1. Enabling and Configuring File History
Go to my Documents folder here. So go to the documents. and I’m just going to create a file. I’m just going to call it Important Info for lack of a better name. We’ll go into that file, and we’re just going to put something like, “This is the original date data.” and I’m going to save that information now. So file and then save, and then we’ll close it out, okay? So from there, I’ve got my original information, my original data, still there. Everything is good. And I’m going to enable file history. Keep in mind that enabling file history is something we need to make sure we understand how to do for the exam. So search. I’m going to go to the control panel. So I’m going to type the word Control there, and we’re going to get into Control Panel, which is where file history is going to be.
If you get into Control Panel, you’re going to see that you have an object here called File History. So I’m going to click that, and you’re going to notice that file history is not turned on by ng to notice I do have to have a place where I can store my backups of data. It won’t let you store the file history backups in the same exact spot that you’re backing up. So if you’re backing up stuff on your C drive, it’s not going to let you back up to your C drive. You can get around this by creating a network share on your C drive and backing up to a network path, or a network share, if you prefer. But, as you can see, I’m backing up to my F drive here. So the stuff that’s on my C drive or my E drive, whatever, can get back up to my F drive. Okay? So I’m just going to go ahead and turn this on now. So we’ll say turn it on, and it takes a couple of moments just to kind of get kicked in here. But once this has kicked in, it’s going to now set up this volume shadow service to make sure that it’s monitoring and indexing files that I changed.
So get this: I can now open up File Explorer here. And again, you can still see if I double-click on my file that the original data is all still there, right? I’m going to change it. I’m going to say, “Ha ha, the data is no longer original.” All right, so we changed it. We’re going to close the file, so save it. And oh no, my data has now been overwritten, right? So what I’m going to do is go to the properties of that file, okay? You can right-click and go to properties, or you can click Home, click Properties, and then I want you to notice something cool. There’s a tab right here called “Previous Version.” So I’m going to click on that and look you up there. It tells me the date and time this was backed up. I can now click “open” on that file, and you can see that the original data is there. And if I want, I can actually restore this file over the copy that’s there. Now, simply by clicking Restore, I can replace the file that’s there now. Okay. At that point, I’d replaced it, and there it is. If I open it up, you’ll notice it’s back to the original file.
So, it’s really easy and really simple to use. And remember, it’s only backing up things that have changed, so it’s not having to back up large amounts of data. And you would not want to do this with something like a database. But as you can see, it’s pretty easy to use. You can also, again, change the location of where it’s going to be. You can force it to run. Now, if you wanted to create a copy right now, you could have it exclude certain folders that you don’t want it to back up. You also have advanced settings where you can adjust how often it’s going to do it. You’ll notice it will do it every hour, but I could take that down to every ten minutes if I want. You can tell it to save changes indefinitely until you run out of hard drive space. Or you can have a cycle where it stops doing it after a while. It no longer keeps a version from a month ago, or three months, six months, nine months, or a year ago. You can control some of that there. And then, of course, it’s also going to log events into the event viewers. You’ll have a log of what’s being backed up and all that good stuff, but it’s a pretty easy service to use.
2. Using Microsoft OneDrive as a Cloud storage solution
navigating to the file explorer You’ll see one drive over here on the left side. When you first click on it, it’s going to prompt you to put in your Microsoft account. You’ll enter your Microsoft account information if you already have one. Okay. But if you don’t have a Microsoft account, it will let you create one for free. And then at that point, you have a OneDrive account. As you can see, I’ve got documents, I’ve got pictures, and all that is being stored up in the cloud. I’ve got a couple of files here. One says, “Do not delete.” One says “imported.” Okay. I could create another file here if I wanted another text file. We’ll call it statistics.
