3.

1 Introduction

Booting
Booting is basically the process of starting the computer. When the CPU is first
switched on it has nothing inside the Memory. In order to start the Computer, load
the Operating System into the Main Memory and then Computer is ready to take
commands from the User. Learn the types of booting.

What happens in the Process of Booting?

Booting happens when you start the computer. This happens when we turned ON
the power or the computer restarts. The system BIOS (Basic Input/Output System)
makes the peripheral devices active. Further, it requires that the boot device loads
the operating system into the main memory.

Booting

Boot Devices
Booting can be done either through hardware (pressing the start button) or by
giving software commands. Therefore, a boot device is a device that loads the
operating system. Moreover, it contains the instructions and files which start the
computer. Examples are the hard drive, floppy disk drive, CD drive, etc. Among
them, the hard drive is the most used one.
Browse more topics under Classification of Computers

• Basics of Computer and its Operation

• Functional Components and their Interconnections

Types of Booting
There are two types of booting:

Cold Booting

A cold boot is also called a hard boot. It is the process when we first start the
computer. In other words, when the computer is started from its initial state by
pressing the power button it is called cold boot. The instructions are read from
the ROM and the operating system is loaded in the main memory.

Warm Booting

Warm Boot is also called soft boot. It refers to when we restart the computer. Here,
the computer does not start from the initial state. When the system gets stuck
sometimes it is required to restart it while it is ON. Therefore, in this condition the
warm boot takes place. Restart button or CTRL+ALT+DELETE keys are used for
warm boot.

Steps of Booting
We can describe the boot process in six steps:

1. The Startup

It is the first step that involves switching the power ON. It supplies electricity to the
main components like BIOS and processor.

2. BIOS: Power On Self Test

It is an initial test performed by the BIOS. Further, this test performs an initial
check on the input/output devices, computer’s main memory, disk drives, etc.
Moreover, if any error occurs, the system produces a beep sound.

3. Loading of OS
In this step, the operating system is loaded into the main memory. The operating
system starts working and executes all the initial files and instructions.

4. System Configuration

In this step, the drivers are loaded into the main memory. Drivers are programs that
help in the functioning of the peripheral devices.

5. Loading System Utilities

System utilities are basic functioning programs, for example, volume control,
antivirus, etc. In this step, system utilities are loaded into the memory.

6. User Authentication

If any password has been set up in the computer system, the system checks for
user authentication. Once the user enters the login Id and password correctly the
system finally starts.

Frequently Asked Questions (FAQs)

Q1. What is booting?

A1. The starting up of the computer is known as booting. It initiates all the devices
before starting any work on the computer. Moreover, the operating system is loaded
into the main memory.

Q2. What is BIOS?

A2. BIOS stands for Basic Input/Output System. It helps in the functioning of all
the input/output devices. Further, it also helps to start and initiate the working of all
devices during the boot process.

Q3. What are the boot devices?

A3. Boot devices are the devices that have the operating system loaded inside them
during the boot process. Common devices are the hard drive, disk drive, floppy
drive, etc.

Q4. What are the types of booting?

A4. There are two types of the boot:

1. Cold Boot/Hard Boot

2. Warm Boot/Soft Boot
Q5. Why do we need booting?

A5. We perform this so that the operating system along with the initial files and
instructions load into the main memory. And as a result, the computer starts.

Q6. What are the basic steps of booting?

A6. Basic steps are:

1. The start-up
2. Power On Self Test
3. Loading OS
4. System Configuration
5. Loading system utilities
6. User authentication

Computer Management
Computer Management is a collection of Windows administrative tools that you
can use to manage a local or remote computer. The tools are organized into a
single console, which makes it easy to view administrative properties and to gain
access to the tools that are necessary to perform your computer-management tasks.

Computer Management is a Microsoft Windows MMC snap-

in that was first introduced with Windows XP. It allows access
to admin tools, including the Event Viewer, Task Scheduler,
local users and groups, performance logs and alerts, Device
Manager, Disk Management, and the Services manager.
How to open Windows Computer Management
1. Press Windows key+X to open the Power User Tasks Menu.

2. Select Computer Management (or press G).

Or:

1. Open the Control Panel.

2. Open Administrative Tools.

If using the Classic, Small icons, or Large icons view,

click Administrative Tools.

If using the Category view, in the Search Control Panel field at

the top-right, type administrative tools, then click
the Administrative Tools entry in the search results.

3. In the Administrative Tools window, click or double-click the

shortcut for Computer Management.
Disk Management
Disk Management is a Microsoft Windows utility first
introduced in Windows XP as a replacement for the fdisk
command. It enables users to view and manage the disk
drives installed in their computer and
the partitions associated with those drives. As the image
below shows, each drive is displayed followed by the layout,
type, file system, status, capacity, free space, % free, and
fault tolerance.
How to open Windows Disk Management
1. Click Start and access the Run option. You can also
press Windows key+R on the keyboard to open the Run option.

2. Type diskmgmt.msc and press Enter.

Tip
In Windows 8, you can type "diskmgmt.msc" directly on the Start
screen to access Disk Management.
or

1. Open the Control Panel.

2. Double-click Administrative Tools if in Classic View, or

click Performance and Maintenance and
then Administrative Tools if in Category View.

Note
If you do not have admin rights to the computer, this is not
available.
3. Once in the Administrative Tools window, double-
click Computer Management and then click Disk
Management under the Storage section.

The System process can be viewed as a special kind of process that hosts threads that
only run in kernel mode. Its related file name is ntoskrnl.exe and it is located in
C:\Windows\System32\ folder. It is responsible for various system services such as
hardware abstraction, process and memory management, etc
System process (ntoskrnl.exe) High Disk or
CPU usage
There are different factors that can cause a change in the performance of
your Windows 10 device. This includes recent updates, changes in the
device driver versions, etc. You can try these solutions to fix the problem.

1. Update old drivers or roll back to the earlier update

2. Clear the Page file at shutdown
3. Don’t use a Power saver plan
4. Use SysInternals Process Explorer
5. Disable Idle task
6. Use Event Tracing for Windows to capture CPU sampling data

1] Update old drivers or roll back to the earlier update

Drivers are programs that control particular devices connected to your
motherboard. So, keeping them up-to-date may help in eliminating any
compatibility issues or bugs that cause increased CPU usage. On the other
hand, if you find that the new update is interfering with the normal
functioning of your PC and causing High Disk or CPU usage,
consider rolling back to the earlier version of the driver.

2] Clear the Page file at shutdown

Open the Registry Editor and navigate to the following path address –

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Ses
sion Manager
Find the Memory Management folder.

Next, right-click the ClearPageFileAtShutDown and select Modify option.

Then, in the Edit DWORD Value screen that appears, change the value
of ClearPageFileAtShutDown from 0 to 1 and click on OK.
This will clear Page File at every shutdown and lower the high RAM usage in
Windows 10.

