9.1 Manage Files On Windows: 9.1.1 Windows File and Folder Properties

9.
1 Manage Files on Windows
As you study this section, answer the following questions:
 How can you cause the output of a command to list one screen at a time when using Command Prompt in Windows?
 How do you repeat a command by causing the most recent command to appear in Command Prompt?
 Which function does the cd .. command provide?
 Which dir command can you use to display files that are not read-only?
 Which command removes subdirectories and files in the current directory?
 What are the main differences between the copy command and the xcopy command?
 Which two file attributes can you not assign at the same time?
In this section, you will learn to:
 Manage files and folders
The key terms for this section include:
Term Definition
File extension association A mechanism that identifies the program used to create a file.
File attribute Metadata that gives certain qualities to a file after the attribute has been assigned.
A command line tool used for executing commands and managing files and
Command Prompt
folders.
This section helps you prepare for the following certification exam objectives:
Exam Objective
2.2 Use operating system features and utilities
 Use Windows features and command line utilities
TestOut PC Pro 2.3 Manage file systems

 Configure file access permissions
1.2 Given a scenario, use the appropriate Microsoft command-line tool.
 Navigation
ocd
odir
omd
CompTIA A+ Certification 220- ormdir
1102 oDrive navigation inputs
 C:\ or D:\ or x:\
 Command-line tools
o xcopy
o copy
o robocopy
9.1.1 Windows File and Folder Properties

Windows File and Folder Properties 0:00-0:15
In this lesson, we'll discuss the properties of files and folders within the FAT32 and NTFS file
systems. These are the two most implemented file systems for storage devices in Windows.
FAT32 and NTFS File Naming 0:16-1:14
FAT32 is common for flash drives, and you'll see NTFS used on hard disks and SSDs. Both systems
support long filenames up to 255 characters long. This makes naming your files and folders easy. But
there's still a few rules to keep in mind.
First, a period has to separate the name from the extension. Also, file and folder names aren't case-
sensitive on FAT32 or NTFS file systems. For example, the filename INVENTORY_LIST.DOCX all upper
case is the same as inventory_list.docx all lowercase. Be aware that other file systems, like Linux,
are case-sensitive.
Finally, you'll notice that there are several characters that aren't allowed. These include the less-than
sign, the greater-than sign, a colon, a double quote, a forward slash, a backslash, the pipe character,
a question mark, or an asterisk.
Filename Extensions 1:15-1:57
Now let's look at the importance of filename extensions. Certain Windows extensions are mapped to
certain applications by default. These are called file associations. These file associations specify which
applications will be used by default to open a particular file type, which is identified by its extension.
On Windows systems, there are several default file associations you should know. For example, .exe
and .com are executable files that can directly launch an application. A .dll extension means that
the file is a dynamic link library file. A DLL contains pre-compiled code functions that can be used by
other applications running on the system. Microsoft Word files end in .docx, and text files end in .txt.
Default Programs 1:58-2:27
These are just a few of the different file associations. Now let's go into what it means to be mapped
to an application.
Basically, if you double-click a file in File Explorer, its associated application loads automatically. For
example, if you double-click a file with the .pptx extension, Windows will automatically open it in
PowerPoint.
These default settings aren't static, though, and you can change which application is associated with
a particular file extension. You do this in Settings by selecting Apps and then Default apps.
File and Folder Attributes 2:28-3:42
Let's talk about what file attributes are. Every file or folder has attributes that we can enable or
disable to control how it behaves. Let's go through some key ones. First is the Hidden attribute. This
causes the file or folder to be hidden when browsing with File Explorer or when listing the directory
with the dir command in Command Prompt.
Another attribute is the System attribute. With this enabled, it indicates that the file is a protected
operating system file. Next is Read-only. Turning this attribute on allows the file or folder to be
opened but not altered. The Archive attribute tells backup programs that this file or folder has been
altered and needs to be included in the next backup process. You can encrypt your Windows files
by enabling the Encryption attribute as well. There's also an attribute called Compress,
which compresses the file or folder to save disk space. And finally, there's Index, which ensures
the file is included in the Windows search index. Enabling this attribute increases the speed when you
perform searches.
Now, a file can have multiple attributes enabled at the same time with the exception of Encryption
and Compression. You can only have one or the other, but not both at the same time. Any other
combination will work.
Summary 3:43-3:53
That's it for this lesson. In this lesson, we discussed file and folder properties on Windows
systems. We looked at filenames, associations, and attributes. Understanding file and folder
properties will allow you to better manage them in a Microsoft Windows environment.
9.1.2System File Locations

