounts. . You can configure Parental Controls from the User Accounts and Family Safety applet.

Select Set Up Parental Controls For Any User. . The Parental Controls feature enables you to view a report of what your child has

done at the computer. You can view which websites the child has visited, the times the child was logged on, programs and games the child accessed or attempted to access, email and instant messages the child sent or received, and media player activity. . Internet Explorer 7 introduces new features such as tabbed browsing, Live Search

capabilities, pop-up blocking add-on capabilities, and Really Simple Syndication (RSS) feeds. Table 7 lists the methods you should know for accessing Internet resources. TABLE 7 Accessing Resources Via a Browser Command

Sample URL

Usage

http://

http://www.microsoft.com

Downloads HTML files from Internet web servers and displays the file within the browser.

https://

https://www.microsoft.com

Downloads HTML files using Secure Sockets Layer (SSL) so that the information exchanged is secured.

ftp://

ftp://ftp.microsoft.com

Downloads a file from an FTP server.

File://

File://server/share/folder/file

Opens the file specified from a network server.

http://

http://printserver/printers

Displays a list of the printers that are being shared by a computer configured with IIS for sharing printers.

http://

http://PrintServer/Printer

Opens the printer page for the printer.

. Tabbed browsing enables you to have more than one web page open simultaneously in

the same Internet Explorer window. You can open, close, and refresh tabs by means of a right-click action, view thumbnails of tabs, save a set of tabs to reopen later, save a group of tabs as a favorite, or disable the use of tabbed browsing entirely.

618

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring . By default, Internet Explorer 7 runs in Protected mode. This mode prevents hackers

from hijacking your browser for nefarious purposes such as installing malicious software, modifying startup routines, or redirecting your home page. . You can configure the Pop-up blocker from the Tools menu of Internet Explorer. Click

Pop-up Blocker Settings to open the Pop-up Blocker Settings dialog box. From this dialog box you can specify websites that are allowed to open pop-ups and whether to display the information bar and play a sound when a pop-up is blocked. You can also choose from three levels of pop-up blocking action. . You can change the default search provider used by Internet Explorer (Microsoft Live

Search) or add additional search providers. . The Tools menu in Internet Explorer contains a series of options that enables you to

customize the appearance of the browser window. . Add-ons are optional additional features that can be installed in Internet Explorer and

provide additional functionality. These are sometimes installed without your knowledge. The Manage Add-Ons dialog box, accessed from the Tools menu, enables you to view add-ons that have been used or are currently in use, add-ons that run without requiring permission, and downloaded 32-bit ActiveX controls. You can disable addons or ActiveX controls that are causing problems, and you can delete ActiveX controls that were not preinstalled with Windows or your ISP. . You can run Internet Explorer without any add-ons by clicking Start, All Programs,

Accessories, System Tools, Internet Explorer (No Add-ons). . RSS presents a simple means by which you can receive up-to-date information on the

Internet at times that are convenient to you. Internet Explorer informs you that RSS feeds are available by displaying an orange toolbar icon. Click this icon to view and subscribe to feeds. . The Feed Settings dialog box enables you to specify how frequently feeds are down-

loaded. You can also choose to automatically mark feeds as read, play a sound when feeds arrive, or modify the view in which a feed is displayed.

Configuring Windows Security Features . Every person who logs on to Windows Vista must do so with a user account. Rights

and permissions granted to each user account determine the resources that the user can access on the computer.

619

Fast Facts . When you grant rights to domain users, the best practice is to use the AGDLP

method. This means that you place Accounts in Global groups. Then you place the Global groups into Domain Local groups, to which you grant (or deny) Permissions. . When a permission is explicitly denied to a user or group, even if the user is a member

of another group where the same permission is explicitly granted, the Deny permission overrides all others, and the user is not allowed access. . Whenever a user requests authorization to use a prohibited object or resource, the user

sees an Access Is Denied message. . The Computer Management console enables you to create and manage user and group

accounts. . Table 8 lists the more commonly accessed default local groups.

TABLE 8 Default Local Groups in Windows Vista Local Group

Default Access

Default Members Locally

Administrators

Unrestricted access to the computer

Administrator

Backup Operators

Access to run Windows Backup and sufficient access rights that override other rights when performing a backup

N/A

Guests

Limited only to explicitly granted rights and restricted usage of computer

Guest

Network Configuration Operators

Access to manage the network configuration of the computer, such as TCP/IP properties

N/A

Power Users

Not used directly with Vista; included only for backwards compatibility with previous Windows versions

N/A

Remote Desktop Users

Limited to accessing the computer via a remote desktop connection plus any explicitly granted rights and restricted usage of computer

N/A

Users

Limited to use of the computer, personal files and folders, and explicitly granted rights

All newly created users; NT Authority\Authenticated Users special built-in group; NT Authority\Interactive special builtin group

. Table 9 lists Windows Vista built-in special groups and includes their default access

and default local membership.

620

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring

TABLE 9 Built-in Special Groups in Windows Vista Built-in Group

Default Access

Default Members Locally

Anonymous Logon

Not provided any default access rights.

User accounts that Windows Vista cannot authenticate locally

Authenticated Users

Not given any default access rights.

All users with valid local user accounts on this computer

Creator Owner

Designated full control over resources created or taken over by a member of the Administrators group.

Administrators group

Dialup

No specific rights; this group is not shown on systems without configured modems and dial-up connections.

All users who have connected to the computer with a dial-up connection

Everyone

Full control is the default permission granted for all files and folders on NTFS volumes; you must remove this permission to implicitly deny access.

All users who access the computer

Interactive

No specific rights.

All users who have logged on locally to the computer

Network

No specific rights.

All users who have established a connection to this computer’s shared resource from a remote network computer

. You can join your Windows Vista Business, Enterprise, or Ultimate computer to an

Active Directory domain from the Computer Name, Domain, and Workgroup Settings section of the System Properties dialog box. . After you have joined a domain, you should use only domain user accounts to log on to

your computer. You can also use the following domain groups: . Global—These groups are used to contain users, computers, and other global

groups from the same domain. They are generally employed to organize users who have similar functions and therefore similar needs on the network. . Domain local—These groups can contain users, computers, and groups from any

domain in the forest. They are most often used for granting permissions for resources, and as such might be employed to grant access to any resource in the domain in which they are created. . Universal—These groups can contain users, computers, and global groups from

any domain in the Active Directory forest. You can employ these groups to grant permissions to any resource in the forest.

621

Fast Facts . User Account Control (UAC) is a new feature in Windows Vista that requests approval

before running administrative tasks on the computer. It limits tasks that can be performed without providing additional consent and requesting such consent for performing tasks such as system tasks that require higher privileges. . If you are logged on with a user account that possesses administrative privileges and

want to perform a task that requires administrative credentials, the screen dims and you receive a UAC prompt. Click Continue to perform the task or Cancel to quit. . A non-administrative user who wants to perform a task that requires administrative

credentials receives a UAC prompt that requires that an administrative password be typed. . Some third-party applications also display UAC prompts when you attempt to run

them. You can verify that the program that is attempting to run is one that you really want. Again, a non-administrative user must enter an administrative password. . A third-party program that does not have a digital signature including its name and

publisher produces a stronger UAC prompt that includes a yellow title bar and yellow shield. This prevents rogue programs from the Internet from executing without your knowledge. Such programs might perform harmful actions like sending private data to unauthorized sources. Make sure you really want to run this program before allowing it. . You can configure an application to always run with elevated privileges from the

Compatibility tab of its Properties dialog box. . If you are logged on using the default Administrator account created when you install

Windows Vista, you do not receive any UAC prompts. Do not use this account except under emergency conditions. . Local Group Policy provides a series of policy settings that you can configure to modi-

fy UAC behavior. You can specify that administrative users must enter a password to proceed or that they do not receive a UAC prompt at all. You can specify that nonadministrative users are denied access to administrative tasks. You have several additional policies that govern application behavior and access to the Registry, and you can even disable the use of UAC entirely. . Windows Defender is a program that protects your computer against the damaging

effects of spyware. It monitors your computer for telltale signs of spyware activity. When it finds problems, it attempts to block the actions of spyware and remove it from your computer. . Windows Defender automatically and continuously monitors your computer for signs

of unwanted applications.

622

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring . By default, Windows Defender performs a quick scan of the most vulnerable locations

of your computer daily at 2:00 AM. You can modify the automatic scan behavior or manually initiate scans from the Windows Defender configuration screen. . You can also use Windows Defender to perform a full scan of your computer or choose

a custom scan that enables you to select the drives and folders to be scanned. . If Windows Defender finds software that it thinks is spyware on your computer, it dis-

plays an alert and offers you the following options: . Quarantine—Places the software in a restricted location on your computer from

which it cannot run. . Remove—Deletes the software permanently from your computer. . Ignore—Ignores the threat this time only. . Always Allow—Enables the software to run and adds it to the Windows Defender

allowed list. . The Windows Defender Options dialog box enables you to specify the time and type

of scans automatically performed, the type of actions taken when high-, medium-, and low-alert items are detected, the security agents that are run, and additional administrative actions. Table 10 lists the available security agents. TABLE 10 Available Security Agents in Windows Defender Agent

What Each Agent Monitors

Auto Start

Applications that execute automatically on Vista startup, either from the Registry hives or the various Startup folders. Spyware can add itself to these locations to execute without the user’s knowledge.

System Configuration (Settings)

Security-related Windows settings. Spyware can modify these settings to allow it to run undetected.

Internet Explorer Add-ons

Add-ons that run automatically from Internet Explorer. Spyware can masquerade as these add-ons. See Chapter 4 for more information.

Internet Explorer Configuration (Settings)

Browser security settings. Spyware can modify these settings without your knowledge.

Internet Explorer Downloads

Downloaded applications that provide functionality to Internet Explorer, such as ActiveX controls and software installation programs. Spyware is often included with these downloads.

Services and Drivers

Services and drivers interacting with applications and the Windows operating system itself. Spyware can masquerade as services or drivers to perform its actions.

Application Execution

Programs as they start up and execute on the computer. Spyware can attach itself to these programs and run in the background.

623

Fast Facts

TABLE 10 Continued Agent

What Each Agent Monitors

Application Registration

Files and other locations in the operating system in which applications including spyware can be inserted to execute.

Windows Add-ons

Software utilities integrated with Windows. Such utilities can collect information about the user and transmit it to unauthorized parties.

. Microsoft publishes updates to spyware definition signatures on a regular basis. You

might be informed of an available update by receiving a message Windows Defender Definitions haven’t been updated on starting Windows Defender. . Software Explorer is a Windows Defender component that enables you to view infor-

mation about software programs and system state on your computer. It provides information on program startup type including automatic startup, Windows component programs, security risk classification, and digital signatures. . Software Explorer enables you to specify which programs can start from various loca-

tions such as the User Profile, All Users, and the Current User and Local Machine hives of the Registry. You can prevent programs from starting or remove them permanently from the Startup folder. You can also perform these actions for programs running from network locations. . To configure the security settings for an Internet zone, click the zone to select it and

then click the Custom Level button to open the Security Settings dialog box. The zones are Internet, Local Intranet, Trusted Sites, and Restricted. . The Security Settings dialog box enables you to select individual security settings or

specify a predefined group of security settings that range from Low, to Medium-Low, to Medium, to Medium-High, to High. . Content Advisor enables you to control what Internet content users can view on the

computer. The Content Advisor dialog box enables you to specify ratings that filter websites according to their content as established by various rating boards. You can perform the following actions: . The Ratings tab enables you to customize the extent of filtering websites accord-

ing to a series of criteria that includes topics such as fear, intimidation, drug use, language, nudity, sexual material, violence, and so on. . The Approved Sites tab enables you to specify websites that are always or never

approved for viewing.

624

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring . The General tab enables you to configure additional options such as viewing

unrated pages and the specification of a supervisor password that enables users to view restricted content. . The Advanced tab enables you to add additional rules formatted according the

World Wide Web Platform for Internet Content Selection (PICS). . The phishing filter in Internet Explorer 7 examines websites for phishing activity by

performing the following actions: . Comparing website addresses visited by users with lists of reported legitimate sites

saved on your computer. . Analyzing website addresses against characteristics (such as misspelled words) used

by phishing sites. . Comparing website addresses with those in an online service that Microsoft oper-

ates for immediate checking against a list of reported phishing sites. . The phishing filter displays the address bar in red when it detects a known phishing

site and displays a message informing you of the risks of continuing to it. If the site is not a known phishing site but behaves in a similar manner, the address bar appears in yellow and a warning message appears. . You can configure several options related to the phishing filter by selecting Phishing

Filter from the Tools menu in Internet Explorer. . The Privacy tab of the Internet Options dialog box enables you to configure which

cookies your browser accepts and whether websites are permitted to store cookies that use personally identifiable information. You can also access the pop-up blocker settings from this tab. . Besides the Content Advisor, the Content tab of the Internet Options dialog box

enables you to link to the Parental Controls feature, configure the behavior of certificates used for encrypted connections and identification, specify the types of entries that Auto Complete is used for, and configure RSS settings. . The Advanced tab of the Internet Properties dialog box contains a large range of set-

tings that you can configure in the subjects of accessibility, browsing, HTTP 1.1, international, multimedia, printing, searching, and security. . Windows Firewall is a personal firewall that stops undesirable traffic from being

accepted by the computer. It is especially useful for home computers with broadband Internet connections that are always on. It includes the following features: . Support for IP Security (IPSec) . Support for environments using only IP version 6 (IPv6)

625

Fast Facts . Configurable exceptions for both incoming and outgoing firewall . Exceptions to components such as ports, protocols, computers, and services . Support for command-line configuration . The Windows Firewall Settings dialog box, accessed from the Windows Firewall

Control Panel applet, enables you to turn the firewall on or off, block all incoming connections, configure exceptions for specific ports, protocols, and programs, and select the connections for which the firewall rules will apply. . The Windows Firewall with Advanced Security snap-in enables you to configure the

following additional types of firewall properties: . Inbound rules—You can specifically enable or disable predefined inbound firewall

rules or create new rules. . Outbound rules—You can perform these same actions for outbound rules. . Connection security rules—You can create new rules that are used to determine limits

applied to connections with remote computers. . Monitoring—Displays a summary of enabled firewall settings and provides links to

active rules and security associations. . The Windows Firewall with Advanced Security snap-in also enables you to define dif-

ferent firewall behavior for three profile types: domain profiles, when you are connected to an Active Directory domain; private profiles, when you are connected to a private network location such as a home or small office; and public profiles, when you are connected to an insecure public network such as a Wi-Fi hotspot. . You can also use Group Policy to configure similar Windows Firewall policies to those

configured with the Windows Firewall with Advanced Security snap-in.

Configuring Network Connectivity . The TCP/IP protocol suite is the default networking protocol for all editions of

Windows Vista. It is also the default protocol used by the Internet. . By default, previous versions of Windows have used version 4 of the IP protocol, sim-

ply known as IPv4. While its 32-bit address space has been adequate for many years, recent rapid growth of the Internet has pushed IPv4 towards exhaustion of its address space. . To address this limitation, the Internet Engineering Task Force (IETF) introduced ver-

sion 6 of the IP protocol (IPv6) in 1998. This protocol provides for 132-bit addressing,

626

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring

which allows for a practically infinite number of possible addresses and provides several additional benefits. . Using a new TCP/IP implementation known as the Next Generation TCP/IP stack,

Vista provides a dual IP layer architecture enabling the operation of both IPv4 and IPv6 at the same time. . IPv4 address information applied to the network interface consists of an IP address (a

unique, logical 32-bit address that identifies the computer and its subnet), subnet mask (when applied to an IP address it determines what portion is the host address and what is the subnet), default gateway (the router’s address that leads to the main network or public Internet), DNS server address (IP address of the DNS server where names are resolved to IP addresses), and Windows Internet Naming Service (WINS) server address (IP address of the server that provides NetBIOS name to IP address resolution). . Each network connection in the Network and Sharing Center represents a separate

adapter and separate IP address information. . Table 11 describes the IPv4 address classes, including the maximum number of net-

works and number of hosts per network for each class. TABLE 11 IPv4 Address Classes

Class

Dotted Decimal Range

First Octet Binary Usage

Number of Number of Hosts Per Networks Network

A

1.0.0.0–126.255.255.255

0xxxxxxx

Large networks / ISPs

126

16,777,214

B

128.0.0.0–191.255.255.255

10xxxxxx

Large or mid-size networks/ ISPs

16,382

65,534

C

192.0.0.0–223.255.255.255

110xxxxx

Small networks

2,097,150 255

D

224.0.0.0–239.255.255.255

1110xxxx

Multicasting

N/A

N/A

E

240.0.0.0–254.255.255.255

1111xxxx

Reserved for future use

N/A

N/A

Loopback

127.0.0.1–127.255.255.255

01111111

Loopback testing

N/A

N/A

Private IP Class A address

10.0.0.0–10.255.255.255

00001010

Reserved for a private network

1

16,777,214

627

Fast Facts

TABLE 11 Continued Dotted Decimal Range

First Octet Binary Usage

Private IP Class B address

172.16.0.0–172.16.255.255

10101100

Private IP Class C address

192.168.0.0–192.168.255.255 11000000

Class

Number of Number of Hosts Per Networks Network

Reserved for a private network 1

65,534

Reserved for a private network

254

254

. DHCP provides dynamic IP addresses to a computer when it needs to be connected to

the network. When the computer is disconnected, the IP address becomes available for use by another computer. Use of DHCP ensures that all computers on the network receive unique IP addresses and that best usage is made of the available IP address scope. . The Automatic Private Internet Protocol Addressing (APIPA) system provides an alter-

nate configuration to DHCP for automatic IP addressing. . APIPA defines its IP addresses in the range of 169.254.0.1 to 169.254.255.254. The

subnet mask on these addresses is configured as 255.255.0.0. . IPv6 addresses consist of eight 16-bit blocks, each of which is portrayed as a 4-digit

hexadecimal number and is separated from other blocks by colons. This notation is referred to as colon-hexadecimal, for example 3ffe:ffff:21a5::ff:fe21:5a3e. . IPv6 addresses contain a prefix that represents the network portion of the address. The

number of bits used by the address prefix is represented by a number at the end of the prefix; for example, 3ffe:ffff:21a5::/64. . IPv6 uses the following three types of addresses: . Unicast—Represents a single interface within the typical scope of unicast addresses.

In other words, packets addressed to this type of address are to be delivered to a single network interface. . Multicast—Represents multiple interfaces to which packets are delivered to all net-

work interfaces identified by the address. . Anycast—Also represents multiple interfaces. Anycast packets are delivered to a sin-

gle network interface that represents the nearest (in terms of routing hops) interface identified by the address. . Table 12 provides additional details on the IPv6 classes and subclasses.

628

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring

TABLE 12 IPv6 Address Classes and Subclasses Class

Address Prefix

Additional Features

Global unicast

2000::/3

Use a global routing 001 prefix of 45 bits (beyond the initial 001 bits) which identifies a specific organization’s network, a 16-bit subnet ID (which identifies up to 54,536 subnets within an organization’s network, and a 64-bit interface ID, which indicates a specific network interface within the subnet.

First Binary Bits

Globally routable Internet addresses that are equivalent to the public IPv4 addresses.

Link Local unicast

fe80::/64

Equivalent to APIPAconfigured IPv4 addresses in the 169.254.0.0/16 network prefix.

111111101000

Used for communication between neighboring nodes on the same link.

Site Local unicast

fec0::/10

Equivalent to the private 111111101100 IPv4 address spaces mentioned previously in Table 6.1. Prefix followed by a 54-bit subnet ID field within which you can establish a hierarchical routing structure within your site.

Used for communication between nodes located in the same site.

Unique local IPv6 unicast

fc00::/7

Prefix followed by a local (L) flag, a 40-bit global ID, a 16-bit subnet ID, and a 64-bit interface ID.

Provide addresses that are private to an organization but unique across all the organization’s sites.

11111100

Usage

629

Fast Facts

TABLE 12 Continued Class

Address Prefix

Additional Features

First Binary Bits

Usage

Multicast

ff

Use the next 4 bits for flags (Transient[T], Prefix [P], and Rendezvous Point Address[R]), the following 4 bits for scope (determines where multicast traffic is forwarded), and the remaining 112 bits for a group ID.

11111111

Multiple interfaces to which packets are delivered to all network interfaces identified by the address.

Anycast

(from unicast addresses)

Assigned from the unicast address space with the same scope as the type of unicast address within which the anycast address is assigned.

(varies)

Only utilized as destination addresses assigned to routers.

. To assist in the migration from IPv4 to IPv6 and their coexistence, several additional

address types are used, as follows: . IPv4-compatible addresses—Nodes communicating between IPv4 and IPv6 networks

can use an address represented by 0:0:0:0:0:0:w.x.y.z, where w.x.y.z is the IPv4 address in dotted-decimal. . IPv4-mapped address—An IPv4-only node is represented as ::ffff:.w.x.y.z to an IPv6

node. This address type is used only for internal representation and is never specified as a source or destination address of an IPv6 packet. . 6-to-4 address—Used for communication between two nodes running both IPv4

and IPv6 across an IPv4 routing infrastructure. You can form the 6-to-4 address by combining the prefix 2002::/16 with the 32-bit public IPv4 address to form a 48bit prefix. . New to Windows Vista, the Network and Sharing Center brings all networking tasks

together in a single convenient location. . You can use the Network and Sharing Center to configure your computer with

TCP/IP version 4 or 6 either manually or dynamically. . The default method is to dynamically configure TCP/IP. This includes the default

gateway used for accessing the Internet as well as the addresses of WINS and DNS servers.

630

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring . You can configure your computer with a static IPv4 or IPv6 address, along with the

IPv4 subnet mask, default gateway, WINS and DNS servers, and any additional IP addresses that might be required for purposes such as hosting two different websites. . Although you cannot remove IPv6 from a Vista computer, you can disable IPv6 on spe-

cific network connections. . The Sharing and Discovery section of the Network and Sharing Center enables you to

perform actions related to sharing of resources on your computer with others on the network. . You can share folders with other users across the network from the Computer

Management snap-in or from the Sharing tab of a folder’s Properties dialog box. New to Vista, you can specify the names of users with whom you want to share each folder. . Windows Vista shares folders to others as Reader, which means that the users you

specify can view but not modify available files. You can modify this by clicking Advanced Sharing from the Sharing tab of the Properties dialog box and clicking Permissions. This enables you to elevate the permission to Change (enables users to view and modify files but not change the attributes of the shared folder itself) or to Full Control (enables users to view and modify files and change the attributes of the shared folder including ownership). . You can hide shares by adding a $ symbol at the end of the name. All administrative

shares are hidden. These are C$, ADMIN$, IPC$, PRINT$, and FAX$. . Windows Vista provides the C:\Users\Public folder as a location for sharing files as a

default. By default, public folder sharing is turned off. You can configure this folder so that anyone on the network can read files or so that they can read, change, and create files. You can also turn password protected sharing on and specify a password that an external user must enter to gain access to the shared folder. . You can also share other resources such as printers and media such as music, pictures,

and videos from the Sharing and Discovery section of the Network and Sharing Center. . Windows Vista lets you search for computers on the network, even when connected

remotely. Click Start, Search, and then select Advanced Search from the dialog box that appears. Expand the Network entry to display available computers and then double-click the desired computer to view its shares. You can also type partial names or similar names or use the View Computers and Devices option in the Network and Sharing Center. . The Network and Sharing Center also enables you to configure wireless networking.

Windows Vista supports the 802.11 protocols for wireless LANs and is capable of

631

Fast Facts

transparently moving between multiple wireless access points (WAPs), changing to a new IP subnet, and remaining connected to the network. . Vista provides considerably enhanced wireless network reliability, stability, and security

compared to Windows XP. . Vista provides the Set Up a Home or Small Business Network wizard that simplifies

the process of setting up various types of network connections and connecting to wireless and other networks. You can set up wireless routers or access points, manually connect to wireless networks, set up a wireless ad hoc (computer to computer) network, set up a dial-up connection, or connect to a virtual private network (VPN) office connection. . The Set Up a Home or Small Business Network wizard also lets you choose from sev-

eral file and printer sharing options that determine how resources on your computer will be available to others on the network you have set up. . You can choose among the wireless security types described in Table 13 when setting

up your wireless network. TABLE 13 Available Wireless Security Types Security Type

Description

Available Encryption Types

No authentication (open)

Open system authentication with no encryption

None

Wired Equivalent Privacy (WEP)

Open system authentication using WEP

WEP

WPA-Personal

Wi-Fi Protected Access (WPA) using a preshared passphrase or key

Temporal Key Integrity Protocol (TKIP) (default) or AES

WPA2-Personal

Version 2 of WPA using a preshared passphrase

TKIP or AES (default)

WPA-Enterprise

WPA using IEEE 802.1x authentication

TKIP (default) or AES

WPA2-Enterprise

Version 2 of WPA using IEEE 802.1x authentication

TKIP or AES (default)

802.1x

IEEE 802.1x authentication using WEP (also known as dynamic WEP)

WEP

. You can manage wireless network connections from the Manage Wireless Networks

dialog box. This dialog box enables you to add new wireless networks, view or modify the properties of a wireless network connection, modify the sequence of preferred connection to these networks, or choose the type of profile (per-user or per-computer) to be applied to a network.

632

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring . Internet Connection Sharing (ICS) can be configured on a Windows Vista computer to

share its Internet connection with other computers on its local network. . ICS runs a simplified DHCP service, DNS forwarder, Network Address Translation

(NAT), and TCP/IP traffic forwarding. It also includes an auto-dial feature that establishes the Internet connection when required from a computer on the network that does not host the Internet connection. . You can check the status of a LAN connection from the Network Connections folder.

Right-click your connection icon and choose Status to display the Local Area Connection status dialog box. This dialog box contains a troubleshooter that attempts to diagnose the source of a connection problem. . Problems such as incorrect or duplicate IP addresses, incorrect subnet masks, or inabil-

ity to connect to a DHCP server might prevent you from communicating on a wired or wireless network. . Use IP utilities, described in Table 14, to troubleshoot network connectivity on a

TCP/IP network. TABLE 14 IP Utilities Utility

Command

Usage

Packet InterNet Groper (Ping)

ping

Uses an echo command to establish whether packets can be routed at the Network layer on a network.

File Transfer Protocol (FTP)

ftp

Uploads/downloads files on a network. This command helps you determine whether Application layer functions can work on the network.

Telnet

telnet

Establishes a character-based session with a Telnet server across a network. This command helps you determine whether Session layer functions can work on a network.

Line printer daemon

lpr

Executes a print job on a network printer.

Ipconfig

ipconfig

Shows the IP configuration of network adapters installed in a computer. From the results of this command, you can determine whether you have incorrectly addressed the adapter or the default gateway or whether the adapter was unable to obtain an address from the DHCP server. Use the /all switch to show all IP configuration information. Other switches, such as /release or /renew, can assist with correcting DHCP problems.

Name Server Lookup

nslookup

Checks DNS entries.

633

Fast Facts

TABLE 14 Continued Utility

Command

Usage

Netstat

netstat

Displays Transmission Control Protocol/Internet Protocol (TCP/IP) connections and protocol statistics. To find all the applicable switches, type netstat /? at the command prompt.

Nbtstat

nbtstat

Similar to netstat, except that it resolves NetBIOS names to IP addresses. To find all applicable command switches, type nbtstat /? at a command prompt.

Trace Route

tracert

Shows all the routing hops that a packet takes to reach a destination on a network.

. You might encounter several problems that are specific to wireless networking: . If your computer randomly switches between access points, place the most-used

wireless network at the top of the list in the Manage Wireless Networks dialog box. Then access this network’s Properties dialog box and clear the check box labeled Connect to a More Preferred Network If Available. . If you are unable to connect to your wireless network, you should verify that it is

available. Ensure that the wireless network name is visible in the Manage Wireless Networks dialog box. Also ensure that the service set identifier (SSID) is correct and that the WEP configuration matches the settings specified on the access point. . Ensure that the wireless access point is available and properly configured. . Check for interference from other devices such as cordless phones or microwave

ovens. . Use Device Manager to check for conflicts between your wireless network adapter

and another network adapter on your computer. . If you are not connecting to any network and the link light on your network card is

not lit, you most likely have a hardware problem. Use Device Manager to check for disabled or non-functional devices. You might need to update the device driver or if you have recently done so, roll back the driver to a previous version. . For modem problems, check the Phone and Modem Options applet in the Hardware

and Sound category of Control Panel. From the Diagnostic tab, click Query Modem and watch for an entry to appear in the Command/Response list. If you receive an error message, check the modem’s properties in Device Manager. . Remote Access enables you to connect to remote networks by means of a dial-up or

VPN connection across the Internet.

