# Windows Fundamentals I

## Windows Editions

* Windows XP
* Windows Vista
* Windows 7
* Windows 10
* Windows 11

Note: In Windows 11 Pro, you can enable BitLocker encryption which you cannot do on Home.

***

## File System

In modern versions of Windows, the file system used is [<mark style="color:green;">NTFS</mark>](#user-content-fn-1)[^1]. Before NTFS, there was [<mark style="color:green;">FAT16/FAT32</mark>](#user-content-fn-2)[^2] and [<mark style="color:green;">HPFS</mark>](#user-content-fn-3)[^3]. You still see FAT partitions in use today. For example, you typically see FAT partitions in USB devices, MicroSD cards, etc. but traditionally not on personal Windows computers/laptops or Windows servers.

NTFS addresses many of the limitations of the previous file systems; such as:&#x20;

* Supports files larger than 4GB
* Set specific permissions on folders and files
* Folder and file compression
* Encryption (Encryption File System or EFS)

Another feature of NTFS is [<mark style="color:green;">ADS</mark>](#user-content-fn-4)[^4] <mark style="color:green;">which allows files to contain more than one stream of data.</mark>

***

## Windows / System 32 Folders

The Windows folder (`C:\Windows`) is traditionally known as the folder which contains the Windows operating system.  The folder doesn't have to reside in the C drive necessarily. It can reside in any other drive and technically can reside in a different folder.

This is where environment variables, more specifically system environment variables, come into play. Even though not discussed yet, the system environment variable for the Windows directory is `%windir%`.

<mark style="color:yellow;">The System32 folder holds the important files that are critical for the operating system.</mark>

***

## Users

User accounts can be one of two types on a typical local Windows system: Administrator & Standard User. The user account type will <mark style="color:yellow;">determine what actions the user can perform on that specific Windows system</mark>.&#x20;

* An Administrator can make changes to the system: add users, delete users, modify groups, modify settings on the system, etc.&#x20;
* A Standard User can only make changes to folders/files attributed to the user & can't perform system-level changes, such as install programs.

Run the command `lusrmgr.msc` to view the Local User & Group Management tab.

***

## UAC

A user doesn't need to run with high (elevated) privileges on the system to run tasks that don't require such privileges, such as surfing the Internet, working on a Word document, etc. <mark style="color:yellow;">This elevated privilege increases the risk of system compromise because it makes it easier for malware to infect the system.</mark> Consequently, since the user account can make changes to the system, the malware would run in the context of the logged-in user.

[<mark style="color:green;">UAC</mark>](#user-content-fn-5)[^5] <mark style="color:green;">was introduced to protect the local user with such privileges but doesn't apply to the local administrator account by default.</mark>

How does UAC work? When a user with an account type of administrator logs into a system, the current session doesn't run with elevated permissions. When an operation requiring higher-level privileges needs to execute, the user will be prompted to confirm if they permit the operation to run.

***

## Control Panel

The Settings menu was introduced in Windows 8, the first Windows operating system catered to touch screen tablets. The Control Panel is the menu where you will access more complex settings and perform more complex actions. In some cases, you can start in Settings and end up in the Control Panel.

***

## Task Manager

The Task Manager provides information about the applications and processes currently running on the system. Other information is also available, such as how much CPU and RAM are being utilized, which falls under Performance.

***

## Answers

### Task 2

> What encryption can you enable on Pro that you can’t enable in Home?\
> BitLocker

### Task 3

> Which selection will hide/disable the Search box?\
> Hidden

> Which selection will hide/disable the Task View button?\
> Show task view button

> Besides Clock and Network, what other icon is visible in the Notification Area?\
> Action Center

### Task 4

> What is the meaning of NTFS?\
> New Technology File System

### Task 5

> What is the system variable for the Windows folder?\
> %windir%

### Task 6

> What is the name of the other user account?\
> tryhackmebilly

> What groups is this user a member of?\
> Remote Desktop Users, Users

> What built-in account is for guest access to the computer?\
> Guest

> What is the account description?\
> window$Fun1!

### Task 7

> What does UAC mean?\
> User Account Control

### Task 8

> In the Control Panel, change the view to **Small icons**. What is the last setting in the Control Panel view?\
> Windows Defender Firewall

### Task 9

> What is the keyboard shortcut to open Task Manager?\
> Ctrl+Shift+Esc

***

[^1]: New Technology File System

[^2]: File Allocation Table

[^3]: High Performance File System

[^4]: Alternate Data Stream

[^5]: User Account Control


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://hammaadmughal.gitbook.io/main/try-hack-me-thm/pre-security-pathway/windows-fundamentals/windows-fundamentals-i.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.