Okay. Put some information in. It’s a bunch of numbers. Okay. All right, so there are our stats, whatever they are. And that’s all synchronised knows. That little green checkmark means that it’s been synchronised to the cloud. When it’s synchronizing, it has a little spinning icon that you can see if you look closely. But everything is synchronised with the cloud. I can actually check to see if it’s synchronized to the cloud by opening up my web browser and going to OneDrive Live. And I can see by logging onto this website that I can click on my documents and see the documents that are there. Okay, so as you can see, there’s the statistics document that I just added. I can click on that, and I can even open it through the web browser if I want. So you can edit, make changes to it all through this web browser if you want, or edit what’s on your hard drive. And, of course, this can synchronise with other computers and all that good stuff. Now I can also go in and change something. So I’ve got this important file here, and I’m just going to put the word changed on it.
So hit File Save, exit out of that, and of course it synchronizes to the cloud. Now watch this. Okay, I can right-click the file. And notice I’ve got version history right here. I can click on it, and it’ll show me. I’ve got one from 12 seconds ago. I’ve got one from 16 minutes ago. I can go back in time on that file if I want to. So I can switch to another version if I want. I can say repair. I can download it to another location. I can choose whichever one of those I want. Now it’s restoring the file back to the way it was. Okay, so there you go. I closed out of that, and I’ve now got the file back to the way it was. Of course, you can also delete files, so you can delete the file. Okay, it’s now deleted. Okay. I can actually go into OneDrive and undelete it if I want here. Also, you can go to your website. You can go to the recycling bin. And there it is. Say I can restore this file if I want. All I have to do is click the file, and then I can click Restore. if I want to permanently delete it. I can do it that way. So I can click Restore, and the file is going to get restored back into my files over here, into the Documents folder, so it will be undeleted. Okay? And there it is. And if I show back up in my local File Explorer version, I’ll notice it’s there.
Now it will show you this little cloud icon. It’s just basically saying, “Hey, this is out in the cloud right now, but it hasn’t been downloaded yet.” If I open the file locally, watch what happens. It’s going to synchronize. And now the file is officially downloaded. So as you can see, OneDrive is very easy to use. You can synchronise all sorts of files. Files, videos, pictures, audio, whatever you want. You can create other folders inside OneDrive if you want. There’s all sorts of stuff there’s.very simple to use, very user friendly If you move into the Microsoft 365 cloud stuff and Azure ads, If you get an Office 365 account, you actually get what’s called “One Drive for Business.” And at that point, every user who has a OneDrive for Business account actually gets 1TB of cloud storage as part of the deal. If your company uses Office 365, this is a fantastic feature. So it’s really easy to use and really easy to manage. Now OneDrive is a personal thing. You can’t really control it very much in a business. However, if you have OneDrive for Business, you can control that in your company. You can have policies that dictate what people can and cannot do. Okay, so hopefully that gives you guys a good understanding of OneDrive. It’s really easy to use. It’s not too difficult to learn.
3. Windows Recovery Options
System image ecovery. If you remember, I talked about the little backup tool and I could create an image, and I could actually recover using that image if I had an image right here. This is a startup repair. So if I’m having some startup problems, I might be able to repair those problems by going there. And then finally, I’ve got a command prompt. I can also troubleshoot using some commands if I am having some issues with Windows. And then you have startup settings, which I’m going to click on, which will let me enter something called the advanced boot menu. And if I do that, I have all these options. Here, let me zoom in on those for you. Okay, so the first option you’ll notice I have is to enable low-resolution video mode. So this is going to let me boot my computer up using the default graphics settings. I had a computer one time; somebody else had. They ran a programme that changed the resolution so high on their computer they couldn’t see anything.
So we’d reboot the computer, and the monitor would go dark. So the way I fixed it was that I actually booted the computer in low resolution video mode, and I was able to change the settings to a lower resolution. You’ve also got debugging mode. In Windows, this will generate debugging log information. So if you’re really having some problems, you can try and troubleshoot using this debugging mode. If you ever get on Microsoft’s Help Desk and you get to, like, Tier 3, sometimes they’ll let you submit that information and they’ll help you troubleshoot it. You could enable just boot logging if you wanted. And that’s just going to show you some log messages that pop up while the computer is in the process of information an And it’ll let you know if something is stopping you from booting, like a service, a file, or something like that. You have “safe mode.” Now there are three versions of Safe Mode. You don’t see them here, but if you rebooted right now, you would. You have just regular Safe Mode, which is going to let you boot Windows into a mode that uses all of the bare minimum requirements that are needed to boot Windows.