634

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring . Point-to-Point Protocol (PPP) is a dial-up protocol that supports TCP/IP and

IPX/SPX and others with advanced compression and encryption functions. . Tunneling protocols are used for VPNs. They are Point-to-Point Tunneling Protocol

(PPTP), which supports multiple networking protocols; and Layer 2 Tunneling Protocol (L2TP), which also supports multiple networking protocols and is used with IPSec. . Table 15 describes remote access authentication protocols and their security methods.

TABLE 15 Authentication Protocols for Remote Access Acronym

Name

Security

CHAP

Challenge Handshake Authentication Protocol

One-way authentication. Server authenticates client.

EAP

Extensible Authentication Protocol

Not used to provide its own security, enables enhanced interoperability and efficiency of authentication process.

MS-CHAPv2

Microsoft Challenge Handshake Authentication Protocol version 2

Mutual (two-way) authentication.

PAP

Password Authentication Protocol

Clear-text, one-way authentication. Least secure method.

Smart cards

Certificates

Certificate-based, two-way authentication.

. The most secure protocol is certificate-based. The next most secure is MS-CHAPv2.

The least secure is PAP. . You can specify additional remote access security settings from the Local Security

Policies snap-in. From here you can specify account lockout settings that lock a user out should she attempt to guess a password. . You can also specify callback settings to restrict misuse of a Windows Vista computer

configured to accept incoming connections via dial-up. The computer disconnects and calls the incoming user back at a predefined telephone number; if the user is not at this location, he does not gain access. . You can establish a VPN client connection to a remote network from the Connect to a

Network dialog box. Type the username, password, and domain name (if used) when instructed. Vista saves this connection information for later use. . You can also configure additional properties of the VPN connection from its

Properties dialog box, including the authentication protocol in use, optional or required encryption, use of ICS to share the connection with other local computers, and networking options such as File and Printer Sharing for Microsoft Networks, QoS Packet Scheduler, and the Client for Microsoft Networks.

635

Fast Facts . Remote Assistance and Remote Desktop both use Remote Desktop Protocol (RDP). . To share a Remote Desktop session, open the System applet in Control Panel, click the

Remote tab, and select the Allow Connections from Computers Running Any Version of Remote Desktop (for connections from XP or Vista computers) or the Allow Connections Only from Computers Running Remote Desktop with Network Level Authentication (for connections from Vista computers only). Then click the Select Users button to select the users allowed to connect. . Remote Desktop privileges are automatically granted to any member of the

Administrators group. . Remote Assistance allows a user running a Windows Vista computer on a network to

request assistance online or for an expert to offer assistance remotely. The expert’s session is a shadow of the user’s console. . You must configure Windows Firewall to allow Remote Desktop or Remote Assistance

sessions to pass. Access the Security Center, select Windows Firewall, and then select Allow a Program Through Windows Firewall and click Continue on the UAC prompt that appears. On the Exceptions tab of the Windows Firewall Settings dialog box, select the Remote Assistance and Remote Desktop check boxes. . To request Remote Assistance, you use Help and Support in the Start menu. . Remote Assistance requests can be made through email or file.

Configuring Applications Included with Windows Vista . Windows Vista Home Premium and Windows Vista Ultimate contain a rich set of

media-based applications that enable you to work with and enjoy your music, photos, videos, and TV programs on your computer. These include Windows Media Center, Windows Media Player, Windows Photo Gallery, and Windows Movie Maker. . Windows Media Center is a one-stop, complete multimedia application that lets you

watch and record TV, listen to digital music, play games, listen to FM and Internet radio stations, or access content from online media services. . Express Setup in Windows Media Center simplifies the process of setting up Windows

Media Center to work with the media devices installed on or available to your computer. . Windows Media Center displays all available media content that you have saved to

your computer.

636

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring . You can use a network projector with Windows Media Center for giving business pre-

sentations or slide shows from your computer. If you are using a wireless network, security protocols configured on the network encrypt the communication. The Connect to a Network Projector Wizard facilitates the process of locating and accessing a network projector. . Windows Media Player version 11 offers a high level of choice and flexibility for man-

aging digital media, including music, photos, and videos. . Windows Media Player 11 provides a series of enhancements over previous versions,

including improved access to features, improved navigation, use of album art to facilitate locating specific media, revamped playback controls, simplified media libraries that you can organize by several categories, the display of available playlists, the ability to connect to an online music store, ripping and burning options, synchronizing with other computers and external music players, improved video experience, and improved view options. . The Custom Setup feature in Windows Media Player enables you to customize settings

such as privacy options, content providers, file types played by Windows Media Player, and online music stores. You can also choose to make Windows Media Player 11 to be the default music and video player. . The Options dialog box provides the following options for configuring Windows

Media Player: . Library tab—Enables you to configure settings for organizing and sharing your

digital media. . Plug-Ins tab—Enables you to search for plug-ins and visualizations on the Internet

according to preconfigured category lists. . Privacy tab—Enables you to configure several privacy options, including informa-

tion and usage rights options downloaded from the Internet, refreshing of protected media files, syncing time and date on portable devices, extended content provider services, joining the Windows Media Player Customer Experience Improvement Program, and keeping a history of recently played media files. . Security tab—Enables you to configure several enhanced security options that gov-

ern the playback of media by Windows Media Player. You can choose whether to run script commands when present in digital media or on a web page, playing enhanced media content, showing local captions when present, and configuring Internet Explorer security zones. . DVD tab—Enables you to prevent users from playing DVDs according to ratings

established by the Motion Picture Association of America (MPAA).

637

Fast Facts . Network tab—Enables you to specify how Windows Media Player accesses the

Internet to obtain and play streamed digital media content. . Player tab—Enables you to configure player settings, such as how often Windows

Media Player checks for updates, check for updates automatically, keep the player on top of other windows, prevent the screen saver from appearing, stop playback when switching to another user, and utilize the mini-Player. . Rip Music tab—Governs when and how Windows Media Player copies (rips) music

files from an audio CD inserted in the computer’s CD-ROM drive. . Devices tab—Enables you to specify the properties for CD and DVD drives, dis-

plays, speakers, and portable audio devices connected to your computer. . Burn tab—Enables you to configure settings for recording (burning) audio and data

files to CDs and DVDs. . Performance tab—Provides additional options that affect the performance of

Windows Media Player. . Additional menu bar options are available that govern ripping (copying of audio CDs),

burning of audio CDs, data CDs, or DVDs, and syncing of media files to portable devices such as mp3 players. . Group Policy offers several settings that govern Windows Media Player in the fields of

networking, playback, the user interface, and retrieval of media from the Internet. . Windows Photo Gallery enables you to import photos and videos from cameras, scan-

ners, removable media, other computers on the network, or the Internet. You can view the images, add or edit metadata, assign ratings, catalog the images to facilitate searching for them later, and burn them to CD or DVD. . The File menu in Windows Photo Gallery provides the commands for managing

images as described in Table 16. TABLE 16 Windows Photo Gallery File Commands Command

Purpose

Add Folder to Gallery

Enables you to select a folder containing pictures and videos to be included in the gallery. Browse to the desired location and then click OK.

Import from Camera or Scanner

Enables you to select a device containing photos to be imported from a dialog box listing all available devices such as cameras, scanners, or memory card readers. Windows Photo Gallery uses the new Media Transfer Protocol (MTP) for importing images. MTP offers enhanced capabilities including support for additional devices such as portable media players and cellular phones, faster transfer of files, support for wireless connectivity to supported devices, and improved support for audio and video formats. (continues)

638

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring

TABLE 16 Continued Command

Purpose

Delete, Rename, Copy, and Select All

Function exactly as the corresponding commands in any window’s File menu.

Screen Saver Settings

Brings up the Screen Saver tab of the Display Properties dialog box. You can select images from your gallery to be used in a custom screen saver.

Share with Devices

Brings up the Media Sharing dialog box, which enables you to share music, pictures, and videos on the network. This dialog box is similar to the Media Sharing dialog box included with Windows Media Player.

Properties

Displays a Properties dialog box for the selected image. By default, the Details tab appears, which provides detailed information including metadata recorded by the camera when the photo was taken.

Options

Brings up the Windows Photo Gallery Options dialog box, which enables tooltips, copies of originals after you perform fixes, and checks for updates to Windows Photo Gallery. The Import tab of this dialog box provides options that govern the importing of images from cameras, scanners, CDs, and DVDs.

Exit

Exits Windows Photo Gallery.

. You can perform a series of quick fixes on an image in Windows Photo Gallery.

Available fixes include manual or automatic adjustment of exposure and color, cropping, and fixing red eye. . Windows Photo Gallery also has options for searching for and previewing images,

playing slide shows, displaying an image as your desktop wallpaper, creating image tags and ratings, and viewing by folder or by date taken. . Windows Movie Maker and its companion application, Windows DVD Maker, enable

you to create, import, manage, and edit digital videos in regular or high-definition format. . Windows Movie Maker and Windows DVD Maker offer support for high-definition

video, simplified importing of videos, integration with Windows Photo Gallery, DVD authoring and burning capabilities, and high-quality graphics capabilities. . Windows Mail is the successor to Outlook Express and offers the following enhance-

ments: . Improved reliability—Windows Mail utilizes new technology to improve the han-

dling of large email messages and data files containing thousands of messages. . Instant search—As with other bundled applications, you can rapidly search across

thousands of email messages, even those that are years old. . Spam filter—Windows Mail screens and analyzes incoming messages to spot and

remove junk email.

639

Fast Facts . Phishing filter—Windows Mail checks for messages containing fraudulent links to

phishing websites. . Improved newsgroup capabilities—You can more easily manage and contribute to

newsgroups and discussion groups. . Windows Mail provides a wizard that simplifies the input of your email account infor-

mation. . The Internet Accounts dialog box enables you to manage your email and newsgroup

accounts. . The Import command in Windows Mail enables you to import contacts, messages, and

mail and news account settings. You can also export contacts and messages to other mail programs. . The Options dialog box in Windows Mail enables you to specify configuration options

for a large range of properties including the sending and receiving of messages, reading of email and news messages, requesting of read receipt for messages you send, viewing of messages in HTML format, the font and stationery used with messages you are composing, the use of signatures and business cards, spell checking, connection to the Internet, and additional advanced options. . Microsoft has upgraded the security of email handled by Windows Mail to handle

many new concerns including junk mail (spam), phishing, virus protection, blocking of file extensions that might contain viruses or other malware, downloading of images, and the use of digital certificates for signing or encryption of your email messages. . Windows Meeting Space is a new collaboration tool that enables face-to-face interac-

tion among small groups of users in any location using a wired or wireless network. . Windows Meeting Space offers features such as support for wireless networking,

shared control of presentations, compatibility with non-Microsoft applications, the ability to check for others on the network and invite them to a meeting, searching for meeting sessions, and the sharing and editing of files among meeting attendees. . The People Near Me feature identifies nearby people and enables them to send meet-

ing invitations. . Windows Meeting Space enables you to share handouts, applications running on your

computer, or your entire desktop with others in your meeting. Attendees can view and edit handouts, and you can perform actions such as demonstrations that others can view. . Windows Calendar is a full-fledged calendar application that enables you to keep track

of meetings and appointments. It enables you to create tasks and appointments, create alerts to remind you of scheduled items, create task lists, and share calendars with coworkers or family members.

640

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring . You can view meetings, appointments, and tasks on a day, week, or month basis, as well

as navigate to other months or days. You can even navigate to other years or decades if needed. . You can create multiple calendars and share them with others in your workgroup or

family so that everyone knows what others have scheduled. You can display information from multiple calendars together on a color-coded basis. . Windows Calendar enables you to create appointments, all-day events, and tasks. You

can include information such as details, locations, the calendar to be used, URLs, allday appointments, recurring appointments, and task priorities. You can also create reminders that alert you to upcoming appointments. . You can share and publish your calendars so that others are aware of your activities.

You can configure web-based sharing or send calendars by email. Others can subscribe to your calendars, and you can subscribe to theirs. . Windows Fax and Scan simplifies the tasks of sending and receiving faxes, scanning

images and documents, and sharing these items with others. This program provides the following features: . Single-click faxing and scanning—It is as easy to fax or scan documents as it is to use

email. . Simplified routing of faxes and scanned documents—Enables you to create routing lists

of server shares and email addresses for receiving copies of faxed and scanned documents. . Drag-and-drop functionality—Simplifies the task of filing and sorting your faxes and

scanned documents. . Live preview capability—Enables you to see how documents will look prior to scan-

ning so that you can modify settings as required. . Windows Fax and Scan uses fax accounts for tracking fax use by everyone using the

program. . You can send faxes containing only a cover page, multipage faxes, or faxes with

attached documents. . You can also send a fax document directly from many applications such as Microsoft

Word by means of a fax printer driver that renders your document as a fax. . Windows Fax and Scan enables you to scan documents and images from scanners

attached to your computer or located on the network. You can also scan and fax a document in a single step.

641

Fast Facts . Windows Sidebar is a pane that appears by default on the right side of your display and

includes a variety of items known as gadgets. By default, Windows Sidebar displays an analog clock, a slide show, and a series of newsfeed headlines from the Internet. . You can add gadgets from a set included with Vista by default, or you can download

additional gadgets from the Internet for adding to the Sidebar. . Some gadgets such as the slide show feature additional customization options.

Monitoring and Optimizing System Performance and Reliability . Monitoring applications include the Reliability and Performance Monitor, Task

Manager, and Scheduled Tasks. . The Reliability and Performance Monitor includes a Resource Overview that provides

a summary of CPU, disk, network, and memory performance statistics including minigraphs of recent performance of these four components. . Performance Monitor provides a real-time graph of computer performance: . Object—A specific hardware or software component capable of being monitored. . Counter—One of a series of statistical measurements associated with each object. . Instance—A single item of multiple occurrences of a given object. For example, a

dual-processor computer has two instances of the processor: instance 0 and instance 1. . Reliability Monitor is a new component in Windows Vista that produces a trend analy-

sis of your computer’s system stability with time. It provides the System Stability Chart, which correlates the trend of your computer’s stability against events that might destabilize the computer. . The Data Collector Sets feature enables you to log computer performance over time

while the computer is executing other tasks. . Data collector sets are binary files that store performance statistics, which you can later

analyze in the Performance Monitor snap-in. Vista provides a wizard that assists you in setting up a new data collector set and using it to collect performance data. You can also use a set of counters you have already configured in Performance Monitor.

642

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring . The Data Collector Sets feature also enables you to display an alert when a selected

counter exceeds or drops beneath a specified value. . Table 17 describes important Memory object counters and how to resolve related

problems. TABLE 17 Important Counters for the Memory Object Counter

What It Measures

Interpretation and Remedial Tips

Pages/sec

The rate at which data is read to or written from the paging file

A value of 20 or more indicates a shortage of RAM and a possible memory bottleneck. To view the effect of paging file performance on the system, watch this counter together with LogicalDisk\% Disk Time. Add RAM to clear the problem.

Available Bytes

The amount of physical memory available

A value consistently below 4MB indicates a shortage of available memory. This might be due to memory leaks in one or more applications. Check your programs for memory leaks. You might need to add more RAM.

Committed Bytes

The amount of virtual memory that has been committed to either physical RAM or running processes

Committed memory is in use and not available to other processes. If the amount of committed bytes exceeds the amount of RAM on the computer, you might need to add RAM.

Pool Nonpaged Bytes

The amount of RAM in the nonpaged pool system memory (an area holding objects that cannot be written to disk)

If this value exhibits a steady increase without a corresponding increase in computer activity, check for an application with a memory leak.

Page Faults/sec

The number of data pages that must be read from or written to the page file per second

A high value indicates a lot of paging activity. Add RAM to alleviate this problem.

. The Paging File\% Usage counter is of use when troubleshooting memory problems. . By default, the paging file is located at %systemdrive%\pagefile.sys and has a

default size of the amount of RAM in the computer plus 300MB and a default maximum size of three times the amount of RAM in the computer.

643

Fast Facts . You might want to configure equal values for the initial and final paging file sizes. It is

more efficient to increase the initial size of the paging file rather than to increase the final size. Increasing the final size of the paging file can force the operating system to allocate more space as applications start, thereby causing disk fragmentation. In most cases, configuring the option for Windows to select the best paging file size will work fine. . Table 18 describes important Processor object counters and how to resolve related

problems. TABLE 18 Important Counters for the Processor Object Counter

What It Measures

Interpretation and Remedial Tips

% Processor Time

The percentage of time the processor is executing meaningful actions (excludes the Idle process)

If this value is consistently greater than 85%, the processor could be causing a bottleneck. You should check the memory counters discussed previously; if these are high, consider adding more RAM. Otherwise, you should consider adding a faster processor (or an additional one if supported by your motherboard).

Interrupts/sec

The rate of service requests from I/O devices that interrupt other processor activities

A significant increase in the number of interrupts without a corresponding increase in system activity might indicate some type of hardware failure. Brief spikes are acceptable.

. Table 19 describes important PhysicalDisk object counters and how to resolve related

problems. TABLE 19 Important Counters for the PhysicalDisk Object Counter

What It Measures

Interpretation and Remedial Tips

% Disk Time

The percentage of time that the disk was busy reading or writing to any partition

A value of more than 50% suggests a disk bottleneck. Consider upgrading to a faster disk or controller. Also check the memory counters to see whether more RAM is needed.

Average Disk Queue Length

The average number of disk read and write requests waiting to be performed

If this value is greater than 2, follow the same suggestions as for % Disk Time.

Average Disk Sec/Transfer

The length of time a disk takes to fulfill requests

A value greater than 0.3 might indicate that the disk controller is retrying the disk continually because of write failures.

644

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring . Table 20 describes important LogicalDisk object counters and how to resolve related

problems. TABLE 20 Important Counters for the LogicalDisk Object Counter

What It Measures

Interpretation and Remedial Tips

% Disk Time

The percentage of time that the disk is busy servicing disk requests

A value greater than 90% might indicate a performance problem except when using a RAID device. Compare to Processor\% Processor Time to determine whether disk requests are using too much processor time.

Average Disk Bytes/Transfer The amount of data transferred in each I/O operation

Low values (below about 20KB) indicate that an application might be accessing a disk inefficiently. Watch this counter as you close applications to locate an offending application.

Current Disk Queue Length The amount of data waiting to be transferred to the disk

A value greater than 2 indicates a possible disk bottleneck, with processes being delayed because of slow disk speed. Consider adding another faster disk.

Disk Transfers/sec

The rate at which read or write operations are performed by the disk

A value greater than 50 might indicate a disk bottleneck. Consider adding another faster disk.

% Free Space

Percentage of unused disk space

A value less than about 15% indicates that insufficient disk space is available. Consider moving files, repartitioning the disk, or adding another disk.

. You should log disk activity to a different disk or computer. The act of recording per-

formance logs places an extra “hit” on performance for the disk on which logs are recorded. . Vista provides the following command-line tools to assist you in monitoring perform-

ance: . Logman—Manages data collector logs. You can start, stop, and schedule the collec-

tion of performance and trace data. . Relog—Creates new performance logs from data in existing logs by modifying the

sampling rate and/or converting the file format. . Typeperf—Displays performance data to the command prompt window or to a log

file.

645

Fast Facts . Vista provides the following three technologies for enhancing system performance: . Windows SuperFetch—Optimizes memory performance based on trends of most-

used programs and data on the computer, enabling Vista to decide on which content should be loaded into RAM at a particular time. . Windows ReadyBoost—Enables you to use a USB flash drive or memory card as an

additional source of memory to enhance your computer’s performance without adding additional RAM. . Windows ReadyDrive—Enables mobile computers equipped with a hybrid hard disk

to achieve enhanced performance and improved battery life. . The System Configuration Utility enables you to disable common services and startup

programs to selectively troubleshoot which items are preventing a normal startup. . Task Manager provides data about currently running processes, including their CPU

and memory usage and enables you to modify their priority or shut down misbehaving applications. . You can modify an application’s behavior by adjusting its priority in Task Manager or

by starting the application at a different priority. . Priorities for applications are Realtime (the highest priority, only to be used cautious-

ly), High, AboveNormal, Normal (the default priority), BelowNormal, and Low. . You can modify the application’s priority in Task Manager or by using the start /option command.

. You might be able to improve computer performance by changing the relative priority

of foreground and background applications. The following options are available: . Programs—Assigns more processor resources to programs currently running in the

foreground (active programs) . Background services—Assigns equal amounts of resources to all programs, including

those such as disk backup or defragmentation that are running in the background . You can set processor affinity from Task Manager. Simply right-click the process from

the Processes tab and choose Set Affinity. Then select the appropriate processor. . Event Viewer enables you to see errors and system messages. This program records

events in the following five logs: . Application—Logs events related to applications running on the computer, includ-

ing alerts generated by data collector sets. . Security—Logs events related to security-related actions performed on the computer. . Setup—Logs events related to setup of applications.

646

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring . System—Contains events related to actions taking place on the computer in gener-

al, including hardware-related events. . Forwarded events—Contains events logged from remote computers. . Most logs in Event Viewer record three types of events—errors, warnings, and infor-

mational events. . You can customize Event Viewer to show only the types or categories of logs you need

to view. You can also associate tasks with events logged by Event Viewer. . Windows Update enables you to maintain your computer in an up-to-date condition

by automatically downloading and installing critical updates as Microsoft publishes them. . You can use Windows Update to check manually for updates or configure one of sever-

al options to download and install updates automatically. . You can use a server running Windows Server Update Services (WSUS) to download

updates on a corporate network, test them for compatibility, and distribute approved updates to computers on the network. . Group Policy provides a series of policy settings that govern the actions performed by

Windows Update, including the manner in which computers check for updates, the use of a WSUS server, restart options, and so on. . Vista includes the Backup and Restore Center and the Backup Status and Configuration

utility to facilitate backup and restoration of data. . The Backup and Restore Center enables you to back files and folders up to hard disks,

CDs, DVDs, or network shared folders. . The Windows Complete PC Backup and Restore procedure enables you to fully

restore your computer in the event of a hardware failure. This procedure replaces the System State backup used in Windows 2000/XP and backs up your data at the same time. . You can use the Backup and Restore Center to restore selected files and folders or to

restore all files and settings from a Windows Complete PC Backup and Restore image. You can also use System Restore to restore system files and settings to an earlier point in time. . The Backup Status and Configuration Utility provides the following additional backup

options: . Back Up Now—Performs an incremental backup of a selected set of files and fold-

ers. This procedure backs up only those files and folders that have changed since the previous backup.

647

Fast Facts . Change Backup Settings—Enables you to modify the settings for backing up files

and folders. . Restore Files—Enables you to perform an advanced restore of backup files from

another computer or files for all users of the local computer. . Complete PC Backup—Creates a Windows Complete PC Backup and Restore

image. . Encrypting File System (EFS) enables users to encrypt files and folders on any parti-

tion that is formatted with the NTFS file system. . The exam might touch on two points about Encrypting File Service (EFS): The file

system must be set to NTFS if you want to use EFS, and no file can be both encrypted and compressed at the same time. . NTFS is required for EFS. . A user must have a file encryption certificate before another user can grant him the

right to open a shared encrypted file. . Data recovery agents are users with file encryption certificates who have been designat-

ed the right to decrypt users’ encrypted files in case the user’s file encryption certificate is damaged or lost. . Public keys are stored in the My Certificates folder of a user’s profile in plain text. . Private keys are encrypted in the RSA folder in a user’s profile. . Cipher.exe is the command used to manage EFS encrypted files. Cipher /e encrypts,

and cipher /d decrypts. . BitLocker is a new feature in Vista Enterprise and Ultimate that encrypts the entire

Windows volume, thereby preventing unauthorized users from circumventing file and system permissions in Windows or attempting to access information on the protected partition from another computer or operating system. . BitLocker utilizes the Trusted Platform Module (TPM) version 1.2 to provide secure

protection of encryption keys and checking of key components when Windows is booting. . BitLocker enables you to store encryption keys and restoration password on a USB

flash drive or a separate file for additional data security and recovery capability. . You can use a computer that does not have a TPM module if you have a USB flash

drive to store the encryption keys and password. You must enable a Group Policy setting to do so.

648

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring

Configuring and Troubleshooting Mobile Computing . The Mobile PC Control Panel provides a centralized location for performing many of

the configuration activities associated with portable computing. . The Windows Mobility Center includes a series of applets that enable you to configure

several features specific to portable computers. Included are display brightness, speaker volume, battery status, wireless network status, external displays, Sync Center, presentation settings, and Tablet PC screen orientation. . When establishing a VPN connection to a server, encryption levels on the mobile

computer and server must match, or an error will result. . Offline Files enables you to cache copies of files from the network to your computer so

that you can work with them when disconnected from the network. . Vista provides the Sync Center, which enables you to manage the synchronization of

offline files on your computer. You can synchronize with multiple devices, perform manual or scheduled synchronization, and resolve synchronization conflicts. . If synchronization conflicts occur as a result of different users modifying the same file,

Sync Center enables you to save either or both versions of the file so you can compare the changes later. . You can use an Infrared Data Association (IrDA) port on your portable computer to

create an ad hoc peer-to-peer network connection to another IrDA-equipped computer. . The Presentation Settings feature on mobile computers enables you to configure your

computer for giving a presentation. It performs such actions as disabling Sleep mode, the screen saver, and system notifications; adjusting the speaker volume; and providing an alternate desktop wallpaper. You can also connect to a networked projector while giving a presentation. . You can use an external monitor with a VGA-equipped mobile computer in any of the

following ways: . Mirror or duplicate your desktop to the external monitor . Extend your desktop to the external monitor and optionally designate the external

monitor as the primary display . Use the external monitor as the sole display, blanking out the mobile computer

display and conserving mobile computer power . Windows SideShow is a new application in Windows Vista that enables you to view

items such as incoming email, actions scheduled in Windows Calendar, invitations to

649

Fast Facts

meetings run on Windows Meeting Space, and so on, using an auxiliary display found on the lid of many mobile computers or an external device such as a wireless LCD display or a mobile phone. . Windows SideShow uses gadgets similar to those utilized by the Sidebar. . You can lock the Windows SideShow device to prevent viewing of information by

unauthorized parties. . A Tablet PC is essentially a small notebook computer equipped with a pressure-sensitive

touch screen and a digital pen that can be used to tap window controls or handwrite information on the screen. Vista provides a series of applications that facilitate the use of Tablet PC computers. . The Tablet PC Settings dialog box enables you to perform actions such as setting

handedness, calibrating the digital pen, and selecting the display orientation. . The Tablet PC Input Panel enables you to use the digital pen rather than the keyboard

to enter handwritten text. . The Tablet PC Input Panel includes a writing pad where you can write text, a charac-

ter pad where you can write individual characters, and a digital keyboard where you can use the pen to type text on-screen. . You can use pen flicks to navigate a document or perform editorial actions. Vista pro-

vides a series of default actions as well as additional actions that you can customize. . You can train the Tablet PC handwriting recognizer to translate your handwritten

words accurately into typed text. Training enables the recognizer to understand your personal writing style and reduce confusion among similar characters. . The snipping tool enables you to capture an object from any application active on your

screen. You can add a handwritten comment if desired and save it as an image file or paste it into a document such as a Microsoft Word file. . Some Tablet PC models possess touch screen capabilities, in which the screen responds

to finger touches. The touch pointer is a mouse-like icon that floats on the screen below your finger when in use and enables you to perform click-and-drag actions. . Sleep mode in Vista automatically saves your work and configuration information in

RAM and turns off the computer’s monitor, hard disk, and other system components. You can enter Sleep mode and resume Normal mode rapidly. . Remember the difference between Sleep mode and hibernation. If power is lost, data

can be lost in Sleep mode because this mode does not save the desktop state to disk, only to RAM. However, the computer is able to resume activity more rapidly from sleep than from hibernation.

