UNIVERSITY OF SAHIWAL

COURSE: Operating systems

Topic:

Windows operating system

Course Instructor:
Madam Samavia Zafar

Assignment by:
1-Minahil Nadeem.

2-Ahmad Hussain.

3- Kainat Sharif.

4-Asad Ahmad.

5-Zain Ali.

6-Nouman Hamid.

DEPARTMENT OF COMPUTER SCIENCE

Batch no. (2024-2028)
Section: E2(Evening)

Due date: 29-11-2025

 Table of Contents

Chapter 1: Windows Architecture & Core System Components

‣ 1.1 System Layers: Kernel Mode, User Mode, and HAL
‣ 1.2 Core Processes, Services, and the Registry
‣ 1.3 Memory, Storage, and File System Management

Chapter 2: Windows Installation and Deployment

‣2.1 System Requirements and Installation Fundamentals
‣2.2 Disk Management and Deployment Methods
‣2.3 Deployment Tools and Post-Installation Tasks

Chapter 3: System Management and Administration Tools

‣ 3.1 Essential GUI Tools: Settings, Control Panel, and MMC
‣ 3.2 Performance Monitoring: Task Manager and Resource Monitor
‣ 3.3 Advanced Administration: PowerShell, Group Policy, and Services

Chapter 4: Windows Security and Access Control

‣ 4.1 Foundational Security: UAC, Windows Defender, and Firewall
‣ 4.2 Data Protection: BitLocker, EFS, and Secure Boot
‣ 4.3 Access Management: Users, Permissions, and Auditing

Chapter 5: Backup, Recovery, and Troubleshooting Techniques

‣ 5.1 Data Backup Strategies
‣ 5.2 System Recovery Techniques
‣ 5.3 Essential Troubleshooting Techniques
Introduction to the Windows Operating System
Microsoft Windows is the world’s most widely used desktop operating
system, powering personal computers, business workstations, servers,
and embedded systems across the globe. Since its initial release in 1985,
Windows has evolved from a graphical shell running on top of MS-DOS
into a sophisticated, feature-rich platform that defines modern personal
and professional computing.

A Brief Evolutionary Journey:-

Windows’ history reflects the rapid advancement of computing
technology. Key milestones include:
 The 16-bit Era (Windows 1.0–3.1): Introduced the graphical user

interface (GUI), overlapping windows, and basic multitasking to the

MS-DOS platform.
 The Windows 9x Line (95, 98, ME): Brought the iconic Start menu,

taskbar, and Plug and Play hardware support, moving closer to a fully
integrated OS but retaining DOS foundations.
 The NT Line (Windows NT, 2000, XP, and beyond): Built on the

modern, secure, and stable Windows NT kernel, designed for true

32/64-bit preemptive multitasking, advanced security, and enterprise
reliability. This line merged with the consumer line with Windows XP
and continues today as the core of all modern Windows versions.
 The Modern Era (Windows 7, 8, 10, 11): Focused on refinement,

touch/pen input, cloud integration (OneDrive, Microsoft 365), robust

security by default, and a unified update model. Windows 10 and 11
represent "Windows as a Service," with continuous feature updates
and a strong emphasis on compatibility and cross-device experiences.
Why Study Windows Architecture?
Understanding Windows is crucial for IT professionals, developers, and
power users because:
1. Ubiquity: It dominates the corporate and consumer markets, making
technical support and development skills highly valuable.
2. Complex Ecosystem: It manages a vast array of hardware, software,
and network interactions. Knowledge of its internal workings enables
efficient troubleshooting, optimization, and security hardening.
3. Foundational Concepts: Windows embodies core operating system
principles—process and memory management, security models, file
systems, and driver frameworks—in a practical, real-world system.

What This Chapter Covers

This chapter delves into the core architecture that makes Windows
function. We will move beyond the desktop interface to explore the
layered design separating user applications from the critical system
kernel, the key components that manage hardware and system
resources, and the fundamental processes that keep the OS running. By
the end, you will have a clear mental model of how Windows organizes
and protects its operations at the most fundamental level, providing the
necessary foundation for advanced administration, development, and
security tasks explored in later chapters.