So bare minimum drivers, bare minimum services—all of that stuff is going to be done through Safe Mode. This is great. If Windows is having issues and I’m afraid that some services, applications, or something else is breaking, perhaps some drivers, safe mode will disable all of that and allow you to boot up. Safe Mode with Networking is a second version of Safe Mode that allows you to boot into Safe Mode with your network drivers. Regular safe mode doesn’t give you network drivers. But safe mode with networking will Finally, there’s Safe Mode, and command prompt simply allows you to boot up Safe Mode into a command-line interface. So if your graphical side is really jacked up and you need to at least get in and run some commands, you might be able to use Safe Mode with Command Prompt. This next option disables driver signature enforcement. As a result, all drivers that run in Windows are digitally signed by default. But let’s say your company had a customised piece of hardware and they had a special driver that was built for it.
They wanted to install that piece of hardware, but the driver was not trusted or signed by Microsoft. You can disable the requirement that it be signed by using this option. Keep in mind that you do have to be an administrator in order to do that. All right, this next option disables early-launch antimalware protection. So we have virus protection that’s going to scan our computer while it’s booting. You can imagine, though, what might happen: somehow the virus scanner thought you had a virus, and it’s preventing you from booting. So what you could do is disable that so that you can go ahead and get past that and boot up and hopefully fix whatever’s going on. The problem with that is that it creates a Catch 22 situation. If you had a virus and it was preventing you from booting, or the antivirus was preventing you from booting because of the virus, you had to disable it so you could boot and hopefully clean it. It’s kind of a Catch 22 there.
But this last thing disables automatic restart on system failure. So one of the things that can happen if you do something that Windows doesn’t expect or if a programme does something that Windows doesn’t expect is that you get the legendary “blue screen of death.” So when that happens, the “blue screen of death” is going to do what’s called a memory dump. It’s going to take everything in memory and dump it into a file, leaving you to decipher it later. It’ll also give you an error message. The problem is that sometimes that error message flashes up on the screen so fast that we don’t actually get to see what it is, and then the computer reboots. So what this does is disable that automatic reboot so that I would have time to look at the error message if I wanted. Okay. Okay. So those are your advanced startup options, and that is the Windows registry. And those are some of the things I can do to help me recover Windows.
4. Understanding Windows 10 boot configuration settings
So here they are. And if I just maximise that a little bit, if I click on a service, you can see a description of each one. I encourage you to learn what all the different services are at some point, or at least the critical ones in Windows. This will help you in troubleshooting malware as well, because lots of viruses and things like that like to make themselves a service, okay?
But that way, they can start every time the computer starts. Notice, though, that you have these different services, and some of them are running and some of them are not. So you can see right there that you don’t have to run every single service in Windows. Okay, here’s the print spooler service that I was just talking about. Let me zoom in on that for you. Okay, there’s the print spooler service. Notice it’s running. Okay, let’s double-click on that service, and when you double-click on it, you get a box that looks like this: And here’s your description: And I want to show you that there are things called startup types. Startup types determine whether or not the service will be launched and when it will be launched. So when your computer boots up, if you select automatic, your service is going to automatically start when the computer boots, okay? Automatic gets the highest priority of the services that get started.
You’ve also got Automatic delayed start. Now that one is actually going to delay it’ll.Wait for all the automatic services to start, and then the delayed start will go next. So these are lower-priority services. You can also do it manually. Make it so the service does not start when your computer boots, but you can manually start it if you need to. Another possibility is that other services will begin this service if you or they require it. So if there is a service that depends on this service, it can start. If you look up here, there’s a tab called Dependencies. I can click on that, and I can see that this service depends on certain other services, and there are services that depend on this service. Notice that it says this service depends on the following system components: So these things have to be running for this service to start.