3] Don’t use a Power saver plan

Some power settings throttle the speed of the CPU, irrespective of the
device in use. As such, it becomes necessary to check your Power Options.
Type Edit Power Plan in the Search bar and hit Enter. Once open,
click Power Options in the address bar at the top of the window.

Click Show additional plans drop-down button, then change your Power
Plan. Don’t use a Power Saver plan – Use Balanced or High Performance.

Now open Task Manager again to see if CPU usage returns to normal.

4] Use SysInternals Process Explorer

SysInternals is an advanced system utility that can be used to identify the
driver that is causing high CPU usage in Windows 10. Run the program as
an administrator and locate the System in the list of running processes.
Then, right-click it and choose the Properties option.

Next, switch to the Threads tab. Sort the list of modules loaded by the kernel by the rate of
CPU usage (CPU column). Note down the name of a component or a driver in the Start
Address column, causing high load, and terminate it.
Hopefully, this should help you troubleshoot.

Fix: NTOSKRNL.exe BSOD on Windows

5] Disable Idle task

You can disable it via Task Scheduler easily. Just launch it and navigate to
Microsoft.

Then, choose the Windows sub-folder under it.

Expand the MemoryDiagnostic folder > TaskScheduler and
select RunFullMemoryDiagnostic from the right-pane. Right-click it and
choose Disable option to stop the process.

6] Use Event Tracing to capture CPU Sampling data

Event Tracing for Windows enables the capture of kernel and application
events in a consistent, straightforward manner. By capturing and presenting
selected events, you can identify and diagnose system and application
performance issues. Thereafter, you can follow a desired course of action to
correct the errant behavior. This method is more suitable for IT admins.

PID
PID may refer to any of the following:

2. Short for process identifier, a PID is a unique number that

identifies each running processes in an operating system, such as
Linux, Unix, macOS, and Microsoft Windows. The output below
shows a few of the processes running in Windows and their
associated PIDs listed in the PID column.

Image Name PID Session Name Session # Mem Usage

System Idle Process 0 Services 0 24 K

System 4 Services 0 154,040 K

smss.exe 308 Services 0 1,424 K

avgchsva.exe 400 Services 0 127,476 K

Listing running PIDs

• Microsoft Windows users can use the tasklist command from
the command line to list all tasks and associated PID. Within
Windows, you can see each of the services PID by opening the
Services tab in Task Manager.
• Unix and Linux users can list PIDs using the ps command and
the top command.
Stopping or killing a PID
• Microsoft Windows users can end a PID using the taskkill
command from the command line or through the Task
Manager.
• Linux and Unix users can kill a PID using the kill command.

User mode and kernel mode

• Article
• 12/15/2021
• 2 minutes to read
• 1 contributor

In this article
1. User mode
2. Kernel mode
3. Related topics

A processor in a computer running Windows has two different modes: user

mode and kernel mode.

The processor switches between the two modes depending on what type of code is
running on the processor. Applications run in user mode, and core operating system
components run in kernel mode. While many drivers run in kernel mode, some
drivers may run in user mode.

User mode
When you start a user-mode application, Windows creates a process for the
application. The process provides the application with a private virtual address
space and a private handle table. Because an application's virtual address space is
private, one application cannot alter data that belongs to another application. Each
application runs in isolation, and if an application crashes, the crash is limited to that
one application. Other applications and the operating system are not affected by the
crash.

In addition to being private, the virtual address space of a user-mode application is

limited. A processor running in user mode cannot access virtual addresses that are
reserved for the operating system. Limiting the virtual address space of a user-mode
 application prevents the application from altering, and possibly damaging, critical
operating system data.

Kernel mode
All code that runs in kernel mode shares a single virtual address space. This means
that a kernel-mode driver is not isolated from other drivers and the operating system
itself. If a kernel-mode driver accidentally writes to the wrong virtual address, data
that belongs to the operating system or another driver could be compromised. If a
kernel-mode driver crashes, the entire operating system crashes.

This diagram illustrates communication between user-mode and kernel-mode

components.

Difference Between Kernel mode and User mode:

Criteria Kernel Mode User Mode

In kernel mode, the program

Kernel-mode has direct and unrestricted In user mode, the application
vs User mode access to system resources. program executes and starts.
 Criteria Kernel Mode User Mode

In Kernel mode, the whole

operating system might go In user mode, a single process fails if
Interruptions down if an interrupt occurs an interrupt occurs.

Kernel mode is also known as User mode is also known as the

the master mode, privileged unprivileged mode, restricted mode,
Modes mode, or system mode. or slave mode.

In kernel mode, all processes

Virtual share a single virtual address In user mode, all processes get
address space space. separate virtual address space.

In kernel mode, the

applications have more
Level of privileges as compared to user While in user mode the applications
privilege mode. have fewer privileges.

As kernel mode can access

both the user programs as well While user mode needs to access
as the kernel programs there kernel programs as it cannot directly
Restrictions are no restrictions. access them.

The mode bit of kernel-mode is While; the mode bit of user-mode is

Mode bit value 0. 1.

Memory It is capable of referencing It can only make references to

References both memory areas. memory allocated for user mode.

A system crash in kernel mode

is severe and makes things In user mode, a system crash can be
more complicated. recovered by simply resuming the
System Crash session.

Only essential functionality is User programs can access and

permitted to operate in this execute in this mode for a given
Access mode. system.

The kernel mode can refer to The user mode is a standard and
any memory block in the typical viewing mode, which implies
system and can also direct the that information cannot be executed
Functionality CPU for the execution of an on its own or reference any memory
 Criteria Kernel Mode User Mode

instruction, making it a very block; it needs an Application

potent and significant mode. Protocol Interface (API) to achieve
these things.

What Is a Startup?
The term startup refers to a company in the first stages of operations.
Startups are founded by one or more entrepreneurs who want to develop a
product or service for which they believe there is demand. These
companies generally start with high costs and limited revenue, which is
why they look for capital from a variety of sources such as venture
capitalists.

6 Types of Startups

• Scalable startups
• Small business startups
• Lifestyle startups
• Buyable startups
• Big business startups
• Social startups
In our modern world, where everyone strives to bring innovation, a good idea isn’t
enough to create a startup. To understand the features of different startups better,
you need to review the following six types.

• Scalable startups. Companies in a tech niche often belong to this group.

