Microsoft initially developed two versions of desktop operating systems—Windows 9x and Windows NT. Microsoft merged these two lines of operating systems in Windows XP, and Windows Vista represents the latest upgrade of the flagship Windows operating system.

Windows Vista is available in five editions, each suited for a different segment of the general population: Windows Vista Home Basic, Windows Vista Home Premium, Windows Vista Business, Windows Vista Enterprise, and Windows Vista Ultimate. Table 1 summarizes the basic features available with each Vista edition.

Microsoft also includes a Starter Edition that provides only very fundamental computing capabilities, and designed only for selected third-world overseas markets.

Vista provides numerous productivity enhancements including an improved user interface and Start menu, new integrated search features, improved startup capabilities including the Restart Manager, Sleep mode, Windows Experience Index, improved stability features, improved hardware diagnostics, support for document metadata, and so on.

Security enhancements in Windows Vista include Secure Startup, User Account Control, an improved Windows Firewall, Windows Defender, Spam and Phishing Filters, Network Access Protection, Parental Controls, and Windows Service Hardening.

When you first log on to a new Windows Vista installation, the Welcome Center runs and introduces you to many of the new and updated Vista features.

Microsoft has continued the category divisions in Control Panel and introduced many new and enhanced features. The functions of the Control Panel categories are as follows:

Service packs are a software bundle of patches and hotfixes plus additional features.

The minimum supported and recommended hardware requirements for Windows Vista are listed in Table 2. Minimum hardware will exhibit poor performance.

Always check hardware for compatibility at Microsoft’s Windows Logo Program for Hardware website before installing.

Ensure that software is compatible with Vista prior to installation. If an application is not compatible, you should upgrade or replace it. Microsoft provides the Windows Application Compatibility Toolkit to assist you.

You can configure computers running Vista Business, Enterprise, or Ultimate to belong to either a workgroup or an Active Directory domain. Computers running Vista Home Basic or Home Premium can belong to a workgroup only.

Ensure that network hardware and protocols are compatible with Vista.

Transmission Control Protocol/Internet Protocol (TCP/IP) is the standard (default) network protocol in Windows Vista. The default configuration is as a Dynamic Host Configuration Protocol (DHCP) client.

To join a domain, open the System applet in Control Panel, click the Computer Name tab, and then click the Network ID button to use the wizard or click the Change button.

A computer that is not joined to a domain is a member of a workgroup. If other computers are members of the workgroup, they act as a peer-to-peer network. Each computer can be configured to share printers and files, and each computer maintains a separate list of users and groups—unlike domains, which provide centralized management of users and network resources.

To interact with other computers on a network as a server, you can install File and Printer Sharing, using the Network Connections applet in Control Panel.

File systems supported by Windows Vista are FAT16, FAT32, and NTFS. However, Vista supports only the NTFS file system for its system and boot volumes.

The NTFS file system is required for access control permissions on files and folders.

As was the case in Windows XP, you are required to activate Vista by means of Windows Product Activation within 30 days of installation. If you do not activate Vista within 30 days, it enters a “reduced functionality mode” in which you can only perform certain actions. Microsoft provides two systems for performing Volume Activation of large numbers of Vista installations: Multiple Activation Keys and Key Management Service.

Always check the BIOS compatibility with Windows Vista prior to installation. You should upgrade the BIOS to the latest functional and compatible version.

Windows Vista requires Advanced Configuration and Power Interface (ACPI) capability in the BIOS; you cannot use older power management systems such as Advanced Power Management.

It is simple to install Windows Vista by booting your computer from the Vista DVD-ROM and following the instructions provided.

Unlike previous Windows versions, you can install Vista without providing a product key. You can try out various editions of Vista for up to 14 days, after which you must supply a valid product key.

Unattended installations provide greater consistency compared to performing multiple attended installations and reduce errors upon deployment.

Methods you can use for unattended installation are scripting through answer files, using Windows Deployment Services (WDS), and cloning with Sysprep along with a third-party cloning tool.

Windows System Image Manager (SIM) enables you to create answer files from information included in a Windows image (.wim) file and a catalog (.clg) file.

Sysprep is a utility that automates installation.

Microsoft includes Windows PE, which is a minimal version of a 32-bit operating system designed to facilitate the deployment of a Windows Vista image to multiple computers.

WDS is a server-based system for remotely installing Windows Vista or Windows Server 2008 on computers. It replaces Remote Installation Services (RIS), which was formerly used with Windows 2000/XP/Server 2003.

WDS requires a network that includes Dynamic Host Configuration Protocol (DHCP), Domain Name System (DNS), and Active Directory. You must have a server running Windows Server 2003 or 2008 on which WDS has been installed, as well as the Windows Automated Installation Kit (AIK) media either on the WDS server or an accessible network location.

You can zero in on the cause of an installation problem if you know at which stage an error occurred.

Common problems encountered during installation of Windows Vista and their solutions are listed in Table 3.

The most common errors are caused by lack of compatibility with the hardware, the BIOS, or drivers. In addition, lack of disk space, network errors, and name or IP address conflicts can cause a failure during setup.

When the installation DVD cannot be read, try it in a different drive.

When an indeterminate hardware-related error occurs during setup, remove all nonessential adapters and peripherals. Install Windows Vista, and then add each adapter and peripheral back onto the computer one at a time, verifying that the computer functions until all are installed or the problem-causing device is discovered.

Understand the logs that are created during setup and what types of information or errors they will contain:

The System log displayed in Event Viewer displays errors that might have caused a Blue Screen of Death (BSOD).

Driver signing is a process that Microsoft follows to validate files that a third-party manufacturer creates for use in a Windows Vista computer.

Non-administrative users can install only drivers that have been signed by either a Windows publisher or trusted publisher; they cannot install unsigned drivers.

Administrators can add the publisher’s certificate to the trusted certificates store, thereby enabling standard users to install drivers signed by this publisher.

You can use sigverif to verify signatures on system device drivers.