Chapter 1: Windows Architecture

Kernel Mode vs. User Mode:

Think of your computer as a high-security building. Kernel Mode is

the secure control room with access to everything. User Mode is
where regular office workers (your apps) do their jobs in separate,
locked rooms.
Why This Split Exists
Windows separates these two modes to protect your system. If one app
crashes or has a virus, it won't crash your entire computer. The control
room (Kernel Mode) stays safe and in control.

Kernel Mode: The Control Room:

 What runs here: The most important parts of Windows (the "kernel")

and device drivers.

 Full access: Can directly control hardware (CPU, memory, disks).

 Critical rule: If something crashes here, your whole computer crashes

(Blue Screen).
User Mode: The Office Space:
 What runs here: All your applications (Word, Chrome, games) and

some Windows helpers.

 Limited access: Apps CANNOT touch hardware directly.

 Isolated rooms: Each app runs in its own protected space. One crashed

app doesn't affect others.

 Must ask permission: To do important tasks (save a file, print), apps

must "ask" the control room through special requests.

How They Work Together: The Guarded Door
When you click "Save" in Word:
1. Word (in User Mode) sends a request: "Save this file!"
2. The request goes through a guarded door (system call).
3. Windows (in Kernel Mode) checks if this is allowed.
4. If approved, Windows directly tells the hard disk to save.
5. The result ("Saved!") goes back through the door to Word.
This happens thousands of times per second, completely invisible to you.
Why This Matters to You
 Stability: A game freezing won't crash your whole PC.

 Security: Viruses in User Mode can't easily take over your computer.

 Multi-tasking: Multiple apps can run safely at once.

Simple Example: Imagine a library. You (User Mode) can read any book,
but you must ask the librarian (Kernel Mode) to enter the restricted
archive room. You can't just walk in. This keeps the rare, important books
safe.
This split between Kernel and User Mode is Windows' most basic
security rule. Everything else in Windows architecture builds on this idea
of separation and protection.

Hardware Abstraction Layer (HAL): The Universal Translator

Think of the Hardware Abstraction Layer (HAL) as a universal

translator or interpreter between Windows and your computer's specific
hardware. Its job is simple but crucial: to make Windows work on ANY
computer, regardless of the exact brand of processor, motherboard, or
chips inside.
The Problem: Too Many Computers, One Windows
Every computer is different:
 Dell laptops have different motherboards than HP desktops

 Intel processors work differently than AMD processors

 One computer might have one hard-drive, another might have three

Without HAL, Microsoft would need to create a different version of

Windows for every possible hardware combination—an impossible task!
HAL's Solution: "Don't Talk to Hardware, Talk to Me"
HAL sits between the Windows kernel and your actual hardware. Instead
of Windows saying:
*"Hey, Intel Core i7-13700K processor on an ASUS Z790 motherboard, do
this specific thing..."*
...Windows says to HAL:
"Hey translator, make the processor do its next task."
 Then HAL translates this into the exact language that YOUR specific Intel
processor understands.
What HAL Actually Does
HAL is a small but important file ([Link]) that handles:
 Power management (sleep, hibernate, wake up)

 Processor communication (how to talk to your specific CPU)

 Interrupt handling (managing signals from hardware)

 DMA control (direct memory access for faster data transfer)

 System timer and clock management

Real-Life Example: Plugging in a USB Drive

1. You plug in a USB drive
2. Your USB port sends a signal: "Hey, something was plugged in!"
3. HAL receives this signal and translates it into a standard message:
"New storage device detected"
4. Windows kernel hears this standard message and knows what to do
next
5. Windows loads the right driver and shows the USB drive in File
Explorer
The beauty? Windows doesn't need to know if it's a USB 2.0, 3.0, or USB-
C port. HAL handles those details.
Different HALs for Different Systems
While HAL provides a consistent interface, there are different HAL files
for different system types:
 Standard PC HAL: For basic single-processor systems

 Advanced Configuration and Power Interface (ACPI) HAL: For most

modern computers (laptops, desktops)