650

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring . The preconfigured power plans are . High Performance—Optimizes the computer for performance at the expense of bat-

tery life . Power Saver—Optimizes battery life by slowing the processor down and turning off

other components after short periods of inactivity . Balanced—Attempts to strike a balance between these extremes by maintaining

processor speed and turning off components after slightly longer periods of inactivity . You can also specify whether to require a password when waking from sleep mode, and

choose the action that takes place when you press the power and sleep buttons or close the notebook lid. . The Advanced Power Settings dialog box enables you to define a large range of options

that govern the behavior of the computer when set for any of the three default power plans or a custom power plan. You can define these settings separately for when the computer is plugged in or running on battery power. . You can also create a custom power plan and define all these settings according to your

individual needs. . The battery meter enables you to keep track of remaining battery life. It warns you

when battery power is dropping below warning and critical threshold levels. . You can also use Group Policy to configure many power management settings.

Practice Exam This practice exam consists of 50 questions that are representative of the topics you should expect to see on Exam 70-620, “TS: Microsoft Windows Vista, Configuring.” You will find that the majority of questions here are all multiple choice, with relatively few questions in nearsimulation format because of the limitations of paper testing. Still, this exam should help you determine how prepared you are for the real exam and provide a good base for what you need to review. As you take this exam, treat it as you would the real exam: Time yourself (about 90 minutes) and answer each question carefully, marking the ones you want to go back and double-check. You will find the answers and their explanations after the exam, in “Answers to Practice Exam.” After you have taken this exam, remember to load the CD-ROM and check out our exclusive MeasureUp test engine, which is one of the best on the market. (See “What’s on the CD-ROM” for more information.)

652

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring 1. You are the desktop security administrator for a company that operates several offices in different cities in Texas. You want to remotely manage Windows Vista client computers in the various offices from your home office in Austin by using a tool that utilizes Remote Procedure Call (RPC). How should you configure Windows Firewall on the client computers that you need to manage?

❍ A. On the Exceptions tab of the Windows Firewall Settings dialog box, enable the Remote Administration option.

❍ B. On the Exceptions tab of the Windows Firewall Settings dialog box, enable the Remote Assistance option.

❍ C. On the Exceptions tab of the Windows Firewall Settings dialog box, enable the Remote Desktop option.

❍ D. On the Exceptions tab of the Windows Firewall Settings dialog box, select Add Port, and then add TCP port 135 for Remote Procedure Call.

❍

E. On the Exceptions tab of the Windows Firewall Settings dialog box, select Add Program and then add Remote Procedure Call to the Exceptions list and select this option.

2. You are a tech support representative for Que Publishing. In recent months, many users in your company have received new Windows Vista computers. A manager named Karen needs to access a website operated by a subsidiary company named Exam Prep. She reports that she receives the message, Your security settings prohibit the display of unsigned ActiveX controls, when she attempts to connect. Que Publishing has a policy requiring that users can download unsigned ActiveX controls from approved Internet websites only. You verify that Karen’s Internet Explorer settings are configured as the defaults. What should you do to enable Karen to access the website operated by Exam Prep? (Each answer represents part of the solution. Choose two.)

❏

A. Add the Exam Prep website to the Local Intranet zone.

❏

B. Add the Exam Prep website to the Trusted Sites zone.

❏

C. In the Security Settings—Internet Zone dialog box, enable the Download Unsigned ActiveX Controls option.

❏ D. In the Local Intranet dialog box, clear the Include All Sites that Bypass the Proxy Server check box.

❏

E. In the Local Intranet dialog box, clear the Require Server Verification (https:) for all Sites in this Zone check box.

❏

F. In the Trusted Sites settings, clear the Require Server Verification (https:) for all Sites in this Zone check box.

❏ G. In the Security Settings—Internet Zone dialog box, enable the Initialize and Script ActiveX Controls Not Marked as Safe for Scripting option.

653

Practice Exam 3. You are the desktop administrator at the headquarters (HQ) for Billboreds, LLC. You have been called to assist Suzanne, a help desk administrator, whose Windows Vista Business laptop is connected to the corporate network via an 802.11(g) wireless adapter. Company policy prevents users from running Windows Firewall on corporate network–connected computers because an Internet firewall is already in existence, and headquarters has a T-3 line to the Internet because a large number of bandwidth-intensive data transactions occur across an extranet VPN link with vendors and clients alike. Suzanne has developed a new application and wishes to demonstrate it. The application runs on Suzanne’s home computer, which uses Windows XP Professional SP2 and is connected to the Internet with a dedicated cable modem link and static IP address. Suzanne complains that when she is at work, she is unable to connect to her home computer to run a Remote Desktop Connection, which she needs to do to demonstrate the application. You have verified that Suzanne has enabled Windows Firewall on her home computer. What actions can you and Suzanne perform to enable the Remote Desktop Connection? (Choose all that apply.)

❏

A. On Suzanne’s home computer, open the Windows Firewall Properties sheet from within Control Panel. Under the Exceptions tab, select the Remote Desktop check box.

❏

B. On Suzanne’s laptop, open the Windows Firewall Properties dialog box from within Control Panel. Under the Exceptions tab, select the Remote Desktop check box.

❏

C. On the corporate router and firewall, verify that Remote Desktop protocol traffic for port TCP 3389 is enabled for both incoming and outgoing ports.

❏ D. On Suzanne’s laptop, open the wireless network connection Properties dialog box, click the Sharing tab, and then select the check box labeled Allow Other Network Users to Connect Through this Computer’s Internet Connection.

❏

E. On Suzanne’s home computer, open the dedicated link to the Internet connection Properties sheet, click the Advanced tab, and enable Internet Connection Sharing.

❏

F. On Suzanne’s laptop, open the System Properties dialog box, click the Remote tab, and then click the Advanced button. On the dialog box that appears, ensure that the Create Invitations that Can Only be Used from Computers Running Windows Vista or Later check box is cleared.

❏ G. On Suzanne’s home computer, open the System Properties dialog box, click the Remote tab, and select the Allow Users to Connect Remotely to This Computer check box. Click the Select Remote Users button and add Suzanne’s user account.

654

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring 4. Your friend Mary has a wireless network in her house. She has two computers—one for personal use and a laptop for work—both configured with a wireless network interface. Mary’s home computer is connected via an Ethernet 100 network adapter to a broadband modem. The other adapter is connected to the wireless access point. Mary has had a barrage of traffic hit her home computer and is concerned about the lack of protection for her work laptop. The work laptop also contains two adapters: A wireless one connects to the home network, and the other is used when Mary logs in at the office. What should you tell Mary to help her protect her computer?

❍ A. Raise the Privacy setting to Block All Cookies. ❍ B. Enable the Windows Firewall on Mary’s laptop for the wireless adapter. ❍ C. Enable the Windows Firewall on Mary’s home computer for the wireless adapter. ❍ D. Enable the Windows Firewall on Mary’s home computer for the interface leading to the broadband modem. 5. You are installing Windows Vista Home Basic on a computer equipped with a 2.0 GHz processor, 512MB RAM, a 60GB hard disk, and a video card with 128MB video memory. On the final boot the computer hangs, but you are able to reboot the computer in Safe Mode. So you access the log files. Which of the following should you check first when locating the cause of the problem?

❍ A. Setupact.log ❍ B. Setupapi.log ❍ C. Setuperr.log ❍ D. WindowsUpdate.log ❍

E. Scesetup.log

6. You have purchased a Tablet PC computer running Windows Vista Home Premium. You use this computer extensively for writing and editing long documents and have difficulty performing common editorial actions such as copy, paste, and delete. What should you do?

❍ A. From the Flicks tab of the Pen and Input Devices dialog box, select Navigational Flicks and Editing Flicks.

❍ B. From the Pen Options tab of the Pen and Input Devices dialog box, select the appropriate pen actions.

❍ C. From the Gestures tab of the Options dialog box in the Tablet PC Input Panel Tools menu, select the appropriate gesture.

❍ D. From the Handwriting Personalization dialog box, enable the Automatic Learning feature.

655

Practice Exam 7. Jennifer is the secretary of a small dental office, which operates a workgroup consisting of five computers running Windows Vista Home Basic. She has part-time responsibility for ensuring that these computers function properly and are used in a responsible fashion. One day, Jennifer returns from lunch early and observes that a new dental assistant named Ryan is accessing several websites that feature undesirable content. She wants to configure the computers to prevent this from happening in the future, while allowing access to websites needed for business purposes. Other users must be allowed to visit websites of various content levels. What should she do?

❍ A. Access the Parental Controls feature and select Ryan’s user account. Under Web Restrictions, select the High Web restriction level.

❍ B. Access the Parental Controls feature and select Ryan’s user account. Under Web Restrictions, select the Edit the Allow and Block List option and then add the URLs of the undesirable websites to the Blocked Web Sites list.

❍ C. Access the Security tab of the Internet Properties dialog box. Then add the URLs of the undesirable websites to the Restricted Web Sites list.

❍ D. Access the Privacy tab of the Internet Properties dialog box and click Sites. Then add the URLs of the undesirable websites to the list in the dialog box that appears and select Block. 8. You have purchased a new computer running Windows Vista Home Basic and have transferred your program settings and data files from your old computer, which ran Windows XP Home Edition. After subscribing to a fee-based website, you begin to receive a large number of unwanted email messages from several countries in Europe and Asia. What should you do to block all messages from these countries from your inbox without losing desired mail?

❍ A. Access the International tab of the Junk Email Options dialog box and click the Blocked Encoding List command button. Then select the countries from which you have received unwanted email.

❍ B. Access the International tab of the Junk Email Options dialog box and click the Blocked Top-Level Domain List command button. Then select the countries from which you have received unwanted email.

❍ C. Access the Blocked Senders tab of the Junk Email Options dialog box and add the Internet domain addresses of the senders from which you have received unwanted email.

❍ D. Access the Options tab of the Junk Email Options dialog box and select the High filtering option.

❍

E. From the Message menu in Windows Mail, select Junk Email, and then select Add Sender’s Domain to Blocked Senders List.

656

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring 9. You are a help desk analyst for a company that operates an Active Directory domain. All servers run either Windows Server 2003 or 2008, and all desktop computers run either Windows XP Professional or Windows Vista Business. Recently, a user named Kathy attempted to install beta hardware drivers on her Windows Vista Business computer after having configured it with customized post-installation settings. After rebooting her computer and logging back on, problems occurred and her computer locked up. After another reboot, the computer would not even boot up properly. What should you do to get Kathy’s computer to boot successfully without losing her postinstallation settings?

❍ A. Boot her computer from the Vista DVD-ROM and run the Startup Repair tool. ❍ B. Press F8 and select the Last Known Good Configuration option. ❍ C. Press F8 and select Safe Mode. Then open Device Manager and roll back the problematic drivers.

❍ D. Boot her computer from the Vista DVD-ROM and select the Recovery Console option. ❍

E. Reinstall Windows Vista Business.

10. George is using a computer that is equipped with a 100GB hard disk containing three partitions. The first partition holds an installation of Windows XP Professional, the second partition holds data files, and the third partition is currently empty. George would like to install Windows Vista on his computer but still have access to Windows XP. What should he do?

❍ A. Boot the computer with the Vista DVD. Select the option to perform a clean installation, select the first partition, format this partition with the NTFS file system, and install Vista on this partition.

❍ B. Boot the computer with the Vista DVD. Select the option to upgrade Windows and install Vista on the first partition.

❍ C. Boot the computer with the Vista DVD. Select the option to perform a clean installation, select the third partition, format this partition with the NTFS file system, and install Vista on this partition.

❍ D. Boot the computer with the Vista DVD. Select the option to perform a clean installation, format both the first and third partitions, install Vista on the first partition, and then install XP on the third partition.

657

Practice Exam 11. You have upgraded your Windows XP Home Edition computer to Windows Vista Home Premium. Several months later, the news media are reporting that an especially virulent spyware program is making the rounds of the Internet and infecting millions of computers worldwide. At this time, you realize your computer is not downloading updated definition files for Windows Defender. Which of the following should you do to ensure that your computer is kept up-to-date with Windows Defender definition files?

❍ A. In Windows Update, select Change Settings and then select Download Updates But Let Me Choose Whether to Install Them and Include Recommended Updates When Downloading, Installing, or Notifying Me About Updates.

❍ B. In Windows Update, select Change Settings and then select Install Updates Automatically (Recommended) and Include Recommended Updates When Downloading, Installing, or Notifying Me About Updates.

❍ C. On the home page of Windows Defender, select Check for Updates. ❍ D. On the home page of Windows Update, select Check for Updates. 12. You are the desktop support specialist for your company. A user named Susan is responsible for sending and receiving all company faxes. You have configured her Windows Vista Home Premium computer with a fax modem, and you have configured a fax account for her in Windows Fax and Scan. Susan uses Windows Fax and Scan to schedule the sending and receiving of faxes. She needs to know that recipients have received her faxes. In addition, she needs to know that a fax has been sent or received should this occur while her computer is turned off. What do you do to help her?

❍ A. On the General tab of the Fax Settings dialog box, select Allow the Device To Send Faxes and Allow the Device to Receive Fax Calls.

❍ B. On the Tracking tab of the Fax Settings dialog box, select Notify of Success and Failure for Incoming Faxes and Notify of Success and Failure for Outgoing Faxes.

❍ C. From the Fax Accounts dialog box, right-click Susan’s account and choose Properties. Then specify Susan’s email address in the Email To field.

❍ D. On the Receipts tab of the Fax Options dialog box, select Email To and specify Susan’s email address.

658

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring 13. You have received a new computer running Windows Vista Home Basic. Wanting access to the Media Center and other media-based applications, you purchase and install the upgrade edition of Windows Vista Home Premium. You want to access several of the old settings contained in the previous operating system files. Where should you look?

❍ A. Windows.old folder ❍ B. Program Files folder ❍ C. Documents and Settings folder ❍ D. Software Explorer 14. You are a consultant who assists home users in maintaining their computers. A client named Linda has called you for help with her computer, which runs Windows Vista Home Premium. She informs you that her computer does not boot properly after she downloaded and installed a new driver for her network adapter. You start her computer in Safe Mode. Now you want to configure her computer so that the driver names are displayed as they are loaded during startup. What should you do?

❍ A. Run msconfig, and then select Diagnostic Startup on the General tab. ❍ B. Run msconfig, and then select Boot Log on the Boot tab. ❍ C. Run msconfig, and then select OS Boot Information on the Boot tab. ❍ D. Run msconfig, and then select Disable All on the Startup tab.

659

Practice Exam 15. You are a desktop administrator for a small business that operates a workgroup that includes several computers running Windows Vista Business. Company policy dictates that users of these computers have accounts that are not members of the local Administrators group. The business employs a designer named Shelley, who uses several custom applications in the course of her work. Since she received a new computer, she has been unable to run any of these applications and has requested your help. On checking her computer, you notice that Shelley receives a UAC prompt that requests an administrative password when you attempt to open any of these applications from her user account. Her password does not grant her access to the applications but your password allows the programs to run. What should you do to allow Shelley to run these programs from her account?

❍ A. Change the Behavior of the Elevation Prompt for Administrators in Admin Approval Mode setting to Elevate Without Prompting.

❍ B. Add Shelley to the local Power Users group on her computer. ❍ C. Enable the Parental Controls feature for Shelley’s user account, and then configure this feature to permit each required program to run.

❍ D. Access the Compatibility tab of each program’s Properties dialog box and select the Run This Program as an Administrator option. 16. You have received a couple of DVDs from your son, who is vacationing in Japan. The DVDs contain documentary films and travelogues that describe Japan, its geography, and history. You insert the first DVD into the drive on your computer, which runs Windows Vista Home Premium. However, your computer gives you an error, and you are unable to watch the DVD. Trying the second DVD, you receive the same error. What should you do?

❍ A. Access the DVD drive’s Properties dialog box in Device Manager, select the DVD Region tab, and select Japan from the list provided.

❍ B. Access the DVD drive’s Properties dialog box in Computer, select the DVD Region tab, and select Japan from the list provided.

❍ C. In Windows Media Center, change the DVD Language setting to Japanese. ❍ D. Access the Regional and Language Options Control Panel applet, select the Location tab, and specify Japan as the current location.

❍

E. Download and install a codec from the Internet that enables the play of Japanese DVDs.

660

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring 17. You are the network administrator for Oil of AlaskaYukon, a company that speculates for oil drilling. A team of employees is working at a promising site in the Yukon territory. They have a single telephone line available to the seven computers. Each Windows Vista Business computer is configured with a network adapter, a modem, and a static IP address because you don’t have a DHCP server available, and you have provided the team with a hub. The team requires access to email simultaneously, and they want to somehow be able to all connect to the phone line simultaneously. Which of the following should you do to help the team out? (Choose all that apply. Each answer presents part of the solution.)

❏

A. Install a router that performs Network Address Translation (NAT).

❏

B. Reconfigure each network adapter to use DHCP except for the computer that is connected to the modem.

❏

C. Configure Internet Connection Sharing (ICS) on one computer.

❏ D. Configure Windows Firewall on all the computers. ❏

E. Configure ICS on all of the computers.

❏

F. Reconfigure the modem connection properties to use a static IP address.

❏ G. Right-click each computer’s LAN connection and select Bridge Connections from the shortcut menu. 18. Evan has installed Windows Vista Ultimate on his desktop computer, which includes a video card with 128MB video RAM and a monitor capable of supporting either 16-bit or 32-bit color and screen resolutions of 800×600, 1024×768, 1152×864, 1280×1024, and 1600×1200 pixels. He discovers that the window borders do not display the translucency effect and that the Flip 3D feature does not work. Evan would really like to experience all the features Vista has to offer, including these two items. What should he do to obtain translucency and Flip 3D? (Choose all that apply.)

❏

A. Set the color depth to 16 bits.

❏

B. Set the color depth to 32 bits.

❏

C. Set the theme to Windows Aero.

❏ D. Set the screen resolution to 1024×768 or higher. ❏

E. Set the refresh rate to a value greater than 10 hertz.

❏

F. Set the screen resolution to 1280×1024 or higher.

❏ G. Ensure that the graphics memory bandwidth is at least 1800 Mbps.

661

Practice Exam 19. You are the network administrator for Salty Dogs, LLC. The company’s Design Director, Suzanne, uses a portable laptop computer that has been installed with Windows Vista Ultimate. Your company requires that all users use smart cards to access company resources. You have therefore provided Suzanne with a portable smart card reader. Company policy also requires that all users connect with the highest level of security possible when using an Internet, VPN, or modem link. You are now creating the modem connection for Suzanne to dial into the network. Which authentication protocol should you select so that Suzanne can use her smart card for access to the VPN?

❍ A. Microsoft Challenge Handshake Authentication Protocol (MS-CHAP) version 2 ❍ B. Extensible Authentication Protocol (EAP) ❍ C. Challenge Handshake Authentication Protocol (CHAP) ❍ D. Password Authentication Protocol (PAP) 20. Joe is a landscape designer who travels extensively throughout his state, working with residential and business clients to create award-winning gardens and landscapes. He uses a Windows Vista Ultimate portable computer and needs to conserve power when traveling on the road. He has noticed that when he presses the power button on his computer, it does not fully turn off and continues to consume battery power with the result that he has occasionally lost work. Joe would like to ensure that the computer is always completely off when he presses the power button when on battery power. What should he do? (Each answer represents a complete solution. Choose two.)

❏

A. From the Windows Mobility Center, select the Power Saver option.

❏

B. From the Power Options Control Panel applet, select Change Plan Settings under the current power plan. In the Power Options dialog box, expand the Power Buttons and Lid category, then expand Power Button Action, and then select Shut Down.

❏

C. From the Power Options Control Panel applet, select Change Plan Settings under the current power plan. In the Power Options dialog box, expand the Power Buttons and Lid category, then expand Start Menu Power Button, and then select Shut Down.

❏ D. From the Power Options Control Panel applet, select Choose What the Power Buttons Do, and then select Shut Down under On Battery for When I Press the Power Button.

❏

E. From the Power Options Control Panel applet, select Change Plan Settings under the current power plan. Then change the Put the Computer to Sleep setting under On Battery to Never.

❏

F. From the Power Options Control Panel applet, select the Power Saver power plan.

662

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring 21. Kristen is planning on upgrading her home computer from Windows XP Home Edition to Windows Vista Home Premium. She backs up her applications and data folders but is still concerned about whether these will be present on her computer after she completes the upgrade. Which of the following will happen when she upgrades to Vista? (Choose all that apply.)

❏

A. Folders and application settings are retained after the upgrade.

❏

B. Backup copies of Registry files are removed during the upgrade.

❏

C. Applications and their settings are removed during the upgrade.

❏ D. Folders are retained, but application settings are lost during the upgrade. ❏

E. Existing System Restore points are removed during the upgrade.

22. You are an independent consultant offering a service to install Windows Vista on home computers. A customer named Ted has purchased Windows Vista Home Premium from an electronics store and is attempting to install it on his home computer. Receiving an error message, Ted phones you for assistance. At Ted’s home, you check the hardware specifications of his computer and notice the following: . 1.6 GHz processor . 256MB RAM . 80GB hard drive . DirectX 9–capable video card with 64MB video RAM . 10/100Mbps integrated network card Which of the following should you upgrade?

❍ A. Processor ❍ B. Memory ❍ C. Hard drive ❍ D. Video card ❍

E. Network card

663

Practice Exam 23. You are a junior desktop support technician for a company that operates an Active Directory domain. Client computers run either Windows XP Professional or Windows Vista Business. A user named Phil contacts you regarding a problem with Internet Explorer 7 on his Vista computer. The home page in his browser frequently changes to undesired locations, and if he resets the home page, it changes back soon afterward. No others in Phil’s work area experience this problem. However, Phil asked another user in the work area to log on to his computer with her domain user account, and she experienced the same problem. What should you do to solve this problem with the least administrative effort?

❍ A. Use Registry Editor to access the HKEY_LOCAL_MACHINE\SOFTWARE\ Microsoft\Windows\CurrentVersion\Run Registry key and delete all values

that contain unfamiliar programs.

❍ B. In Windows Defender, click Tools, Software Explorer. In the Startup Programs section, remove all unfamiliar programs whose startup type is set to Registry: Local Machine.

❍ C. Open the Windows Firewall Settings dialog box to the Exceptions tab, and then delete all unfamiliar programs from the list.

❍ D. Click Start, Run, and type msinfo32. Expand Software Environment and select Startup Programs. Then delete all unfamiliar programs from the list. 24. You are the desktop support specialist for your company. A user named Steve has upgraded his computer from Windows XP Professional to Windows Vista Business. After the upgrade, he notices that his computer is running more slowly than it previously did, so he purchases a 1GB USB flash memory drive so that he can utilize the new Windows ReadyBoost feature to improve system performance. When he attaches the flash drive, he receives a message that informs him he is unable to use all the memory in the flash drive to improve his computer’s performance. Which of the following is the likely cause of this problem?

❍ A. The drive has both fast and slow memory. ❍ B. The drive has fast memory. ❍ C. The drive has slow memory. ❍ D. The drive fails to meet minimum requirements for using ReadyBoost.

664

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring 25. Sharon works as a design engineer in an aerospace plant. She upgrades her computer from Windows XP Professional to Windows Vista Ultimate. After the upgrade, she discovers that a mission-critical software program does not function properly. She checks with the software vendor and discovers that an update to the program will not be forthcoming for at least a year. Because the program worked properly on Windows XP, she decides to revert her computer to XP. What should she do?

❍ A. Insert the Windows XP Professional CD-ROM and run the Winnt32.exe command. ❍ B. In Control Panel Programs, select Uninstall Windows Vista and revert to Windows XP Professional.

❍ C. Use System Restore to restore her computer to Windows XP. ❍ D. Back up all her files, and then boot her computer from the Windows XP Professional CD-ROM, format the partition containing Vista, and reinstall Windows XP. 26. You are a desktop support specialist for your company, which operates an Active Directory domain in which all servers run Windows Server 2003 and all desktop computers run Windows Vista Business. A user named Brian contacts you for assistance with Windows Sidebar. He is having difficulty viewing news feeds and needs this information to be always available so that he can make important decisions. On checking his computer, you notice that the news feed gadget is very dim. What should you do?

❍ A. Right-click the sidebar and choose Bring Gadgets to Front. ❍ B. Right-click the news feed gadget and choose Opacity, and then increase the opacity level to 100 percent.

❍ C. In Control Panel Ease of Access, open the Ease of Access Center and select Make the Computer Easier To See.

❍ D. Right-click the news feed gadget and choose Options and then reduce the number of feed headlines to see at a time.

665

Practice Exam 27. You have been hired to deploy Windows Vista Business to all the computers in a company with 500 desktops. The company provides a lab for research and development, which, because of its security settings, cannot be connected to the production network. You have performed the unattended installation on identical hardware from a network share for other computers. For the lab computers, you need to deploy Windows Vista, using the DVD media. What must you do to ensure that the unattended installation completes properly?

❍ A. Use Windows System Image Manager (SIM) to create a file named Unattend.xml. Place this file on a floppy disk and insert the disk after you have inserted the Vista DVD and started the computer.

❍ B. Use SIM to create a file named Unattend.txt. Place this file on a floppy disk and insert the disk after you have inserted the Vista DVD and started the computer.

❍ C. Use Sysprep.exe to create a file named Unattend.xml. Place this file on a floppy disk and insert the disk after you have inserted the Vista DVD and started the computer.

❍ D. Use Sysprep.exe to create a file named Unattend.txt. Place this file on a floppy disk and insert the disk after you have inserted the Vista DVD and started the computer. 28. You are a network administrator for your company, which operates an Active Directory forest consisting of a single domain. The sales department often works while traveling. All sales associates have been provided with laptop computers, Internet access, and VPN connections. All sales associates routinely use offline files to be able to work when not connected to the network. All are members of the Domain Users group in your forest and have cached credentials enabled. You have a user who has installed a second hard disk in his laptop. His C: partition contains his offline files. You have used a utility to migrate the offline files to the new D: partition, which has been formatted with NTFS. The user reports that even though the Synchronization Manager tells him that offline files have been synchronized, he has not received any updates. What should you do?

❍ A. Format the new partition with the FAT32 file system. ❍ B. Use the Disk Management utility to change the new hard disk to a dynamic disk from a basic disk.

❍ C. In Computer, right-click the new disk and select Properties, select the Security tab, modify the permissions on the new disk, and grant the Users local group the AllowWrite permissions for the folder, files, and all subfolders.

❍ D. In Computer, right-click the new disk and select Properties; select the Security tab; modify the permissions on the new disk; and grant the Domain Users group the AllowWrite permissions for the folder, files, and all subfolders.

666

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring 29. For several years Jason has been using a computer running Windows XP Home Edition. The computer has suited him well especially with the several hardware upgrades he has performed over the years, but he is excited about all the new features available in Windows Vista, so he purchases the upgrade to Windows Vista Home Premium. Jason is unsure that all the hardware on his computer will work properly once he has upgraded to Vista. What should he do first?

❍ A. Run the Windows Vista Upgrade Advisor. ❍ B. Run the Windows Vista Program Compatibility Wizard. ❍ C. Run the Windows Vista Easy Transfer Wizard. ❍ D. Access the Device Manager in Windows XP and upgrade the drivers on all hardware devices to the Vista-compatible ones. 30. Heather is using her Vista notebook computer with an external monitor. She wants to assign the Start button and the taskbar to the external monitor while using the notebook display as a secondary monitor. How should she proceed?

❍ A. Mirror her desktop to the external monitor. ❍ B. Designate the external monitor as the primary display. ❍ C. Show her desktop on the external monitor only. ❍ D. Drag the Start menu and the taskbar to the external monitor. 31. You are a desktop support specialist for a company that is currently upgrading its Windows XP Professional desktop computers to Windows Vista Business. Users of upgraded computers in the company’s Design department report that a computer-assisted design (CAD) program is blocked by Windows Defender. The manager of the department has asked you to add the CAD program to the list of allowed items. What should you do? (Each answer represents a complete solution. Choose two.)

❏

A. Click Tools, Quarantined Items. In the list that appears, select the CAD program and then click Restore.

❏

B. Click Tools, Allowed Items. Click Add, browse to and select the folder containing the CAD program, and click OK.

❏

C. Click Tools, Options, and scroll to the Advanced Options section. In the Do Not Scan These Files or Locations section, click Add, browse to and select the folder containing the CAD program, and click OK.