The System Information utility, which can be opened by typing msinfo32 in the Run dialog box or from the command line, provides a quick view of any resource conflicts. When you are in the utility, click Hardware Resources and then click Conflicts/Sharing.

In Device Manager, you can click the Driver tab to update the driver, roll back the driver to a prior version, remove the driver, and troubleshoot the device.

If a driver causes a problem, you can use the Rollback feature in Device Manager to roll back the driver to a previous version.

The only version of Windows that can be upgraded to Windows Vista Home Basic or Home Premium is Windows XP Home Edition.

Versions of Windows that can be upgraded to Windows Vista Business or Ultimate are Windows XP Home Edition and Windows XP Professional. Any older desktop version of Windows cannot be upgraded without first being upgraded to one of these versions.

Server versions of Windows cannot be upgraded to Windows Vista.

Other operating systems cannot be upgraded to Windows Vista. You can perform only a clean installation.

The Vista Upgrade Advisor produces a report that identifies any hardware or software problems associated with the computer to be upgraded.

Applications to remove before upgrading are antivirus applications, disk compression software, and known incompatible legacy software.

Before upgrading, install the latest service pack for Windows XP (SP2 at the time of writing), plus any other updates that Microsoft has published.

File systems supported by Windows Vista are FAT16, FAT32, and NTFS.

If you are upgrading an installation of Windows XP on a FAT16 or FAT32 partition to Vista, convert the file system to NTFS before upgrading.

The command to convert a FAT partition to NTFS is convert c: /fs:ntfs, where c: is the drive letter for the disk partition that you are converting. You cannot convert an NTFS volume back to FAT.

All upgrades to Vista are permanent. Unlike Windows XP, you cannot revert to the previous version of Windows in any circumstance.

As in previous versions of Windows, you can install Windows Vista alongside a different version of Windows in a dual-boot configuration.

For dual-boot computers, both operating systems must support the file system to share the partition.

When installing a computer to dual-boot between two operating systems, you should install the older OS before installing Windows Vista.

Windows Vista introduces several new boot management programs, which replace the older programs used with previous Windows versions. These include

Microsoft provides several paths for upgrading one Vista edition to a higher one. You can upgrade Vista Home Basic to either Vista Home Premium or Vista Ultimate, and you can upgrade Vista Home Premium, Vista Business, or Vista Enterprise to Vista Ultimate.

Windows Anytime Upgrade facilitates the process of upgrading one edition of Vista to a higher one.

If you entered your product key during installation or upgrading, Vista is automatically activated three days later. You can also activate Vista manually if desired.

The Windows Update website analyzes your computer and determines which updates are required to keep your computer up-to-date and downloads and installs these updates automatically.

You have four options for determining how updates are downloaded to and installed on your computer:

Vista provides the Startup Repair Tool (SRT), which attempts to automatically recover a computer that will not start normally. It attempts to recover from problems such as missing or corrupted device drivers, boot configuration settings, Registry keys or data, or corrupted disk metadata such as the master boot table, boot sector, or partition table.

You can access the SRT by booting your computer from the Vista DVD-ROM. It provides a troubleshooting wizard that walks you through a series of steps to attempt a repair of your computer.

Every time a user logs on successfully, Windows Vista makes a recording of the current Registry settings, known as a control set. These settings are stored under HKEY_LOCAL_MACHINESYSTEMCurrentControlSet. This is made available as the Last Known Good Configuration the next time the computer is booted.

Whenever you log on successfully after having made a damaging change to the computer, you cannot use the Last Known Good Configuration.

Safe mode starts your computer with a minimal set of drivers (mouse, VGA, and keyboard) so that you can start your computer when problems with drivers or other software are preventing normal startup.

Safe mode with Command Prompt starts the computer to a command prompt. This can be useful if you cannot obtain a normal GUI.

Safe mode with Networking starts network drivers as well as the other basic drivers. This is useful if you need to copy files from a network location.

You can use System Restore to restore your computer to a previous condition without damaging any data files such as documents and email. It is useful if you are experiencing problems related to faulty device drivers, improper system settings, or incompatible applications.

Other available startup options include boot logging, low resolution video, debugging mode, disabling automatic restart on system failure, and disabling device driver signing enforcement.

The tools within the Computer Management console include Task Scheduler, Event Viewer, Shared Folders, Reliability and Performance, Device Manager, Disk Management, Services, and WMI Control.

The System Information utility, which can be opened by typing msinfo32 in the Run dialog box or from the command line, provides a quick view of any resource conflicts. When you are in the utility, click Hardware Resources and then click Conflicts/Sharing.

In Device Manager, you can click the Driver tab to update the driver, roll back the driver to a prior version, remove the driver, and troubleshoot the device.

Table 4 describes common problems encountered when installing or using CD/DVD drives and the appropriate solutions.

Watch out for questions on the exam that require you to know when to perform a clean boot (press F8 on bootup), as well as the process to do so. You can customize how Windows Vista starts up by clicking Start, Run, typing msconfig in the Open text box, and pressing Enter.

There are several utilities that can help manage the disk partitions. You should be logged in as an administrator-level user to make disk or volume configuration changes, such as when using Fsutil.exe or Disk Management.

You can access the Disk Management graphical tool by right-clicking Computer and selecting Manage or running Dskmgmt.msc.

Disk Management enables you to change from basic to dynamic disks, format a partition, manage volumes, change drive letters, and create striped or extended volumes.

Table 5 describes common disk errors and how to resolve them.

When an application doesn’t function properly in Windows Vista, you can run it in Compatibility mode by selecting the Compatibility tab of the application’s Properties dialog box and selecting one of the compatibility modes.

The Windows Easy Transfer tool assists you in migrating settings from an old computer to your Windows Vista computer. It provides a wizard that facilitates transferring user accounts, folders and their files, application data and settings, email data, and Windows and Internet settings from a computer running Windows 2000 or later to the Vista computer.

The desktop scheme known as Aero is new to Vista.

