Introduction
We covered Windows fundamentals and basics such as file system, permissions, directory structure, system configuration, computer management, services, processes and registry. This was part of TryHackMe Pre Security Track
The Windows operating system (OS) is a complex product with many system files, utilities, settings, features, etc.
The Windows Desktop, aka the graphical user interface or GUI in short, is the screen that welcomes you once you log into a Windows 10 machine.
Traditionally, you need to pass the login screen first. The login screen is where you need to enter valid account credentials; usually, a username & password of a preexisting Windows account on that particular system or in the Active Directory environment (if it’s a domain-joined machine).
The Windows folder (C:\Windows) is traditionally known as the folder which contains the Windows operating system.
The folder doesn’t have to reside in the C drive necessarily. It can reside in any other drive and technically can reside in a different folder.
This is where environment variables, more specifically system environment variables, come into play. Even though not discussed yet, the system environment variable for the Windows directory is %windir%.
User accounts can be one of two types on a typical local Windows system: Administrator & Standard User.
The user account type will determine what actions the user can perform on that specific Windows system.
- An Administrator can make changes to the system: add users, delete users, modify groups, modify settings on the system, etc.
- A Standard User can only make changes to folders/files attributed to the user & can’t perform system-level changes, such as install programs.
The large majority of home users are logged into their Windows systems as local administrators. Remember from the previous task that any user with administrator as the account type can make changes to the system.
A user doesn’t need to run with high (elevated) privileges on the system to run tasks that don’t require such privileges, such as surfing the Internet, working on a Word document, etc. This elevated privilege increases the risk of system compromise because it makes it easier for malware to infect the system. Consequently, since the user account can make changes to the system, the malware would run in the context of the logged-in user.
The System Configuration utility (MSConfig) is for advanced troubleshooting, and its main purpose is to help diagnose startup issues.
Reference the following document here for more information on the System Configuration utility.
There are several methods to launch System Configuration. One method is from the Start Menu.
Challenge Answers
Which selection will hide/disable the Task View button?
Besides Clock and Network, what other icon is visible in the Notification Area?
What is the name of the other user account?
What groups is this user a member of?
What is the account status?
Whom is the Windows license registered to?
What command will open the Control Panel? (The answer is the name of .exe, not the full path)
What is the command to open Computer Management? (The answer is the name of the .msc file, not the full path)
What is the name of the hidden folder that is shared?
What is listed under System Name?
For the ipconfig command, how do you show detailed information?