Video Transcript
System File Locations 0:00-0:09
In this demonstration, we're going to look at the default locations in the file system where Windows
saves data.
Program Files 0:10-1:29
The first location you need to be familiar with is C:\Program Files. At the root of the system drive—
usually the C: drive—is the Program Files directory. This is the default location where the files
are stored when you install an application on your system. For example, if I go over to the Microsoft
Edge browser shortcut that I have on my Desktop, right-click, and go to Properties, you can see that
this points toward the Program Files folder on the C: drive and then down to the executable file in
that folder.
Previously, Windows had 32-bit versions in addition to the 64-bit versions that are currently in
production. When files were stored in the Program Files directory on these 32-bit versions, the
applications that the files belonged to were all 32-bit. With the change to 64-bit operating systems,
the application type is no longer 32-bit, but it's not always 64-bit, either. So Microsoft added a new
directory to accommodate the older 32-bit application architecture. That folder is the Program Files
(x86) directory.
So to summarize, the Program Files directory on a 64-bit operating system is for 64-bit applications,
and the Program Files (x86) directory is for 32-bit applications.
Windows System Files 1:30-1:55
Another important folder is the C:\Windows directory. In this case, we're assuming that C: is
the system drive, which may not always be the case. When you install Windows on a storage device,
this is where the Windows system files get copied to by default. Modern versions of Windows install a
large number of subdirectories and files under C:\Windows. You won't interact with the majority of
them much as a system administrator.
System32 Files 1:56-2:20
But there's a folder you might have to work with quite a bit. It's called System32. The System32
folder and all of its subfolders that you see here contain core Windows operating system files.
To be safe, generally speaking, don't mess with any of the files in here unless you absolutely have
to. Those times will be quite rare. If you do something wrong with one of the System32 files, you
could potentially break the entire machine.
hosts File 2:21-3:26
There's one exception to this rule, and that's your hosts file. This file is what Windows uses for name
resolution. In fact, your Windows system checks the hosts file first by default when it needs to
resolve a hostname into an IP address. Only if it can't find an IP address-to-hostname
mapping there, does it then send a query to your DNS service.
The hosts file is located in a subdirectory of System32—the System32\drivers\etc folder. Let's open it

up with Notepad. As you can see, this file has some IP address-to-hostname mappings. If you need
to, you can insert additional entries following the formatting of the other entries. Be aware that you
do have to have administrative privileges to edit this file. That's because, in the past,
malware commonly infected systems and modified the hosts file, adding bogus name mappings. This
is a very dangerous scenario.
Tasks Folder 3:27-4:06
Another important Windows directory is Tasks. Although you won't interact with tasks directly
here, it's important to know where scheduled tasks are stored. To interact with any task that appears
in this directory, use the Task Scheduler app found in Control Panel > System and Security >
Windows Tools > Schedule tasks. As you can see by the shield icon, this requires administrative
privileges to access.
In Task Scheduler, you can define custom tasks that'll occur on your system on a regular basis. Let's
go ahead and close this and close our Administrative Tools and Control Panel.
Users Folder 4:07-5:48
Now, the last directory I want to review with you is found at the root of the C: drive—the Users
folder. This is where user profile data is saved for each user account on your system, along with any
personal data. On my system, I'm logged in as Student2. Under the Student2 folder, I see all of this
user account's data.
In the Desktop directory, for example, if I were to go over and create a new file—let's say a text
document—it'd immediately show up here in my Desktop folder. I also have my Downloads
folder. This folder populates anything that I save from the internet.
I also have my Documents folder. This is where I store all of the documents for this user on my
computer. Then I have Favorites. This is where the computer stores any favorite links that I've saved
in my Internet Explorer or Edge web browser. The My Links folder is where I can save links to
different locations. Currently, I have just Desktop and Downloads links. If I double-click Desktop, it
takes me to my Desktop folder, and so on. The same with Downloads.
Here, I have my Music folder, where I can save music if I'd like to. Currently, I don't have any music
saved on this computer, but that's where it'd go. In the OneDrive directory, I store files for
OneDrive. It basically works like my Documents folder, except that it's a cloud service. OneDrive
would save those locally down here, too. The Pictures folder is normally used to save any pictures
that I have on this profile. So if I plug in my camera or my phone, those file would go here.
Summary 5:49-5:57
That's it for this demonstration on system file locations. Today, we looked at the various file locations
for modern versions of Windows. We looked at the Program Files directory, Users directory, and
many more.
9.1.3 File Management Facts
This lesson covers the following topics:
 File attributes
 File locations
 File extensions
File Attributes
A file attribute is metadata that gives certain qualities to a file when the attribute is assigned. The
following table lists common NTFS file attributes.
Attribute Description
Read-only
The R attribute marks a file as read-only, meaning that subsequent users cannot alter the file.
(R)
The H attribute hides a file within the file system so that users who do not have access to its
Hidden (H)
specific filename cannot view or access it.
System (S) The S attribute identifies a file as a system file that cannot be deleted.
Archive (A) The A attribute identifies if a file has been modified since the last backup.
Encrypted The encrypted attribute encrypts a file.
The compression attribute compresses a file to save space on the hard drive.
Compressed
A file can either be encrypted or compressed, but not both.
The index attribute specifies how a file is indexed. Indexing allows a system to quickly locate files
Indexing
using additional extensions assigned by the user.
NTFS permissions control access to folders and files through the Windows operating system.
 NTFS permissions are available only for files on a partition formatted with NTFS.
 Each file has an access control list (ACL) that identifies users or groups and the actions they
Permissions can perform on the file.
 Permissions are saved as an attribute of the file.
 Moving NTFS files to another NTFS partition preserves the permissions; moving NTFS files to
a non-NTFS partition removes the permissions.
Be aware of the following regarding file attributes:
 The FAT32 file system supports only the following attributes: R, H, S, and A.
 To change file or folder attributes, edit the properties of the file or folder, or use the Attrib command from the
command prompt. (You cannot change permissions with the Attrib command.)
 When you copy files from an NTFS partition to a FAT32 partition, attributes not available under FAT32 do not
remain with the file.
 Use Folder Options to show protected operating system files, or to show compressed or encrypted files in a
different color.
File Locations
As you manage Windows, you should be aware of the following default locations for various system files:
File type Variable Windows 7, 8. x, 10, and 11