Aero Glass, the enhanced version of Aero, is available on all editions of Vista except Home Basic and requires a video card with at least 128MB of onboard RAM, a high-quality graphics processor, and a bandwidth of at least 1800MB. It provides the following features:

The Windows Presentation Foundation (WPF) presents an enhanced platform that supports media-rich applications that provide complete fidelity to systems such as the Xbox 360 Media Center Extender.

You can enable or disable Aero from the Appearance Settings dialog box, which is accessible by selecting Window Color and Appearance from the Control Panel Personalization category. This dialog box also enables you to select a variety of desktop schemes including one that is similar to the classic Windows 2000 appearance.

Table 6 describes common problems with Windows Aero and how to resolve them.

The Taskbar and Start Menu Properties dialog box enables you to configure properties related to the taskbar, Start menu, notification area, and toolbars.

The new Parental Controls feature enables you to restrict children’s access to items such as questionable websites, games, and so on. This feature is available in the Home Basic, Home Premium, and Ultimate editions and enables you to configure the following:

To enable Parental Controls on a child’s usage of the computer, each user must have his own user account with a password. You can create user accounts from the Control Panel User Accounts and Family Safety applet. Select Add or Remove User Accounts.

You can configure Parental Controls from the User Accounts and Family Safety applet. Select Set Up Parental Controls For Any User.

The Parental Controls feature enables you to view a report of what your child has done at the computer. You can view which websites the child has visited, the times the child was logged on, programs and games the child accessed or attempted to access, email and instant messages the child sent or received, and media player activity.

Internet Explorer 7 introduces new features such as tabbed browsing, Live Search capabilities, pop-up blocking add-on capabilities, and Really Simple Syndication (RSS) feeds. Table 7 lists the methods you should know for accessing Internet resources.

Tabbed browsing enables you to have more than one web page open simultaneously in the same Internet Explorer window. You can open, close, and refresh tabs by means of a right-click action, view thumbnails of tabs, save a set of tabs to reopen later, save a group of tabs as a favorite, or disable the use of tabbed browsing entirely.

By default, Internet Explorer 7 runs in Protected mode. This mode prevents hackers from hijacking your browser for nefarious purposes such as installing malicious software, modifying startup routines, or redirecting your home page.

You can configure the Pop-up blocker from the Tools menu of Internet Explorer. Click Pop-up Blocker Settings to open the Pop-up Blocker Settings dialog box. From this dialog box you can specify websites that are allowed to open pop-ups and whether to display the information bar and play a sound when a pop-up is blocked. You can also choose from three levels of pop-up blocking action.

You can change the default search provider used by Internet Explorer (Microsoft Live Search) or add additional search providers.

The Tools menu in Internet Explorer contains a series of options that enables you to customize the appearance of the browser window.

Add-ons are optional additional features that can be installed in Internet Explorer and provide additional functionality. These are sometimes installed without your knowledge. The Manage Add-Ons dialog box, accessed from the Tools menu, enables you to view add-ons that have been used or are currently in use, add-ons that run without requiring permission, and downloaded 32-bit ActiveX controls. You can disable add-ons or ActiveX controls that are causing problems, and you can delete ActiveX controls that were not preinstalled with Windows or your ISP.

You can run Internet Explorer without any add-ons by clicking Start, All Programs, Accessories, System Tools, Internet Explorer (No Add-ons).

RSS presents a simple means by which you can receive up-to-date information on the Internet at times that are convenient to you. Internet Explorer informs you that RSS feeds are available by displaying an orange toolbar icon. Click this icon to view and subscribe to feeds.

The Feed Settings dialog box enables you to specify how frequently feeds are downloaded. You can also choose to automatically mark feeds as read, play a sound when feeds arrive, or modify the view in which a feed is displayed.

Every person who logs on to Windows Vista must do so with a user account. Rights and permissions granted to each user account determine the resources that the user can access on the computer.

When you grant rights to domain users, the best practice is to use the AGDLP method. This means that you place Accounts in Global groups. Then you place the Global groups into Domain Local groups, to which you grant (or deny) Permissions.

When a permission is explicitly denied to a user or group, even if the user is a member of another group where the same permission is explicitly granted, the Deny permission overrides all others, and the user is not allowed access.

Whenever a user requests authorization to use a prohibited object or resource, the user sees an Access Is Denied message.

The Computer Management console enables you to create and manage user and group accounts.

Table 8 lists the more commonly accessed default local groups.

Table 9 lists Windows Vista built-in special groups and includes their default access and default local membership.

You can join your Windows Vista Business, Enterprise, or Ultimate computer to an Active Directory domain from the Computer Name, Domain, and Workgroup Settings section of the System Properties dialog box.

After you have joined a domain, you should use only domain user accounts to log on to your computer. You can also use the following domain groups:

User Account Control (UAC) is a new feature in Windows Vista that requests approval before running administrative tasks on the computer. It limits tasks that can be performed without providing additional consent and requesting such consent for performing tasks such as system tasks that require higher privileges.

If you are logged on with a user account that possesses administrative privileges and want to perform a task that requires administrative credentials, the screen dims and you receive a UAC prompt. Click Continue to perform the task or Cancel to quit.

A non-administrative user who wants to perform a task that requires administrative credentials receives a UAC prompt that requires that an administrative password be typed.

Some third-party applications also display UAC prompts when you attempt to run them. You can verify that the program that is attempting to run is one that you really want. Again, a non-administrative user must enter an administrative password.

A third-party program that does not have a digital signature including its name and publisher produces a stronger UAC prompt that includes a yellow title bar and yellow shield. This prevents rogue programs from the Internet from executing without your knowledge. Such programs might perform harmful actions like sending private data to unauthorized sources. Make sure you really want to run this program before allowing it.

You can configure an application to always run with elevated privileges from the Compatibility tab of its Properties dialog box.

If you are logged on using the default Administrator account created when you install Windows Vista, you do not receive any UAC prompts. Do not use this account except under emergency conditions.