 Server HAL: For powerful multi-processor servers

When you install Windows, it automatically detects your hardware and

installs the right HAL.
Why HAL Matters to You
1. Hardware Freedom: You can buy any computer and Windows will
work on it
2. Driver Simplicity: Hardware makers (like NVIDIA or Logitech) write
ONE driver that works through HAL, instead of different drivers for
every Windows version
3. Upgrade Flexibility: You can upgrade your motherboard or processor,
and Windows (with the right HAL) can usually adapt
4. Stability: Since Windows doesn't touch hardware directly, a hardware
problem is less likely to crash the entire system
The Limits of HAL
HAL doesn't replace device drivers. While HAL handles basic
communication with core system components, specialized devices
(graphics cards, printers, scanners) still need their own drivers. Think of it
this way:
 HAL = Translator for the computer's "vital organs" (heart, lungs, brain)

 Drivers = Specialists for "external tools" (eyes, hands, specific tools)

Simple Analogy: Restaurant Kitchen

Imagine Windows as a chef who only speaks English. The kitchen
equipment (ovens from France, mixers from Germany, blenders from
Japan) all speak different languages. HAL is the kitchen translator who:
1. Understands the chef's English instructions
2. Translates them into French for the oven, German for the mixer,
Japanese for the blender
3. Gets consistent results regardless of equipment brand
The chef doesn't need to learn 10 languages, and the kitchen can use any
brand of equipment.
In summary, HAL is Windows' secret to working everywhere. It's the
invisible layer that makes "one Windows fits all" possible by translating
between Windows' standard commands and your computer's unique
hardware language.
 Core Processes, Services, and the Registry

Think of Windows as a busy company. Core Processes are the essential

workers who must always be on duty. Services are the specialized
departments that run in the background. The Registry is the company's
massive filing system that remembers every setting and configuration.
Core Processes: The Essential Workers
These are the critical programs that MUST be running for Windows to
work. You can see them in Task Manager:
1. System (Process ID 4)
 The parent of all processes - the first one that starts when Windows

boots
 Contains the most critical kernel-mode components

 If this ends, Windows crashes immediately

2. System Idle Process

 Represents CPU time that isn't being used

 Shows as "99%" when your computer is idle

 Not a real process, but a way to measure unused processing power

3. Windows Session Manager ([Link])

 The first user-mode process that starts

 Sets up your user session and launches the next critical processes

 Like a construction supervisor who sets up the work site

4. Client Server Runtime Subsystem ([Link])

 Manages Windows consoles (Command Prompt windows)

 Handles thread creation and deletion

 One instance runs for each logged-in user

5. WinLogon ([Link])
 Manages login and logout security

 Handles Ctrl+Alt+Delete (the secure attention sequence)

 Launches your user shell (usually [Link])

 6. Windows Explorer ([Link])
 Provides your desktop, taskbar, and File Explorer

 The main interface you see and interact with

 Can be restarted without crashing Windows (unlike the others above)

Services: The Background Departments

Services are programs that run without a user interface, performing
essential background tasks:
Common Critical Services:
 Windows Update: Downloads and installs updates automatically

 Print Spooler: Manages all printing jobs

 Windows Defender: Provides antivirus protection

 DHCP Client: Gets your computer an IP address on networks

 Event Log: Records everything that happens for troubleshooting

How to View Services:

1. Press Windows Key + R, type [Link], press Enter
2. See hundreds of services with their status (Running/Stopped)
3. Each service can be Automatic (starts with Windows), Manual, or
Disabled
Services are like the maintenance, security, and utility crews in a building
—you don't see them working, but the building wouldn't function
without them.
The Registry: Windows' Memory Bank
The Registry is a hierarchical database that stores nearly all Windows
settings, configurations, and options.
Registry Structure (Like Folders in File Explorer):
text
HKEY_CLASSES_ROOT (HKCR) - File associations (what opens .docx files)
HKEY_CURRENT_USER (HKCU) - Settings for current user only
HKEY_LOCAL_MACHINE (HKLM) - Settings for all users on this computer
HKEY_USERS (HKU) - All user profiles on the system
 HKEY_CURRENT_CONFIG (HKCC) - Current hardware configuration
What's Stored in the Registry:
 Software installation information and settings

 Hardware configuration and drivers

 User preferences and desktop settings

 Security policies and permissions

 Startup programs and services

Real Example: When you change your desktop background:

1. You pick a new wallpaper in Settings
2. Windows saves this choice in: HKEY_CURRENT_USER\Control Panel\
Desktop
3. Next time you log in, Windows checks this Registry location
4. It loads your chosen wallpaper automatically
Registry Files: The Registry isn't one file, but several files
called hives stored in C:\Windows\System32\config\
How They Work Together: Starting a Program
1. You double-click a program icon
2. Registry is checked: Windows looks up what type of file it is and how
to open it
3. Services help: Antivirus service scans it, network service checks if it
needs internet
4. Core processes manage it: System process allocates memory, [Link]
helps create its window
5. It runs as a new process in Task Manager
Important Warnings About the Registry
Be Careful! The Registry is powerful but fragile:
 Don't edit it unless you know exactly what you're doing
 Always backup before making changes (System Restore creates
Registry backups)
 Use Settings/Control Panel instead when possible—they safely edit
the Registry for you
Common Registry Problems:
 Corrupted entries cause programs to crash

 Malware adds itself to startup locations

 Incorrect permissions prevent Windows from reading settings

Memory, Storage, and File System Management

Memory Management: The Desk Space

Think of your computer's RAM (Random Access Memory) as your desk
space:
 Fast but temporary - When you turn off the computer, it clears

 Holds what you're working on right now (open programs, current

documents)
 Limited size - More RAM = bigger desk = more things you can work on

at once
How Windows Manages Memory:
 Virtual Memory: When RAM fills up, Windows uses part of your hard

drive as "extra desk space" (this is the [Link] file)

 Memory Protection: Each program gets its own protected space

(remember User Mode!)

 Automatic Cleanup: Windows automatically moves unused data out of

RAM
You see this in Task Manager → Performance tab → Memory section
Storage Management: The Filing Cabinets
Your hard drive (HDD) or solid-state drive (SSD) is like your filing
cabinet:
 Permanent storage - Keeps data even when powered off

 Slower than RAM but much larger capacity

 Stores everything: Windows itself, programs, documents, photos
Storage Types Windows Understands:
 Local Drives (C:, D:) - Physical drives in your computer

 External Drives (USB sticks, external hard drives)

 Network Drives - Folders on other computers

 Cloud Storage (OneDrive) - Appears as local folders but syncs online

File Systems: The Filing System

A file system is the organization method for your filing cabinet. Windows
mainly uses:
1. NTFS (New Technology File System)
 Default for Windows drives since Windows XP

 Supports: Large files (up to 16TB!), file permissions, encryption (EFS),

compression
 Journaling: Keeps a "diary" of changes so if power fails, files don't

corrupt
 Used on: Your C: drive and most internal drives

2. FAT32 & exFAT

 FAT32: Old system, works everywhere (Windows, Mac, game consoles,

TVs) but has 4GB file limit

 exFAT: Modern version without the 4GB limit, great for USB drives

 Used on: USB flash drives, memory cards, external drives that need to

work on multiple devices

3. ReFS (Resilient File System)
 Newer system for servers and advanced users

 Better protection against data corruption

 Automatic error correction

How They Work Together: Opening a Document

1. You click "Open" in Word
2. Memory: Word asks Windows for RAM space to work
3. Storage: Windows reads your document from the hard drive
4. File System: NTFS finds the exact location of your file, checks
permissions
5. Result: Document loads into RAM, appears on your screen
Tools You Can Use
 Disk Cleanup: Removes temporary files to free space

 Defragmenter (for HDDs): Rearranges files for faster access (not

needed for SSDs)

 Disk Management: Creates partitions, formats drives

 Storage Settings: Shows what's using your space

Simple Analogy: A Library

 Memory (RAM) = Reading tables where you work with books

 Storage (Hard Drive) = Bookshelves that store all books permanently

 File System = Library catalog system (Dewey Decimal) that organizes

books
The librarian (Windows) brings books from shelves to your table (loading
into RAM), then returns them when you're done (saving to storage).
------------------------------------------------------------------------------------
Ch no 2. Windows Installation and Deployment

Introduction:
Windows is one of the most popular operating system, which is widely
used in personal computers and organizational systems. It provides the
facility to the user that they can easily interact with hardware, run
applications, and to manage system resources.