❏ D. When the Windows Defender alert appears after starting the CAD program, select the Always Allow option.

667

Practice Exam 32. You have been called to help with a problem computer, named Vista1. Your network consists of two subnets, Subnet A and Subnet B, as shown in the network exhibit. Vista1 is located on Subnet A. A terminal server named TERM1.domain.com is located on Subnet B. The Vista1 computer receives an error when it attempts to initiate a Remote Desktop connection to TERM1. The computer does not have any problems connecting to servers and printers on Subnet A. Router Subnet A

Subnet B 192.168.0.1 255.255.255.0

192.168.1.1 255.255.255.0

Vista1 192.168.0.11 255.255.255.0

TERM1. domain.com IP: 192.168.1.88 Sub: 255.255.255.0 DG: 192.168.1.1 DNS: 192.168.0.3 WINS: 192.168.0.8

You run Ipconfig on Vista1. You receive the output displayed in the IP exhibit.

What is the error related to, and what must you configure to fix the error?

❍

A. This is a DNS error. In the Remote Desktop Connection dialog box, use the IP address of 192.168.1.88 rather than the name TERM1.

❍

B. This is a WINS error. In the Remote Desktop connection dialog box, use the IP address of 192.168.1.88 rather than the name TERM1.

❍

C. This is an IP configuration error on the router. Change the subnet mask on the router’s interface connected to Subnet A to 255.255.255.240.

❍ D. This is an IP configuration error on the Vista1 computer. Change the default gateway address to 192.168.0.1.

668

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring 33. You are a help desk associate for Help Desks, Inc. One of your client companies has notified you that it has deployed a new application named APP, which uses the executable App.exe, to its legal department. A few days later, a legal department user named Joe calls. Joe says that every computer in the department runs at a snail’s pace when they try to use the Reports function in APP. You discover that the Reports function is actually a separate executable, Rpts.exe, that has its own Start menu shortcut. When a report is requested, it takes several minutes to several hours to compile the report and notify the user that it is ready. The legal department wants to fix the slow response of their other applications, but they also want to retain APP and its Reports function. What should you tell Joe?

❍ A. Configure the Performance settings on the Advanced tab of the Performance Options dialog box so that it is optimized for background services.

❍ B. Configure the Performance settings on the Advanced tab of the Performance Options dialog box so that it is optimized for programs.

❍ C. Edit the Start menu shortcut properties for APP so that it reads Start App.exe /Realtime.

❍ D. Edit the Start menu shortcut properties for APP so that it reads Start Rpts.exe /Low.

❍

E. Edit the Start menu shortcut properties for APP so that it reads Start Rpts.exe /Min.

34. You would like to change the search engine in Internet Explorer 7 temporarily. What should you do?

❍ A. Access the Privacy tab of the Internet Options dialog box and click Settings. Select the desired search provider and then click Set Default.

❍ B. Access the General tab of the Internet Options dialog box and click Settings in the Search section. Select the desired search provider and then click Set Default.

❍ C. Click the down arrow next to the Search area in the Internet Explorer address bar. From the menu displayed, select the desired search provider.

❍ D. Click the down arrow next to the Search area in the Internet Explorer address bar. From the menu displayed, click Change Search Defaults. Select the desired search provider and then click Set Default.

669

Practice Exam 35. Sheila is a help desk technician for White’s Photographic Supply, a company that caters to digital photographic needs of camera stores and portrait studios. All desktop computers run either Windows XP Professional or Windows Vista Business and receive TCP/IP configuration information from a DHCP server on the network. One evening, several administrators shut down a file server named Server1 for some much needed maintenance tasks. Several hours later they restart the server and move it to a different subnet. The next morning, Sheila receives calls from several users reporting that they cannot connect to shared folders on Server1. Which of the following commands should Sheila instruct the users to run on their computers?

❍ A. ipconfig /flushdns and ipconfig /registerdns ❍ B. ipconfig /release and ipconfig /renew ❍ C. ipconfig /displaydns ❍ D. nbtstat -R ❍

E. nslookup

36. You are a desktop support technician for your company. Management has asked you to implement smart cards as a secure authentication procedure for all computers in your company, and you must install smart card readers on all company computers. You have purchased a supply of the readers from an independent vendor. The shipment comes with a CD-ROM that includes drivers and support applications for Windows Vista. Although the drivers are digitally signed, the support applications are not. You must ensure that the correct drivers and applications are installed. How should you proceed? (Each answer represents part of the solution. Choose two.)

❏

A. Insert the CD-ROM and install the drivers and applications before installing the reader.

❏

B. Insert the CD-ROM and install the drivers and applications from the Found New Hardware Wizard after installing the smart card reader.

❏

C. Select Update Driver from the reader’s properties in Device Manager to install the drivers and applications.

❏ D. Attach the smart card reader to the computer before inserting the CD-ROM. ❏

E. Attach the smart card reader to the computer after inserting the CD-ROM.

670

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring 37. You are a network administrator for DandyLyon, a large clothing manufacturer. The company’s Windows Server 2003 Active Directory network contains a single domain named dandylyon.local. In recent months, you have upgraded all network computers from Windows XP Professional to Windows Vista Enterprise. The company has directed that all computers on the network should meet the following requirements: . The computers should scan all folders where malicious software is known to install. The scan should take place daily. . The computers should recommend the removal of low alert items only under the circumstances in which the malicious software definition database suggests their removal. You open the Options page in Windows Defender to configure the first computer to meet these requirements. Which of the following actions should you perform?

❍ A. Select the check box labeled Apply Default Actions to Items Detected During a Scan. ❍ B. Select the check box labeled Check for Updated Definitions Before Scanning. ❍ C. From the Default Action list for low alert items, choose Ignore. ❍ D. From the Type of Scan drop-down list, choose Full System Scan. 38. Your company has instituted a new program in which employees are permitted to work from home two days a week. To support this benefit, you purchase a new computer running Windows Vista Home Premium and plan to use Remote Desktop to connect to your work computer, which runs Windows Vista Business. However, you discover that the option to use Remote Desktop is not available. What should you do?

❍ A. Use the Remote Assistance feature instead. ❍ B. Enable the Remote Administration exception in Windows Firewall. ❍ C. Upgrade your computer to Vista Business. ❍ D. Upgrade your computer to Vista Ultimate.

671

Practice Exam 39. You are a tax preparer for Taxes in Texas. All your computers are configured with Windows Vista Business. Because of recent privacy laws, you cannot allow anyone other than official tax preparers to have access to your tax preparation materials for clients. You store all client files in the CLIENTS folder on your NTFS-formatted C: drive, as do all other tax preparers in your workgroup. You have four staff persons who work in the office. They are in the STAFF group. All tax preparers are in the PREP local group. One of the STAFF group members is also a member of the local Administrators group on each computer. What can you do to configure your system to ensure the privacy laws are met?

❍ A. Delete all users and groups from your computer. ❍ B. Configure the PREP group to have full control of the C:\CLIENTS folder. ❍ C. Run cipher /e on the C:\CLIENTS folder. Add certificates for each tax preparer to the encryption attributes.

❍ D. Run cipher /d on the C:\CLIENTS folder. Add certificates for the STAFF group. 40. You are the network administrator for Crankshaft Software, which operates a head office in San Francisco and a small branch office in Toronto. All client computers in both offices run Windows Vista Business. The manager of the San Francisco office wants to use Windows Meeting Space to hold a planning meeting involving employees from both offices. He creates an invitation file in Windows Meeting Space and posts it to the People Near Me location. All employees in the San Francisco office can see this meeting but no employees in Toronto can see it. However, Toronto employees can see other meetings. This meeting must be available to all employees of Crankshaft Software, so the manager comes to you for help. What do you do?

❍ A. Contact the Toronto office and ask the administrator there to modify Windows Firewall settings to allow the invitation to be visible.

❍ B. Use email to distribute the invitation file to the Toronto office. ❍ C. Select the Invite People option and then add the names of the Toronto employees that should be invited to the meeting.

❍ D. Select the Allow People Near Me to See This Meeting option.

672

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring 41. You are a consultant in charge of converting a large company’s network over to using IPv6 addressing. The company has been using private IPv4 addresses on the private 172.16.0.0/16 network address space. All client computers receive their IP addressing information from DHCP servers, and this must not be changed. You are required to configure the network with the appropriate type of IPv6 addresses. Which address type should you select?

❍ A. Global unicast ❍ B. Link local unicast ❍ C. Site local unicast ❍ D. Multicast ❍

E. Anycast

42. John installs a new application on his computer. The computer immediately exhibits errors and shuts down with a Stop error. John doesn’t know what to do and calls you before he restarts his computer. What do you tell John? (Select the best answer.)

❍ A. Restart the computer with the Last Known Good Configuration. ❍ B. Restart the computer in Safe Mode with Networking, and then run Chkdsk. ❍ C. Use a Windows Complete PC Backup and Restore image to restore the computer. ❍ D. Use the Startup Repair Tool to repair the computer’s configuration. 43. Lisa uses a Windows Vista Ultimate notebook computer as well as a cell phone that is capable of running a limited version of Windows Media Player. She uses the cell phone to connect to her computer and synchronize her Windows Calendar. She also plays music that is not stored on the cell phone. Lisa discovers that her cell phone battery is not providing the lifetime that she really needs, so she decides to disable the ability to play music through Windows Media Player. What should she do?

❍ A. Turn off the Windows Media Player gadget in Windows Sidebar. ❍ B. Turn off the Windows Media Player gadget in Windows SideShow. ❍ C. Turn off the Windows Media Player gadget in the Power Settings dialog box. ❍ D. In Sync Center, remove the corresponding sync partnership.

673

Practice Exam 44. You are the desktop support specialist for your company, which operates an Active Directory network in which all servers run Windows Server 2003 and all client computers run Windows Vista Business. The company employs three receptionists named Kelly, Liz, and Rachel. They must coordinate their activities so that at least two of them are available between 9 a.m. and 4 p.m. and that one of them is available during the lunch hour and from 7:30 a.m. to 9 a.m. and from 4 p.m. to 6 p.m. Each receptionist has a domain user account, and each has configured a calendar in Windows Calendar. They need the ability to see each other’s calendars without compromising network security. What do you recommend that they do?

❍ A. Ask them to create a common calendar on one computer and add all their activities to this calendar.

❍ B. Ask them to log off and log on as each other to view the other calendars. ❍ C. Create a new user account and ask the receptionists to use this account to view the calendars and use their own accounts for all other activities.

❍ D. Ask them to publish their calendars to a shared folder location. 45. You are a consultant who has been hired to upgrade 20 computers running various older versions of Windows to Windows Vista Home Premium. Which of the following computers can you upgrade to Windows Vista Home Premium without the need to reinstall all applications and user settings? (Choose all that apply.)

❏

A. Computer1, which runs Windows 98

❏

B. Computer2, which runs Windows 2000 Professional

❏

C. Computer3, which runs Windows XP Home Edition

❏ D. Computer4, which runs Windows XP Professional ❏

E. Computer5, which runs Windows XP Tablet PC Edition

❏

F. Computer6, which runs Windows Vista Home Basic

674

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring 46. You have received a new computer running Windows Vista Ultimate and are planning to give your current computer, which runs Windows Vista Home Premium, to your teenaged daughter. You have subscribed to a large number of websites and stored usernames and passwords for access to these sites in Internet Explorer, as well as several custom settings and preferences used by these sites. You do not want your daughter to have access to any of these websites, so you want to ensure that all these passwords, settings, and preferences are deleted from your current computer. What should you do? (Each answer represents part of the solution. Choose two.)

❏

A. Access the General tab of the Internet Options dialog box. Under Browsing History, click Settings and then in the Temporary Internet Files and History Settings dialog box, click Delete All.

❏

B. Access the General tab of the Internet Options dialog box. Under Browsing History, click Delete, and then in the Delete Browsing History dialog box, click Delete All.

❏

C. Access the Content tab of the Internet Options dialog box. Click Settings in the Feeds section, and then clear the check box labeled Turn on Feed Reading Now.

❏ D. Access the Security tab of the Internet Options dialog box. Change the security level for the Internet zone to High.

❏

E. Access the Content tab of the Internet Options dialog box. Click Settings in the AutoComplete section, and then clear the check box labeled User Names and Passwords on Forms.

675

Practice Exam 47. You are the systems administrator for a company that operates an Active Directory network. All client computers run Windows Vista Enterprise and are configured as members of the domain. The company security policy states that only administrator-approved applications can be installed on domain computers, and this is enforced with a Group Policy setting. A user named Wendy contacts you to ask for help with an application on her computer. Whenever she attempts to make configuration changes to her computer, she receives the message shown in the figure.

You check Wendy’s account properties and verify that she is a member of the local Administrators group on her computer. How should you configure her computer so that she does not receive this message when she is configuring her computer?

❍

A. Change the Behavior of the Elevation Prompt for Administrators in Admin Approval Mode setting to Elevate Without Prompting.

❍

B. Disable the Run All Administrators in Admin Approval Mode setting.

❍

C. Add Wendy’s user account to the Domain Admins group in Active Directory.

❍ D. Access the Advanced Properties dialog box for each application Wendy wants to run. Then select the Run as Administrator check box. 48. You are a desktop support specialist for a small company that operates a workgroup-based network. A Windows Vista Ultimate computer in your office contains several shared folders that users in the office must have access to. You need to ensure that only users with valid usernames and passwords can access the shared folders on this computer, including the Public folder. What should you do?

❍

A. Configure each shared folder with the usernames of the users who need access.

❍

B. In the Network and Sharing Center, enable the Public Folder Sharing option.

❍

C. In the Network and Sharing Center, disable the Network Discovery option.

❍ D. In the Network and Sharing Center, enable the Password Protected Sharing option.

676

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring 49. You manage the computers for your department, which consists of 30 users. Your manager has decided to replace all the computers in the department and at the same time to deploy a new application. She asks you to install the 30 new computers identically using Windows Vista Ultimate. You are given access rights to the network installation point and a product key for the volume licensing media. You decide to automate the installation. You do not have any third-party tools or additional servers at your disposal, but you are able to implement a clean installation of Vista. Which of the following methods should you select?

❍ A. Windows Deployment Services (WDS) ❍ B. Windows System Image Manager (SIM) ❍ C. Sysprep ❍ D. Unattended installation using DVD media 50. You have been experimenting with Microsoft Outlook as an email application on your computer, which runs Windows Vista Home Premium. After a couple of weeks, you decide that you do not like Outlook and switch to Windows Mail as your default email application. You have several messages in Outlook that you would like to save before you uninstall Outlook. What should you do?

❍ A. From the Tools menu in Windows Mail, choose Accounts and then click Import. Specify Outlook as the location from which you want to perform the import.

❍ B. From the Message menu in Windows Mail, choose Import and then choose Mail Account Settings. Specify Outlook as the location from which you want to perform the import.

❍ C. From the Message menu in Windows Mail, choose Import and then choose Messages. Specify Outlook as the location from which you want to perform the import.

❍ D. From the File menu in Windows Mail, choose Import and then choose Mail Account Settings. Specify Outlook as the location from which you want to perform the import.

❍

E. From the File menu in Windows Mail, choose Import and then choose Messages. Specify Outlook as the location from which you want to perform the import.

Answers to Practice Exam 1. A. On the Exceptions tab of the Windows Firewall Settings dialog box, you should enable the Remote Administration option. This option enables the management of remote computers by means of utilities that utilize RPC. Remote Assistance enables a user to seek assistance from an expert on another computer but does not enable RPC-based utilities, so answer B is incorrect. Remote Desktop enables you to connect to your computer from another computer running Windows XP or Vista but does not enable RPC-based utilities, so answer C is incorrect. It is not necessary to enable TCP port 135 because it is simpler to enable Remote Administration, so answer D is incorrect. Remote Procedure Call is not a program that you can add to the Exceptions list using the Add Program button, so answer E is incorrect. For more information, see the section, “Basic Windows Firewall Configuration,” in Chapter 5. 2. B and F. You should open the Internet Properties dialog box and select the Security tab. Select the Trusted Sites zone and click the Sites command button. From the Trusted Sites dialog box you can add the Exam Prep website to the Trusted Sites list. On the same dialog box you should clear the Require Server Verification (https:) for All Sites in this Zone check box. The Trusted Sites zone is the zone that you should use for sites whose content you trust not to damage a user’s computer or data, such as sites of trusted business partners. By default, server verification is required for all sites in the Trusted Sites zone, so you should clear this check box to remove this requirement. The Local Intranet zone is used for websites on your organization’s intranet, though you can also add external websites to this zone. By default, this zone does not enable downloading of unsigned ActiveX controls. Consequently, you should not add the Exam Prep site to this zone, so answers A and E are incorrect. Enabling the Download Unsigned ActiveX Controls option would leave your computer open to rogue websites downloading malicious ActiveX controls, so answer C is incorrect. The Include All Sites that Bypass the Proxy Server option would cause Internet Explorer to interpret local intranet sites as being in the Internet zone rather than the Local Intranet zone. This setting is not relevant to this situation, so answer D is incorrect. The Initialize and Script ActiveX Controls Not Marked as Safe for Scripting option would also leave your computer open to malicious ActiveX controls, so answer G is incorrect. For more information, see the section, “Configuring Internet Explorer Zones,” in Chapter 5. 3. A, C, and G. Three things must be in place before Suzanne can connect a Remote Desktop Connection to her home computer: (1) the corporate router and firewall must allow the RDP traffic to be transmitted, (2) Suzanne’s home computer’s Windows Firewall must be configured to allow an exception for RDP traffic, and (3) Suzanne’s home computer must be configured to enable Remote Desktop services

678

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring with Suzanne’s user account granted permission to connect. The standard port is TCP 3389 for RDP. Answers B, D, E, and F are all incorrect because you do not need to configure anything on Suzanne’s laptop, nor do you need to enable Internet Connection Sharing. Answer F is also incorrect because the Create Invitations that Can Only be Used from Computers Running Windows Vista or Later check box is used when configuring Remote Assistance and not Remote Desktop. For more information, see the section, “Remote Desktop,” in Chapter 6. 4. D. To be better protected, you should enable the Windows Firewall on Mary’s home computer for the network adapter that is connected to the Internet. Answer A is incorrect because blocking all cookies does not protect the computer from directed traffic. Answers B and C are incorrect because the traffic is passing into Mary’s home computer, from which the laptop could then be exposed to viruses or other problems. You do not need to protect the laptop’s wireless connection if you can protect both the laptop and the home computer by enabling the firewall on only the home computer, where it connects to the Internet, which is on the Ethernet interface leading to the broadband modem. For more information, see the section, “Using a VPN Connection to Connect to Computers,” in Chapter 6. 5. C. You should check the Setuperr.log file first. This file records only the errors generated during Setup, including those errors generated by hardware or driver issues. Setupact.log records modifications performed on the system during Setup. While it may display some errors, it is not the best location to look first, so answer A is incorrect. Setupapi.log records data for each time an INF file is called and implemented but not setup errors, so answer B is incorrect. WindowsUpdate.log records information about transactions performed by Windows Update, but not errors, so answer D is incorrect. Scesetup.log records security settings but not setup errors, so answer E is incorrect. For more information, see the section, “Troubleshooting Failed Installations,” in Chapter 2. 6. A. The Navigational Flicks and Editing Flicks option in the Flicks tab of the Pen and Input Devices dialog box enables you to employ pen flicks to perform operations such as copy, paste, delete, and undo. It also enables additional options that you can customize. The Pen Options tab of the Pen and Input Devices dialog box enables you to modify settings for actions such as single and double taps, but it does not enable editorial options, so answer B is incorrect. The Gestures tab enables you to choose the desired gesture for scratching out written text but not copy or paste, so answer C is incorrect. The Automatic Learning feature is used to train the handwriting recognizer to translate your handwriting style to text. It also does not enable editorial options, so answer D is incorrect. For more information, see the section, “Pen Flicks,” in Chapter 9. 7. B. Jennifer should access the Parental Controls feature and select Ryan’s user account. Under Web Restrictions, select the Edit the Allow and Block List option and then add the URLs of the undesirable websites to the Blocked Web Sites list. Doing so prevents Ryan from visiting these sites. If she were to select the High Web restriction level, other websites that are needed might be blocked, so answer A is incorrect. The Restricted Web Sites list places security-based restrictions on websites but does not prevent Ryan from viewing them, so answer C is incorrect. Adding the websites to the list in the Privacy tab of the Internet Explorer Options dialog box prevents these websites from placing cookies on the computer, but does not prevent Ryan from viewing them, so answer D is incorrect. For more information, see the section, “Configuring Parental Restrictions,” in Chapter 4.

679

Answers to Practice Exam 8. B. You should access the International tab of the Junk Email Options dialog box and click the Blocked Top-Level Domain List command button. Then select the countries from which you have received unwanted email. This prevents any email from addresses ending in the top-level domains from these countries from arriving in your inbox unless the address has been specified in the Safe Senders list. The Blocked Encoding List blocks emails encoded in specific character sets but does not specifically block messages from unwanted countries, so answer A is incorrect. Adding the Internet domain addresses of the senders from which you have received unwanted email prevents email from these addresses from reaching your inbox but does not stop email from other addresses in these countries, so answer C is incorrect. The High filtering option blocks a large range of unwanted messages but might block wanted messages as well, so answer D is incorrect. Selecting Add Sender’s Domain to Blocked Senders List in the Message menu would block only the sender of the selected message. You would need to do this for each unwanted message, and furthermore this would not stop email from other addresses in these countries, so answer E is incorrect. For more information, see the section, “Spam and Phishing,” in Chapter 7. 9. A. You should use the Startup Repair tool to diagnose and repair the problem. This tool attempts to recover a computer that is unable to start normally. Among the problems this tool can repair is that of missing or corrupted device drivers. You cannot use the Last Known Good configuration because Kathy logged on successfully after the first reboot, so answer B is incorrect. You cannot access Safe Mode because Kathy stated the computer would not even boot after it locked up, so answer C is incorrect. The Recovery Console option in Windows 2000 and XP has been replaced by the Startup Repair tool in Vista, so answer D is incorrect. You should not reinstall Vista unless you have exhausted all other repair options, so answer E is incorrect. For more information, see the section, “Troubleshooting Startup Issues,” in Chapter 4. 10. C. George should boot the computer with the Vista DVD. He should select the option to perform a clean installation, select the third partition, format this partition with the NTFS file system, and install Vista on this partition. This procedure installs Vista while keeping the XP installation intact. On rebooting, he will receive a boot menu from which he can select either XP or Vista. If he were to select the first partition, he would destroy the XP installation, so answer A is incorrect. If he were to select the upgrade option, he would upgrade XP to Vista and would no longer have access to XP, so answer B is incorrect. If he were to format both partitions and install Vista before reinstalling XP, he would lose all his previously configured settings in XP. Further, he would damage the Vista installation because when you install more than one operating system, you should install the oldest operating system first. Consequently, answer D is incorrect. For more information, see the section, “Performing a Clean Installation of Windows Vista,” in Chapter 2. 11. B. Windows Update downloads updates to Windows Defender as well as updates to other components of Vista. To ensure that these updates are downloaded and installed automatically, you must select Install Updates Automatically (Recommended). To ensure that all updates (and not just critical updates) are installed, you also must select Include Recommended Updates When Downloading, Installing, or Notifying Me About Updates. The Download Updates But Let Me Choose Whether to Install Them option downloads updates but does not install them automatically, so answer A is incorrect. If you select Check for Updates on the Windows Defender home page, you receive currently available updates to Windows Defender definition files, but future updates are not automatically downloaded or installed, so answer C is incorrect. If you select this option from

680

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring Windows Update, all currently available Windows Updates are offered for download, but no automatic installation takes place, so answer D is incorrect. For more information, see the sections, “Updating Windows Defender,” in Chapter 5 and “Working with Windows Update,” in Chapter 8. 12. D. You should specify Susan’s email address in the Receipts tab of the Fax Options dialog box. This enables Susan to receive an email when a recipient receives faxes she has sent. If Susan’s computer is off, she will receive the email when she turns it back on. The Allow the Device To Send Faxes and Allow the Device to Receive Fax Calls option must be selected to send faxes at all, and it by itself does not send notifications back to Susan, so answer A is incorrect. The Notify of Success and Failure for Incoming Faxes and Notify of Success and Failure for Outgoing Faxes options would display a balloon tip in her notification area. If Susan’s computer is turned off, she would not receive this balloon tip, so answer B is incorrect. There is no Properties dialog box associated with fax accounts in the Fax Accounts dialog box, so answer C is incorrect. For more information, see the section, “Sending and Receiving Faxes,” in Chapter 7. 13. A. When you upgrade to an edition of Vista, the Windows.old folder holds subfolders and files from the previous operating system. The Program Files folder holds the current applications only, so answer B is incorrect. The Documents and Settings folder holds current user-specific documents and settings. It does not hold previous settings, so answer C is incorrect. Software Explorer is a utility that enables you to view and manage programs. It also does not hold previous settings, so answer D is incorrect. For more information, see the section, “Upgrading to Windows Vista from a Previous Version of Windows,” in Chapter 3. 14. C. You should select the OS Boot Information option from the Boot tab of the System Information utility, which is started by typing msconfig. This tool enables you to disable common services and startup programs to selectively troubleshoot which items are preventing a normal startup. By selecting the OS Boot Information option, you can see which drivers are being loaded during startup. This can assist you in determining which driver is causing her computer to not start properly. The Diagnostic Startup option loads only basic drivers and services but does not display driver names during startup, so answer A is incorrect. The Boot Log option logs information from the boot procedure to %systemroot%\Ntbtlog.txt. It does not display driver names, so answer B is incorrect. The Disable All option disables all startup programs but does not display driver names, so answer D is incorrect. For more information see the section, “System Configuration Utility,” in Chapter 8. 15. D. You should access the Compatibility tab of each program’s Properties dialog box and select the Run This Program as an Administrator option. Doing so enables the program to run without requesting administrative credentials. Specifying Elevate Without Prompting would enable the program to run without displaying a UAC prompt only for administrative users. This would not help a non-administrative user, so answer A is incorrect. The local Power Users group is not used in Vista except for enabling certain legacy applications to run. Shelley would still receive a prompt requesting an administrative password if she were made a member of this group, so answer B is incorrect. The Parental Controls feature simply allows Shelley to run this program but does not drop the need for specifying an administrative password, so answer C is incorrect. For more information see the section, “Configuring User Account Control,” in Chapter 5.