Local Group Policy provides a series of policy settings that you can configure to modify UAC behavior. You can specify that administrative users must enter a password to proceed or that they do not receive a UAC prompt at all. You can specify that non-administrative users are denied access to administrative tasks. You have several additional policies that govern application behavior and access to the Registry, and you can even disable the use of UAC entirely.

Windows Defender is a program that protects your computer against the damaging effects of spyware. It monitors your computer for telltale signs of spyware activity. When it finds problems, it attempts to block the actions of spyware and remove it from your computer.

Windows Defender automatically and continuously monitors your computer for signs of unwanted applications.

By default, Windows Defender performs a quick scan of the most vulnerable locations of your computer daily at 2:00 AM. You can modify the automatic scan behavior or manually initiate scans from the Windows Defender configuration screen.

You can also use Windows Defender to perform a full scan of your computer or choose a custom scan that enables you to select the drives and folders to be scanned.

If Windows Defender finds software that it thinks is spyware on your computer, it displays an alert and offers you the following options:

The Windows Defender Options dialog box enables you to specify the time and type of scans automatically performed, the type of actions taken when high-, medium-, and low-alert items are detected, the security agents that are run, and additional administrative actions. Table 10 lists the available security agents.

Microsoft publishes updates to spyware definition signatures on a regular basis. You might be informed of an available update by receiving a message Windows Defender Definitions haven't been updated on starting Windows Defender.

Software Explorer is a Windows Defender component that enables you to view information about software programs and system state on your computer. It provides information on program startup type including automatic startup, Windows component programs, security risk classification, and digital signatures.

Software Explorer enables you to specify which programs can start from various locations such as the User Profile, All Users, and the Current User and Local Machine hives of the Registry. You can prevent programs from starting or remove them permanently from the Startup folder. You can also perform these actions for programs running from network locations.

To configure the security settings for an Internet zone, click the zone to select it and then click the Custom Level button to open the Security Settings dialog box. The zones are Internet, Local Intranet, Trusted Sites, and Restricted.

The Security Settings dialog box enables you to select individual security settings or specify a predefined group of security settings that range from Low, to Medium-Low, to Medium, to Medium-High, to High.

Content Advisor enables you to control what Internet content users can view on the computer. The Content Advisor dialog box enables you to specify ratings that filter websites according to their content as established by various rating boards. You can perform the following actions:

The phishing filter in Internet Explorer 7 examines websites for phishing activity by performing the following actions:

The phishing filter displays the address bar in red when it detects a known phishing site and displays a message informing you of the risks of continuing to it. If the site is not a known phishing site but behaves in a similar manner, the address bar appears in yellow and a warning message appears.

You can configure several options related to the phishing filter by selecting Phishing Filter from the Tools menu in Internet Explorer.

The Privacy tab of the Internet Options dialog box enables you to configure which cookies your browser accepts and whether websites are permitted to store cookies that use personally identifiable information. You can also access the pop-up blocker settings from this tab.

Besides the Content Advisor, the Content tab of the Internet Options dialog box enables you to link to the Parental Controls feature, configure the behavior of certificates used for encrypted connections and identification, specify the types of entries that Auto Complete is used for, and configure RSS settings.

The Advanced tab of the Internet Properties dialog box contains a large range of settings that you can configure in the subjects of accessibility, browsing, HTTP 1.1, international, multimedia, printing, searching, and security.

Windows Firewall is a personal firewall that stops undesirable traffic from being accepted by the computer. It is especially useful for home computers with broadband Internet connections that are always on. It includes the following features:

The Windows Firewall Settings dialog box, accessed from the Windows Firewall Control Panel applet, enables you to turn the firewall on or off, block all incoming connections, configure exceptions for specific ports, protocols, and programs, and select the connections for which the firewall rules will apply.

The Windows Firewall with Advanced Security snap-in enables you to configure the following additional types of firewall properties:

The Windows Firewall with Advanced Security snap-in also enables you to define different firewall behavior for three profile types: domain profiles, when you are connected to an Active Directory domain; private profiles, when you are connected to a private network location such as a home or small office; and public profiles, when you are connected to an insecure public network such as a Wi-Fi hotspot.

You can also use Group Policy to configure similar Windows Firewall policies to those configured with the Windows Firewall with Advanced Security snap-in.

The TCP/IP protocol suite is the default networking protocol for all editions of Windows Vista. It is also the default protocol used by the Internet.

By default, previous versions of Windows have used version 4 of the IP protocol, simply known as IPv4. While its 32-bit address space has been adequate for many years, recent rapid growth of the Internet has pushed IPv4 towards exhaustion of its address space.

To address this limitation, the Internet Engineering Task Force (IETF) introduced version 6 of the IP protocol (IPv6) in 1998. This protocol provides for 132-bit addressing, which allows for a practically infinite number of possible addresses and provides several additional benefits.

Using a new TCP/IP implementation known as the Next Generation TCP/IP stack, Vista provides a dual IP layer architecture enabling the operation of both IPv4 and IPv6 at the same time.

IPv4 address information applied to the network interface consists of an IP address (a unique, logical 32-bit address that identifies the computer and its subnet), subnet mask (when applied to an IP address it determines what portion is the host address and what is the subnet), default gateway (the router’s address that leads to the main network or public Internet), DNS server address (IP address of the DNS server where names are resolved to IP addresses), and Windows Internet Naming Service (WINS) server address (IP address of the server that provides NetBIOS name to IP address resolution).

Each network connection in the Network and Sharing Center represents a separate adapter and separate IP address information.

Table 11 describes the IPv4 address classes, including the maximum number of networks and number of hosts per network for each class.

DHCP provides dynamic IP addresses to a computer when it needs to be connected to the network. When the computer is disconnected, the IP address becomes available for use by another computer. Use of DHCP ensures that all computers on the network receive unique IP addresses and that best usage is made of the available IP address scope.