Need of Windows Installation:

A computer remains unusable until any operating system is installed on
it. Window installation process copy, and configure windows file, that
could help system to boot and operate properly. Windows installation is
very necessary for every new computer or corrupted system.
 Need of Windows Deployment (Modern computers):
When we have to install Windows in multiple computers in any
organization, then manual installation becomes time-consuming.
Windows deployment is a automated process in which same windows
configured image is installed on multiple computers. It saves time, and
maintain consistency in system configuration.
Windows Installation

Definition
Windows installation is the process of installing the Windows operating
system on a computer so that the system can start, run programs, and be
used by the user. During installation, Windows files are copied to the
hard disk and basic system settings are configured.

Requirements for Windows Installation

Before installing Windows, the following requirements are needed:
 A computer that meets minimum hardware requirements (CPU, RAM,

hard disk).
 Windows installation media (bootable USB or DVD).

 BIOS or UEFI access.

 Stable power supply.

Step-by-Step Windows Installation Process

 Step 1: Bootable Media

A bootable USB or DVD containing Windows setup is prepared. This

media is used to start the installation process.

 Step 2: BIOS / UEFI Settings

The computer is restarted and BIOS or UEFI settings are opened. Boot
priority is set to USB or DVD so the system can load Windows setup.
 Step 3: Windows Setup Start
Windows setup screen appears. Language, time, and keyboard settings
are selected, and the installation is started.

 Step 4: Installation Type Selection

The user selects the installation type. For a fresh system, Custom
(Clean Installation) is selected.

 Step 5: Disk Partitioning

Hard disk partitions are created or selected. Windows is usually
installed on the primary partition (C drive).

 Step 6: Copying Windows Files

Windows files are copied to the hard disk. The system installs features
and updates and restarts automatically.

 Step 7: Initial Setup (OOBE)

User account, password, region, and basic settings are configured. This
step prepares Windows for first use.

 Step 8: Installation Complete

After setup is finished, the desktop appears and Windows is ready to
use.

Importance of Windows Installation

Windows installation is important because without an operating system,
a computer cannot function. Proper installation ensures system stability,
performance, and usability.

Types of Windows Installation

1. Clean Installation
Clean installation means installing Windows on a computer by removing
the old operating system and data. In this type, the hard disk is
formatted and Windows is installed as a fresh system. It is used when the
system is slow, infected, or when a new hard disk is used.
2. Upgrade Installation
Upgrade installation is used to move from an older version of Windows
to a newer version without deleting existing data and applications. User
files, settings, and programs remain safe. This type is used when users
want a newer Windows version without losing data.
3. Dual Boot Installation
In dual boot installation, two operating systems are installed on the same
computer. The user can choose which operating system to start at boot
time. This type is useful when a user wants to use Windows along with
another operating system.
4. Network Installation
Network installation is a method in which Windows is installed over a
network instead of using a USB or DVD. The installation files are stored
on a server and client computers install Windows through the network.
This type is commonly used in offices, labs, and organizations.

BIOS vs UEFI
BIOS (Basic Input Output System)
BIOS is a traditional firmware that starts the computer and loads the
operating system. It performs hardware checking and then transfers
 control to the operating system. BIOS supports older systems and works
with MBR partition style.
Key Points of BIOS:
 Older system firmware

 Slow boot process

 Supports MBR partition

 Limited disk size support

UEFI (Unified Extensible Firmware Interface)

UEFI is a modern replacement of BIOS. It provides faster booting, better
security, and support for large storage devices. UEFI works with GPT
partition style and is commonly used in modern computers.
Key Points of UEFI:
 Modern system firmware

 Fast boot process

 Supports GPT partition

 Better security features

Difference Between BIOS and UEFI

BIOS UEFI
BIOS is old. UEFI is modern.
BIOS uses MBR. UEFI uses GPT.
BIOS is slower. UEFI is faster.

Disk Partitioning
What is Disk Partitioning?
Disk partitioning is the process of dividing a hard disk into separate parts
called partitions. Each partition works as a separate storage area.
Windows is usually installed on the primary partition.
 Types of Partitions:
 Primary Partition:
This partition is used to install the operating system. Only one primary
partition is active at a time.
 Extended Partition:
Extended partition is used to create multiple logical partitions. It
cannot directly store an operating system.
 Logical Partition:
Logical partitions are created inside an extended partition and are
used to store data.
Importance of Disk Partitioning
Disk partitioning helps in better data management, system organization,
and easy recovery of data. Proper partitioning improves system
performance and safety of data.