Since technology companies often have great potential, they can easily
access the global market. Tech businesses can receive financial support from
investors and grow into international companies. Examples of such startups
include Google, Uber, Facebook, and Twitter. These startups hire the best
workers and search for investors to boost the development of their ideas and
scale.
• Small business startups. These businesses are created by regular people
and are self-funded. They grow at their own pace and usually have a good
 site but don’t have an app. Grocery stores, hairdressers, bakers, and travel
agents are the perfect examples.
• Lifestyle startups. People who have hobbies and are eager to work on their
passion can create a lifestyle startup. They can make a living by doing what
they love. We can see a lot of examples of lifestyle startups. Let’s take
dancers, for instance. They actively open online dance schools to teach
children and adults to dance and earn money this way.
• Buyable startups. In the technology and software industry, some people
design a startup from scratch to sell it to a bigger company later. Giants like
Amazon and Uber buy small startups to develop them over time and receive
benefits.
• Big business startups. Large companies have a finite lifespan since
customers’ preferences, technologies, and competitors change over time.
That’s why businesses should be ready to adapt to new conditions. As a
result, they design innovative products that can satisfy the needs of modern
customers.
• Social startups. These startups exist despite the general belief that the main
aim of all startups is to earn money. There are still companies designed to do
good for other people, and they are called social startups. Examples include
charities and non-profit organizations that exist thanks to donations. For
instance, Code.org, a non-profit organization, encourages school students in
the US to learn computer science.
3.2 Windows Services

Active Directory
Active Directory (AD) is a database and set of services that connect users with the
network resources they need to get their work done. The database (or directory)
contains critical information about your environment, including what users and computers
there are and who's allowed to do what.

What are the features of Active Directory services?

Fundamental Directory Features

Feature Description

Location Able to find user, group, networked service, or resource, data without the
transparency object address

Able to store user, group, organization, and service data in a hierarchical

Object data
tree

Rich query Able to locate an object by querying for object properties

What are the 3 main components of an Active Directory?

The Active Directory structure is comprised of three main components: domains,

trees, and forests. Several objects, like users or devices that use the same AD
database, can be grouped into a single domain.

What are the 4 most important benefits of Active Directory?

Advantages and Benefits of Active Directory

Centralized resources and security administration. Single logon for access to

global resources. Simplified resource location.

How many types of Active Directory are there?

There are technically 7 different types of Active Directory. Each of them are deployed
in different way, places and for different purposes.

What is LDAP in Active Directory?

Lightweight Directory Access Protocol (LDAP) is an application protocol for working with
various directory services. Directory services, such as Active Directory, store user and
account information, and security information like passwords.

What are the 4 parts of an Active Directory?

The key components include domain, tree, forest, organizational unit, and site.
As you read through each structural component description, consider that domains,
trees, forest, and sites are not only integral with Active Directory but also integral
with DNS.

What is difference between Active Directory and domain controller?

A Domain Controller is a server on the network that centrally manages access for
users, PCs and servers on the network. It does this using AD. Active Directory is a
database that organises your company's users and computers.

Domain
Whats is my domain?

Look up Your Computer's Domain Name.

To find the Domain for your computer: For Windows machines, click on the Start
Menu, go to Control Panel, System and Security, then System. You'll see your
computer's domain name at the bottom.

What do they mean by domain?

What is a domain name? A domain name is your website name. A domain name is
the address where Internet users can access your website. A domain name is used
for finding and identifying computers on the Internet. Computers use IP addresses,
which are a series of number.

What are the 4 types of domain?

Different types of domain names
• .com: shorthand for commercial, .com was the first top-level domain in
common use. ...
• net: shorthand for network, . ...
• edu: shorthand for education, . ...
• org: shorthand for organization, . ...
• mil: shorthand for military, . ...
• gov: shorthand for government, .

The Domain Name System (DNS)

The Domain Name System functions by converting the domain name into an IP address
character set, via a Domain Name System server. This system is situated on millions of
servers the world over but acts as a single unified database.

When you type a domain name in your search browser, the browser then communicates
with a name server in order to find the IP address that is matched to that name.

If you have not specified a domain extension, that request will go through a server that
sorts by the Domain Name System hierarchy, starting with top-level extensions and then
moving on down the line. Unsurprisingly, this made the worldwide web infinitely easier to
navigate, which encouraged more people to utilize its services.

Top-Level Domains (TLDs)

In 1985, The Internet Assigned Numbers Authority (IANA) released six top-level domain
names. These top-level domains (TLD) became known as domain name extensions and
represent the highest level in the Domain Name System hierarchy. They include:
• .com: shorthand for commercial, .com was the first top-level domain in common
use. While .com was initially created for use by commercial organizations,
restrictions on this were not stringent. By the mid-1990s, .com had become the
most popular and commonly used type of top-level domain for businesses,
websites, and email.
• .net: shorthand for network, .net was created expressly for institutes that partook
in network technologies such as an internet service provider or an infrastructure
company. Like with .com, the restrictions meant to limit .net to networking
purposes were never upheld and it became one of the more popular top-level
domains, with many seeing it as a close second to using the .com top-level
domain.
• .edu: shorthand for education, .edu was made for education institutions. Although
it was intended for universities everywhere, the TLD .edu became associated with
only educational centers in America. Schools from other countries will use .edu in
conjunction with their country-level domain, which we will discuss in the next
section below.
• .org: shorthand for organization, .org was created for nonprofits. As we’ve seen
with these other top-level domains, such intentions were often not upheld or
enforced over time. These days .org is used as a top-level domain by nonprofits,
for-profit businesses, schools, and communities.
• .mil: shorthand for military, .mil was created expressly for U.S. military branches.
Unlike the other different types of top-level domains, this restriction is still
upheld. Now, it is quite common for .mil to use second and third-level domains in
conjunction with the .mil TLD.
• .gov: shorthand for government, .gov, like .mil, was restricted for American federal
governmental agencies and personnel use only. These days .gov is used by
governmental agencies, programs, cities, states, towns, counties, and Native
American tribes.
Tree
A tree is non-linear and a hierarchical data structure consisting of a collection
of nodes such that each node of the tree stores a value and a list of references
to other nodes (the “children”). This data structure is a specialized method to
organize and store data in the computer to be used more effectively.22-Jul-2022

Why Tree Data Structure?

Other data structures such as arrays, linked list, stack, and queue are
linear data structures that store data sequentially. In order to perform any
operation in a linear data structure, the time complexity increases with the
increase in the data size. But, it is not acceptable in today's computational
world.

Different tree data structures allow quicker and easier access to the data as
it is a non-linear data structure.
Tree Terminologies
Node

A node is an entity that contains a key or value and pointers to its child
nodes.

The last nodes of each path are called leaf nodes or external nodes that
do not contain a link/pointer to child nodes.
The node having at least a child node is called an internal node.
Edge

It is the link between any two nodes.

Nodes and edges of a tree

Root

It is the topmost node of a tree.

Height of a Node

The height of a node is the number of edges from the node to the deepest
leaf (ie. the longest path from the node to a leaf node).

Depth of a Node

The depth of a node is the number of edges from the root to the node.

Height of a Tree
The height of a Tree is the height of the root node or the depth of the
deepest node.

Height and depth of each node in a tree

Degree of a Node

The degree of a node is the total number of branches of that node.

Forest

A collection of disjoint trees is called a forest.