681

Answers to Practice Exam 16. A. You should access the DVD drive’s Properties dialog box in Device Manager, select the DVD Region tab, and select Japan from the list provided. Different regions of the world use different DVD encoding, and you cannot play a DVD from one region in a player configured to play a DVD from a different region. Note that Windows provides a maximum of five DVD region changes for any given DVD drive, after which you cannot change the region specified for the drive. This setting is not available from the Properties dialog box accessed from Computer, so answer B is incorrect. Changing the DVD setting to Japanese in Windows Media Center affects only audio and subtitle languages for DVDs that you play and does not enable you to play a DVD from another region, so answer C is incorrect. The Regional and Language Options Control Panel applet specifies the language used for displaying localized content in Windows, so answer D is incorrect. A codec is a software program used to compress or decompress digital media. It does not enable the playing of a DVD from another country, so answer E is incorrect. For more information see the section, “Setting Up Windows Media Player,” in Chapter 7. 17. B and C. To share the modem, one computer should be connected to both the modem and the network. That computer should be configured with ICS. This automatically begins a simplified DHCP service, with a DNS forwarding service and NAT service, to the rest of the computers. The remaining computers should all be configured as DHCP clients because they receive their IP address information from the sharing computer. Answer A is wrong because there is no need to install a router that uses NAT. You likely do not need to modify the default configuration of Windows Firewall, which means answer D is wrong. Answer F is wrong because the modem either obtains an IP address, or it is configured with a static IP address—either way, it is still able to be shared. Answer E is wrong because only one computer needs to share the Internet connection. Answer G is wrong because you do not want to create a bridge on any of the computers. For more information, see the section, “Configuring and Troubleshooting Internet Connection Sharing,” in Chapter 6. 18. B, C, and E. Windows translucency and the Flip 3D feature are components of the advanced Aero Glass display appearance. To enable Aero Glass, Evan should set the color depth to 32 bits, set the theme to Windows Aero, and set the refresh rate to a value greater than 10 hertz. Aero Glass will not appear if the color depth is set to 16 bits, so answer A is incorrect. The screen resolution is immaterial to whether or not Aero Glass appears, so answers D and F are incorrect. A graphics memory bandwidth of 1800MB is required for Aero Glass if the screen resolution is set to 1280×1024 or higher but is not necessary if the screen resolution is set to a lower value. Therefore, answer G is incorrect. For more information, see the section, “Understanding Hardware Requirements for Running Aero,” in Chapter 4. 19. B. You should use the EAP authentication protocol. This is the only authentication protocol that works with smart cards. None of PAP, CHAP, or MS-CHAP v.2 work with smart cards, so answers A, C, and D are incorrect. For more information, see the section, “Remote Access Authentication Protocols,” in Chapter 6. 20. B and D. Joe can configure the computer’s power button action to shut the computer down on battery power by selecting Shut Down from the Power Button Action option in the Power Options dialog box or by selecting the same option after clicking Change Plan Settings under the current power plan. Either of these actions configures the computer’s power button to shut the computer

682

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring down completely rather than enter Sleep mode. The Power Saver power plan by default does not shut the computer down when the power button is pressed, so answers A and F are incorrect. Answer C is incorrect because this action shuts the computer down when Joe clicks the Start Menu power button rather than pressing the computer’s power button. Answer E is incorrect because this action prevents the computer from entering Sleep mode but does nothing for changing the default action when the computer’s power button is pressed. For more information, see the sections, “Additional Power Plan Options,” and “Advanced Power Settings,” in Chapter 9. 21. A, B, and E. When you upgrade from Windows XP to Windows Vista, the upgrade retains all applications, folders, and settings. System restore points and backups of Registry files are removed. Neither applications nor their settings are removed, so answers C and D are incorrect. For more information, see the section, “Upgrading to Windows Vista from a Previous Version of Windows,” in Chapter 3. 22. B. You should upgrade the RAM. All editions of Windows Vista require a minimum of 512MB RAM, and for better performance (premium ready), 1GB RAM. The specifications indicated for processor and hard drive meet the premium ready requirements for Vista, so answers A and C are incorrect. The specifications for the video card meet the minimum requirements but not the premium ready requirements. Ted will be unable to run Aero Glass, but he will be able to install Vista with this video card, so answer D is incorrect. The network card is also adequate for Vista, so answer E is incorrect. For more information, see the section “Identifying Hardware Requirements” in Chapter 2. 23. B. Software Explorer is a component of Windows Defender that enables you to view information about software programs and system state on your computer. It provides information about startup type among other items. You can select any unfamiliar programs and then click the Remove button to prevent them from starting. It would be possible to prevent programs from running at startup by examining the CurrentVersion\Run Registry keys and removing unfamiliar entries, but this would take far more administrative effort (indeed, you needed to do this with older Windows operating systems); therefore, answer A is incorrect. The Exceptions tab in the Windows Firewall Settings dialog box enables you to specify which programs can access your computer across the Internet. It is most likely that the problem program is present on Phil’s computer because no other computers are experiencing the same problem, so answer C is incorrect. The System Information utility provides a list of startup programs, but you cannot delete entries from this location, so answer D is incorrect. For more information, see the section, “Using Software Explorer,” in Chapter 5. 24. A. Steve received this message because the USB drive has both fast and slow memory. ReadyBoost is able to use only the fast memory in a USB drive to boost system performance. If the drive has fast memory only, he would not receive this message, so answer B is incorrect. If the drive has slow memory only, he would be unable to use it at all and would receive a different message, so answer C is incorrect. The drive exceeds the minimum of 256MB required for use with ReadyBoost, so answer D is incorrect. For more information, see the section, “Windows ReadyBoost,” in Chapter 8. 25. D. Sharon should back up all her files. She should then boot her computer from the Windows XP Professional CD-ROM, format the partition containing Vista, and reinstall Windows XP. This is the

683

Answers to Practice Exam only way she can take her computer back to running Windows XP. Sharon cannot use the Winnt32.exe command because this command is used only for upgrading an older Windows version such as Windows 2000 to Windows XP and not for downgrading a newer Windows version such as Vista, so answer A is incorrect. Unlike Windows XP, Vista does not offer an Uninstall option in the Control Panel Programs applet, so answer B is incorrect. System Restore can restore her computer to an earlier point in time, but only within Vista. It cannot be used to restore Windows XP, so answer C is incorrect. For more information, see the sections, “Upgrading the Computer to Windows Vista,” in Chapter 3 and “Troubleshooting Startup Issues,” in Chapter 4. 26. B. You should right-click the news feed gadget and choose Opacity and then increase the opacity level to 100 percent. Windows Sidebar offers the option to reduce the opacity of gadgets and enable anything hidden beneath them to become visible. In this case, you do not want this to occur so that Brian is able to see the headlines clearly. The Bring Gadgets to Front option places the gadgets above other screen items but does not improve visibility if the opacity is set to less than 100 percent, so answer A is incorrect. The Ease of Access Center enables you to select a desktop scheme for vision-impaired users but also does not improve visibility if the opacity is set to less than 100 percent, so answer C is incorrect. Reducing the number of headlines does not affect their visibility, so answer D is incorrect. For more information, see the section, “Windows Sidebar Gadgets,” in Chapter 7. 27. A. SIM enables you to create answer files from information included in a Windows image (.wim) file and a catalog (.clg) file. The answer file created by SIM is named Unattend.xml, and you should copy this file to a floppy disk and insert the disk after the computer to be installed with Vista has booted from the DVD-ROM. Windows XP and older operating systems used the answer file named Unattend.txt. This file is not used with Vista, so answers B and D are incorrect. Sysprep.exe is used to create an image of a Vista installation for deployment to other computers. It is not used to create answer files, so answers C and D are incorrect. For more information, see the section, “Creating an Answer File,” in Chapter 2. 28. C. For the Offline Files feature to function properly, users must have the permission to write new files to the folder and to create new subfolders. The Write permission provides this functionality. You would select the local Users group because the Domain Users global group is automatically made a member of all the Users groups. Answer A is incorrect because you cannot convert a file system back to FAT32. In addition, Offline Files requires the file system to be NTFS. Answer B is incorrect because laptops do not support dynamic disks. Answer D is incorrect because you do not want to grant any domain global groups permissions—the correct procedure is to grant permissions to local groups and place the global groups in the local groups as needed. For more information, see the sections, “Belonging to a Windows Server Domain,” in Chapter 5 and, “Synchronizing with Network Folders,” in Chapter 9. 29. A. Jason should run the Windows Vista Upgrade Advisor. This tool generates reports describing hardware and software components that may not be compatible with Windows Vista, thereby alerting him to problems that might occur when he upgrades his computer. The Windows Vista Program Compatibility Wizard enables Jason to configure older programs to work properly with Vista after he has upgraded, so answer B is incorrect. The Windows Vista Easy Transfer Wizard is used to transfer files and settings from an older computer to a new Vista computer, so answer C is incorrect. While he can upgrade drivers from Device Manager in Windows XP, he might still have

684

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring other compatibility issues that would be divulged when running the Upgrade Advisor, so answer D is incorrect. For more information, see the section, “Vista Upgrade Advisor,” in Chapter 3. 30. B. Heather should designate the external monitor as the primary display. By default, the built-in display is designated as the primary display, but Heather can change this from the Display Properties dialog box. If she mirrors her desktop to the external monitor, the Start button and taskbar would appear on both monitors, and the built-in display would not function as a secondary display, so answer A is incorrect. If she shows her desktop on the external monitor only, the builtin display again would not function as a secondary display, so answer C is incorrect. It is not possible to drag the Start button or the desktop to the external display; this is possible only for program and Explorer windows, so answer D is incorrect. For more information, see the section, “External Monitors,” in Chapter 9. 31. C and D. Windows Defender provides two methods that you can use to prevent alerts from happening with desirable programs such as the CAD program in this scenario. You can add the folder containing the program to the list in the Do Not Scan These Files or Locations section under Advanced Options in the Options page. Alternately, when an alert appears, you can select the program and click Always Allow. The program will not appear in the list of quarantined items unless it has been quarantined; furthermore, removing it from this list will not prevent future alerts from appearing, so answer A is incorrect. The Allowed Items page only displays allowed programs and enables you to remove programs from the list; it does not have an Add option, so answer B is incorrect. For more information, see the section, “Scanning for Malicious Software,” in Chapter 5. 32. D. The problem was due entirely to a misconfigured default gateway address. When the default gateway address is incorrect, the data that is transmitted to the network does not have a path to exit to other subnets. The Ipconfig output confirms that the default gateway address is not the same as the router’s address for subnet A. The output also confirms that the error is not caused by name resolution or a router misconfiguration. Answers A and B are wrong because the data revealed that there was a problem with the IP configuration. Answer C is incorrect because the subnet mask was correct and does not need to be changed. For more information, see the section, “Using TCP/IP Utilities to Troubleshoot TCP/IP,” in Chapter 6. 33. D. You can configure the APP application to start in a lower priority and take less processing power by editing the shortcut on the Start menu to have a low priority. Answers A and B are wrong because you do not want to change the performance management of the entire computer based on the poor performance of one application. Answer C is wrong because Realtime mode takes up even more processing power, plus it can cause a computer crash. Answer E is wrong because the /Min switch minimizes the application window while the application is running, which does not affect the processor usage. For more information, see the section, “Configuring Application Priority,” in Chapter 8. 34. C. You should click the down arrow next to the Search area in the Internet Explorer address bar. From the menu displayed, select the desired search provider. This procedure changes the search provider for the duration of the current Internet Explorer session, after which it reverts to the default you have configured. The Settings button on the Privacy tab of the Internet Options dialog box enables you to configure the pop-up blocker and not the search provider, so answer A is incorrect. Selecting a search provider by either clicking Settings from the Search section of the General

685

Answers to Practice Exam tab or clicking Change Search Defaults from the Tools menu changes the search provider permanently, so answers B and D are incorrect. For more information, see the section, “Customizing Search Providers,” in Chapter 4. 35. A. Sheila should instruct the users to run the ipconfig /flushdns and ipconfig /registerdns commands. The ipconfig /flushdns command flushes the contents of the DNS cache, and the ipconfig /registerdns command renews all adapters’ DHCP leases and refreshes the DNS configuration. It is probable that the users’ computers have cached the old IP address of Server1 and are hence unable to locate this computer, so running these commands flushes the cache and loads new DNS information that contains the new IP address of Server1. The ipconfig /release and ipconfig /renew commands release and renew IP address leases for the client computers. The ipconfig /displaydns command displays the contents of the DNS cache. The nbtstat -R command displays NetBIOS name resolution statistics. The nslookup command accesses the DNS server and displays information records on this server. None of these commands obtain IP address information for Server1, so answers B, C, D, and E are incorrect. For more information, see the section, “Using TCP/IP Utilities to Troubleshoot TCP/IP,” in Chapter 6. 36. B and D. You should attach the card reader first. When you do this, the Found New Hardware Wizard should start, and you should then insert the CD-ROM and follow the instructions provided by the wizard to install the drivers and support applications. You should not install the drivers and applications first, so answer A is incorrect. It is not necessary to access Device Manager to install the drivers and applications, so answer C is incorrect. You should attach the card reader before inserting the CD-ROM, so answer E is incorrect. For more information, see the section, “Managing and Troubleshooting Drivers and Driver Signing,” in Chapter 2. 37. A. You should select the check box labeled Apply Default Actions to Items Detected During a Scan. This option automatically removes spyware or other types of malware at the conclusion of a scan. The check box labeled Check for Updated Definitions Before Scanning ensures that Windows Defender is up-to-date with regard to spyware definitions. While this check box should be selected, it does not remove malicious software automatically, so answer B is incorrect. If you choose Ignore from the Default Action list for low alert items, Windows Defender will ignore all low alert items, which is not the recommended action, so answer C is incorrect. If you choose Full System Scan from the Type of Scan drop-down list, more locations will be scanned than stated in the requirements, so answer D is incorrect. For more information, see the section, “Configuring Windows Defender Actions,” in Chapter 5. 38. D. You should upgrade your home computer to Vista Ultimate. Although Vista Home Premium contains a large range of features suitable for advanced home users wanting full media capabilities, it does not include business-oriented features such as Remote Desktop. Remote Assistance is designed to allow expert users to assist novices in the use of their computers. It does not enable you to work on your remote office computer, so answer A is incorrect. Enabling Remote Administration also does not enable you to access your remote office computer, so answer B is incorrect. Microsoft does not support an upgrade path to Windows Vista Business from Vista Home Premium, so answer C is incorrect. For more information, see sections, “Windows Vista Editions,” in Chapter 1, “Upgrading from One Edition of Windows Vista to Another Edition,” in Chapter 3, and “Remote Desktop,” in Chapter 6.

686

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring 39. C. You can encrypt the contents of the Clients folder by using the cipher /e command. To ensure that other tax preparers can use the files, you must add each preparer’s file encryption certificate to the Encryption attributes options. Answer A is wrong because that would render users incapable of accessing the resources. Answer B is wrong because it would render the computer fully open to anyone who happened to pass by and log on. Answer D is incorrect because the /d switch causes files to be decrypted rather than encrypted. For more information, see the section, “Encrypting Files,” in Chapter 8. 40. B. You should use email to distribute the invitation file to the Toronto office. When you post an invitation to the People Near Me location, it is available to all users on the same subnet but not other subnets. Answer A is incorrect because users in Toronto are able to see other meetings, so Windows Firewall must be configured properly. Answer C is incorrect because the Invite People Near Me list contains only those who are signed in to the People Near Me application, so the invitation would not reach others who are needed. Answer D is incorrect because this option must already have been selected or people in San Francisco would have been unable to see the invitation. For more information, see the section, “Running Meetings,” in Chapter 7. 41. C. You should configure computers on the network with site local unicast IPv6 addresses. These addresses are equivalent to the private IPv4 addresses and are used for communication between nodes located in the same site. This provides addresses that are private to an organization but unique across all the organization’s sites. Global unicast addresses are globally routable Internet addresses that are equivalent to the public IPv4 addresses. They are not private, so answer A is incorrect. Link local unicast addresses are equivalent to APIPA-configured IPv4 addresses and are used on networks without a DHCP server, so answer B is incorrect. Multicast addresses provide interfaces to which packets are delivered to all network interfaces identified by the address. This is not appropriate, so answer D is incorrect. Anycast addresses are only utilized as destination addresses assigned to routers, so answer E is incorrect. For more information, see the section, “Types of IPv6 Addresses,” in Chapter 6. 42. A. You can restart the computer with the Last Known Good Configuration. The Last Known Good Configuration can be used because John didn’t log on after the Stop error. Answers B, C, and D are wrong because they all require more time and effort than using the Last Known Good Configuration. For more information, see the section, “Last Known Good Configuration,” in Chapter 4. 43. B. Lisa should turn off the Windows Media Player gadget in Windows SideShow. Windows SideShow enables the use of an auxiliary display in a portable computer lid or an external device such as a cell phone to perform basic functions such as displaying email alerts and so on by means of small utilities known as gadgets. Windows Sidebar also uses gadgets but only on the computer itself, so answer A is incorrect. The Power Settings dialog box provides advanced configuration of power plan options but does not include the capability to turn gadgets off, so answer C is incorrect. This use of the cell phone does not involve a sync partnership, so answer D is incorrect. For more information, see the section, “Windows SideShow,” in Chapter 9. 44. D. You should ask the receptionists to publish their calendars to a shared folder location. Windows Calendar allows you to share and publish calendars, and others can subscribe to the published calendars so that they know each others’ planned activities. It is not necessary to ask them to create a common calendar because Windows Calendar enables you to publish calendars, so answer A is

687

Answers to Practice Exam incorrect. Having users log on as each other requires that they share passwords and creates a serious security risk, so answer B is incorrect. It is not necessary to create a new user account because you can publish calendars. Furthermore, this would also create a security risk, so answer C is incorrect. For more information, see the section, “Sharing Calendars,” in Chapter 7. 45. C and F. You can upgrade computers running Windows XP Home Edition and Windows Vista Home Basic to Windows Vista Home Premium without the need to reinstall all applications and user settings. Answers A, B, D, and E are wrong because all other computers listed in this question require a clean install of Vista, which requires that applications and user settings be reinstalled. For more information, see the sections, “Upgrading to Windows Vista from a Previous Version of Windows,” and “Upgrading from One Edition of Windows Vista to Another Edition,” in Chapter 3. 46. B and E. To delete passwords, cookies, and form data that you have stored on the computer, you should access the Delete Browsing History dialog box and click Delete All. You can reach this dialog box either from the General tab of the Internet Options dialog box or from the Tools menu in Internet Explorer 7. Then to clear automatically completed names and passwords, you should access the Content tab of the Internet Options dialog box. Click Settings in the AutoComplete section, and then clear the check box labeled User Names and Passwords on Forms. The Temporary Internet Files and History Settings dialog box does not have an option for deleting browsing history, so answer A is incorrect. Clearing the check box labeled Turn on Feed Reading Now stops the downloading of RSS feeds but does not remove stored passwords, so answer C is incorrect. Changing the security level for the Internet zone to High also does not remove stored passwords, so answer D is incorrect. For more information, see the section, “Customizing Internet Explorer,” in Chapter 4. 47. A. You should change the behavior of the Elevation Prompt for Administrators in Admin Approval Mode setting to Elevate Without Prompting. This setting is found in the Local Security Policy console. By selecting the Elevate Without Prompting option, you can prevent the UAC prompt from appearing when Wendy makes administrative changes to her computer. Changing the behavior of the Run All Administrators in Admin Approval Mode setting would disable the appearance of all UAC prompts. This would reduce security on the computer by enabling rogue programs to install or run without displaying a UAC prompt, so answer B is incorrect. Adding Wendy’s user account to the Domain Admins group would give her unnecessary privileges across the network; furthermore, it would not prevent the UAC prompt from appearing in these circumstances, so answer C is incorrect. Selecting the Run as Administrator check box would always cause the programs to display a UAC prompt, so answer D is incorrect. For more information, see the section, “User Account Control Policies,” in Chapter 5. 48. D. You should enable the Password Protected Sharing option. This option increases security by limiting access of shared files and printers to only those who have a user account and password on your computer. Vista allows you to specify the usernames of users allowed to access a shared folder. However, this option does not prevent users without passwords from accessing the shared folders or the Public folder, so answer A is incorrect. The Public Folder Sharing option enables others on the network to access files in your Public folder. This option does not prevent users without passwords from accessing the Public folder, so answer B is incorrect. The Network Discovery option enables your computer to locate other computers and devices on the network and other computers to locate yours. Disabling this option would prevent users from accessing shares on

688

MCTS 70-620 Exam Prep: Microsoft Windows Vista, Configuring your computer, so answer C is incorrect. For more information, see the section, “Using the Network and Sharing Center to Configure File Sharing,” in Chapter 6. 49. B. You should select SIM so that you can create an answer file and then deploy a scripted installation. Answer A is wrong because you don’t have access to a server; you cannot use WDS. Answer C is wrong because you don’t have access to third-party tools; you should not use Sysprep. Answer D is wrong because you were not given a DVD to use; you cannot use the unattended installation using a DVD. For more information, see the section, “Using Windows System Image Manager to Create Unattended Answer Files,” in Chapter 2. 50. E. The Import option in the File menu enables you to import contacts, messages, and account settings from another program including Outlook. You should select Messages, specify the required format, click Next, and confirm the location displayed or type the proper location. The Tools menu enables you to import account information but not messages, so answer A is incorrect. The Messages menu does not have an Import option, so answers B and C are incorrect. You should import messages and not email accounts, so answer D is incorrect. For more information, see the section, “Configuring Mail Options,” in Chapter 7.

PART III

Appendixes What’s on the CD-ROM Glossary

This page intentionally left blank

APPENDIX

What’s on the CD-ROM The CD-ROM features an innovative practice test engine powered by MeasureUp™, giving you yet another effective tool to assess your readiness for the exam.

Multiple Test Modes MeasureUp practice tests can be used in Study, Certification, or Custom Mode.

Study Mode Tests administered in Study Mode allow you to request the correct answer(s) and explanation to each question during the test. These tests are not timed. You can modify the testing environment during the test by selecting the Options button. You can also specify the objectives or missed questions you want to include in your test, the timer length, and other test properties. In Study Mode, you receive automatic feedback on all correct and incorrect answers. The detailed answer explanations are a superb learning tool in their own right.

Certification Mode Tests administered in Certification Mode closely simulate the actual testing environment you will encounter when taking a licensure exam and are timed. These tests do not allow you to request the answer or explanation to each question until after the exam.

692

Appendix: What’s on the CD-ROM

Custom Mode Custom Mode allows you to specify your preferred testing environment. Use this mode to specify the categories you want to include in your test, timer length, number of questions, and other test properties. You can modify the testing environment during the test by selecting the Options button.

Attention to Exam Objectives MeasureUp practice tests are designed to appropriately balance the questions over each technical area covered by a specific exam. All concepts from the actual exam are covered thoroughly to ensure that you’re prepared for the exam.

Installing the CD System Requirements: . Windows 95, 98, Me, NT 4, 2000, XP, or Vista . 7MB disk space for testing engine . An average of 1MB disk space for each individual test . Control Panel Regional Settings must be set to English (United States) . PC only

To install the CD-ROM, follow these instructions: 1. Close all applications before beginning this installation. 2. Insert the CD into your CD-ROM drive. If the setup starts automatically, go to

step 6. If the setup does not start automatically, continue with step 3. 3. From the Start menu, select Run. 4. Click Browse to locate the MeasureUp CD. In the Browse dialog box, from the

Look In drop-down list, select the CD-ROM drive. 5. In the Browse dialog box, double-click Setup.exe. In the Run dialog box, click OK

to begin the installation. 6. On the Welcome screen, click MeasureUp Practice Questions to begin installation.

693

Creating a Shortcut to the MeasureUp Practice Tests 7. Follow the Certification Prep Wizard by clicking Next. 8. To agree to the Software License Agreement, click Yes. 9. On the Choose Destination Location screen, click Next to install the software to

C:\Program Files\Certification Preparation. If you cannot locate MeasureUp Practice Tests on the Start menu, see the section titled “Creating a Shortcut to the MeasureUp Practice Tests,” later in this appendix. 10. On the Setup Type screen, select Typical Setup. Click Next to continue. 11. In the Select Program Folder screen, you can name the program folder where your

tests will be located. To select the default, simply click Next and the installation continues. 12. After the installation is complete, verify that Yes, I Want to Restart My Computer

Now is selected. If you select No, I Will Restart My Computer Later, you cannot use the program until you restart your computer. 13. Click Finish. 14. After restarting your computer, choose Start, (All) Programs, Certification

Preparation, Certification Preparation, MeasureUp Practice Tests. 15. On the MeasureUp Welcome Screen, click Create User Profile. 16. In the User Profile dialog box, complete the mandatory fields and click Create

Profile. 17. Select the practice test you want to access and click Start Test.

Creating a Shortcut to the MeasureUp Practice Tests To create a shortcut to the MeasureUp Practice Tests, follow these steps: 1. Right-click on your desktop. 2. From the shortcut menu, select New, Shortcut. Or, click Start, (All) Programs,

Certification Preparation, Certification Preparation. Then right-click MeasureUp Practice Tests and drag this item to the desktop. From the shortcut menu, select Create Shortcuts Here.

694

Appendix: What’s on the CD-ROM 3. Browse to C:\Program Files\MeasureUp Practice Tests and select the

MeasureUpCertification.exe or Localware.exe file. 4. Click OK. 5. Click Next. 6. Rename the shortcut MeasureUp. 7. Click Finish.

After you complete step 7, use the MeasureUp shortcut on your desktop to access the MeasureUp products you ordered.

Technical Support If you encounter problems with the MeasureUp test engine on the CD-ROM, please contact MeasureUp at (800) 649-1687 or email [email protected]. Support hours of operation are 7:30 a.m. to 4:30 p.m. EST. In addition, you can find Frequently Asked Questions (FAQ) in the Support area at www.measureup.com. If you would like to purchase additional MeasureUp products, call (678) 356-5050 or (800) 649-1687, or visit www.measureup.com.

Glossary A Accelerated Graphics Port (AGP) A graphics interface specification that provides enhanced 3D video support. access control The granting and denial of rights to configure what level of authorization has been allowed. Active Directory A directory service supported by Windows 2000 and newer Windows operating systems that allows any network object to be tracked and located. active partition A partition or volume on a hard disk that has been identified as the primary partition from which the operating system is booted. activity report A feature of Windows Vista Parental Controls that provides a list of websites visited, programs accessed, games played, or other functions performed by a child or other user for which you have enabled Parental Controls. add-ons Optional additional features that can be installed in Internet Explorer and provide enhanced functionality. Websites often download and install add-ons to your browser, sometimes without your knowledge and consent. administrator 1. A person whose responsibilities include managing computers or networks. Often called a system administrator or network administrator. 2. The name of the Windows user with the most rights.

696

Admin Approval mode

Admin Approval mode The default action mode of Windows Vista, in which all user accounts, even administrative ones, run without administrative privileges until such privileges are required. When this happens, the user is presented with a UAC prompt. Advanced Configuration and Power Interface (ACPI) A standard applicable to BIOSs that regulates the power configuration of devices within a computer. Advanced Encryption Standard (AES) An encryption algorithm that uses 128-bit to 256-bit keys to encrypt and decrypt data using multiple encryption rounds that create a high level of data security. Aero The new desktop scheme supported by all editions of Windows Vista. Aero Glass The enhanced version of Aero supported by all editions of Windows Vista except Home Basic. It includes advanced features such as translucent title bars, the Windows Flip 3D feature, and an improved taskbar that displays thumbnail views of tasks running on the computer. alert A notification provided by the Data Collector Sets feature of Performance Monitor that informs you when the value of a counter has exceeded a preconfigured level. answer file An ASCII text file that contains answers, in script form, to questions asked by the Windows Vista Setup Wizard during unattended installations. This file, often called Autounattend.xml, enables installation of Windows Vista to proceed without requiring users to answer questions during the installation.

anycast IPv6 address A type of IPv6 address that is only utilized for a destination address assigned to a router. application compatibility The process of ensuring that a program or application written for a previous Windows operating system will function properly within Windows Vista. attended installation Manual installation that requires a person to answer questions throughout the setup process. Automatic Private IP Addressing (APIPA) The dynamic IPv4 addressing system used when DHCP is unavailable.

B backup The creation of a copy of programs or data on the computer as a protection against some type of disaster. Backup and Restore Center A new application in Windows Vista that provides a centralized location and wizards for performing various types of backup and restore procedures. Basic Input/Output System (BIOS) The firmware application encoded in a computer that initializes the computer before the operating system is loaded. The BIOS manages basic hardware configuration. basic disk A disk partitioning scheme that uses partition tables supported by DOS and many other operating systems, containing primary partitions, extended partitions, and logical drives.

697

Control Panel

battery meter A small application that runs on mobile computers and displays the percentage of battery power remaining, as well as the power plan currently in use.

client-side caching (CSC) The storing of data within specified shared files and folders so that the client computer can access the data when not connected to the server.

BitLocker A new feature of Windows Vista Enterprise and Ultimate that enables you to encrypt the entire contents of your system partition. It is useful for protecting data stored on computers such as laptops that are susceptible to theft.

cloning The act of creating an image of a Windows Vista computer containing a preloaded set of applications and settings so that this image can be deployed onto multiple computers. Vista provides the Sysprep tool to assist you in cloning a computer.

Blue Screen of Death (BSOD) An error screen displayed by Windows Vista and older Windows versions when it encounters a Stop error that it cannot recover from.

command switch The optional parameters following a command-line utility that may change or focus its function. For example, the /? command switch often provides help information for a command.

burn The act of recording data, music, videos, or other items to a recordable CD or DVD.