The Automatic Private Internet Protocol Addressing (APIPA) system provides an alternate configuration to DHCP for automatic IP addressing.

APIPA defines its IP addresses in the range of 169.254.0.1 to 169.254.255.254. The subnet mask on these addresses is configured as 255.255.0.0.

IPv6 addresses consist of eight 16-bit blocks, each of which is portrayed as a 4-digit hexadecimal number and is separated from other blocks by colons. This notation is referred to as colon-hexadecimal, for example 3ffe:ffff:21a5::ff:fe21:5a3e.

IPv6 addresses contain a prefix that represents the network portion of the address. The number of bits used by the address prefix is represented by a number at the end of the prefix; for example, 3ffe:ffff:21a5::/64.

IPv6 uses the following three types of addresses:

Table 12 provides additional details on the IPv6 classes and subclasses.

To assist in the migration from IPv4 to IPv6 and their coexistence, several additional address types are used, as follows:

New to Windows Vista, the Network and Sharing Center brings all networking tasks together in a single convenient location.

You can use the Network and Sharing Center to configure your computer with TCP/IP version 4 or 6 either manually or dynamically.

The default method is to dynamically configure TCP/IP. This includes the default gateway used for accessing the Internet as well as the addresses of WINS and DNS servers.

You can configure your computer with a static IPv4 or IPv6 address, along with the IPv4 subnet mask, default gateway, WINS and DNS servers, and any additional IP addresses that might be required for purposes such as hosting two different websites.

Although you cannot remove IPv6 from a Vista computer, you can disable IPv6 on specific network connections.

The Sharing and Discovery section of the Network and Sharing Center enables you to perform actions related to sharing of resources on your computer with others on the network.

You can share folders with other users across the network from the Computer Management snap-in or from the Sharing tab of a folder’s Properties dialog box. New to Vista, you can specify the names of users with whom you want to share each folder.

Windows Vista shares folders to others as Reader, which means that the users you specify can view but not modify available files. You can modify this by clicking Advanced Sharing from the Sharing tab of the Properties dialog box and clicking Permissions. This enables you to elevate the permission to Change (enables users to view and modify files but not change the attributes of the shared folder itself) or to Full Control (enables users to view and modify files and change the attributes of the shared folder including ownership).

You can hide shares by adding a $ symbol at the end of the name. All administrative shares are hidden. These are C$, ADMIN$, IPC$, PRINT$, and FAX$.

Windows Vista provides the C:UsersPublic folder as a location for sharing files as a default. By default, public folder sharing is turned off. You can configure this folder so that anyone on the network can read files or so that they can read, change, and create files. You can also turn password protected sharing on and specify a password that an external user must enter to gain access to the shared folder.

You can also share other resources such as printers and media such as music, pictures, and videos from the Sharing and Discovery section of the Network and Sharing Center.

Windows Vista lets you search for computers on the network, even when connected remotely. Click Start, Search, and then select Advanced Search from the dialog box that appears. Expand the Network entry to display available computers and then double-click the desired computer to view its shares. You can also type partial names or similar names or use the View Computers and Devices option in the Network and Sharing Center.

The Network and Sharing Center also enables you to configure wireless networking. Windows Vista supports the 802.11 protocols for wireless LANs and is capable of transparently moving between multiple wireless access points (WAPs), changing to a new IP subnet, and remaining connected to the network.

Vista provides considerably enhanced wireless network reliability, stability, and security compared to Windows XP.

Vista provides the Set Up a Home or Small Business Network wizard that simplifies the process of setting up various types of network connections and connecting to wireless and other networks. You can set up wireless routers or access points, manually connect to wireless networks, set up a wireless ad hoc (computer to computer) network, set up a dial-up connection, or connect to a virtual private network (VPN) office connection.

The Set Up a Home or Small Business Network wizard also lets you choose from several file and printer sharing options that determine how resources on your computer will be available to others on the network you have set up.

You can choose among the wireless security types described in Table 13 when setting up your wireless network.

You can manage wireless network connections from the Manage Wireless Networks dialog box. This dialog box enables you to add new wireless networks, view or modify the properties of a wireless network connection, modify the sequence of preferred connection to these networks, or choose the type of profile (per-user or per-computer) to be applied to a network.

Internet Connection Sharing (ICS) can be configured on a Windows Vista computer to share its Internet connection with other computers on its local network.

ICS runs a simplified DHCP service, DNS forwarder, Network Address Translation (NAT), and TCP/IP traffic forwarding. It also includes an auto-dial feature that establishes the Internet connection when required from a computer on the network that does not host the Internet connection.

You can check the status of a LAN connection from the Network Connections folder. Right-click your connection icon and choose Status to display the Local Area Connection status dialog box. This dialog box contains a troubleshooter that attempts to diagnose the source of a connection problem.

Problems such as incorrect or duplicate IP addresses, incorrect subnet masks, or inability to connect to a DHCP server might prevent you from communicating on a wired or wireless network.

Use IP utilities, described in Table 14, to troubleshoot network connectivity on a TCP/IP network.

You might encounter several problems that are specific to wireless networking:

If you are not connecting to any network and the link light on your network card is not lit, you most likely have a hardware problem. Use Device Manager to check for disabled or non-functional devices. You might need to update the device driver or if you have recently done so, roll back the driver to a previous version.

For modem problems, check the Phone and Modem Options applet in the Hardware and Sound category of Control Panel. From the Diagnostic tab, click Query Modem and watch for an entry to appear in the Command/Response list. If you receive an error message, check the modem’s properties in Device Manager.

Remote Access enables you to connect to remote networks by means of a dial-up or VPN connection across the Internet.

Point-to-Point Protocol (PPP) is a dial-up protocol that supports TCP/IP and IPX/SPX and others with advanced compression and encryption functions.

Tunneling protocols are used for VPNs. They are Point-to-Point Tunneling Protocol (PPTP), which supports multiple networking protocols; and Layer 2 Tunneling Protocol (L2TP), which also supports multiple networking protocols and is used with IPSec.