Creating forest
from a tree
You can create a forest by cutting the root of a tree.
Types of Tree
1. Binary Tree
2. Binary Search Tree
3. AVL Tree
4. B-Tree

Tree Traversal
In order to perform any operation on a tree, you need to reach to the
specific node. The tree traversal algorithm helps in visiting a required node
in the tree.

To learn more, please visit tree traversal.

Tree Applications
• Binary Search Trees(BSTs) are used to quickly check whether an
element is present in a set or not.

• Heap is a kind of tree that is used for heap sort.

• A modified version of a tree called Tries is used in modern routers to

store routing information.

• Most popular databases use B-Trees and T-Trees, which are variants
of the tree structure we learned above to store their data

• Compilers use a syntax tree to validate the syntax of every program

you write.
There are two types of groups in Active Directory: Distribution groups: Used to create
email distribution lists. Security groups: Used to assign permissions to shared
resources.
...
Group scope
• Universal.
• Global.
• Domain Local.

Active Directory Groups Types

The Active Directory groups are a collection of Active Directory objects.

The group can include users, computers, other groups, and other AD objects.
The administrator manages the group as a single object. In Windows, there
are 7 types of groups: two domain group types with three scope in each and
a local security group. In this article, we’ll talk about the different types of
Active Directory groups, the differences between them, group scopes, and
will show you how to create AD groups and manage them in several ways.

Types of Active Directory Groups

Active Directory groups can be used:

• To simplify the administration by assigning share (resource)

permissions to a group rather than individual users. When you assign
permissions to a group, all of its members have the same access to the
resource;
• To delegate Active Directory administrative tasks by assigning
permissions to a group. In the future, you can add new members to
the group who need the permissions granted by this group;
• Link Group Policy objects (GPOs) to groups to apply custom settings
by using Security Filtering or Group Policy Preferences Item-Level
Targeting;
 • To create email distribution lists.

There are two types of AD groups:

• Active Directory Security Groups. This type of group is used to

provide access to resources (security principal). For example, you want
to grant a specific group access to files on a network shared folder. To
do this, you need to create a security group;
• Active Directory Distribution Groups. This type of group is used to
create email distribution lists (usually used in Microsoft Exchange
Server). An e-mail sent to such a group will reach all users (recipients)
in the group. This type of group cannot be used to provide access to
domain resources, because they are not security enabled.

Note. You can assign an email attribute to the security group (by converting it to a
mail-enable security group) and use it in mailing lists (but it is not recommended).

Technically, Distribution groups differ from Security Enabled groups by one

bit in the groupType attribute. For a Security group, this attribute will
contain the SECURITY_ENABLED bit.

There are three group scopes for each group type:

• Domain local. Used to manage access permissions to different domain

resources (files and folders NTFS permissions, remote desktop access,
providing Windows privileges, using in GPO security filtering, etc.) only
in the domain where it was created. A local group cannot be used in
other domains (however, a local group may include users from another
domain). A local group can be contained in another local group, but it
cannot be added to the global group;
• Global. This group type can be used to provide access to resources in
another domain. In this group, you can add only accounts from the
same domain in which the group was created. A global group can be
added to other global and local groups;
• Universal. It is recommended to use it in large Active Directory
forests. Using this group scope, you can define roles and manage
resources that are distributed across multiple domains. If your
network has many branches connected by WAN channels, it is
desirable to use universal groups only for rarely changing groups.
Because changing the universal group causes the Global Catalog to
be replicated throughout the whole enterprise.
Active Directory stores data as objects. An object is a single element, such as a
user, group, application or device such as a printer. Objects are normally defined
as either resources, such as printers or computers, or security principals, such as
users or groups.

How many objects are in Active Directory?

How many types of objects are there in Active Directory? How many AD objects can
be there in an AD network? So, the right question would be: How many types of
objects in AD are there? The answer to that question is that there are 12 types of
objects in Active Directory.

What is a user object in Active Directory?

An Active Directory user object, or an AD user object, represents a real user who
is part of an organization's Active Directory (AD) network. It is a leaf object,
which means it can't contain other AD objects within itself.

What is a directory object?

A DIRECTORY object specifies a logical alias name for a physical directory on
the database server file system under which the file to be accessed is located.
You can access a file in the server file system only if you have the required access
privilege on the DIRECTORY object.

What is Task Scheduler used for?

The Task Scheduler service allows you to perform automated tasks on a chosen
computer. With this service, you can schedule any program to run at a convenient
time for you or when a specific event occurs.
How do I find Task Scheduler in Windows Server?
From your 'Server Manager' go to 'Tools' and select 'ADSI Edit'. Right click 'ADSI
Edit' node from the left pane and select 'Connect to' option. This pulls up the
'Connection Settings' window.

How do I set up a Task Scheduler?

Procedure
1. From the Start menu, select Administrative Tools > Task Scheduler.
2. Under Task Scheduler (Local), select Task Scheduler Library and choose
New Folder from the Actions panel.
3. Enter Datacap and click OK. ...
4. Expand Task Scheduler Library and select the Datacap folder.
5. In the Actions panel, click Create Basic Task.

Configuring Windows Task Scheduler to automatically run a

ruleset

Last Updated: 2021-02-27

About this task

You can set up a scheduled Windows task to run the Datacap Maintenance Manager task
profile that you created. You can also run the security options to set to ensure that the
task runs successfully. These instructions pertain to systems that are running on
Windows. You must use the Windows Scheduler that is on the computer where
the Maintenance Manager component NENU.exe is installed.

Procedure
To configure Windows Task Scheduler to automatically run a ruleset:

1. From the Start menu, select Administrative Tools > Task Scheduler.
2. Under Task Scheduler (Local), select Task Scheduler Library and choose New
Folder from the Actions panel.
3. Enter Datacap and click OK.

The new folder is created for your Datacap scheduled tasks.

4. Expand Task Scheduler Library and select the Datacap folder.

5. In the Actions panel, click Create Basic Task.
6. In the Create a Basic Task dialog, enter a name for the task and click Next.
 7. In the Task Trigger dialog, select Daily and click Next.
8. In the Daily dialog, enter the Start date and time, and click Next.
9. In the Action dialog, select Start a program and click Next.
10. In the Program/script field, browse and
select C:\Datacap\Taskmaster\NENU.exe, then click Open.
11. In the Add arguments field, enter the path and file name for the Maintenance
Manager settings file.

For example,
enter C:\Datacap\NENU\Batches\NENU_NENU\Settings.xml

12. Click Next.

13. In the Summary dialog, select Open the Properties dialog for this task when I
click Finish and then click Finish. The Maintenance
Manager Properties dialog opens.
14. If the Properties window for the Maintenance Manager task is not already open,
double-click the task name in the Task Scheduler Library.

The Properties window opens with the General tab displayed.