Windows Deployment
Definition
Windows deployment is the process of installing Windows operating
system on multiple computers at the same time using an automated
method. Instead of installing Windows manually on each system, a single
prepared Windows image is used to deploy Windows on many
computers.
Concept of Windows Deployment
Windows deployment is mainly used in organizations, offices, schools,
and computer labs where many computers need the same Windows
configuration. A standard Windows setup is prepared once and then
deployed to multiple systems. This ensures that all computers have the
same settings, drivers, and software.
Why Windows Deployment is Needed
 Manual installation on many computers takes a lot of time.
 Deployment saves time and effort.

 It provides the same configuration on all systems.

 Easy management and maintenance of systems.

Difference Between Installation and Deployment

 Installation is done on a single computer.

 Deployment is done on multiple computers.

 Installation is manual.

 Deployment is automated.

Types of Windows Deployment

 High-Touch Deployment:
High-touch deployment is a method in which Windows is installed with
manual steps. A technician uses USB or DVD and performs most steps by
hand. This method is suitable for a small number of computers.

 Low-Touch Deployment:
Low-touch deployment is partially automated. Some steps are automatic,
but user or technician interaction is still required. It is used when limited
automation is needed.

 Zero-Touch Deployment:
Zero-touch deployment is fully automated and requires no user
interaction. Windows is installed automatically using deployment tools.
This method is mostly used in large organizations.
Image-Based Deployment
What is an Image?
An image is a complete copy of a configured Windows system saved in a
file format, usually WIM (Windows Image) file. This image is used to
install Windows on multiple computers.
 Image-Based Deployment Process:
1. Windows is installed on a reference computer.
2. Drivers, updates, and software are added.
3. System is prepared for imaging.
4. Image is captured into a WIM file.
5. Image is deployed to multiple computers.

Sysprep Tool
What is Sysprep?
Sysprep (System Preparation Tool) is a Windows tool used to prepare a
system for deployment. It removes system-specific information and
makes Windows ready for image capture.
Role of Sysprep in Deployment
 Removes computer-specific data.

 Resets system identity.

 Makes image hardware independent.

 Prevents duplication issues during deployment.

Windows Deployment Tools

Windows Deployment Services (WDS)

WDS is a Microsoft tool used to deploy Windows over a network. It
allows computers to install Windows from a server without using USB or
DVD.
Microsoft Deployment Toolkit (MDT)
MDT is used to automate Windows installation and deployment. It helps
in creating and managing deployment images with less manual work.
SCCM / MECM
SCCM (now called MECM) is an advanced deployment and management
tool used in large organizations. It supports full automation and
centralized control.
 Advantages of Windows Deployment
 Saves time and effort

 Provides same configuration on all computers

 Reduces manual installation errors

 Easy system management

 Cost effective for organizations

Post-Installation Tasks: Configuration, Updates, and

Activation

System Configuration
After Windows installation, basic system configuration is required. This
includes setting user accounts, system preferences, device settings, and
installing necessary drivers. Proper configuration ensures smooth system
performance and usability.
Windows Updates
Windows updates are important to keep the system secure and stable.
Updates fix bugs, improve performance, and protect the system from
security threats. After installation, Windows should be updated regularly.
Windows Activation
Windows activation is the process of verifying that Windows is genuine
and properly licensed. Activation is usually done using a product key or
digital license. Activated Windows provides full features and regular
updates.

Security During Installation and Deployment

During Windows installation and deployment, basic security measures
should be considered. Secure boot, strong user passwords, and updated
installation media help protect the system from threats. In organizations,
deployment images should be kept secure to avoid misuse.
Driver Management
Drivers are required for proper functioning of hardware devices. After
installation or deployment, correct drivers should be installed to ensure
smooth performance of display, network, and other devices.

Common Installation and Deployment Issues

 Boot device not detected

 Missing drivers after installation

 Disk partition errors

 Deployment failure due to incorrect image or Sysprep issues

Understanding these issues helps in quick troubleshooting.