%systemroot%
System files C:\Windows
%windir%
Fonts n/a C:\Windows\Fonts
C:\Program Files
Program files %programfiles%
C:\Program Files (x86) on 64-bit systems only
User files (user profiles) %userprofile% C:\Users\ username
Temporary files (per %temp%

C:\Users\ username\AppData\Local\Temp
user) %tmp%
In addition to the variables listed in the table above, the %systemdrive% variable identifies the drive
letter where Windows is installed.
File Extensions
A complete filename is a file path combined with the name of the file. Extensions can be included in a filename to indicate a file type.
The extension identifies:
 What the file is
 What it contains
 Which program was used to create and modify the file
The main types of filename systems are:
 Long file names supported with FAT32, which allows 255 characters including spaces.
 Unicode supported with NTFS, which allows 255 characters including all characters except for /.
In file naming conventions across file systems, there are characters that you should avoid. These include the following:
 < (less than)
 > (greater than)
 : (colon)
 / (forward slash)
 \ (backward slash)
 | (pipe or vertical bar)
 " (double quote)
 * (asterisk)
 ? (question mark)
You should be familiar with the following file types and their extensions.
File Type Extension
.exe
Program files
.com
Batch files .bat
.dll (dynamic link library)
System files .drv (device driver)
.vxd (virtual device driver)

.rtf
.txt
.docx
Document files .wpd
.wp5
.pptx
.pdf
.gif
.jpg
Image files
.png
.bmp
.mp3
Audio files
.wma
Windows Installer files .msi
Compressed files .zip
Be aware of the following:
 Executable files (.exe, .com) are program files that can be run. Batch files (.bat as well as other extensions) also run and execute
a series of commands, but typically launch another program to interpret the commands in the batch or script file.
 A file extension association identifies the program used to create a file. When you open a file that has an associated program,
the program is launched and the file is opened within the program.
 When you install an application, file extension associations are created automatically for the file types the application uses.
 If you try to open a file type that is not associated with a program, you will be prompted to identify the program to use to open the
file.
 By default, Windows hides the extension for files with associations.
 Use the settings in Folder Options to show file extensions for known file types.
 To change a program associated with a file extension, use Default Programs in the Control Panel or edit the properties of the file.
9.1.4 Manage Files on Windows