C cache 1. A space on the computer’s hard disk that is set aside for holding offline copies of shared files and folders from a computer on the network. 2. An additional memory chip embedded in a portable computer’s auxiliary display, which stores information that can be displayed by Windows SideShow even when the computer is turned off. certification authority (CA) A server that provides encoded certificates to valid users and objects. Classless Inter-Domain Routing (CIDR) A flexible method of stating IP addresses and masks without needing to classify the addresses. An example of the CIDR format is 192.168.1.0/24.

compatibility mode A feature of Windows Vista that enables it to run programs written for an older version of Windows. compression Reducing a file’s size through use of a special algorithm to save space on a hard disk. Computer Management console An application that provides access to several of the most commonly used administrative tools such as Task Scheduler, Event Viewer, Local Users and Groups, Reliability and Performance Monitor, Device Manager, Services, and several others. Content Advisor A component of Internet Explorer that enables you to control what Internet content users can view on a Windows Vista computer. Control Panel A group of applications used to configure a Windows Vista computer.

698

credentials

credentials The information provided by a user or computer to gain access to another network resource. Credentials include usernames, passwords, certificates, and other personal identification information.

D data collector sets A component of the Reliability and Performance Monitor that records computer performance information into log files. This feature was known as Performance Logs and Alerts in Windows 2000/XP/Server 2003. data recovery agent Users with file encryption certificates who have been designated the right to decrypt users’ encrypted files in case the user’s file encryption certificate is damaged or lost. decryption Unscrambling the data in an encrypted file through use of an algorithm so that the file can be read. default gateway The term applied to the router that leads to other networks. Also known as Disk Defragmenter, a command-line utility that rearranges files contiguously, recapturing and reorganizing free space in the volume. Defrag optimizes the performance of a computer.

Defrag.exe

deployment The act of installing Windows Vista of another operating system on a large group of computers using automated techniques such as Sysprep or Windows Deployment Services (WDS). Can also refer to the installation of applications such as Microsoft Office on a group of computers.

device driver The specialized software component of an operating system that interfaces with a particular hardware component. Device Manager A tool from which you can manage all the hardware devices on your computer. It enables you to view and change device properties, update or roll back drivers, configure settings, and remove devices. differential backup A type of Windows backup that backs up all files and folders that have changed since the last normal backup. It does not remove the archive bit; consequently this backup type accumulates all changes that have occurred since the last normal backup. Should you need to restore data, restore the last normal backup plus the last differential backup. disk quotas A system of space limits for users on a volume formatted with NTFS. This is set up to ensure that all users have available space on which to store their files, preventing one user from using all the available space. domain A group of networked computers that share a common address. A domain is also the foundation of Active Directory, in which all networking objects are stored. Domain Name System (DNS) A hierarchical naming system that is contained in a distributed database. DNS provides name resolution for IP addresses and DNS names. driver signing The digital signature that Microsoft adds to a third-party device driver to validate its usage.

699

FireWire

dual-boot The capability to boot two or more operating systems on a single computer, created by installing each operating system on a different disk partition. Dynamic Host Configuration Protocol (DHCP) The protocol in the TCP/IP protocol stack that negotiates the lease of an IP address from a DHCP server. dynamic disk A disk partitioning scheme supported by Windows 2000/XP/Vista as well as Windows Server 2003/2008 that contains dynamic volumes. dynamic volume A volume on a dynamic disk that can be spanned, mirrored, striped, or striped with parity.

E Encrypting File System (EFS) An advanced attribute setting of Windows 2000/XP/Vista and Windows Server 2003/2008 for files and folders on an NTFS-formatted volume that provides certificate-based public key security for those files and folders. EFS encrypts and decrypts files in a manner that is transparent to users. encryption Scrambling and rearranging data in a file through use of an algorithm so the file cannot be read. Event Viewer A Windows Vista snap-in that enables an administrator to view and/or archive event logs such as the operating system, application, setup, and security logs. extended partition One of the primary partitions that can be divided into multiple logical drives.

Extensible Authentication Protocol (EAP) A general authentication protocol developed for PPP. EAP can be used with IEEE 802 and is capable of heading other authentication protocols, so it improves interoperability between RAS systems, RADIUS servers, and RAS clients. Used with MD5-Challenge, smart cards, and certificate authentication in Windows Vista.

F File Allocation Table (FAT) The file system that provides a map of the disk clusters within an allocation table. Files that are written to the disk are not necessarily stored in contiguous clusters, which can vary in size. FAT, the 16-bit version, is the most widely supported file system and the ideal choice for dual-boot machines. The 32-bit version of FAT is available only on Windows 95 OSR2 and later versions. file systems The overall structure of an operating system, in which files are named, organized, and stored. FAT and NTFS are types of file systems. FireWire Also known as IEEE 1394. FireWire is a fast external bus technology that allows for 800Mpbs data transfer rates and can connect up to 63 devices. FireWire devices, although conforming to standards that Windows Vista uses, usually require software from the manufacturer to utilize the specialized capabilities of the hardware.

700

forest

forest A logical grouping of domains that share a common schema, configuration, and global catalog. All domains are connected by means of two-way transitive trust relationships. A forest contains one or more Active Directory trees, which are groups of domains that share a contiguous namespace.

G gadget A mini-application that displays information to the Windows Sidebar. Common gadgets include the analog clock, news feeds, weather, and a slide show. Also used with the Windows SideShow application on a portable computer equipped with an auxiliary display. gateway A node (or computer) on a network through which a local computer sends all data meant for other networks. global unicast IPv6 address An IPv6 address that uses a global routing prefix of 45 bits to identify a specific organization’s network, a 16-bit subnet ID, and a 64-bit interface ID. These addresses are globally routable on the Internet and are equivalent to public IPv4 addresses. Group Policy object (GPO) An object that contains settings and configuration information that is attached to a container such as a site, domain, or OU in Active Directory. Settings in the GPO are applied to all the associated container’s objects. Group policy A method of applying configuration settings to computer and user objects in a Windows Vista computer or an Active Directory domain.

H handout A text or graphics file that is shared among participants in a meeting conducted using Windows Meeting Space. Handwriting Recognizer A Tablet PCbased application that trains your computer to recognize your specific handwriting style, thereby enabling translation of information written with the digital pen onto the Tablet PC screen into typed text. Hardware Compatibility List (HCL) A vendor list of all hardware deemed compatible with certain Windows operating systems. The HCL has been replaced with the Windows Catalog for Windows XP and Windows Server 2003 and by the Windows Logo Program for Windows Vista and Windows Server 2008. hardware profiles Information that describes a computer’s hardware configuration, including devices that are enabled under different conditions. hibernation A condition in which your computer saves everything to the hard disk and then powers down. When you restart your computer from hibernation, all open documents and programs are restored to the desktop. hidden or administrative shares A shared folder that does not broadcast its presence and is not browsable in My Network Places. A hidden share is indicated by a dollar sign ($) at the end of the folder name. host A computing device that has been assigned an IP address.

701

Ipconfig

hotfix A package of one or more files for correcting a specific problem (often related to security) with Windows or a component application that has been reported to Microsoft. HyperText Transfer Protocol (HTTP) The protocol in the TCP/IP suite that enables the sharing of information across the Web. HyperText Transfer Protocol Secure (HTTPS) A protocol that enables secure transactions across the Web. By convention, URLs that require an SSL connection start with https: instead of http:.

I incremental backup A type of Windows backup that backs up all files and folders that have changed since the last normal backup and removes the archive bit. This backup type is the fastest one to perform but requires that you restore all incremental backups in sequence since the last normal backup. Infrared Data Association (IrDA) A specification that allows a computer or peripheral device to use infrared communication to create a connection. instance One of a group of performance objects that represents multiple occurrences of the same object, such as processors in a multiple processor computer or hard disks in a computer with more than one hard disk. Integrated Drive Electronics (IDE) An electronic interface for connecting to storage devices.

Internet Connection Sharing (ICS) The simplified system of routing Internet traffic through a Windows Vista computer so other computers on the network that are not connected to the Internet can access the Internet. Internet Protocol Security (IPSec) An encryption and authentication protocol that is used to secure data transmitted across a network. It is used with L2TP to create a VPN tunnel. Internet search providers Companies such as Microsoft Live Search, Google, Yahoo!, and so on, that compile lists of websites and pages available on the Internet to facilitate the location of all types of information. IP address A logical 32-bit address that is used to identify both a host and a network segment. Each network adapter on an IP network requires a unique IP address. IP version 4 (IPv4) The version of the Internet Protocol that has been in use for many years and provides a 32-bit address space formatted as four octets separated by periods. IP version 6 (IPv6) A newer version of the Internet Protocol that provides a 128-bit address space formatted as eight 16-bit blocks, each of which is portrayed as a 4digit hexadecimal number and is separated from other blocks by colons. The command-line utility that provides detailed information about the IP configuration of a Windows Vista computer’s network adapters.

Ipconfig

702

Last Known Good Configuration

L

M

Last Known Good Configuration A Registry configuration that contains the settings utilized for the last successful logon. If reconfigured settings prevent your computer from proper startup, you can press F8 during startup and access Last Known Good Configuration to remove the improper settings.

malware Malicious software that is created to cause harm to a computer.

Layer 2 Tunneling Protocol (L2TP) A protocol that is used to create VPN tunnels across a public network. This protocol is used in conjunction with IPSec for security purposes. link local IPv6 address A type of IPv6 address used for communication between neighboring nodes on the same link. Equivalent to IPv4 addresses configured using APIPA. Local group A group that is configured on the local computer only. It can contain user accounts from its own computer, as well as user accounts and groups from a domain to which the computer belongs. Local groups are used to define access permissions to resources on the local computer only. Local User profile The collection of Registry settings and files associated with a user’s desktop interface that is created the first time a user logs on to a computer. This profile is stored on the local hard disk. Local Security Policy The security-based Group Policy settings that apply to a local computer and its local users. logical drive A segment of the extended partition that can be assigned a separate drive letter.

memory leak A programming bug that prevents an application from freeing memory that’s no longer needed, eventually causing the program or operating system to run out of memory and terminate. mirroring A method of duplicating data between two separate hard disks so that the failure of one disk will not cause the operating system to fail. Mirroring is available only in server operating systems such as Windows 2000 Server and Windows Server 2003/2008. Mobile PC Control Panel A Control Panel category that appears only on notebook and laptop computers and contains links to applets that perform many of the configuration activities associated with portable computing. The command that opens the System Configuration Utility, which you can use to perform actions such as modifying the startup scheme, the default operating system that boots on a dual-boot computer, services that are enabled, and startup programs that run automatically. You can also launch several computer management tools from this utility.

Msconfig

The file extension for an application that uses Windows Installer.

.msi

The command that opens the System Information program.

Msinfo32

The file extension for a transform file that performs a scripting-like function for a Windows Installer package.

.mst

703

Parental Controls

multicast IPv6 address An IPv6 address that enables the delivery of packets to each of multiple interfaces.

offline folder The shared folder that has been cached on the client so that it is available when the server computer is not available to the client.

N

organizational unit (OU) The container in the hierarchy somewhere below the Domain container object in Active Directory that can hold other containers, user objects, computer objects, or other objects representing network resources.

Network and Sharing Center A new feature of Vista that provides a centralized location from which you can manage all networking tasks such as connecting to networks and the Internet and sharing of files and folders with users at other computers. New Technology File System (NTFS) The file system originally provided with Windows NT that supports volume mounting, compression, encryption, and security. normal backup A type of Windows backup that backs up all selected files and removes the archive bit, thereby indicating that the files have been backed up. Such a backup is the most complete backup and provides the fastest means of restoring data. Also called full backup. NTFS permissions The security feature available in NTFS that allows you to grant or deny local access rights.

O object In Reliability and Performance Monitor, a hardware or software component for which performance data can be collected. offline files A feature built into Windows 2000/XP/Vista that enables you to cache locally stored copies of shared files and folders so that you can work with them while offline and resynchronize your changes when you go back online.

Out-of-Box Experience (OOBE) The dialog box that starts after Windows is installed to introduce a new user to Windows Vista.

P Packet InterNet Groper (PING) A diagnostic tool in the TCP/IP protocol suite that uses an echo command to determine whether another computer with an IP address is reachable. paging The act of copying pages from a storage device, such as a hard drive, to main memory. This technique helps to ensure that data is quickly accessible. paging file Virtual memory stored on disk that enables Windows Vista to run more applications at one time than would be allowed by the computer’s physical memory (RAM). Parental Controls A new feature of Windows Vista that you can configure to limit the actions that a user such as your child can perform on the computer. You can limit the websites the user can access, the programs or games he can run, and the times he can be logged on to the computer.

704

partition

partition A configured section of a basic disk that is capable of being formatted with a file system and identified with a drive letter. patch Software designed to update or correct a problem with Windows or a component program. Microsoft generally distributes patches on the second Tuesday of each month. pen flicks Actions you can perform with the digital pen on a Tablet PC computer that enable you to rapidly navigate menus and shortcuts. You can also perform editing actions such as cut, copy, paste, and delete, as well as other customized activities. performance counter A statistical measurement associated with a performance object such as %disk time, queue length, and so on. Performance Monitor A component of the Reliability and Performance Monitor that enables you to monitor your computer’s performance. performance object Hardware or software components that the Performance Monitor can use for tracking performance data. phishing The use of a fake website that closely mimics a real website and contains a similar looking URL. This site is intended to scam users into sending confidential personal information such as credit card or bank account numbers, dates or birth, Social Security numbers, and so on.

Plug and Play (PnP) A standard developed by Microsoft and Intel that allows for automatic hardware installation detection and configuration in Windows operating systems. Available in Windows 95 and more recent versions. Point-to-Point Protocol (PPP) A dialup protocol that supports TCP/IP and IPX/SPX and others with advanced compression and encryption functions. Serial Line Internet Protocol (SLIP) is an older dial-up protocol originally created for Unix and that supports only TCP/IP. Point-to-Point Tunneling Protocol (PPTP) A protocol that is used to create VPN tunnels across a public network and includes encryption and authentication. pop-up windows Additional windows displayed on your browser by some websites that present advertisements or perform other actions, mostly of an undesirable nature. Internet Explorer 7 in Windows Vista includes a pop-up blocker that blocks the appearance of such windows and provides you with an option to display them if you desire. port A location used to pass data to and from a computing device, such as an adapter card connecting a server to a network, a serial 232 port, a TCP/IP port, or a printer port. power plans A series of preconfigured power management options that control actions such as shutting off the monitor or hard disks or placing the computer in Sleep mode or hibernation.

705

Remote Assistance

Preboot Execution Environment (PXE) A bootable ROM chip contained on compatible network interface cards (NICs) that enables client computers without an operating system to boot and connect to the network for locating a WDS server. Presentation Settings A feature in Windows Vista that enables you to configure your portable computer so that it does not perform actions such as displaying certain prompts, displaying the screen saver, or entering Sleep mode while you are using your computer for a presentation. primary partition A segment of the hard disk. A maximum of four primary partitions may exist on a single disk. private key A digital code that is kept confidential and is used along with the public key to secure data. privilege

See right.

product activation A process of verifying computer information to Microsoft after installation of Windows Vista, designed to combat software piracy. Required on all Windows operating systems from Windows XP onward, as well as certain other Microsoft software such as Microsoft Office XP/2003/2007. Public Key Infrastructure (PKI) A security architecture that provides authentication and encryption services. PKI provides a public key and a private key to users, and the combination authenticates the user. public key A digital code available to everyone that is used along with a private key to secure data.

R RAID-5 A combination of disk striping with parity data interleaved across three or more disks. RAID-5 provides improved disk performance and is fault-tolerant. It is available only in server operating systems such as Windows 2000 Server and Windows Server 2003/2008. Really Simple Syndication (RSS) A method used by websites that enables you to receive up-to-date information on the Internet at times that are convenient to you. Internet Explorer 7 informs you when a website is offering RSS feeds by displaying an orange icon in the browser toolbar. Registry The database used by all 32-bit Windows operating systems that stores configuration information for each computer on which the operating system is installed. The configuration information includes hardware and software settings. Reliability Monitor A component of the Reliability and Performance Monitor that provides a trend analysis of your computer’s system stability with time. It shows how events such as hardware or application failures, software installations or removals, and so on affect your computer’s stability. Reliability and Performance Monitor A Microsoft Management Console (MMC) application that contains several tools for monitoring your computer’s performance. Remote Assistance A service available in Windows Vista that enables a user to share control of his or her computer with an administrator or other user to resolve a computer problem.

706

Remote Desktop

Remote Desktop A service available in Windows Vista Business, Enterprise, or Ultimate that allows a single remote control session of a computer running Windows XP or Vista. Remote Desktop uses the Remote Desktop Protocol (RDP), which is the same protocol used in Terminal Services. right The authorization to perform a system task such as changing the system time, adding workstations to a domain, and so on. rip The act of copying information from a music CD or movie DVD to your computer’s hard drive. router A device, or interface, between two networks that allows for communication between the networks. Routers can find the best route for data communication between networks. Routers also provide load balancing and other network management functions.

S

security agent A component of Windows Defender that monitors security-related actions that take place on a Windows Vista computer. These agents provide protection for your computer on a real-time basis. security identifier (SID) A unique number assigned to an object such as a user account, group account, computer account, folder, or printer in Active Directory. No two objects in the same forest may have the same SID. service pack A collection of updates and fixes to a software package, usually available via download from the Internet. Service packs are available for download from Microsoft and when using the Microsoft automated update service. Service Set Identifier (SSID) A unique configurable identification that allows clients to communicate to the appropriate base station in a wireless network that uses the 802.11 protocol.

Safe mode A method of starting Windows Vista with only the basic drivers enabled so that you can troubleshoot problems that prevent Windows from starting normally.

The application that installs Windows Vista on a new computer or updates an older Windows computer to Windows Vista. Also frequently used as a routine for installing applications.

scalability The capability to increase the number of processors in a computer (or increase other types of resources for other areas).

share permissions The security feature available when sharing files and folders across a network that allows you to grant or deny access rights to network users.

Secure Sockets Layer (SSL) A protocol used to secure data transmitted via HTTPS through the use of public key encryption.

shared folders Folders that are made available for access by users who are working at another computer on the network.

Setup.exe

sigverif.exe A program that enables a Vista user to verify the digital signature on a driver file.

707

Stop error

Site-local IPv6 address An IPv6 address that is private to the network on which it is located. This type of address cannot be accessed from locations external to its network, such as the Internet. sleep mode A condition in which the computer consumes low power but is available for use. Sleep mode saves configuration information to memory and powers down the monitor, disks, and several other hardware components. slipstreaming The act of integrating service pack files with operating system installation files so that the operating system can be installed together with the service pack in a single operation. Small Computer System Interface (SCSI) An electronic interface for connecting to storage devices and peripherals providing high-speed data transfer. smart card A credit card-sized device that stores a user’s PKI keys. smart card reader A device that attaches to a computer, usually via the USB port, that can read the information encoded in a smart card. Snipping Tool A Tablet PC component that enables you to capture items from your computer screen. You can save these items as a graphics file or paste them into documents such as Microsoft Word files. You can also highlight items or add written annotations to your captures.

Software Explorer A component of Windows Defender that enables you to view information about software programs and system state on your computer. It includes categories for startup programs, currently running programs, network connected programs, and Winsock service providers. Software Update Services (SUS) A Windows Server tool that enables client computers to receive Windows updates. This tool has been replaced with Windows Server Update Services (WSUS). Spam filter A tool built into Windows Mail that attempts to send unwanted junk email, or spam, to a Junk Mail folder. You can configure this tool to recognize mail from specific sources or countries as junk mail. Start menu The menu of programs and tools that is opened when a user clicks the Windows logo button in the bottom-left corner of the screen or presses the Windows logo key on the keyboard. Startup Repair Tool (SRT) A utility that provides a diagnostics-based, step-by-step troubleshooter that enables end users and tech support personnel to rapidly diagnose and repair problems that are preventing a computer from starting normally. Stop error An operating system failure that is severe enough to cause the computer to stop functioning. In Windows Vista and previous versions of Windows 2000/XP/Server 2003 and Windows NT, the Stop error is displayed as white text on a blue screen and is nicknamed the “blue screen of death” (BSOD).

708

striping

striping A method of segmenting data and interleaving it across multiple disks, which has the effect of improving disk performance but is not fault tolerant. subnet mask A set of numbers, 32 bits in length, that begins with 1s and ends with 0s in binary notation. The number of 1s represents the number of bits that are considered the subnet address. The bits that are 0s are the host address. Using a subnet mask, you can create more subnets with a smaller number of computers per subnet. All computers on a given subnet must have the same subnet mask. Using dotted decimal notation, a subnet mask is written as 255.255.0.0 (which is the default mask for a Class B address). Symmetrical Multi Processor (SMP) A computer that uses two (or a higher even number) processors and splits the processor usage symmetrically between them. Sync Center A program on mobile computers that synchronizes data with other network devices including servers, desktop computers, and other portable computers. synchronization conflicts Occur when two users have modified a file that is available offline at the same time and Windows detects that conflicting modifications have occurred. Vista’s Sync Center enables you to save either or both of these versions. synchronizing files The act of copying files from a shared folder on the network to an offline files cache on a computer or copying the same files back to the shared folder after a user has modified them.

System Configuration Utility A tool that enables you to perform actions such as modifying the startup scheme, the default operating system that boots on a dual-boot computer, services that are enabled, and startup programs that run automatically. You can also launch several computer management tools from this utility. Started with the Msconfig.exe command. System Image Manager (SIM) A wizard that helps you create unattended installation files, which minimizes the required amount of user interaction during an automated installation of Windows Vista. Known as Setup Manager in previous versions of Windows. System Preparation Tool (Sysprep) The utility that can be used to take a snapshot of a computer’s configuration, which you use with a cloning tool to automatically deploy Windows Vista on other computers. It automatically creates a unique SID for each computer. System Restore A troubleshooting tool that enables you to restore your computer to an earlier time at which it was operating properly. %systemdrive% The disk drive that contains the Windows operating system. In most cases, this is C:\. %systemroot% The folder that contains the Windows operating system. In most cases, this is C:\Windows.

709

User Account Control

T tabbed browsing First introduced with Firefox, a new feature of Internet Explorer 7 that enables you to display multiple web pages in a single instance of the browser. You can perform activities such as closing multiple tabs, viewing thumbnails of tabs, saving a set of thumbnails as a favorite to be opened later, and so on. Tablet PC Input Panel A Tablet PC utility that enables you to input information to the computer by using the digital pen by handwriting text or characters or by tapping keys on a virtual keyboard. take ownership (of a file or folder) The process of an administrative user taking control of a file that was created or owned by another user, and then granting rights to that file or folder as needed. Task Manager A Windows Vista administrative utility that provides data about currently running processes, including their CPU and memory usage, and enables you to modify their priority or shut down misbehaving applications. You can also manage services, including starting, stopping, enabling, and disabling them; obtain information on network utilization; and display users with sessions running on the computer. Task Scheduler A Windows Vista utility that enables you to configure applications to run at a specified time in the future. Taskbar A bar at the bottom of the Windows desktop that includes buttons for all files and applications open on the computer. Click any of these buttons to rapidly access its file or application.

transform file A file ending with an .mst extension, used by Windows Installer to customize an application’s installation. Transmission Control Protocol/Internet Protocol (TCP/IP) The suite of protocols used on the Internet for communication between computers. TCP/IP is the default protocol for Windows Vista.

U unattended installation A method of scripting the installation of Windows Vista on multiple computers so that no one need answer installation questions during the setup process. This method provides great time savings for administrators who need to install Windows Vista on multiple computers. Universal Serial Bus (USB) A technology that supports 12Mpbs data transfer rates between a computer and its peripherals (such as keyboards, mice, and modems), connecting up to 127 such peripherals simultaneously. User Account Control (UAC) A new feature in Windows Vista that enables you to work with a nonadministrative user account. UAC displays a prompt that requests approval when you want to perform an administrative task. Should malicious software attempt to install itself or perform undesirable actions, you will receive a prompt that you can use to prevent such actions from occurring.

710

virtual private network

V virtual private network (VPN) Using a protocol such as Point-to-Point Tunneling Protocol or L2TP with IPSec to tunnel through a public network to connect to a private network and maintain a secure connection. volume A logical drive that has been formatted for use by a file system. Although often considered synonymous with “partition,” a volume is most specifically a portion of a dynamic disk, or multiple sections of dynamic disks, that is capable of being formatted with a file system and being identified with a drive letter.

W-X-Y-Z Welcome Center A program that runs when you first log on to a new Windows Vista installation. The Welcome Center includes links to items that describe the most important new features of Vista. wide area network (WAN) A digital network that is dispersed across large geographical distances. Wi-Fi Protected Access (WPA) A wireless authentication protocol that uses preshared network key encryption to ensure that only authorized users receive access to the network. Windows Anytime Upgrade A program that facilitates the upgrading of one edition of Windows Vista to a higher one. It enables you to compare features of different Vista editions and purchase the upgrade online.

Windows Calendar A new calendar application that enables you to keep track of meetings and appointments. It enables you to create tasks and appointments, create alerts to remind you of scheduled items, create task lists, and share calendars with coworkers or family members. Windows Defender An application that monitors the computer against spyware and offers default remedies when it recognizes a spyware infection. Windows Deployment Services (WDS) A feature of Windows Server 2003 and 2008 that enables an automated remote installation of the Windows Vista operating system from a specially configured server. Windows DVD Maker An application that enables you to create DVDs containing videos, photos, and/or data. Windows Easy Transfer A program that facilitates the migration of user files from an old computer to a new Windows Vista computer. Windows Easy Transfer replaces the Files and Settings Transfer Wizard used with Windows XP. Windows Fax and Scan An application that enables you to send and receive faxes, scan images and documents, and share these items with others. It enables you to perform all these tasks and manage these items from a single location. Windows Firewall The personal firewall software incorporated in Windows Vista that filters incoming TCP/IP traffic. Windows Firewall was first introduced in Windows XP SP2.

711

Windows Preinstallation Environment

Windows Installer The service for Microsoft’s standard method of packaging and installing Windows applications. Windows Internet Naming Service (WINS) A system used to map NetBIOS names to IP addresses. Windows Logo Program A list compiled by Microsoft that includes all hardware components that are compatible with Windows Vista and Windows Server 2008. It replaces the older Hardware Compatibility List (HCL) and Windows Catalog used with previous Windows versions. Windows Mail An email program that includes new security capabilities such as the ability to filter junk email (spam) messages, block phishing messages, and protect against viruses. You can configure Windows Mail to digitally sign and encrypt your outgoing messages. Windows Mail replaces Outlook Express that was included in previous Windows versions. Windows Media Center A complete multimedia application included with Windows Vista Home Premium and Ultimate that lets you watch and record TV, listen to digital music, play games, listen to FM and Internet radio stations, or access content from online media services. Windows Media Player A program that provides a comprehensive feature set for managing most types of digital media such as music, photos, and videos.

Windows Meeting Space A program that enables you to conduct small meetings between users of networked computers. You can share handouts, applications, and your Windows desktop among meeting attendees, and attendees can edit handouts. Windows Mobility Center An application that runs on all Windows Vista mobile computers that provides a quick view of functions pertinent to mobile computers such as battery status, wireless network connections, sync partnerships, presentation settings, and so on. You can configure common mobile computer settings such as display settings, speaker volume, and battery status. Windows Movie Maker A new media application included with Windows Vista Home Premium and Ultimate that enables you to create, import, manage, and edit digital videos in regular or high-definition format. You can view these videos on ordinary DVD players so that you can share them with family and others. Windows Photo Gallery A new media application included with Windows Vista Home Premium and Ultimate that enables you to import photos and videos from cameras, scanners, removable media, other computers on the network, or the Internet. You can view the images, add or edit metadata, assign ratings, catalog the images to facilitate searching for them later, and burn them to CD or DVD. You can even apply simple fixes to your images. Windows Preinstallation Environment (Windows PE) A minimal 32-bit operating system based on the Vista kernel, used in the preinstallation and deployment of Vista.