If these are not running, this service can’t start. But if you read this, it says the following system components depend on this service. So the fax service, for example, So in other words, if the fax service tries to start and the principal or service can’t be started, then it’s not going to be able to start the fax service. Okay? Now the other thing I’ll note about that is that if you set this to manual and the fax service was to try to start, the fax service can trigger this service to start if it’s set to manual. I can also set the service to disabled; if I do that, nothing can start it. Before a service can be started, it must first be “disabled.” Okay? All right. Now the next thing I want to show you is up here on the log-on tab. It’s critical that you understand the distinction here with logon. This is something you will undoubtedly be tested on, so make sure you understand it. So a service, when it runs, has got to run under the authority of an account. By default. The account that it’s going to use is called the System account.
The local system account is There are a couple of things to note there. Number one, the Local System account has admin rights over your computer because it’s the operating system. The second thing to keep in mind is that localSystem Account cannot traverse the network. So this computer and this service would not be allowed to interact with other computers across your this serviYou could also allow the service to interact with your desktop, which would allow it to make changes to your desktop environment if you wanted to do that. But if it’s not a service that’s supposed to interact with the end user’s desktop environment, then you wouldn’t have to select that. There is nothing significant there that I should be concerned about. However, you must understand the distinction between this option and this option here.
Okay? So now, if I choose this account, I can actually create a user account and point to that user account right now on my computer. Okay? So let’s pretend that I pointed to this admin account right here. I could do that, and at that point, this admin account would be the account that this service uses when it tries to perform whatever actions it’s going to perform. Now there’s some good news and bad news onthat depending upon the way you look at it. By using this account, the service is restricted to the permissions that this account has. Now, in this case, it’s an admin account, so it doesn’t have a lot of restrictions. Okay? But you could if you wanted to restrict a service, and the best way to do that is to create a user account. Restrict the user account by using permissions, and we talked about permissions before. Okay, restrict the user account, and then at that point, assign the service to that user account. The other advantage of having this account is that it can traverse the network unless you deny it access.
So if you had a service that needed to be able to interact with other computers on the network, you would want to make sure you had this account selected as some kind of network account that it could use across the network. If you did not want this computer to use this service to be able to interact with other computers across the network, It’s probably going to be better to go with local system accounts. Okay, so those are your options on that. Keep in mind that many worms and other malware that infect people’s computers prefer to create a network service in order to cross the network and infect other computers. So you want to watch out for any rogue user accounts or something that gets created.
You’ve also got a recovery tab. This is going to be used if the service is having problems starting. It will decide what to do. If there’s a failure, it’ll keep trying, and you can decide how many times you want it to keep trying and how you want it to log the failure and all that good stuff, okay? All right. Now we’ve also learned that we can start and stop services. We talked about how we could do this through PowerShell as well. I can see my services, I can get service, and I can see my services. Is it okay if I say “stop service” to stop a service? and then specify the name. If I want to start a service, I can do “start dash service,” okay? And also, sort of the old way to do it, if you were just in the command prompt, you could actually type “net stop.” For example, “net stop spooler” would terminate the spooler service, while “net start” would restart the school or service. So that’s sort of the old way to do it that didn’t require PowerShell, but those are some of the ways that you can start and stop services. Okay. And hopefully, you now have a good understanding of what services are and how to configure them.
5. Understanding the Windows 10 Services
So here they are. And if I just maximise that a little bit, if I click on a service, you can see a description of each one. I encourage you to learn what all the different services are at some point, or at least the critical ones in Windows. This will help you in troubleshooting malware as well, because lots of viruses and things like that like to make themselves a service, okay? But that way, they can start every time the computer starts. Notice, though, that you have these different services, and some of them are running and some of them are not. So you can see right there that you don’t have to run every single service in Windows.