15. Under Security Options, identify the domain/Windows account currently

associated with the task. If it is not the correct account, click Change User or
Group and select the Maintenance Manager domain/Windows account.
16. Select Run whether user is logged on or not.
17. Select Run with highest privileges option.
18. Click OK.
19. Ensure that the Maintenance Manager domain/Windows account is correct,
enter the password, then click OK.
20. Click OK to close the Properties window.
21. Close the Task Scheduler.

3.3 Windows Performance

Understanding Physical and Virtual Memory

The main difference between physical and virtual memory is that the physical memory refers
to the actual RAM of the system attached to the motherboard, but the virtual memory is a
memory management technique that allows the users to execute programs larger than the
actual physical memory.
Paging File
A paging file is a hidden, optional system storage file on a hard disk. The paging
file extends the RAM's capacity because it stores RAM data that has not been used
or accessed lately. Operations that exceed the limited RAM space are automatically
sent to the file to be stored if you have the paging file enabled.20-Sept-2018
Page files in Windows with large physical memory
When large physical memory is installed, a page file might not be required to
support the system commit charge during peak usage. For example, 64-bit versions
of Windows and Windows Server support more physical memory (RAM) than 32-bit
versions support. The available physical memory alone might be large enough.

However, the reason to configure the page file size hasn't changed. It has always
been about supporting a system crash dump, if it's necessary, or extending the
system commit limit, if it's necessary. For example, when a lot of physical memory is
installed, a page file might not be required to back the system commit charge during
peak usage. The available physical memory alone might be large enough to do this.
However, a page file or a dedicated dump file might still be required to back a
system crash dump.

System committed memory

Page files extend how much "committed memory" (also known as "virtual memory")
is used to store modified data.

The system commit memory limit is the sum of physical memory and all page files
combined. It represents the maximum system-committed memory (also known as
the "system commit charge") that the system can support.
The system commit charge is the total committed or "promised" memory of all
committed virtual memory in the system. If the system commit charge reaches the
system commit limit, the system and processes might not get committed memory.
This condition can cause freezing, crashing, and other malfunctions. Therefore, make
sure that you set the system commit limit high enough to support the system
commit charge during peak usage.
The system committed charge and system committed limit can be measured on
the Performance tab in Task Manager or by using the "\Memory\Committed Bytes"
and "\Memory\Commit Limit" performance counters. The \Memory% Committed
Bytes In Use counter is a ratio of \Memory\Committed Bytes to \Memory\Commit
Limit values.
Task Manager

Task Manager (Windows)

Task Manager

Screenshot of Task Manager in Windows 10 after the "2004/20H1"

update, showing Performance tab, with individual CPU cores

shown. Hard Disk Drive and Removable media type(s) are now

shown, along with GPU temperature.

Original author(s) David Plummer[1]

Developer(s) Microsoft

Initial release August 24, 1996; 26 years ago

Written in C++

Operating system Windows NT 4.0 and onwards

Platform IA-32, x86-64, ARM and Itanium (and

 historically DEC Alpha, MIPS, and PowerPC)

Predecessor System Monitor

Type Task manager, system monitor and startup

manager

Task Manager, previously known as Windows Task Manager, is a task

manager, system monitor, and startup manager included with Microsoft
Windows systems. It provides information about computer performance and running
software, including name of running processes, CPU and GPU load, commit
charge, I/O details, logged-in users, and Windows services. Task Manager can also
be used to set process priorities, processor affinity, start and stop services, and
forcibly terminate processes.
The program can be started in recent versions of Windows by
pressing ⊞ Win + R and then typing in taskmgr.exe , by pressing Ctrl + Alt + Delete and
clicking Start Task Manager, by pressing Ctrl + ⇧ Shift + Esc , by right-clicking on
the Windows taskbar and selecting "Task Manager", or by typing taskmgr in the File
Explorer address bar.
Task Manager was introduced in its current form with Windows NT 4.0. Prior
versions of Windows NT, as well as Windows 3.x, include the Task List application,
are capable of listing currently running processes and killing them, or creating new
processes. Windows 9x has a program known as Close Program which lists the
programs currently running and offers options to close programs as well shut down
the computer.

Performance Monitor

How to open the Resource Monitor in

Windows
Updated: 12/31/2020 by Computer Hope

To open the Resource Monitor in Windows Vista and later,

follow the steps in the sections below.

Note

Resource Monitor is not the same thing as the Windows Task

Manager.
Tip
Apple computer users can think of the Resource Monitor as the
same thing as the Activity Monitor on macOS.

From the Windows Task Manager

1. Press the Ctrl+Alt+Del keys at the same time and select Start
Task Manager on the screen that appears.

2. In the Task Manager, click the Performance tab, then click

the Resource Monitor button or Open Resource
Monitor link, depending on your version of Windows.

From the Windows desktop or Start Screen

1. Press the Windows key on your computer's keyboard.

2. Type resmon.exe in the Windows search box (or, merely start

typing if you use Windows 8) and press Enter.

Example of the Resource Monitor in Windows 8.

What is the difference between Task Manager and Performance Monitor?
Unlike Task Manager, Performance Monitor provides an interface to monitor
any selection of a huge set of system counters on a graph in real time, rather
than just the limited set Task Manager uses.

What does the Performance Monitor show?

The Microsoft Windows Performance Monitor is a tool that administrators can use to
examine how programs running on their computers affect the computer's
performance. The tool can be used in real time and also be used to collect
information in a log to analyze the data at a later time.

What is the difference between Performance Monitor and Resource Monitor?

Resource Monitor lets you check the counters for specific system processes
and services. Performance Monitor helps access and report information about
various computer resources. Users can use the reports to identify the problems
with resources so that they can try to fix the problems.

What Is Performance Monitor?

Performance Monitor, also known as System Monitor, is a system
monitoring program in Windows. It monitors various activities on a PC like
CPU or memory usage. This type of application may be used for identifying
the cause of computer problems by measuring the performance of
hardware components, software services, or applications. The
Performance Monitor is also included in Windows 11/10.
How to open Performance Monitor
You can press Windows + R, type perfmon.exe in the Run dialog, and
press Enter to open Performance Monitor on Windows.

What Is Resource Monitor?

Resource Monitor is also a system resources utility in Microsoft Windows.
This program can monitor and display information about the usage of
various computer hardware and software resources including CPU, disk,
RAM, and network. The Resource Monitor app includes 5 tabs: Overview,
CPU, Memory, Disk, and Network.
How to Open Resource Monitor
To open Resource Monitor on Windows, you can press Windows + R,
type resmon.exe, and press Enter to quickly launch it.

Resource Monitor vs Performance Monitor –

Differences
1. Performance Monitor provides a quick summary of overall CPU, disk,
network, and memory usage. Resource Monitor lets you check the
counters for specific system processes and services.

2. Performance Monitor helps access and report information about

various computer resources. Users can use the reports to identify the
problems with resources so that they can try to fix the problems.
Whereas the Resource Monitor helps you monitor the usage of your
CPU, RAM, Disk, and Network. It helps identify if there is something
wrong with your CPU or RAM usage.