712

Windows Product Activation

Windows Product Activation (WPA) A requirement to activate Windows Vista through contact with Microsoft after installation. Contact can be made via modem, Internet, or over the phone. Windows ReadyBoost A new feature of Windows Vista that enables you to use a USB flash device or a CompactFlash or Secure Digital memory card to enhance your computer’s performance without adding additional RAM. Windows ReadyDrive A new feature of Windows Vista that enables mobile computers equipped with a hybrid hard disk to achieve enhanced performance and improved battery life. Windows Sidebar A pane that appears on your desktop and includes gadgets such as a clock, mini-slide show, and news feeds. You can modify the set of gadgets that are displayed and even download additional gadgets from the Internet. Windows SideShow An application that is new to Windows Vista and enables portable computers equipped with an auxiliary display to perform actions such as alerting you to events such as incoming email, Windows Calendar events, Windows Meeting Space meeting invitations, and so on. It works by means of a cache that can store events even when the computer is turned off. Windows SuperFetch A technology that optimizes memory performance based on trends of most-used programs and data on the computer, enabling Vista to decide on which content should be loaded into RAM at a particular time.

Windows Server Update Services (WSUS) A service that can be configured to run on a server, supplying updates, hotfixes, and other patches automatically to computers on a network. WSUS enables you to deploy and manage updates that are downloaded from the Microsoft Windows Update website to WSUS servers running on your own network. Client computers simply connect to the local WSUS server to download and install updates. Formerly known as Software Update Services (SUS). Windows Update An application that enables you to maintain your computer in an up-to-date condition by automatically downloading and installing critical updates as Microsoft publishes them. Also the Microsoft website on which these updates are published. Windows Upgrade Advisor A program that you can download from Microsoft that scans your computer and advises you which components and devices you should upgrade or replace before upgrading an older computer to Windows Vista. It also alerts you to any programs that might be incompatible with Vista. Windows Vista Business An edition of Windows Vista that is designed for business users who need basic computing capabilities including features such as domain membership, advanced backup capabilities, business networking capabilities, and Remote Desktop.

713

workgroup

Windows Vista Enterprise An edition of Windows Vista that is designed for business users who need advanced computing and security functions. This edition adds features such as BitLocker drive encryption and Multi-Language User Interface (MUI) to the Vista Business feature set. Windows Vista Home Basic An edition of Windows Vista that is designed for home users who need only basic computing capabilities. It includes fundamental security capabilities such as Internet Explorer 7 and Windows Defender, as well as Windows Mail and Parental Controls. Windows Vista Home Premium An edition of Windows Vista that is designed for home users who need enhanced computing capabilities that include Windows Media Center and Mobility Center. Windows Vista Ultimate An edition of Windows Vista that combines the features of Vista Home Premium and Vista Enterprise to provide the complete experience. Wired Equivalent Privacy (WEP) A protocol that is used on 802.11-based wireless networks to encrypt data sent between computers on a wireless network or between a computer and its access point. workgroup A group of networked computers that share resources and data files. A workgroup is a much simplified version of a domain. Unlike domains, workgroups are not controlled from a central location and do not require users to authenticate to join.

This page intentionally left blank

Index A access control entries (ACE), 231 access control lists, accessing, 68 accounts fax, 445-446 group, 229, 234 local, 229 default local groups, 234 management, 234-235 user, 229 management, 230-233 Password Never Expires option, 233 permission denials, 230 Windows Mail configuration, 415-417 management, 417-418 ACE (access control entries), 231 ACPI (Advanced Configuration and Power Interface), 72 Action logs, 108 actions, Windows Defender, 253-256 activation periods, 77 activity reports, configuring parental controls on user accounts, 199-200 Add Folder to Gallery command, Windows Photo Gallery, 410 Add Search Provider dialog box, 206 add-ons, Internet Explorer, 209-210 Address Resolution Protocol (ARP), 306, 346 Admin Approval mode, 239 Admin Approval Mode for the Built-in Administrator policy, 247

716

Advanced Configuration and Power Interface

Advanced Configuration and Power Interface (ACPI), 72 Advanced Properties dialog box, 246 Advanced Security Settings dialog box, 548 Advanced Sharing dialog box, 328 Advanced tab, Windows Mail Options dialog box, 424 Properties dialog box, 418 Advanced tab (Internet Properties dialog box), 271-272 Advanced tab (Windows Firewall Settings dialog box), 278 Advanced TCP/IP Settings dialog box, 320 Aero. See Windows Aero Aero Glass, 185 troubleshooting, 189-191 Vista improvements, 35 AGDLP method, 238 AIK (Automated Installation Kit), 80-84 album covers, Windows Media Player, 395 Always Allow option (Windows Defender), 253 answer files, 104 creating, 80-84 editing, 80 troubleshooting unattended installations, 104-106 unattended installations, 85 answers, practice exams, 677-688 antispam filters, Vista improvements, 37 APIPA (Automatic Private Internet Protocol Addressing), 308-309 Appearance and Personalization category Control panel, 50-51 Application limit restrictions, 195 application prompts, User Account Control (UAC), 242-243

applications fast facts, 635-641 media-based, 389 Windows DVD Maker, 412-414 Windows Media Center, 389-394 Windows Media Player, 394-408 Windows Movie Maker, 412-414 Windows Photo Gallery, 408-412 Windows Calendar, 437-438 appointment management, 439-440 multiple calendars, 441-442 navigation, 438-439 sharing calendars, 443-444 task lists, 441 Windows Fax and Scan, 444-445 document scanning, 448 fax accounts, 445-446 sending and receiving faxes, 446-447 Windows Mail, 414-415 account configuration, 415-417 configuration options, 419-425 managing account, 417-418 security configuration, 425-430 Windows Meeting Space, 430-431 running meetings, 433-435 setting up, 431-432 sharing information, 435-436 Windows Sidebar, 448-451 appointments, Windows Calendar, 439-440 ARP (Address Resolution Protocol), 306, 346 attacks, 228 attended installations, 72-78 troubleshooting, 95-96 advanced booting, 102 compatibility, 102-104 insufficient hard drive space, 96-97 media problems, 96 unavailable networks, 97-101 unrecognizable DVD-ROM drive, 97

717

Burn tab

authentication, protocols, 355-357

Block All Incoming Connections option, 279

auto-dial, ICS (Internet Connection Sharing), 340

Blue Screen of Death (BSOD), 109-110, 162

Auto-hide the taskbar property, 193

boot logging, 166

AutoComplete settings, 212

Boot tab, System Configuration Utility, 490-491

automated deployment. See unattended installations

booting, dual boots, 138-140

Automated Installation Kit (AIK), 80-84 Automatic Private Internet Protocol Addressing (APIPA), 308-309 Automatic Updates, 146-147 Automatically Deny Elevation Requests policy, 248

B Backup and Restore Center, 508-511 Backup Status and Configuration Utility, 514-515 recovering data, 511 restoring computer, 512-514 Backup Status and Configuration Utility, 514-515 battery meters, 581-582 Bcdedit.exe, 139 Behavior of the Elevation Prompt for Administrators in Admin Approval Mode policy, 248 Behavior of the Elevation Prompt for Standard Users policy, 248 best practices local groups, 234 security, 231-232 BIOS ACPI support, 72 compatibility, 95 BitLocker disabling, 526 drive encryption, 521-523 enabling, 523, 526

boot disks, answer files, 105

Bootmgr.exe, 139 BSOD (Blue Screen of Death), 109-110, 162 built-in applications media-based, 389 Windows DVD Maker, 412-414 Windows Media Center, 389-394 Windows Media Player, 394-408 Windows Movie Maker, 412-414 Windows Photo Gallery, 408-412 Windows Calendar, 437-438 appointment management, 439-440 multiple calendars, 441-442 navigation, 438-439 sharing calendars, 443-444 task lists, 441 Windows Fax and Scan, 444-445 document scanning, 448 fax accounts, 445-446 sending and receiving faxes, 446-447 Windows Mail, 414-415 account configuration, 415-417 configuration options, 419-425 managing account, 417-418 security configuration, 425-430 Windows Meeting Space, 430-431 running meetings, 433-435 setting up, 431-432 sharing information, 435-436 Windows Sidebar, 448-451 Burn tab, Windows Media Player, 406

How can we make this index more useful? Email us at [email protected]

718

burning

burning DVDs, Vista improvements, 38 Windows Media Player, 395, 407 Business, Vista editions, 33

C Calendar, 437-438 appointment management, 439-440 multiple calendars, 441-442 navigation, 438-439 sharing calendars, 443-444 task lists, 441 Vista improvements, 38 cause of failures, troubleshooting installations, 94 CD-ROM Devices, 171-173 installing, 690-691 test modes certification mode, 689 custom mode, 690 study mode, 689 CDs, troubleshooting, 172 Certificates dialog box, 429 certification mode (CD-ROM), 689 Chkdsk.exe, 175 Choose a Connection Option dialog box, 334 Choose Search Locations dialog box, 331 Classic Start menu option, 191 clean boots, 173 clean installations, 71 attended, 72-78 deploying images to multiple computers, 87-89 Sysprep, 85 basics, 85-86 creating image, 86-87

unattended, 78-79 AIK (Automated Installation Kit), 80-84 answer files, 85 deployment technologies, 79 SIM (System Image Manager), 79-80 WDS (Windows Deployment Services), 90 advantages, 90-91 requirements, 91-92 Cleanmgr.exe, 175 Clock, Language, and Region category, Control panel, 51 cloning, 106-107 collaboration, Vista improvements, 39 command lines, monitoring utilities, 485-486 compatibility hardware, 61-62 troubleshooting installation, 102-104 troubleshooting post-installation issues, 178-179 Windows Meeting Space, 431 components, Vista editions, 34 Compose tab, Options dialog box (Windows Mail), 424 computers mobile display settings, 556-564 Sync Center, 551-554 synchronizing network folders, 548-551 VPN connections, 547-548 upgrades, 131 to Vista, 135-138 Vista Upgrade Advisor, 131, 134-135 Confident, 447 configurations Automatic Updates, 146 CD-ROMs, 171-173 disks, 173-178 DVDs, 171-173

719

Customize button

Internet Explorer, 200-201, 259 advanced security, 268-272 blocking pop-ups, 204-206 Content Advisor, 262-266 phishing filter, 266-268 Protected mode, 261-262 resource access, 201 tabbed browsing, 201-205 zones, 259-261 parental controls, 194 activity reports, 199-200 restrictions, 195-199 search providers, 206-207 toolbars, 194 User Account Control (UAC), 238-239, 244 elevated privileges, 244-246 policies, 246-250 Windows Aero, 184-185 desktop schemes, 187-188 hardware requirements, 186-187 Windows Presentation Foundation (WPF), 186 Windows Defender, 250-251 actions, 253-256 scans, 251-253 security agents, 255 Software Explorer, 257-258 updates, 256-257 Windows Firewall, 273-274 basic configuration, 274-279 Group Policy, 282-283 profiles, 280-282 snap-in, 279-280 Windows Vista, post-installation issues, 158-184 Connect VPN Connection dialog box, 360 Connection tab, Windows Mail Options dialog box, 424 Properties dialog box, 418

connections, networks Network and Sharing Center, 316-343 remote access, 354-367 TCP/IP protocol, 305-316 troubleshooting, 343-354 Content Advisor, configuring, 262-266 modifying settings, 265 phishing filter, 266-268 Content Advisor dialog box, 265 Content tab (Internet Properties dialog box), 270 Control panel, Vista improvements, 39 new features, 43 Appearance and Personalization category, 50-51 Clock, Language, and Region category, 51 Ease of Access category, 51 Hardware and Sound category, 47-49 Network and Internet category, 46-47 Programs category, 49-50 Security category, 45-46 System and Maintenance category, 43-45 User Accounts and Family Safety category, 50 control set (Registry settings), 162 Copy command, Windows Photo Gallery, 410 corporate users, Windows history, 32 custom mode (CD-ROM), 690 customizations, Internet Explorer, 206 add-ons, 209-210 AutoComplete settings, 212 printing Web pages, 209 Really Simple Syndication (RSS) feeds, 211-212 search providers, 206-207 toolbars, 207-208 Customize button (Start menu), 191

How can we make this index more useful? Email us at [email protected]

720

DACL

D DACL (discretionary access control list), 231

desktops Aero, 185 schemes, 187-188

data collector sets, 469, 475 creating, 475-478 using Performance Monitor, 478-479

Details tab (Properties dialog box), 169

Data Incomplete status, 177

development, Vista installation preparation, 59

Data Protection Backup and Restore Center, 508-511 Backup Status and Configuration Utility, 514-515 recovering data, 511 restoring computer, 512-514 BitLocker, 521 computer preparation, 521-523 disabling, 526 enabling, 523, 526 security, 515-516 decrypting files, 520 EFS basics, 516-517 encrypting file system, 516 preparing disk for EFS, 518-520

Device Manager, 167-170

Debugging mode, 166 decryption, file systems, 520 default local groups, 234 defaults email ports, 418 gateway, 307 Defender, Vista improvements, 37 defining projects, Vista installation preparation, 58 Defrag.exe, 175 Delete command, Windows Photo Gallery, 410 Denial of Service (DoS), 228 denials (permission), 230 designs, Vista installation preparation, 59 desktop schemes, Aero, 187-188

Detect Application Installations and Prompt for Elevation policy, 248

devices mobile computing Infrared Data Association (IrDA), 555-556 mobile computers, 547-554 Mobile PC Control Panel, 544-545 Windows Mobility Center, 545-547 synchronizing media, 407 Devices tab, Windows Media Player, 406 DHCP (Dynamic Host Configuration Protocol), 64 DHCP Allocator, ICS (Internet Connection Sharing), 340 diagnostic tools Event Viewer, 496-497 creating tasks, 500-501 customizing, 499-500 event logs, 497-499 System Configuration Utility, 489-490 Boot tab, 490-491 General tab, 490 Services tab, 491 Startup tab, 492 Tools tab, 492 Task Manager, 492-493 dual-processor computers, 496 foreground and background applications, 495 priority configuration, 494-495 Disable Automatic Restart on System Failure option, 167

721

Event Viewer

Disable Driver Signature Enforcement option, 167

DVD tab, Windows Media Player, 403

discretionary access control list (DACL), 231

DVDs burning, Vista improvements, 38 devices, 171-173 troubleshooting, 172 Windows Media Center, 390

Disk Cleanup, 175 Disk Management, 168, 173-178 Diskpart.exe, 175 disks configuring, 173-178 dynamic, 174 display settings, mobile computing external monitors, 560-561 networked projector, 558-560 presentation settings, 556, 558 Windows SideShow, 561-564

DVD-ROM drives, troubleshooting, 97

dynamic addresses, IPv4, 312-313 dynamic disks, creating, 174 Dynamic Host Configuration Protocol (DHCP), 64 dynamic security, Internet Explorer, 259 Protected mode, 261-262 zones, 259-261

E

DNS (Domain Name System), 64, 308 DNS Proxy, ICS (Internet Connection Sharing), 340

Ease of Access category, Control panel, 51

documentation, troubleshooting installation, 95

Easy Transfer, Vista improvements, 38

documents, metadata, Vista improvements, 36

Easy Transfer Wizard, 158

Domain Name System (DNS), 64, 308

Edit menu commands, Windows Mail, 420

domains membership, 65-67 Windows Server, 236, 238

editions, upgrades, 140-141 Elevate without Prompting policy, 248

DoS (Denial of Service), 228

elevated privileges, User Account Control (UAC), 244-246

double colons, 314

email, Vista improvements, 35, 38

Downloaded Images section, Windows Mail, 429 downloads, images, Windows Mail security, 429

encryption BitLocker, 521-523 file systems, 516-520

driver signing, troubleshooting, 111-113

Enterprise, Vista editions, 33

Driver tab (Properties dialog box), 168

Error logs, 108

drivers, configuration, 111 rollback, 114 troubleshooting, 111-113

event logs, Event Viewer, 497-499

dual-boots, 138-140 dual-processor computers, Task Manager configuration, 496

Event Viewer, 167, 496-497 checking network problems, 345 creating tasks, 500-501 customizing, 499-500 event logs, 497-499

DVD Maker, 412, 414

How can we make this index more useful? Email us at [email protected]

722

exams

exams practice answers, 677-688 MeasureUp, 690-691 questions, 651-676 preparation tips, 7, 21-24 learning styles, 8 studying, 9-10 test presentation, 11-21

File Sharing dialog box, 326

exceptions, Windows Firewall security, 276

File Transfer Protocol (FTP), 346

Exit command, Windows Photo Gallery, 410

Finger command, troubleshooting TCP/IP protocol, 346

Experience Index, Vista improvements, 36 Extend Volume Wizard, 174 external monitors, 560-561

F failed installations, troubleshooting, 108 Startup Repair, 110 stop errors, 109-110 stopped installations, 110

searching for computers, 331-332 shared folder property modifications, 327-329 Windows Meeting Space, 431 File Sharing node, Network and Sharing Center, 325 file systems, Vista installation considerations, 69-70

firewalls Media Center Extenders, 392 Vista improvements, 37 Windows Media Player, 404 folders, network sharing, 325-327 Formatting status, 177 Fsutil.exe, 175 FTP (File Transfer Protocol), 346 FYI, 447

Failed status, 176 Fax and Scan, 444-445 document scanning, 448 fax accounts, 445-446 sending and receiving faxes, 446-447 Fax Settings dialog box, 446 file extensions, blocked by Windows Mail, 428 File menu commands Windows Mail, 419-420 Windows Photo Gallery, 410 file sharing, configuring with Network and Sharing Center, 325 folders, 325-327 media sharing, 330 password-protected sharing, 330 printer sharing, 330 public folders, 330

G game restrictions, 195 gateways, default, 307 General tab, Windows Mail Options dialog box, 422 Properties dialog box, 417 System Configuration Utility, 490 General tab (Properties dialog box), 168 Generic, 447 graphics memory, Aero, 187 graphics processors, Aero, 187 group accounts, 229, 234 Group Policy multiple users, 283 power management, 583-585

723

installation

UAC policies, 247-250 Windows Firewall, 282-283 Windows Media Player, 408 Windows Update, 504-507 Group similar taskbar buttons option, 193

H

Home Premium, Vista editions, 33 home users, Windows history, 32 hotfixes, 52, 145

I ICF (Internet Connection Firewall). See Windows Firewall

handouts, Windows Meeting Space, 435-436

ICMP (Internet Control Messaging Protocol), 306

handwriting recognition, 571-574

ICS (Internet Connection Sharing), 340-343

hardware Aero, 186-187 devices, troubleshooting post-installation issues, 167-168 Device Manager, 168-170 Disk Management, 173-175, 177-178 DVD/CD-ROM devices, 171-173 diagnostics, Vista improvements, 36 installation compatibility, 61-62 file systems, 69-70 network requirements, 64-68 requirements, 60-61 software incompatibility, 62-63 WPA (Windows Product Activation), 70-71 troubleshooting network connections, 351-352, 354

Ignore option (Windows Defender), 253

Hardware and Sound category, Control panel, 47-49 Healthy (At Risk) status, 177 Healthy status, 176 Help protect Windows automatically screen, 76 help, technical support, 692 hibernation, 576 Hide inactive icons option, 193 history, Windows, 31-33 Home Basic, Vista editions, 33

images deploying to multiple computers, 87-89 Windows Mail security, 429 Windows Photo Gallery editing, 411 options, 412 implementation troubleshooting installation, 94-95 Vista installation preparation, 60 Import from Camera or Scanner command, Windows Photo Gallery, 410 incompatibility, software, 62-63 Infrared Data Association (IrDA), 555-556 Install Windows dialog box, 73 installation CD-ROMs, 171-173 driver configuration, 111 rollback, 114 troubleshooting, 111-113 drivers, 111 rollback, 114 troubleshooting, 111-113 DVDs, 171-173 hardware compatibility, 61-62 file systems, 69-70

How can we make this index more useful? Email us at [email protected]

724

installation

network requirements, 64-68 requirements, 60-61 software incompatibility, 62-63 WPA (Windows Product Activation), 70-71 hotfixes, 145 installing, 131-134 performing clean, 71 attended, 72-78 deploying images to multiple computers, 87-89 Sysprep, 85-87 unattended, 78-85 WDS (Windows Deployment Services), 90-92 preparation, 58-60 product activation, 143-145 running, 131-134 troubleshooting, 92-93 attended installation, 95-104 failed installations, 108-110 process, 93-95 unattended installation, 104-108 updates, 143-147 Vista, fast facts, 604-608 Windows Vista, post-installation configuration, 158-184

resource access, 201 tabbed browsing, 201-205 zones, 259-261 customizing, 206 add-ons, 209-210 AutoComplete settings, 212 printing Web pages, 209 Really Simple Syndication (RSS) feeds, 211-212 search providers, 206-207 toolbars, 207-208 Internet Explorer 7, 38 Internet Explorer Properties dialog box, 341 Internet Properties dialog box, 268 Advanced tab, 271-272 Content tab, 270 Privacy tab, 268-270 Internet Protocol (IP), 306 Internet Protocol (TCP/IP) Properties dialog box, 313 Internet Protocol Version 4(TCP/IPv4) Properties dialog box, 319 Internet Protocol Version 6 (TCP/IPv6) Properties dialog box, 323 IP (Internet Protocol), 306 IP addresses, 307, 312-313

installing CD-ROM, 690-691

ipconfig utility, 346-347

Internet Connection Firewall (ICF). See Windows Firewall

IPv4 address classes, 626-627 features, 307-308 APIPA implementation, 308-309 dynamic IP addresses, 312-313 static addressing, 309-312 incorrect address, 344 IPv6 address compatibility, 316

Internet Connection Sharing (ICS), 340-343 Internet Control Messaging Protocol (ICMP), 306 Internet Explorer configuring, 200-201, 259 advanced security, 268-272 blocking pop-ups, 204-206 Content Advisor, 262-268 Protected mode, 261-262

IPv6 address classes and subclasses, 628-629 certification exams, 307

725

MeasureUp practice tests

disabling, 324 features address syntax, 313-314 address types, 314-315 IPv4 address compatibility, 316 prefixes, 314

local group accounts default, 234 management, 234-235

IrDA (Infrared Data Association), 555-556

low-resolution video, 166

ISPs, network remote access connections, 361-362

J-L joining, Windows Server domains, 236-238 Keep the taskbar on top of other windows property, 193 Key Management Service, 71

Lock the taskbar property, 193 Logical Disk object, 483-485 logs, Event Viewer, 497-499

M mail, Windows Mail, 414-415 account configuration, 415-417 configuration options, 419-425 managing account, 417-418 security configuration, 425-430 malicious software, 228 man-in-the-middle attacks, 228 Manage Add-ons dialog box, 38

L2TP (Layer 2 Tunneling Protocol), 354 LANs, troubleshooting connections, 343-344 DHCP server connection, 345 duplicate IP addresses, 345 Event Viewer, 345 incorrect IPv4 address or subnet mask, 344 TCP/IPv4 configuration, 345 Last Known Good Configuration, 162-163 Layer 2 Tunneling Protocol (L2TP), 354 learning styles, 8 Library tab, Windows Media Player, 400 Library toolbar, Windows Media Player, 398-399 local accounts, 229 default local groups, 234 management, 234-235 Local Area Connection Properties dialog box, 318, 324 Local Area Connection Status dialog box, 344 Local Area Network (LAN) Settings dialog box, 341

Manage Wireless Networks dialog box, 338-339 management CD-ROMs, 171-173 DVDs, 171-173 MCIPT exams design, 12 formats, 13-14 question types, 14-21 tips, 21-24 MCP exams design, 12 formats, 13-14 question types, 14-21 tips, 21-24 MCTS exams design, 12 formats, 13-14 question types, 14-21 tips, 21-24 MeasureUp practice tests, 690-691

How can we make this index more useful? Email us at [email protected]

726

media

media, sharing, 330 media-based applications, 389 Windows DVD Maker, 412-414 Windows Media Center, 389-390 network projectors, 392-394 setting up, 390-392 Windows Media Player, 394-396 configuration options, 400-407 Group Policy, 408 Library toolbar, 398-399 menu bar options, 407 setting up, 396-397 Windows Movie Maker, 412-414 Windows Photo Gallery, 408-410 editing images, 411 File menu commands, 410 options, 412 Media Center, 389-390 Extenders, 392 network projectors, 392-394 setting up, 390-392 Vista improvements, 38 Media Player, 389, 394-396 configuration options, 400 Burn tab, 406 Devices tab, 406 DVD tab, 403 Library tab, 400 Network tab, 403-404 Performance tab, 406-407 Player tab, 404 Plug-Ins tab, 401 Privacy tab, 401 Rip Music tab, 405 Security tab, 402 Group Policy, 408 Library toolbar, 398-399 menu bar options, 407 setting up, 396-397

Media Sharing node, Network and Sharing Center, 325 Meeting Space, 430-431 running meetings, 433-435 setting up, 431-432 sharing information, 435-436 Memory object, 479-481 Message menu commands, Windows Mail, 425 metadata documents, Vista improvements, 36 Microsoft Office Live Meeting, 430 Microsoft Phishing Filter dialog box, 268 mobile computing devices Infrared Data Association (IrDA), 555-556 mobile computers, 547-554 Mobile PC Control Panel, 544-545 Windows Mobility Center, 545-547 display settings external monitors, 560-561 networked projector, 558-560 presentation settings, 556, 558 Windows SideShow, 561-564 fast facts, 648-650 power options, 576 battery meter, 581-582 Group Policy, 583-585 power plans, 577-581 snipping tool, 575 Tablet PC software, 564-565 settings, 565-566 Tablet PC Input Panel, 567-574 touch screen support, 575-576 Mobile PC Control Panel, 544-545 Mobility Center, 38, 545-547 modems, troubleshooting network connections, 351-354

727

networks

monitoring command-line utilities, 485-486 enhancing performance Windows ReadyBoost, 486-488 Windows ReadyDrive, 488-489 Windows SuperFetch, 486 fast facts, 641-647 reliability, 468-469 data collector set, 475-479 LogicalDisk object, 483-485 Memory object, 479-481 Performance Monitor, 470-473 PhysicalDisk object, 482-483 Processor object, 481-482 Reliability Monitor, 473-475 Resource Overview panel, 469-470 Movie Maker, 389, 412-414 multi-booting, 138-140 Multiple Activation Keys, 71 multiple users, Group Policy, 283 music simplified libraries, 395 Windows Media Center, 390

N

Network and Sharing Center, 316-317 configuring TCP/IP disabling IPv6, 324 version 4, 317-322 version 6, 322-324 file sharing configuration, 325 folder sharing, 325-327 media sharing, 330 password-protected sharing, 330 printer sharing, 330 public folders, 330 searching for computers, 331-332 shared folder property modifications, 327-329 Internet Connection Sharing (ICS), 340-343 wireless network management, 332-333 connection setup, 333-338 Manage Wireless Networks dialog box, 338-339 profile management, 339-340 Network Center, Vista improvements, 38 Network Connections dialog box, 318, 341 Network Discovery node, Network and Sharing Center, 325 Network Map, Vista improvements, 38

name resolution, 308

network projectors, Windows Media Center, 392-394

NAT (Network Address Translation), 340-342

Network tab, Windows Media Player, 403-404

navigation, Windows Media Player, 394

networked projectors, 558-560

Nbtstat utility, 347

networks access protection, Vista improvements, 37 fast facts, 625-635 Network and Sharing Center, 316-317 configuring TCP/IP, 317-324 file sharing configuration, 325-332 Internet Connection Sharing (ICS), 340-343 wireless network management, 332-340

NetMeeting, 39 Netstat command-line tool, 347 Network Address Translation (NAT), 340-342 Network and Internet category, Control panel, 46-47

How can we make this index more useful? Email us at [email protected]

728

networks

remote access, 354-355 authentication protocols, 355-357 ISP connections, 361-362 Remote Assistance, 365-367 Remote Desktop Protocol (RDP), 362-365 security, 357-358 VPN connections, 359-361 requirements, hardware, 64-68 TCP/IP protocol, 305-307 IPv4 features, 307-313 IPv6 features, 313-316 troubleshooting hardware, 351-354 LAN connections, 343-345 modems, 351-354 TCP/IP, 345-349 wireless networks, 350-351 unavailable, troubleshooting attended installations, 97-101 New Display Detected dialog box, 560 New Fax dialog box, 447 new features Control panel, 43 Appearance and Personalization category, 50-51 Clock, Language, and Region category, 51 Ease of Access category, 51 Hardware and Sound category, 47-49 Network and Internet category, 46-47 Programs category, 49-50 Security category, 45-46 System and Maintenance category, 43-45 User Accounts and Family Safety category, 50 Start Menu, 42-43 Vista productivity improvements, 35-36 programs, 37-39

security improvements, 36-37 tools, 37-39 Welcome Center, 39-41 New Group dialog box, 235 Notification Area tab, 193 NSLookup utility, 348 Ntbackup utility, 514 NWLink protocol, 65