Best Practices
 Always back up important data before installation

 Use updated Window

Conclusion
Windows installation and deployment are important processes in
modern computer systems. Installation is used for setting up Windows
on a single computer, while deployment is used to install Windows on
multiple systems in an automated way. Proper installation and
deployment ensure system efficiency, consistency, and easy
management.

------------------------------------------------------------------------------------
Chapter3: System Management and
Administration Tools
System Management and Administration Tools are a crucial part of any
operating system. These tools help users and system administrators
manage computer systems efficiently by allowing them to configure
settings, monitor performance, and maintain security. Proper system
management ensures that the computer runs smoothly, resources are
used efficiently, and potential problems are identified and resolved in
time. In modern operating systems like Windows, a variety of tools are
provided to simplify both basic and advanced administrative tasks.
Essential GUI Tools

Essential GUI (Graphical User Interface) tools allow users to interact with
the system through visual elements such as windows, menus, and icons.
These tools are especially helpful for beginners and non-technical users
because they do not require memorizing commands.
The Settings application is a modern tool designed for quick and easy
configuration of commonly used options. It allows users to manage
network connections, system updates, display settings, sound, devices,
and privacy options in a simple and organized way.
The Control Panel is a traditional system management tool that provides
access to more detailed and advanced configuration options. It is
commonly used for tasks such as installing or uninstalling programs,
managing hardware devices, configuring user accounts, and adjusting
system security settings. Although many features have been moved to
the Settings app, the Control Panel is still important for advanced system
management.
The Microsoft Management Console (MMC) is mainly used by
administrators. It acts as a container that brings together different
administrative tools, known as snap-ins, into a single interface. Using
MMC, administrators can manage system components such as disks,
devices, event logs, and user permissions more efficiently and from one
centralized location.
Performance Monitoring Tools
Performance monitoring tools are used to observe how system resources
are being utilized and to identify performance-related issues. These tools
are essential for maintaining system efficiency and stability.
Task Manager is one of the most commonly used performance tools. It
provides a real-time overview of running applications, background
processes, CPU usage, memory consumption, disk activity, and network
usage. Task Manager is often used to close unresponsive programs,
check system load, and manage startup applications that affect boot
time.
Resource Monitor provides a more detailed view of system performance
compared to Task Manager. It allows users and administrators to closely
analyze how individual processes use CPU, memory, disk, and network
resources. This tool is particularly useful for troubleshooting
performance problems, identifying resource bottlenecks, and
understanding which applications are slowing down the system.
Advanced Administration Tools
Advanced administration tools are designed mainly for IT professionals
and system administrators who need greater control over the system.
PowerShell is a powerful command-line and scripting environment that
allows administrators to automate tasks, manage system configurations,
and perform complex operations efficiently. By using scripts, repetitive
administrative tasks can be completed quickly and with fewer errors.
Group Policy is an important administrative tool used mostly in
organizational and network environments. It allows administrators to
control and enforce system settings, security rules, and user permissions
across multiple computers. Group Policy helps maintain consistency,
improve security, and prevent unauthorized changes to the system.
Services are background programs that run automatically and support
essential system functions. The Services management tool allows
administrators to view, start, stop, pause, or restart these background
services. Proper management of services is important for ensuring
system stability, performance, and reliability.

------------------------------------------------------------------------------------

Chapter 5: Backup, Recovery, and Troubleshooting in

Windows
Managing a Windows system effectively requires robust strategies for
preserving data, restoring the system after failure, and resolving
common issues. This section outlines essential techniques for ensuring
system and data integrity.

I. Data Backup Strategies

Backup:
Backup is the process of creating copies of data so that these
additional copies can be used to restore the original data after a data loss
event.
A. Key Backup Types

Backup Type Description Pros Cons

Copies all
Requires the
selected data Simplest and
most storage;
Full Backup (files, folders, or fastest
slower to
system image) recovery.
perform.
every time.

Incremental Copies only the Fastest backup Slowest

Backup data that has process; uses recovery, as it
changed since the least requires the
the last backup last Full backup
 Backup Type Description Pros Cons

plus all
(Full or subsequent
space.
Incremental). Incremental
backups.