3. You can check the resource usage of various applications in

Resource Monitor. You can also use Resource Monitor to stop
processes, start and stop services, analyze process deadlocks, view
thread wait chains, and identify processes locking files. Resource
Monitor gives more detailed real-time information than Performance
Monitor.

3.4 Windows Security

Microsoft Defender
From Wikipedia, the free encyclopedia

Jump to navigationJump to search

Not to be confused with Windows Defender Security Center or Microsoft Anti-Virus.

Microsoft Defender
 Other names Windows Defender

Developer(s) Microsoft

Stable release 4.18.2205.7 / 22 June 2022; 2 months ago[1]

• Windows XP SP2 and later[2]

Operating system
• Windows Server 2003 SP1 and later[2]

Predecessor Microsoft Security Essentials

Type Antivirus software

Microsoft Defender Antivirus (formerly Windows Defender) is an anti-

malware component of Microsoft Windows. It was first released as a downloadable
free anti-spyware program for Windows XP, and was later shipped with Windows
Vista and Windows 7. It has evolved into a full antivirus program, replacing Microsoft
Security Essentials, as part of Windows 8 and later versions.[3] Prior to Windows 10,
Defender Antivirus was a graphical desktop app. Starting with Windows 10
and Windows Server 2016, however, users manage the Defender Antivirus indirectly
through either the Windows Security app or PowerShell. The Defender Antivirus is
part of the broader Microsoft Defender for Endpoint offering.

Firewall

Windows Firewall
From Wikipedia, the free encyclopedia

Jump to navigationJump to search

Windows Firewall
 Windows Defender Firewall in Windows 10 Fall Creators Update,

reporting firewall is turned off.

Other names Windows Firewall

Internet Connection Firewall

Developer(s) Microsoft

• Windows XP and later

Operating system
• Windows Server 2003 and later

Service name MpsSvc

Type Firewall software

Windows Firewall (officially called Windows Defender Firewall in Windows 10), is

a firewall component of Microsoft Windows. It was first included in Windows
XP and Windows Server 2003. Prior to the release of Windows XP Service Pack 2 in
2004, it was known as Internet Connection Firewall. With the release of Windows
10 version 1709 in September 2017, it was renamed Windows Defender Firewall.

Firewall inbound/outbound Rules

Inbound vs . Outbound Rules

Inbound rules filter traffic passing from the network to the local computer
based on the filtering conditions specified in the rule. Conversely,
outbound rules filter traffic passing from the local computer to the
network based on the filtering conditions specified in the rule. Both
inbound and outbound rules can be configured to allow or block traffic as
needed.
Windows Firewall with Advanced Security includes a number of predefined
inbound and outbound rules for filtering traffic typically associated with
different Windows features. These rules are organized into rule groups,
which identify a collection of rules designed to enable a particular
Windows experience or feature. For example, the Remote Assistance rule
group is a set of firewall rules designed to enable users of the local
computer to use Remote Assistance to help other users on the network or
to receive help from them. The Remote Assistance rule group includes the
following rules:

• Remote Assistance (DCOM-In) Inbound rule to allow offering Remote

Assistance using Distributed Component Object Model (DCOM)
• Remote Assistance (PNRP-In) and Remote Assistance (PNRP-
Out) Inbound and outbound rules to allow use of the PNRP
• Remote Assistance (RA Server TCP-In) and Remote Assistance (RA
Server TCP-Out) Inbound and outbound rules to allow offering Remote
Assistance to other users
• Remote Assistance (SSDP TCP-In) and Remote Assistance (SSDP
TCP-Out) Inbound and outbound rules to allow use of Universal Plug and
Play (UPnP) over TCP port 2869
• Remote Assistance (SSDP UDP-In) and Remote Assistance (SSDP
UDP-Out) Inbound and outbound rules to allow use of UPnP over UDP
port 1900
• Remote Assistance (TCP-In) and Remote Assistance (TCP-
Out) Inbound and outbound rules to allow Remote Assistance traffic

In addition, some of these rules exist in separate form for different

firewall profiles. For example, there are two separate Remote Assistance
(TCP-In) rules, one for the domain and private firewall profiles and the
other for the public firewall profile. Firewall rules can also be either
enabled or disabled. Rules that are enabled actively filter traffic; rules
that are disabled exist but are not used for filtering traffic unless they are
enabled. For example, by default the Remote Assistance (TCP-In) rule for
the domain and private firewall profiles is enabled, while the Remote
Assistance (TCP-In) rule for the public firewall profile is disabled. This
means that by default, Remote Assistance can be used in domain-based
scenarios and on work/home networks, but not at a coffee shop when
connecting to the public Internet using a wireless hotspot connection.

The inbound rules for Remote Assistance as displayed in the Windows

Firewall with Advanced Security MMC snap-in. Rules that are enabled are
indicated by a green check mark before them; rules that are disabled are
indicated by a red X before them. Filtering conditions for all rules can be
viewed by scrolling horizontally in the central pane of the snap-in.
Alternatively, you can display the filtering conditions of a specific rule by
doubleclicking the rule. Additional predefined rules may also be displayed
if certain Windows features are turned on or off. For example, installing
the Telnet Server feature adds a new predefined inbound rule named
Telnet Server.
Group Policy
Group Policy is an infrastructure that allows you to specify managed configurations for
users and computers through Group Policy settings and Group Policy Preferences.
To configure Group Policy settings that affect only a local computer or user, you can use the
Local Group Policy Editor.

Group Policy
By

• Brien Posey
• Ben Rubenstein, Senior Manager, Social Media and Online Community
Group Policy is a hierarchical infrastructure that allows a network administrator in
charge of Microsoft's Active Directory to implement specific configurations for users
and computers. Group Policy is primarily a security tool, and can be used to apply
security settings to users and computers. Group Policy allows administrators to
define security policies for users and for computers. These policies, which are
collectively referred to as Group Policy Objects (GPOs), are based on a collection of
individual Group Policy settings. Group Policy objects are administered from a
central interface called the Group Policy Management Console. Group Policy can
also be managed with command line interface tools such as gpresult and gpupdate.

The Group Policy hierarchy

Group Policy objects are applied in a hierarchical manner, and often multiple Group
Policy objects are combined together to form the effective policy. Local Group Policy
objects are applied first, followed by site level, domain level, and organizational
unit level Group Policy objects.

Group Policy extensibility

The native collection of Group Policy settings pertain exclusively to the Windows
operating system. An administrator might for instance use these native Group Policy
settings to enforce a minimum password length, hide the Windows Control Panel
from users, or force the installation of security patches. However, Group Policy is
designed to be extensible through the use of administrative templates. These
administrative templates allow various applications to be configured through Group
Policy settings. One of the best known examples of this is the collection of
administrative templates for Microsoft Office.