Okay, here’s the print spooler service that I was just talking about. Let me zoom in on that for you. Okay, there’s the print spooler service. Notice it’s running. Okay, let’s double-click on that service, and when you double-click on it, you get a box that looks like this: And here’s your description: And I want to show you that there are things called startup types. Startup types determine whether or not the service will be launched and when it will be launched. So when your computer boots up, if you select automatic, your service is going to automatically start when the computer boots, okay? Automatic gets the highest priority of the services that get started. You’ve also got Automatic delayed start. Now that one is actually going to delay it’ll.Wait for all the automatic services to start, and then the delayed start will go next. So these are lower-priority services.
You can also do it manually. Make it so the service does not start when your computer boots, but you can manually start it if you need to. Another possibility is that other services will begin this service if you or they require it. So if there is a service that depends on this service, it can start. If you look up here, there’s a tab called Dependencies. I can click on that, and I can see that this service depends on certain other services, and there are services that depend on this service. Notice that it says this service depends on the following system components: So these things have to be running for this service to start. If these are not running, this service can’t start. But if you read this, it says the following system components depend on this service. So the fax service, for example, So in other words, if the fax service tries to start and the principal or service can’t be started, then it’s not going to be able to start the fax service. Okay? Now the other thing I’ll note about that is that if you set this to manual and the fax service was to try to start, the fax service can trigger this service to start if it’s set to manual.
I can also set the service to disabled; if I do that, nothing can start it. Before a service can be started, it must first be “disabled.” Okay? All right. Now the next thing I want to show you is up here on the log-on tab. It’s critical that you understand the distinction here with logon. This is something you will undoubtedly be tested on, so make sure you understand it. So a service, when it runs, has got to run under the authority of an account. By default. The account that it’s going to use is called the System account. The local system account is There are a couple of things to note there. Number one, the Local System account has admin rights over your computer because it’s the operating system. But the second thing to note is that localSystem accounts cannot cross the network. So this computer and this service would not be allowed to interact with other computers across your d this servYou could also allow the service to interact with your desktop, which would allow it to make changes to your desktop environment if you wanted to do that. But if it’s not a service that’s supposed to interact with the end user’s desktop environment, then you wouldn’t have to select that. There is nothing significant there that I should be concerned about. However, you must understand the distinction between this option and this option here.
Okay? So now, if I choose this account, I can actually create a user account and point to that user account right now on my computer. Okay? So let’s pretend that I pointed to this admin account right here. I could do that, and at that point, this admin account would be the account that this service uses when it tries to perform whatever actions it’s going to perform. Now there’s some good news and bad news onthat depending upon the way you look at it. By using this account, the service is restricted to the permissions that this account has. Now, in this case, it’s an admin account, so it doesn’t have a lot of restrictions. Okay? But you could if you wanted to restrict a service, and the best way to do that is to create a user account. Restrict the user account by using permissions, and we talked about permissions before. Okay, restrict the user account, and then at that point, assign the service to that user account. The other advantage of having this account is that it can traverse the network unless you deny it access. So if you had a service that needed to be able to interact with other computers on the network, you would want to make sure you had this account selected as some kind of network account that it could use across the network. If you did not want this computer to use this service to be able to interact with other computers across the network, It’s probably going to be better to go with local system accounts.
Okay, so those are your options on that. Keep in mind that many worms and other malware that infect people’s computers prefer to create a network service in order to cross the network and infect other computers. So you want to watch out for any rogue user accounts or something that gets d infect otheYou’ve also got a recovery tab. This is going to be used if the service is having problems starting. It will decide what to do. If there’s a failure, it’ll keep trying, and you can decide how many times you want it to keep trying and how you want it to log the failure and all that good stuff. Okay? All right. Now we’ve also learned that we can start and stop services. We talked about how we could do this through PowerShell as well. I can see my services, I can get service, and I can see my services. Is it okay if I say “stop service” to stop a service? and then specify the name. If I want to start a service, I can do “start dash service,” okay. And also, sort of the old way to do it, if you were just in the command prompt, you could actually type “net stop.” Like I could do “net stop spooler,” which would stop the spooler service, and “net start,” which would start the spooler service. So that’s sort of the old way to do it that didn’t require PowerShell, but those are some of the ways that you can start and stop services. Okay. And hopefully, you now have a good understanding of what services are and how to configure them.