O Office Live Meeting, 430 Offline Files feature, synchronizing network folders, 548-549 client computer configuration, 549-550 server configuration, 550-551 Offline Settings dialog box, 328 Only Elevate Executables that are Signed and Validated policy, 249 Only Elevate UIAccess Applications that are Installed in Secure Locations policy, 249 operating systems, upgrades, 130 Options command, Windows Photo Gallery, 410 Options dialog box Windows Mail, 421 Advanced tab, 424 Compose tab, 424 Connection tab, 424 Downloaded Images section, 429 General tab, 422 Read tab, 422-423 Receipts tab, 423 Secure Mail section, 429-430 Send tab, 423 Signatures tab, 424 Spelling tab, 424 Virus Protection, 427-428

729

points

Windows Media Player, 400 Burn tab, 406 Devices tab, 406 DVD tab, 403 Library tab, 400 Network tab, 403-404 Performance tab, 406-407 Player tab, 404 Plug-Ins tab, 401 Privacy tab, 401 Rip Music tab, 405 Security tab, 402

Memory object, 479-481 Performance Monitor, 470-473 PhysicalDisk object, 482-483 Processor object, 481-482 Reliability Monitor, 473-475 Resource Overview panel, 469-470 Performance Monitor, 468-473, 478-479 Performance tab, Windows Media Player, 406-407 permissions AGDLP method, 238 denials, 230 Permissions dialog box, 328-329

P parental controls configuring, 194 activity reports, 199-200 restrictions, 195-199 User Account Control (UAC), 242 Vista improvements, 37 Windows Media Center, 390 Parental Controls dialog box, 197 Password Never Expires option, 233 Password Protected Sharing node, Network and Sharing Center, 325

phishing, Windows Mail security, 425-427 phishing filters configuring, 266-268 troubleshooting, 267 Vista improvements, 37 Photo Gallery, 389, 408-410 editing images, 411 File menu commands, 410 options, 412 Vista improvements, 38 photos, Windows Media Center, 390 PhysicalDisk object, 482-483

passwords file sharing, 330 guessing, 228

ping command, 348

Patch Tuesday, 52

playlists, Windows Media Player, 395

patches, 52

Plug-Ins tab, Windows Media Player, 401

Pen and Input Devices dialog box, 568

point of failures, troubleshooting installations, 94

pen flicks, 568-570 People Near Me, Windows Meeting Space, 431 performance monitoring, fast facts, 641-647 monitoring reliability, 468-469 data collector set, 475-479 LogicalDisk object, 483-485

playback controls, Windows Media Player, 395 Player tab, Windows Media Player, 404

Point-to-Point Protocol (PPP), 354 Point-to-Point Tunneling Protocol (PPTP), 354 points (restore), creating with System Restore, 166

How can we make this index more useful? Email us at [email protected]

730

policies

policies Group Policy. See Group Policy User Account Control (UAC), 246-250

printers, network sharing, 325-330

pop-ups, configuring Internet Explorer, 204-206

Privacy tab (Internet Properties dialog box), 268-270

ports, defaults, 418

printing, Web pages, 209 Privacy option (Start menu), 191

post-installation, troubleshooting, 158-162, 165 boot logging, 166 compatability, 178-179 Debugging mode, 166 Disable Automatic Restart on System Failure option, 167 Disable Driver Signature Enforcement option, 167 hardware devices, 167-178 low-resolution video, 166 startup issues, 158-164 System Restore, 164-166 Windows Easy Transfer, 180-184

Privacy tab, Windows Media Player, 401

power, mobile computing, 576 battery meter, 581-582 Group Policy, 583-585 power plans, 577-581

Properties command, Windows Photo Gallery, 410

private connections, configuring, 278 Processor object, 481-482 product activation, 143-145 product keys, Vista installation, 73 productivity, Vista improvements, 35-36 profiles, Windows Firewall, 280-282 Program Compatibility Wizard, 179 Programs category, Control panel, 49-50 programs, Vista improvements, 37-39 Prompt for Consent policy, 248 Prompt for Credentials policy, 248

Power Options Properties dialog box, 577

Properties dialog box tabs, 168 Windows Mail, 417-418

Power Users group, 240

Protected mode, Internet Explorer, 261-262

PPP (Point-to-Point Protocol), 354

protocols, wireless networks, 332

PPTP (Point-to-Point Tunneling Protocol), 354

public connections, configuring, 278

practice exams answers, 677-688 MeasureUp, 690-691 questions, 651-676

Public Folder Sharing node, Network and Sharing Center, 325 Public folders, 68 public folders, file sharing, 330

preparation, installation, 58-60 Presentation Settings dialog box, 557 presentations, Windows Meeting Space, 430 pretesting, 10 Principle of Least Privilege, 229 Printer Sharing node, Network and Sharing Center, 325

Q-R Quarantine option (Windows Defender), 253 Rating Systems dialog box, 264 RDP (Remote Desktop Protocol), 362-365

731

scanning

Read tab, Options dialog box (Windows Mail), 422-423

Reliability Monitor, 473-475

Recovery Console, 162

remote access, networks, 354-355 authentication protocols, 355-357 ISP connections, 361-362 Remote Assistance, 365-367 Remote Desktop Protocol (RDP), 362-365 security, 357-358 VPN connections, 359-361

recovery, Safe mode, 163-164

Remote Assistance, 365-367

Registry, control set, 162

Remote Desktop Connection dialog box, 363

reliability built-in diagnostic tools Event Viewer, 496-501 System Configuration Utility, 489-492 Task Manager, 492-496 monitoring, 468-469 data collector set, 475-479 fast facts, 641-647 LogicalDisk object, 483-485 Memory object, 479-481 Performance Monitor, 470-473 PhysicalDisk object, 482-483 Processor object, 481-482 Reliability Monitor, 473-475 Resource Overview panel, 469-470

Remote Desktop Protocol (RDP), 362-365

ReadyBoost, 486-488 ReadyDrive, 488-489 Really Simple Syndication (RSS) feeds, 211-212 Receipts tab, Options dialog box (Windows Mail), 423

Reliability and Performance Monitor, 468-469 data collector set, 475 creating, 475-478 using Performance Monitor, 478-479 LogicalDisk object, 483-485 Memory object, 479-481 Performance Monitor, 470-473 PhysicalDisk object, 482-483 Processor object, 481-482 Reliability Monitor, 473-475 Resource Overview panel, 469-470 Reliability and Performance tool, 167

Remote Desktop Users Properties dialog box, 371 Remove option (Windows Defender), 253 Rename command, Windows Photo Gallery, 410 Reports, 469 Resource Overview panel, 469-470 Resources tab (Properties dialog box), 169 Restart Manager, Vista improvements, 36 restoring, System Restore, 164-166 restrictions application limits, 195 configuring parental controls, 195-199 games, 195 usage time, 195 Web site, 195 Rip Music tab, Windows Media Player, 405 ripping, Windows Media Player, 395, 407 rollbacks, drivers, 114 RSS (Really Simple Syndication) feeds, 211-212 Run All Administrators in Admin Approval Mode policy, 249 Run command, enabling, 113

S Safe mode, 163-166 scanning, Windows Fax and Scan, 448

How can we make this index more useful? Email us at [email protected]

732

scans

scans, Windows Defender, 251-253

Select Users dialog box, 371

schemes (desktop), Aero, 187-188

Send tab, Options dialog box (Windows Mail), 423

Screen Saver Settings command, Windows Photo Gallery, 410 search providers, Internet Explorer, 206-207 Secure Mail section, Windows Mail, 429-430 security best practices, 231-232 Data Protection, 515-516 decrypting files, 520 EFS basics, 516-517 encrypting file system, 516 preparing disk for EFS, 518-520 fast facts, 618-625 Internet Explorer, 259 advanced security, 268-272 Protected mode, 261-262 zones, 259-261 Password Never Expires option, 233 remote access, 357-358 Vista improvements, 36-37 VPN connections, 547-548 Windows Defender, 255 Windows Firewall, 273-274 basic configuration, 274-279 profiles, 280-282 snap-in, 279-280 Windows Mail, 425 image downloads, 429 message security, 429-430 phishing, 425-427 spam, 425-427 virus protection, 427-428 Security category, Control panel, 45-46 Security tab Properties dialog box, Windows Mail, 418 Windows Media Player, 402 Select All command, Windows Photo Gallery, 410

servers addresses, 308 network requirements, 64 Windows history, 32 Servers tab, Properties dialog box (Windows Mail), 418 service packs, 52 services, Windows restricting, 37 Services tab, System Configuration Utility, 491 Services tool, 168 Sessions Near Me, Windows Meeting Space, 431 settings, Registry control set, 162 Setup.exe, syntax, 105-106 Setupact.log, 108 Setuperr.log, 108 shadow copies, 175 Share with Devices command, Windows Photo Gallery, 410 Shared Folders, 167 shortcuts (MeasureUp practice tests), creating, 691 Show Quick Launch option, 193 Show window previews (thumbnails) option, 193 Shrink volumes, 174 Sidebar, 448-451 SideShow, 561 device security, 563-564 setting up, 562-563 Signatures tab, Options dialog box (Windows Mail), 424 SIM (System Image Manager), 79-80 Sleep mode, Vista improvements, 35 snap-ins, Windows Firewall, 279-280 snipping tool, 575

733

System Image Manager

social engineering, 228 software incompatibility, 62-63 malicious, 228

stop errors, troubleshooting failed installations, 109-110 stopped installations, troubleshooting failed installations, 110

Software Explorer (Windows Defender), 257-258

study mode (CD-ROM), 689

solutions, troubleshooting installations, 94

studying pretesting, 10 strategies, 9-10

spam Vista improvements, 37 Windows Mail security, 425-427 Spelling tab, Options dialog box (Windows Mail), 424 spoofing, 228 SRT (Startup Repair Tool), 159 stability, Vista improvements, 36 Start menu Customize button, 191 properties, 191 Vista improvements, 35 new features, 42-43 Start Menu Properties dialog box, 192 Start menu tab (Taskbar), 192 Starter Edition, Windows editions, 33 starting Windows Vista, troubleshooting, 158-164 Startup Repair, troubleshooting failed installations, 110 Startup Repair Tool (SRT), 159 Startup tab, System Configuration Utility, 492 startups advanced, troubleshooting attended installations, 102 security improvements, 36 troubleshooting failed installations, 110 Vista improvements, 35

subnet masks, 307 SuperFetch, 486 Supervisor Can Type a Password to Allow Users to View Restricted Content option, 264 Switch to the Secure Desktop When Prompting for Elevation policy, 249 switches, answer files, 105 Sync Center, 551-554 synchronizing, Windows Media Player, 395, 407 Sysprep, 58 clean installation, 85 basics, 85-86 creating image, 86-87 deploying images to multiple computers, 87-89 domain memberships, 107 troubleshooting unattended installations, 106-108 Sysprep.exe, 58 System and Maintenance category, Control panel, 43-45 System Configuration Utility, 489-490 Boot tab, 490-491 General tab, 490 Services tab, 491 Startup tab, 492 Tools tab, 492 System File Checker, 113

static addresses, IPv4, 309-312

System icons option, 193

stop codes, 109

System Image Manager (SIM), 79-80

How can we make this index more useful? Email us at [email protected]

734

System Preparation tool

System Preparation tool, 58 clean installation, 85 basics, 85-86 creating image, 86-87 deploying images to multiple computers, 87-89 domain membership, 107 troubleshooting unattended installations, 106-108

T tabbed browsing, configuring Internet Explorer, 201-205 Tablet PC Input Panel, 567 handwriting recognition, 571-574 Input Panel options, 567-568 pen flicks, 568-570 Pen Options tab, 571-572

System Properties dialog box, 364

Tablet PC Settings dialog box, 566

system requirements, CD-ROM installations, 690

Tablet PC, software configuring, 564-565 settings, 565-566 Tablet PC Input Panel, 567-574

System Restore, 164-166 systems built-in diagnostic tools Event Viewer, 496-501 System Configuration Utility, 489-492 Task Manager, 492-496 Data Protection Backup and Restore Center, 508-515 BitLocker, 521-523, 526 decrypting files, 520 EFS basics, 516-517 preparing disk for EFS, 518-520 security, 515-516 fast facts, 610-618 troubleshooting command-line utilities, 485-486 enhancing performance, 486-489 reliability, 468-485 Windows Update, 501-502 configuring functions, 502-504 Group Policy, 504-507 WSUS server, 504

Task Manager, 492-493 dual-processor computers, 496 foreground and background applications, 495 priority configuration, 494-495 Task Scheduler, 167 taskbars Aero, 185 properites, 192-194 tasks, Windows Calendar, 441 TCP (Transmission Control Protocol), 305 TCP/IP (Transmission Control Protocol/Internet Protocol), 64, 305-307 configuring with Network and Sharing Center disabling IPv6, 324 version 4, 317-322 version 6, 322-324 IPv4 features, 307-308 APIPA implementation, 308-309 dynamic IP addresses, 312-313 static addressing, 309-312 IPv6 features address syntax, 313-314 address types, 314-315

735

troubleshooting

IPv4 address compatibility, 316 prefixes, 314 troubleshooting, 345-346 address resolution protocol (ARP), 346 Finger command, 346 FTP and TFTP, 346 ipconfig utility, 346-347 Nbtstat utility, 347 Netstat command-line tool, 347 NSLookup utility, 348 ping command, 348 Tracert command, 349 technical support, 692 television, Windows Media Center, 390 test modes (CD-ROM) certification mode, 689 custom mode, 690 study mode, 689 test questions, 651-688 testing troubleshooting installations, 94-95 Vista installation preparation, 59-60 tests (practice), MeasureUp, 690-691 TFTP (Trivial File Transfer Protocol), 346 title bars, Aero, 185 toolbars configuring, 194 Internet Explorer, 207-208 tools, Vista improvements, 37-39 Tools menu commands, Windows Mail, 421-424 Tools tab, System Configuration Utility, 492 touch screen support, 575-576 TPM (Trusted Platform Module), 36 Tracert command, 349 translucency, troubleshooting Aero, 188-189 translucent title bars (Aero), 185

Transmission Control Protocol (TCP), 305 Transmission Control Protocol/Internet Protocol. See TCP/IP Trivial File Transfer Protocol (TFTP), 346 troubleshooting CDs, 172 command-line utilities, 485-486 drivers, 111-113 DVDs, 172 enhancing performance Windows ReadyBoost, 486-488 Windows ReadyDrive, 488-489 Windows SuperFetch, 486 fast facts, 641-647 network connectivity hardware, 351-354 LAN connections, 343-345 modems, 351-354 TCP/IP, 345-349 wireless networks, 350-351 phishing filter, 267 post-installation issues, 158-162, 165 boot logging, 166 compatibility, 178-179 Debugging mode, 166 Disable Automatic Restart on System Failure option, 167 Disable Driver Signature Enforcement option, 167 hardware devices, 167-178 low resolution video, 166 startup, 158-164 System Restore, 164-166 Windows Easy Transfer, 180-184 reliability, 468-469 data collector set, 475-479 LogicalDisk object, 483-485 Memory object, 479-481

How can we make this index more useful? Email us at [email protected]

736

troubleshooting

Performance Monitor, 470-473 PhysicalDisk object, 482-483 Processor object, 481-482 Reliability Monitor, 473-475 Resource Overview panel, 469-470 User Account Control (UAC), 238-239 user rights, whoami, 233 Vista installation, 92-93 attended installation, 95-104 failed installation, 108-110 process, 93-95 unattended installation, 104-108 Windows Aero, 188 Aero Glass, 189-191 Start menu, 191 Taskbar, 192-194 translucency, 188-189 Trusted Platform Module (TPM), 36 trusted sites, 260

Unknown status, 177 Update Driver Software dialog box, 353 updates, 143-145 Automatic Updates, 146-147 Windows Defender, 256-257 upgrades, 130-131 computer preparation, Vista Upgrade Advisor, 131, 134-135 computer requirements, 131 computers to Windows Vista, 135-138 dual boots, 138-140 editions, 140-141 operating systems, 130 Vista, fast facts, 608-610 to Vista Ultimate, 141-143 URGE, Windows Media Player, 395 Urgent, 447 usage time restrictions, 195 User Account Control. See UAC

U UAC configuring, 238-239, 244 elevated privileges, 244-246 policies, 246-250 features, 239-242 application prompts, 242-243 parental controls, 242 troubleshooting, 238-239

User Account Control dialog box, 114 user accounts, 229 management, 230-233 Password Never Expires option, 233 permission denials, 230 User Accounts and Family Safety category, Control panel, 50 User Datagram Protocol (UDP), 305 user interfaces, Vista improvements, 35 user rights, whoami, 233

UDP (User Datagram Protocol), 305

User State Migration Tool (USMT), 184

Ultimate, Vista editions, 33

users, accounts controls, Vista improvements, 37

unattended installations, 78-79 AIK (Automated Installation Kit), 80-84 answer files, 85 deployment technologies, 79 SIM (System Image Manager), 79-80 troubleshooting, 104 answer files, 104-106 Sysprep, 106-108

Users Can See Websites That Have No Rating option, 264 USMT (User State Migration Tool), 184

737

Windows Defender

V

W

video memory, Aero, 187

WDDM (Windows Display Driver Model), 187

videos Windows Media Center, 390 Windows Media Player, 396

WDS (Windows Deployment Services), 58, 90 clean installations, 90 advantages, 90-91 requirements, 91-92

View menu commands, Windows Mail, 420 Virtualize File and Registry Write Failures to Per User Locations policy, 249 viruses, Windows Mail security, 427-428 Vista. See also Windows Vista editions, 33-34 fast facts, 602-603 installation, fast facts, 604-608 new features Control panel, 43-51 productivity improvements, 35-36 programs, 37-39 security improvements, 36-37 Start Menu, 42-43 tools, 37-39 Welcome Center, 39-41 service packs, 52 upgrades, fast facts, 608-610 Vista Mobility Center, 556-558 Vista Ultimate, upgrading to, 141-143 Vista Upgrade Advisor, 131-134 Volumes, 174 VPN Connection Properties dialog box, 377 VPN connections remote access networks, 359-361 security, 547-548

Web site restrictions, 195 Welcome Center Vista improvements, 37 Vista new features, 39-41 whoami, 233 Wimgapi.dll, 82 Windows history, 31-33 Windows Aero configuring, 184-185 desktop schemes, 187-188 hardware requirements, 186-187 Windows Presentation Foundation (WPF), 186 troubleshooting, 188 Aero Glass, 189-191 Start menu, 191 Taskbar, 192-194 translucency, 188-189 Windows Calendar, 437-438 appointment management, 439-440 multiple calendars, 441-442 navigation, 438-439 sharing calendars, 443-444 task lists, 441 Vista improvements, 38 Windows Defender configuring, 250-251 actions, 253-256 scans, 251-253 security agents, 255

How can we make this index more useful? Email us at [email protected]

738

Windows Defender

Software Explorer, 257-258 updates, 256-257 Vista improvements, 37 Windows Deployment Services. See WDS Windows Display Driver Model (WDDM), 187 Windows DVD Maker, 412-414 Windows Easy Transfer troubleshooting post-installation issues, 180-184 Vista improvements, 38 Windows Easy Transfer Wizard, 181-184 Windows Experience Index, Vista improvements, 36 Windows Fax and Scan, 444-445 document scanning, 448 fax accounts, 445-446 sending and receiving faxes, 446-447 Windows Firewall configuring Group Policy, 282-283 security settings, 273-282 Media Center Extenders, 392 Vista improvements, 37 Windows Media Player, 404 Windows Firewall Settings dialog box, 277-278, 371 Windows Flip, 185 Windows Flip 3D, 185 Windows Internet Naming Service (WINS), 38, 308 Windows Logo Program, 171 Windows Mail, 414-415 account configuration, 415-417 configuration options, 419 Edit menu, 420 File menu, 419-420 Message menu, 425

Tools menu, 421-424 View menu, 420 managing account, 417-418 security configuration, 425 image downloads, 429 message security, 429-430 phishing, 425-427 spam, 425-427 virus protection, 427-428 Vista improvements, 38 Windows Mail and Resulting Internet Communication in Windows Vista, 430 Windows Management Instrumentation (WMI), 168 Windows Media Center, 389-390 network projectors, 392-394 setting up, 390-392 Windows Media Player, 389, 394-396 configuration options, 400 Burn tab, 406 Devices tab, 406 DVD tab, 403 Library tab, 400 Network tab, 403-404 Performance tab, 406-407 Player tab, 404 Plug-Ins tab, 401 Privacy tab, 401 Rip Music tab, 405 Security tab, 402 Group Policy, 408 Library toolbar, 398-399 menu bar options, 407 setting up, 396-397 Windows Media Player 11, Vista improvements, 38

739

WPA

Windows Meeting Space, 430-431 running meetings, 433-435 setting up, 431-432 sharing information, 435-436

Windows Vista Mobility Center, 556-558

Windows Mobility Center, 38, 545-547

WINS (Windows Internet Naming Service), 64, 308

Windows Movie Maker, 389, 412-414 Windows Photo Gallery, 389, 408-410 editing images, 411-412 File menu commands, 410 Vista improvements, 38 Windows Presentation Foundation (WPF), 186 Windows Product Activation (WPA), 70-71 Windows ReadyBoost, 486-488 Windows ReadyDrive, 488-489 Windows Server, domains, 236-238 Windows Sidebar, 448-451 Windows SideShow, 561 device security, 563-564 setting up, 562-563 Windows SuperFetch, 486 Windows Update, 501-502 configuring functions, 502-504 Group Policy, 504-507 WSUS server, 504 Windows Vista. See also Vista configuring, post-installation issues, 158-184 fast facts, 602-603 installation fast facts, 604-608 post-installation configuration, 158-184 upgrades computer requirements, 131 fast facts, 608-610 operating systems, 130-131 to Vista Ultimate, 141-143 upgrading computers to, 135-138

Windows.OLD folder, 143 Winload.exe, 139 Winresume.exe, 139

wireless LANs. See WLANs Wireless Network Properties dialog box, 339 wireless networking, Windows Meeting Space, 430 wireless networks Network and Sharing Center management, 332-333 connection setup, 333-338 Manage Wireless Networks dialog box, 338-339 profile management, 339-340 troubleshooting access point switching, 350 unavailable networks, 350-351 wizards Easy Transfer Wizard, 158 Extend Volume, 174 Program Compatibility Wizard, 179 Windows Easy Transfer, 181-184 WLANs (wireless LANs), 332 Network and Sharing Center management, 332-333 connection setup, 333-338 Manage Wireless Networks dialog box, 338-339 profile management, 339-340 WMI (Windows Management Instrumentation), 168 WMI Control, 168 workgroups, membership, 67-68 WPA (Windows Product Activation), 70-71

How can we make this index more useful? Email us at [email protected]

740

WPF

WPF (Windows Presentation Foundation), 186 WSUS server, 504

X-Y-Z zones Internet Explorer, 259-261 trusted sites, 260

Your Guide to Information Technology

www.informit.com

Training and Reference Que has partnered with InformIT.com to bring technical information to your desktop. Drawing on Que authors and reviewers to provide additional information on topics you’re interested in, InformIT.com has free, in-depth information you won’t find anywhere else.

Articles Keep your edge with thousands of free articles, in-depth features, interviews, and information technology reference recommendations – all written by experts you know and trust.

Online Books Answers in an instant from InformIT Online Books’ 600+ fully searchable online books. Sign up now and get your first 14 days free.

Catalog Review online sample chapters and author biographies to choose exactly the right book from a selection of more than 5,000 titles.

As an InformIT partner, Que has shared the knowledge and hands-on advice of our authors with you online. Visit InformIT.com to see what you are missing.

w w w. q u e p u b l i s h i n g . c o m

MCTS 70-620 Exam Prep: Microsoft Windows Vista Client Configuring [Exam Prep Series]

MCTS 70-680 Exam Cram: Microsoft Windows 7, Configuring

Certified Ethical Hacker Exam Prep

MCTS: Microsoft Windows Vista Client Configuration Study Guide: Exam 70-620

MCTS Windows 7 Configuring 70-680 Exam Study Guide

MCTS Microsoft Windows Vista client configuration: study guide

Prep

MCTS Windows Vista Client Configuration Study Guide (Exam 70-620) (Study Guide & CD)

MCTS Guide to Microsoft Windows Vista

Prep

MCTS Self-Paced Training Kit (Exam 70-515): Web Applications Development with Microsoft .NET Framework 4 (Mcts 70-515 Exam Exam Prep)

MCTS Guide to Microsoft Windows 7: Exam #70-680

MCTS Self-Paced Training Kit (Exam 70-515): Web Applications Development with Microsoft .NET Framework 4 (Mcts 70-515 Exam Exam Prep)

MCTS Guide to Microsoft Windows 7: Exam #70-680

MCTS Windows Vista Client Configuration Study Guide (Exam 70-620) (Study Guide & CD)

MCTS Self-Paced Training Kit (Exam 70-526): Microsoft .NET Framework 2.0 Windows-Based Client Development

MCSE 70-290 Exam Prep: Managing and Maintaining a Microsoft® Windows Server™ 2003 Environment

MCTS Self-Paced Training Kit (Exam 70-526): Microsoft .Net Framework 2.0 Windows -Based Client Development

Microsoft Windows Vista Administration

MCITP Exam 70-642 Prep Kit: Independent and Complete

Reading Between The Lines (Academic Exam Prep. and Tutorial Guides)

LPIC Prep Kit 101 General Linux I (Exam guide

Advanced CISSP Prep Guide: Exam Q&A

Microsoft Windows Vista Unleashed

Хакинг Microsoft Windows Vista

Microsoft Windows Vista Unleashed

Microsoft Windows Vista Unveiled

Microsoft Windows Vista Megahandboek

Easy Microsoft Windows Vista

Advanced CISSP prep guide: exam Q & A

Microsoft Windows Vista Unleashed

MCTS 70-620 Exam Prep: Microsoft Windows Vista Client Configuring [Exam Prep Series]

MCTS 70-680 Exam Cram: Microsoft Windows 7, Configuring

Certified Ethical Hacker Exam Prep

MCTS: Microsoft Windows Vista Client Configuration Study Guide: Exam 70-620

MCTS Windows 7 Configuring 70-680 Exam Study Guide

MCTS Microsoft Windows Vista client configuration: study guide

Prep

MCTS Windows Vista Client Configuration Study Guide (Exam 70-620) (Study Guide & CD)

MCTS Guide to Microsoft Windows Vista

Prep

MCTS Self-Paced Training Kit (Exam 70-515): Web Applications Development with Microsoft .NET Framework 4 (Mcts 70-515 Exam Exam Prep)

MCTS Guide to Microsoft Windows 7: Exam #70-680

MCTS Self-Paced Training Kit (Exam 70-515): Web Applications Development with Microsoft .NET Framework 4 (Mcts 70-515 Exam Exam Prep)

MCTS Guide to Microsoft Windows 7: Exam #70-680

MCTS Windows Vista Client Configuration Study Guide (Exam 70-620) (Study Guide & CD)

MCTS Self-Paced Training Kit (Exam 70-526): Microsoft .NET Framework 2.0 Windows-Based Client Development

MCSE 70-290 Exam Prep: Managing and Maintaining a Microsoft® Windows Server™ 2003 Environment

MCTS Self-Paced Training Kit (Exam 70-526): Microsoft .Net Framework 2.0 Windows -Based Client Development

Microsoft Windows Vista Administration

MCITP Exam 70-642 Prep Kit: Independent and Complete

Reading Between The Lines (Academic Exam Prep. and Tutorial Guides)

LPIC Prep Kit 101 General Linux I (Exam guide

Advanced CISSP Prep Guide: Exam Q&A

Microsoft Windows Vista Unleashed

Хакинг Microsoft Windows Vista

Microsoft Windows Vista Unleashed

Microsoft Windows Vista Unveiled

Microsoft Windows Vista Megahandboek

Easy Microsoft Windows Vista

Advanced CISSP prep guide: exam Q & A

Microsoft Windows Vista Unleashed

Recommend Documents