Administrative templates consist of two components. An ADMX file is the XML file
containing all of the Group Policy settings that are associated with the template. A
corresponding ADML file acts as a language file that allows the Group Policy settings
to be displayed in the administrator’s language of choice.

Local vs. centralized Group Policy

Group Policy objects can be applied locally to a Windows computer through its own
operating system, or Group Policy objects can be applied through Active Directory.
Local group policies allow security settings to be applied to either standalone
computers or computers managed by a domain controller, but these policy settings
cannot be centrally managed. Conversely, Active Directory based Group Policy
objects can be centrally managed, but they are only implemented if a user is logging
in from a computer joined to the domain.

Many organizations use a combination of local and Active Directory Group Policy
objects. The local policy settings provide security when the user is not logged into a
domain, while Active Directory Group Policy objects apply once the user has logged
in.

What is the main purpose of a group policy?

Group Policy overview

Its core purpose is to enable IT administrators to centrally manage users and

computers across an AD domain. This includes both business users and
privileged users like IT admins, and workstations, servers, domain controllers (DCs)
and other machines.

What is group policy meaning?

Group Policy is a hierarchical infrastructure that allows a network administrator
in charge of Microsoft's Active Directory to implement specific configurations
for users and computers. Group Policy is primarily a security tool, and can be used
to apply security settings to users and computers.

What are the types of group policy?

There are three types of GPOs: local, non-local and starter.

Windows Services
What are Windows Services? How Windows Services
Work, Examples, Tutorials and More
ALEXANDRA ALTVATERJUNE 2, 2017DEVELOPER TIPS, TRICKS &
RESOURCES, INSIGHTS FOR DEV MANAGERS
There are many instances in which a developer might want to develop an application
that runs as a Windows Service, and there are some distinct advantages to doing so.
At Stackify, we aim to help make you a better developer in every possible scenario,
and that’s why we built Prefix to help you debug Windows Services (and tons of
other stuff, too).

Here’s a look at what Windows Services are, how it works, examples of Windows
Services, and options for developers for configuring applications to run as a Service.

Definition of Windows Services

Windows Services are a core component of the Microsoft Windows operating system
and enable the creation and management of long-running processes.

Unlike regular software that is launched by the end user and only runs when the user
is logged on, Windows Services can start without user intervention and may continue
to run long after the user has logged off. The services run in the background and will
usually kick in when the machine is booted. Developers can create Services by
creating applications that are installed as a Service, an option ideal for use on
servers when long-running functionality is needed without interference with other
users on the same system.

The services manage a wide variety of functions including network connections,

speaker sound, data backup, user credentials and display colors. Windows Services
perform a similar function as UNIX daemons.

What is the Windows Services Control Manager?

Windows Services are managed via the Services Control Manager panel. The panel
shows a list of services and for each, name, description, status (running, stopped or
paused) and the type of service. Double clicking on a service reveals its properties in
greater detail. You can stop, pause, start, delay start, or resume each service as
appropriate. You can also modify the start mechanism (Manual or Automatic) or
specify an account.

Windows Services broadly fall into three categories depending on the actions and
applications they control: Local Services, Network Services and System. Third party
applications such as antivirus software may also install their own services.

Services can be deleted by a user with administrative privileges, but as doing so can
render the operating system unstable, it should be done only when necessary and
with caution.
Differences between Windows Services and Regular Applications
• Launch Mechanism – A regular application is manually launched by the end
user from the desktop or Start Menu. Examples include web browsers, document
editing software and PDF readers. Windows Services start when the machine is
switched on. Note however that regular applications can be added to the Startup
folder in the Start Menu in which case they would start automatically once the
operating system startup is complete.
• User Interface – Unlike regular applications, Windows Services do not have a
user interface; they run in the background and the user does not directly interact
with them. A Windows Service does not stop when a user logs off the computer;
a regular application will.
• Multiple Instances – Only one instance of a Windows Service runs on a device.
Regular applications can allow multiple copies if several users are logged into
the same machine.
• Administrator Rights – Windows Services usually run under administrative
privileges even when a non-administrator user is logged in and using the
computer. The average Windows Service has more control over the machine
compared to a regular application.

Examples of Windows Services

• Active Directory Service – Active Directory is a service Microsoft developed for
Windows networks. It is included by default in most Microsoft Windows Server
systems. Active Directory oversees centralized domain management and
identity-related functions.
• Prefetch and Superfetch Service – Speeds up operating system and
application startup by caching to RAM frequently used files, libraries and
application components. It does this by monitoring application usage and
behavior.
• Background Intelligent Transfer Service – This service facilitates throttled,
prioritized and asynchronous file transfer between machines via idle bandwidth.
It plays a key role in the delivery of software updates from servers to clients as
well as in the transfer of files on Microsoft’s instant messaging applications.
• DNS Client Service – This service resolves domain names to IP addresses and
locally caches this data.
• Computer Browser Service – It allows users to easily locate shared resources
on neighboring computers. All information is aggregated on one of the computers
(referred to as the Master Browser) and other computers contact this machine for
information on shared resources.
• Internet Connection Sharing (ICS) Service – ICS enables the use of one
device connected to the internet as an access point for other devices. Access
could be through Ethernet broadband, cellular service or other gateway.
• Routing and Remote Access Service – This service makes it possible to
create applications that manage the remote access and routing capabilities of the
Windows operating system. It allows the machine to act as a network router.

Developers often use Services for functions that are necessary to run in the
background, such as the ability to monitor performance data and react to specified
thresholds. Services can also be created as Microsoft Visual Studio projects,
developing code that specifies what commands can be sent to the service as well as
what actions are taken on receipt of those commands. For more specifics on using
Visual Studio projects to create Services, check out our recent post on how to create
.NET Core Windows Services with Visual Studio 2017.

After creating and building an application, you can install it as a service by running
the command-line utility InstallUtil.exe, then passing the path to the Service’s
executable file. Then, use the Services Control Manager to configure the Service.
Alternatively, services can be configured using the Services node in Server Explorer
or with the ServiceController class. Check out our sample Windows Services project
on GitHub for examples of timer-based events, queue processing, and job
scheduling – some of the more popular uses for Windows Services.

3.5 Maintenance
Windows Server Update Services (WSUS)

Windows Server Update Services (WSUS) enables information technology

administrators to deploy the latest Microsoft product updates. You can use WSUS to
fully manage the distribution of updates that are released through Microsoft Update
to computers on your network. This topic provides an overview of this server role and
more information about how to deploy and maintain WSUS.

WSUS Server role description

A WSUS server provides features that you can use to manage and distribute updates
through a management console. A WSUS server can also be the update source for
other WSUS servers within the organization. The WSUS server that acts as an update
source is called an upstream server. In a WSUS implementation, at least one WSUS
server on your network must be able to connect to Microsoft Update to get available
update information. As an administrator, you can determine - based on network
security and configuration - how many other WSUS servers connect directly to
Microsoft Update.