Faster recovery Takes more

Copies only the than storage and
data that has Incremental time than
Differential
changed since (only requires Incremental, as
Backup
the last Full the last Full + the Differential
backup. the latest set grows over
Differential). time.
B. The 3-2-1 Rule
This is a fundamental industry standard for a robust backup plan:
 3 copies of your data (the original, plus two backups).

 2 different storage media/types (e.g., internal drive, external HDD,

tape, or cloud).
 1 copy kept offsite (e.g., cloud storage or a device stored at a different

physical location).

C. Windows Backup Tools

 File History: Automatically backs up personal files in your Libraries,

Desktop, Contacts, and Favorites folders to an external drive or

network location.
 System Image Backup (Legacy): Creates a complete image of your

entire system partition, including Windows, settings, programs, and

files. This is used for full disaster recovery.

II. System Recovery Techniques

 Recovery:
Recovery is the process of restoring the system and data to a working
state after a failure (e.g., corruption, hardware failure, or malware).
A. Windows Recovery Environment (WinRE)
WinRE provides tools to diagnose and repair Windows. It is typically
accessed from the sign-in screen by holding Shift and selecting Restart,
or by booting from a Windows installation disc/USB drive.
Key Recovery Options in WinRE:
 System Restore: Reverts system files, installed applications, and

registry to a previously created "restore point." It does not affect

personal files.
 Reset this PC:

o Keep my files: Reinstalls Windows but keeps your personal files

and settings.
o Remove everything: Completely wipes the drive and reinstalls

Windows (often used when selling a device).

 Startup Repair: Automatically fixes common problems that prevent

Windows from loading.

 Go back to the previous version:

Allows you to revert to a previous build of Windows after an update.

 Command Prompt: Provides access to advanced command-line tools

for diagnosis and repair.

B. Restoring from Backup

 Restoring Files: Use File History to browse and restore individual or

multiple file versions from the external backup drive.

 Restoring System Image (Bare Metal Recovery): This is used when the

primary hard drive fails or the OS is unbootable. You must boot into
WinRE and select the option to restore a system image from the
external drive where it is stored.
III. Essential Troubleshooting Techniques
Troubleshooting:
Troubleshooting is a systematic approach to identifying and resolving
problems within a system.
A. The Fundamentals
1. Reboot: Always the first step. Many temporary issues are resolved by a
simple restart.
2. Check for Updates: Ensure Windows and device drivers are up-to-date,
as updates often contain critical fixes.
3. Undo Recent Changes: If the problem started recently, think about the
last action taken (new software installed, settings changed, or
hardware connected). Undo that change .
B. Command-Line Tools (via elevated Command Prompt or PowerShell)

Tool Purpose Command Example

Scans and repairs

System File Checker
corrupted Windows sfc /scannow
(SFC)
system files.

Deployment Image Used to repair the

DISM /Online
Servicing and Windows System
/Cleanup-Image
Management Image before using
/RestoreHealth
(DISM) SFC.

Scans the file system

Check Disk for logical and physical
chkdsk /f /r
(CHKDSK) errors on a disk
volume.

Tests connectivity to a
Ping ping [Link]
network host.

IPConfig Displays current TCP/IP ipconfig /all

Tool Purpose Command Example

network configuration.
C. System Tools

Tool Location Purpose

Monitors system performance (CPU,

Memory, Disk) and manages running
Task
Ctrl + Shift + Esc applications and background
Manager
processes. Useful for identifying
resource-hogging apps.

Logs detailed information about

Event Search in system, security, and application
Viewer Windows events. Crucial for diagnosing
recurring or critical errors.

Manages hardware devices and

drivers. Used to check for driver
Device Search in
conflicts (indicated by a yellow
Manager Windows
exclamation mark) or update/roll
back drivers.

Performance Provides more granular detail than

Resource
tab in Task Task Manager on real-time resource
Monitor
Manager usage by specific processes.
D. Driver Management
 Identify Problematic Driver: Use Device Manager to find devices with

a warning sign.
 Update Driver: Right-click the device and choose Update driver.

 Roll Back Driver: If a newly updated driver caused instability, use the

Roll Back Driver option in the driver properties window.