Table 15 describes remote access authentication protocols and their security methods.

The most secure protocol is certificate-based. The next most secure is MS-CHAPv2. The least secure is PAP.

You can specify additional remote access security settings from the Local Security Policies snap-in. From here you can specify account lockout settings that lock a user out should she attempt to guess a password.

You can also specify callback settings to restrict misuse of a Windows Vista computer configured to accept incoming connections via dial-up. The computer disconnects and calls the incoming user back at a predefined telephone number; if the user is not at this location, he does not gain access.

You can establish a VPN client connection to a remote network from the Connect to a Network dialog box. Type the username, password, and domain name (if used) when instructed. Vista saves this connection information for later use.

You can also configure additional properties of the VPN connection from its Properties dialog box, including the authentication protocol in use, optional or required encryption, use of ICS to share the connection with other local computers, and networking options such as File and Printer Sharing for Microsoft Networks, QoS Packet Scheduler, and the Client for Microsoft Networks.

Remote Assistance and Remote Desktop both use Remote Desktop Protocol (RDP).

To share a Remote Desktop session, open the System applet in Control Panel, click the Remote tab, and select the Allow Connections from Computers Running Any Version of Remote Desktop (for connections from XP or Vista computers) or the Allow Connections Only from Computers Running Remote Desktop with Network Level Authentication (for connections from Vista computers only). Then click the Select Users button to select the users allowed to connect.

Remote Desktop privileges are automatically granted to any member of the Administrators group.

Remote Assistance allows a user running a Windows Vista computer on a network to request assistance online or for an expert to offer assistance remotely. The expert’s session is a shadow of the user’s console.

You must configure Windows Firewall to allow Remote Desktop or Remote Assistance sessions to pass. Access the Security Center, select Windows Firewall, and then select Allow a Program Through Windows Firewall and click Continue on the UAC prompt that appears. On the Exceptions tab of the Windows Firewall Settings dialog box, select the Remote Assistance and Remote Desktop check boxes.

To request Remote Assistance, you use Help and Support in the Start menu.

Remote Assistance requests can be made through email or file.

Windows Vista Home Premium and Windows Vista Ultimate contain a rich set of media-based applications that enable you to work with and enjoy your music, photos, videos, and TV programs on your computer. These include Windows Media Center, Windows Media Player, Windows Photo Gallery, and Windows Movie Maker.

Windows Media Center is a one-stop, complete multimedia application that lets you watch and record TV, listen to digital music, play games, listen to FM and Internet radio stations, or access content from online media services.

Express Setup in Windows Media Center simplifies the process of setting up Windows Media Center to work with the media devices installed on or available to your computer.

Windows Media Center displays all available media content that you have saved to your computer.

You can use a network projector with Windows Media Center for giving business presentations or slide shows from your computer. If you are using a wireless network, security protocols configured on the network encrypt the communication. The Connect to a Network Projector Wizard facilitates the process of locating and accessing a network projector.

Windows Media Player version 11 offers a high level of choice and flexibility for managing digital media, including music, photos, and videos.

Windows Media Player 11 provides a series of enhancements over previous versions, including improved access to features, improved navigation, use of album art to facilitate locating specific media, revamped playback controls, simplified media libraries that you can organize by several categories, the display of available playlists, the ability to connect to an online music store, ripping and burning options, synchronizing with other computers and external music players, improved video experience, and improved view options.

The Custom Setup feature in Windows Media Player enables you to customize settings such as privacy options, content providers, file types played by Windows Media Player, and online music stores. You can also choose to make Windows Media Player 11 to be the default music and video player.

The Options dialog box provides the following options for configuring Windows Media Player:

Additional menu bar options are available that govern ripping (copying of audio CDs), burning of audio CDs, data CDs, or DVDs, and syncing of media files to portable devices such as mp3 players.

Group Policy offers several settings that govern Windows Media Player in the fields of networking, playback, the user interface, and retrieval of media from the Internet.

Windows Photo Gallery enables you to import photos and videos from cameras, scanners, removable media, other computers on the network, or the Internet. You can view the images, add or edit metadata, assign ratings, catalog the images to facilitate searching for them later, and burn them to CD or DVD.

The File menu in Windows Photo Gallery provides the commands for managing images as described in Table 16.

You can perform a series of quick fixes on an image in Windows Photo Gallery. Available fixes include manual or automatic adjustment of exposure and color, cropping, and fixing red eye.

Windows Photo Gallery also has options for searching for and previewing images, playing slide shows, displaying an image as your desktop wallpaper, creating image tags and ratings, and viewing by folder or by date taken.

Windows Movie Maker and its companion application, Windows DVD Maker, enable you to create, import, manage, and edit digital videos in regular or high-definition format.

Windows Movie Maker and Windows DVD Maker offer support for high-definition video, simplified importing of videos, integration with Windows Photo Gallery, DVD authoring and burning capabilities, and high-quality graphics capabilities.

Windows Mail is the successor to Outlook Express and offers the following enhancements:

Windows Mail provides a wizard that simplifies the input of your email account information.

The Internet Accounts dialog box enables you to manage your email and newsgroup accounts.

The Import command in Windows Mail enables you to import contacts, messages, and mail and news account settings. You can also export contacts and messages to other mail programs.

The Options dialog box in Windows Mail enables you to specify configuration options for a large range of properties including the sending and receiving of messages, reading of email and news messages, requesting of read receipt for messages you send, viewing of messages in HTML format, the font and stationery used with messages you are composing, the use of signatures and business cards, spell checking, connection to the Internet, and additional advanced options.

Microsoft has upgraded the security of email handled by Windows Mail to handle many new concerns including junk mail (spam), phishing, virus protection, blocking of file extensions that might contain viruses or other malware, downloading of images, and the use of digital certificates for signing or encryption of your email messages.

Windows Meeting Space is a new collaboration tool that enables face-to-face interaction among small groups of users in any location using a wired or wireless network.