Practical applications

Update management is the process of controlling the deployment and maintenance

of interim software releases into production environments. It helps you maintain
operational efficiency, overcome security vulnerabilities, and maintain the stability of
your production environment. If your organization cannot determine and maintain a
known level of trust within its operating systems and application software, it might
have a number of security vulnerabilities that, if exploited, could lead to a loss of
revenue and intellectual property. Minimizing this threat requires you to have
properly configured systems, use the latest software, and install the recommended
software updates.
The core scenarios where WSUS adds value to your business are:

• Centralized update management

• Update management automation

New and changed functionality

Note

Upgrade from any version of Windows Server that supports WSUS 3.2 to Windows
Server 2012 R2 requires that you first uninstall WSUS 3.2.

In Windows Server 2012, upgrading from any version of Windows Server with WSUS
3.2 installed is blocked during the installation process if WSUS 3.2 is detected. In that
case, you will be prompted to first uninstall Windows Server Update Services prior to
upgrading your server.

However, because of changes in this release of Windows Server and Windows Server
2012 R2, when upgrading from any version of Windows Server and WSUS 3.2, the
installation is not blocked. Failure to uninstall WSUS 3.2 prior to performing a
Windows Server 2012 R2 upgrade will cause the post installation tasks for WSUS in
Windows Server 2012 R2 to fail. In this case, the only known corrective measure is to
format the hard drive and reinstall Windows Server.

Windows Server Update Services is a built-in server role that includes the following
enhancements:

• Can be added and removed by using the Server Manager

• Includes Windows PowerShell cmdlets to manage the most important
administrative tasks in WSUS
• Adds SHA256 hash capability for additional security
• Provides client and server separation: versions of the Windows Update
Agent (WUA) can ship independently of WSUS

Using Windows PowerShell to manage WSUS

For system administrators to automate their operations, they need coverage through
command-line automation. The main goal is to facilitate WSUS administration by
allowing system administrators to automate their day-to-day operations.

What value does this change add?

By exposing core WSUS operations through Windows PowerShell, system

administrators can increase productivity, reduce the learning curve for new tools, and
reduce errors due to failed expectations resulting from a lack of consistency across
similar operations.

What works differently?

In earlier versions of the Windows Server operating system, there were no Windows
PowerShell cmdlets, and update management automation was challenging. The
Windows PowerShell cmdlets for WSUS operations add flexibility and agility for the
system administrator.

Windows Backup and Recovery Mechanisms

What Is Backup and Recovery?

Backup and recovery describes the process of creating and storing copies of data
that can be used to protect organizations against data loss. This is sometimes
referred to as operational recovery. Recovery from a backup typically involves
restoring the data to the original location, or to an alternate location where it can be
used in place of the lost or damaged data.

A proper backup copy is stored in a separate system or medium, such as tape, from
the primary data to protect against the possibility of data loss due to primary
hardware or software failure.

Why Backup and Recovery is

important
The purpose of the backup is to create a copy of data that can be recovered in the
event of a primary data failure. Primary data failures can be the result of hardware or
software failure, data corruption, or a human-caused event, such as a malicious
attack (virus or malware), or accidental deletion of data. Backup copies allow data to
be restored from an earlier point in time to help the business recover from an
unplanned event.

Storing the copy of the data on separate medium is critical to protect against primary
data loss or corruption. This additional medium can be as simple as an external drive
or USB stick, or something more substantial, such as a disk storage system, cloud
storage container, or tape drive. The alternate medium can be in the same location
as the primary data or at a remote location. The possibility of weather-related events
may justify having copies of data at remote locations.

For best results, backup copies are made on a consistent, regular basis to minimize
the amount data lost between backups. The more time passes between backup
copies, the more potential for data loss when recovering from a backup. Retaining
multiple copies of data provides the insurance and flexibility to restore to a point in
time not affected by data corruption or malicious attacks.

Difference between Backup and Recovery

• Last Updated : 30 Aug, 2022
1. Backup: Backup refers to storing a copy of original data which can
be used in case of data loss. Backup is considered one of the
approaches to data protection. Important data of the organization
needs to be kept in backup efficiently for protecting valuable data.
Backup can be achieved by storing a copy of the original data
separately or in a database on storage devices. There are various
types of backups are available like full backup, incremental backup,
Local backup, mirror backup, etc. An example of a Backup can be
SnapManager which makes a backup of everything in the database.
2. Recovery: Recovery refers to restoring lost data by following some
processes. Even if the data was backed up still lost so it can be
recovered by using/implementing some recovery techniques. When a
database fails due to any reason then there is a chance of data loss, so
in that case recovery process helps in improve the reliability of the
database. An example of Recover can be SnapManager which
recovers the data from the last transaction.

Difference between Backup and Recovery:

S.No. BACKUP RECOVERY

Backup refers to storing a copy of Recovery refers to restoring the
01. original data separately. lost data in case of failure.
So we can say Backup is a copy of So we can say Recovery is a process
data which is used to restore original of retrieving lost, corrupted or
02. data after a data loss/damage occurs. damaged data to its original state.
In simple backup is the replication of In simple recovery is the process to
03. data. store the database.
 The prior goal of backup is just to The prior goal of recovery is
keep one extra copy to refer in case retrieve original data in case of
04. of original data loss. original data failure.
It helps in improving the reliability
05. It helps in improving data protection. of the database.
Backup makes the recovery process Recovery has no role in data
06. more easier. backup.
07. The cost of backup is affordable. The cost of recovery is expensive.
08. It’s production usage is very common. It’s production usage is very rare.
Example of Backup can be Example of Recover can be
SnapManager makes a backup of SnapManager recovers the data to
09. everything in database. the last transaction.
There is automatic generation of
10. Backup is not created automatically. restore points by your computer.
A backup stores copies of the files in aA restore is carried out internally
11. location that is external to it. on your computer.
Restore is internal so it does not
require extra external storage
12. Backup requires extra storage space. space.
Recovery aims to guarantee the
atomicity of the transaction and
13. Backup offers a means of recovery. data.

WER (Windows Error Reporting)

Windows Error Reporting
• Article
• 08/17/2020
• 2 minutes to read
• 6 contributors

In this article
1. In this Section
2. Related topics
The error reporting feature enables users to notify Microsoft of application faults,
kernel faults, unresponsive applications, and other application specific problems.
Microsoft can use the error reporting feature to provide customers with
troubleshooting information, solutions, or updates for their specific problems.
Developers can use this infrastructure to receive information that can be used to
improve their applications.

Users can enable error reporting through the Windows user interface. They can
choose to report errors for specific applications. Administrators can override these
settings using Group Policy.

Developers can register with Windows Desktop Application Program to get

information about the problems customers are experiencing with their applications
and help customers fix these problems. Developers can also use Application
Recovery and Restart to ensure that customers do not lose data when their
application crashes and allow users to quickly return to their tasks.