Windows Meeting Space offers features such as support for wireless networking, shared control of presentations, compatibility with non-Microsoft applications, the ability to check for others on the network and invite them to a meeting, searching for meeting sessions, and the sharing and editing of files among meeting attendees.

The People Near Me feature identifies nearby people and enables them to send meeting invitations.

Windows Meeting Space enables you to share handouts, applications running on your computer, or your entire desktop with others in your meeting. Attendees can view and edit handouts, and you can perform actions such as demonstrations that others can view.

Windows Calendar is a full-fledged calendar application that enables you to keep track of meetings and appointments. It enables you to create tasks and appointments, create alerts to remind you of scheduled items, create task lists, and share calendars with coworkers or family members.

You can view meetings, appointments, and tasks on a day, week, or month basis, as well as navigate to other months or days. You can even navigate to other years or decades if needed.

You can create multiple calendars and share them with others in your workgroup or family so that everyone knows what others have scheduled. You can display information from multiple calendars together on a color-coded basis.

Windows Calendar enables you to create appointments, all-day events, and tasks. You can include information such as details, locations, the calendar to be used, URLs, all-day appointments, recurring appointments, and task priorities. You can also create reminders that alert you to upcoming appointments.

You can share and publish your calendars so that others are aware of your activities. You can configure web-based sharing or send calendars by email. Others can subscribe to your calendars, and you can subscribe to theirs.

Windows Fax and Scan simplifies the tasks of sending and receiving faxes, scanning images and documents, and sharing these items with others. This program provides the following features:

Windows Fax and Scan uses fax accounts for tracking fax use by everyone using the program.

You can send faxes containing only a cover page, multipage faxes, or faxes with attached documents.

You can also send a fax document directly from many applications such as Microsoft Word by means of a fax printer driver that renders your document as a fax.

Windows Fax and Scan enables you to scan documents and images from scanners attached to your computer or located on the network. You can also scan and fax a document in a single step.

Windows Sidebar is a pane that appears by default on the right side of your display and includes a variety of items known as gadgets. By default, Windows Sidebar displays an analog clock, a slide show, and a series of newsfeed headlines from the Internet.

You can add gadgets from a set included with Vista by default, or you can download additional gadgets from the Internet for adding to the Sidebar.

Some gadgets such as the slide show feature additional customization options.

Monitoring applications include the Reliability and Performance Monitor, Task Manager, and Scheduled Tasks.

The Reliability and Performance Monitor includes a Resource Overview that provides a summary of CPU, disk, network, and memory performance statistics including mini-graphs of recent performance of these four components.

Performance Monitor provides a real-time graph of computer performance:

Reliability Monitor is a new component in Windows Vista that produces a trend analysis of your computer’s system stability with time. It provides the System Stability Chart, which correlates the trend of your computer’s stability against events that might destabilize the computer.

The Data Collector Sets feature enables you to log computer performance over time while the computer is executing other tasks.

Data collector sets are binary files that store performance statistics, which you can later analyze in the Performance Monitor snap-in. Vista provides a wizard that assists you in setting up a new data collector set and using it to collect performance data. You can also use a set of counters you have already configured in Performance Monitor.

The Data Collector Sets feature also enables you to display an alert when a selected counter exceeds or drops beneath a specified value.

Table 17 describes important Memory object counters and how to resolve related problems.

The Paging File\% Usage counter is of use when troubleshooting memory problems.

By default, the paging file is located at %systemdrive%pagefile.sys and has a default size of the amount of RAM in the computer plus 300MB and a default maximum size of three times the amount of RAM in the computer.

You might want to configure equal values for the initial and final paging file sizes. It is more efficient to increase the initial size of the paging file rather than to increase the final size. Increasing the final size of the paging file can force the operating system to allocate more space as applications start, thereby causing disk fragmentation. In most cases, configuring the option for Windows to select the best paging file size will work fine.

Table 18 describes important Processor object counters and how to resolve related problems.

Table 19 describes important PhysicalDisk object counters and how to resolve related problems.

Table 20 describes important LogicalDisk object counters and how to resolve related problems.

You should log disk activity to a different disk or computer. The act of recording performance logs places an extra “hit” on performance for the disk on which logs are recorded.

Vista provides the following command-line tools to assist you in monitoring performance:

Vista provides the following three technologies for enhancing system performance:

The System Configuration Utility enables you to disable common services and startup programs to selectively troubleshoot which items are preventing a normal startup.

Task Manager provides data about currently running processes, including their CPU and memory usage and enables you to modify their priority or shut down misbehaving applications.

You can modify an application’s behavior by adjusting its priority in Task Manager or by starting the application at a different priority.

Priorities for applications are Realtime (the highest priority, only to be used cautiously), High, AboveNormal, Normal (the default priority), BelowNormal, and Low.

You can modify the application’s priority in Task Manager or by using the start /option command.

You might be able to improve computer performance by changing the relative priority of foreground and background applications. The following options are available:

You can set processor affinity from Task Manager. Simply right-click the process from the Processes tab and choose Set Affinity. Then select the appropriate processor.

Event Viewer enables you to see errors and system messages. This program records events in the following five logs:

Most logs in Event Viewer record three types of events—errors, warnings, and informational events.

You can customize Event Viewer to show only the types or categories of logs you need to view. You can also associate tasks with events logged by Event Viewer.

Windows Update enables you to maintain your computer in an up-to-date condition by automatically downloading and installing critical updates as Microsoft publishes them.

You can use Windows Update to check manually for updates or configure one of several options to download and install updates automatically.

You can use a server running Windows Server Update Services (WSUS) to download updates on a corporate network, test them for compatibility, and distribute approved updates to computers on the network.

Group Policy provides a series of policy settings that govern the actions performed by Windows Update, including the manner in which computers check for updates, the use of a WSUS server, restart options, and so on.

Vista includes the Backup and Restore Center and the Backup Status and Configuration utility to facilitate backup and restoration of data.

The Backup and Restore Center enables you to back files and folders up to hard disks, CDs, DVDs, or network shared folders.

The Windows Complete PC Backup and Restore procedure enables you to fully restore your computer in the event of a hardware failure. This procedure replaces the System State backup used in Windows 2000/XP and backs up your data at the same time.

You can use the Backup and Restore Center to restore selected files and folders or to restore all files and settings from a Windows Complete PC Backup and Restore image. You can also use System Restore to restore system files and settings to an earlier point in time.

The Backup Status and Configuration Utility provides the following additional backup options:

Encrypting File System (EFS) enables users to encrypt files and folders on any partition that is formatted with the NTFS file system.

The exam might touch on two points about Encrypting File Service (EFS): The file system must be set to NTFS if you want to use EFS, and no file can be both encrypted and compressed at the same time.

NTFS is required for EFS.

A user must have a file encryption certificate before another user can grant him the right to open a shared encrypted file.

Data recovery agents are users with file encryption certificates who have been designated the right to decrypt users’ encrypted files in case the user’s file encryption certificate is damaged or lost.

Public keys are stored in the My Certificates folder of a user’s profile in plain text.

Private keys are encrypted in the RSA folder in a user’s profile.

Cipher.exe is the command used to manage EFS encrypted files. Cipher /e encrypts, and cipher /d decrypts.

BitLocker is a new feature in Vista Enterprise and Ultimate that encrypts the entire Windows volume, thereby preventing unauthorized users from circumventing file and system permissions in Windows or attempting to access information on the protected partition from another computer or operating system.

BitLocker utilizes the Trusted Platform Module (TPM) version 1.2 to provide secure protection of encryption keys and checking of key components when Windows is booting.

BitLocker enables you to store encryption keys and restoration password on a USB flash drive or a separate file for additional data security and recovery capability.

You can use a computer that does not have a TPM module if you have a USB flash drive to store the encryption keys and password. You must enable a Group Policy setting to do so.

The Mobile PC Control Panel provides a centralized location for performing many of the configuration activities associated with portable computing.

The Windows Mobility Center includes a series of applets that enable you to configure several features specific to portable computers. Included are display brightness, speaker volume, battery status, wireless network status, external displays, Sync Center, presentation settings, and Tablet PC screen orientation.

When establishing a VPN connection to a server, encryption levels on the mobile computer and server must match, or an error will result.

Offline Files enables you to cache copies of files from the network to your computer so that you can work with them when disconnected from the network.

Vista provides the Sync Center, which enables you to manage the synchronization of offline files on your computer. You can synchronize with multiple devices, perform manual or scheduled synchronization, and resolve synchronization conflicts.

If synchronization conflicts occur as a result of different users modifying the same file, Sync Center enables you to save either or both versions of the file so you can compare the changes later.

You can use an Infrared Data Association (IrDA) port on your portable computer to create an ad hoc peer-to-peer network connection to another IrDA-equipped computer.

The Presentation Settings feature on mobile computers enables you to configure your computer for giving a presentation. It performs such actions as disabling Sleep mode, the screen saver, and system notifications; adjusting the speaker volume; and providing an alternate desktop wallpaper. You can also connect to a networked projector while giving a presentation.

You can use an external monitor with a VGA-equipped mobile computer in any of the following ways:

Windows SideShow is a new application in Windows Vista that enables you to view items such as incoming email, actions scheduled in Windows Calendar, invitations to meetings run on Windows Meeting Space, and so on, using an auxiliary display found on the lid of many mobile computers or an external device such as a wireless LCD display or a mobile phone.

Windows SideShow uses gadgets similar to those utilized by the Sidebar.

You can lock the Windows SideShow device to prevent viewing of information by unauthorized parties.

A Tablet PC is essentially a small notebook computer equipped with a pressure-sensitive touch screen and a digital pen that can be used to tap window controls or handwrite information on the screen. Vista provides a series of applications that facilitate the use of Tablet PC computers.

The Tablet PC Settings dialog box enables you to perform actions such as setting handedness, calibrating the digital pen, and selecting the display orientation.

The Tablet PC Input Panel enables you to use the digital pen rather than the keyboard to enter handwritten text.

The Tablet PC Input Panel includes a writing pad where you can write text, a character pad where you can write individual characters, and a digital keyboard where you can use the pen to type text on-screen.

You can use pen flicks to navigate a document or perform editorial actions. Vista provides a series of default actions as well as additional actions that you can customize.

You can train the Tablet PC handwriting recognizer to translate your handwritten words accurately into typed text. Training enables the recognizer to understand your personal writing style and reduce confusion among similar characters.

The snipping tool enables you to capture an object from any application active on your screen. You can add a handwritten comment if desired and save it as an image file or paste it into a document such as a Microsoft Word file.

Some Tablet PC models possess touch screen capabilities, in which the screen responds to finger touches. The touch pointer is a mouse-like icon that floats on the screen below your finger when in use and enables you to perform click-and-drag actions.

Sleep mode in Vista automatically saves your work and configuration information in RAM and turns off the computer’s monitor, hard disk, and other system components. You can enter Sleep mode and resume Normal mode rapidly.

Remember the difference between Sleep mode and hibernation. If power is lost, data can be lost in Sleep mode because this mode does not save the desktop state to disk, only to RAM. However, the computer is able to resume activity more rapidly from sleep than from hibernation.

The preconfigured power plans are

You can also specify whether to require a password when waking from sleep mode, and choose the action that takes place when you press the power and sleep buttons or close the notebook lid.

The Advanced Power Settings dialog box enables you to define a large range of options that govern the behavior of the computer when set for any of the three default power plans or a custom power plan. You can define these settings separately for when the computer is plugged in or running on battery power.

You can also create a custom power plan and define all these settings according to your individual needs.

The battery meter enables you to keep track of remaining battery life. It warns you when battery power is dropping below warning and critical threshold levels.

You can also use Group Policy to configure many power management settings.