.
Manage Files on Windows 0:00-0:18
In this demonstration, we're going to learn how to manage files on a Windows system. You can do
this either from the graphical user interface—what we call the GUI—or from the command
line. Today, we'll use the GUI, and we'll work though File Explorer.
Copy, Cut, and Paste Files 0:19-1:54
Let's navigate to the Documents folder. You could just click on the Quick access link to get there, or
you can go to Local Disk (C:) > Users > Student3 TestOut > Documents.
Here we have a few files. Over time, storing all of your files in one folder—like we're doing here—
without any organization can become confusing. Creating folders helps make things easier to find. To
create a folder, we click the New button and then select Folder. We'll leave the name as New folder.
Now we need to copy the files over to that new folder. There are a few different ways to do this. One
is to right-click the file, click the Copy icon—which looks like two pieces of paper on top of each other
at the top of the menu—go into the folder, right-click somewhere in empty space, and click the Paste
icon, which looks like a clipboard with a piece of paper on it. Since we copied the file, we still
have the previous copy in the old folder. We don't need it there, so we can delete it by right-clicking
and selecting the Delete icon, which looks like a trash can.
Another option is cut the file. First, right-click it and select the Cut icon, which looks like
scissors. Then navigate to the new folder, right-click, and use the Paste icon. The file is now in the
new directory, and if we go back, the old file has been removed from its previous location.
The last, and probably easiest, method is to just highlight the file, left-click, and drag and drop. You
can see that we moved everything to the new folder.
File Properties 1:55-3:08
Now let's look at a file's properties. To do so, right-click and select Properties. We're shown more
detailed information here, such as the file type—that's Rich Text Document, in this case—the size,
creation date, modified date, and more. The Opens with field shows which application will open if I
double-click the file. In this case, it's WordPad. I can modify that with the Change button. For
example, I could set a default for all .rtf files. We can also rename the file if we want by changing the
name at the top of the Properties page.
We showed you where it lists the file size. Ours is 3.33 KB. If you look, you see that the size on disk
is 4 KB. The size on disk is a little bit bigger than the actual size because the NTFS file
system allocates space for files in 4-KB blocks.
So hard disk drive space is always allocated in these dimensions. In this situation, our file is a little
less than 4 kilobytes, so there's a little bit of extra space at the end of the block that's not being
consumed.
File Attributes 3:09-4:23
At the bottom of the Properties page are the Attributes—Read-only and Hidden. If we turn on the
Read-only attribute and click OK, this file can only be read but not modified. If we open it up, we can
see the text, but when I type something and click the Save icon, it asks me where I want to save it
since I can't modify the existing file. I'll click Cancel and exit without saving. Let's go back into
Properties and disable the Read-only attribute.
The other attribute is Hidden. If we select Hidden and click OK, the file disappears. The default
setting for File Explorer is to not show hidden files. We can change this by clicking the View drop-
down and selecting Show > Hidden items. Now the file is visible again.
Keep in mind that hidden files aren't missing or lost. If I need to work on the file, I can do that
normally. It just doesn't show in File Explorer or from Command Prompt. I'll remove the Hidden
attribute from the file.
Make File Extensions Visible 4:24-4:43
The last thing I want to show you deals with whether or not file extensions are displayed. They're
currently visible on this machine. You can see the.rtf, .txt, .bmp extensions, and so forth. To change
file extension visibility, click on View > Show > File name extensions.
Summary 4:44-4:59
That's it for this demonstration on file management. We talked about how to create new folders, and
we talked about how to copy, cut, and paste files. Then we went over how to manage file
associations and attributes, such as Read-only and Hidden. We ended this demonstration by
talking about how to hide or show file extensions.
9.1.6 Manage Directories from the Command Prompt
Manage Directories from the Command Prompt 0:00-0:31
In this demonstration, we're going to talk about managing directories from the command prompt in
Windows.
The command prompt is launched as the cmd executable. I'll search for cmd and press
Enter. Launching the command prompt this way launches it as unprivileged, meaning not as an
administrator. If I search for the command prompt and right-click it, I can select Run as
administrator if I need those extra privileges. For our demonstration today, we don't need to be an
administrator.
Changing Drives 0:32-0:53
By default, when we launch the command prompt, it puts us in the user's profile directory, where
the Documents, Downloads, and such are for the user. To switch between volumes—let's go from the
C: drive to the D: drive—I just type D: and press Enter. The prompt has changed to show us where
we are. To switch back, I type C: and press Enter.
The dir Command 0:54-2:08
Let's look at some commands that are useful from the command prompt. We'll start with the dir
command. The dir command lists the contents of a directory, which is what dir stands for. Let's use
the built-in help command to learn about the dir command. We do that by typing help dir. As you can
see, the dir command is for listing the files and subdirectories in a directory. There are several
switches (a slash followed by a letter) that change the behavior of the command. Let's practice a
little. Pressing q exits the help screen.
I'll type dir d:. The output shows the name of the volume on drive D is Storage. I can also see that
there are two directories at the root of D: because there's a I can see how many files are in
the directory and how much space they're taking. There are none in this directory, so the size is 0.
I'm going to switch to File Explorer for a moment and add a file. I'll create a text file and put a little
text in it, then save it. Now I'll go back to the command prompt and type dir again to see how things
have changed.
My new file is shown, and the size is listed both by the file listing itself and in the total at the bottom.
Relative and Absolute Paths 2:09-3:00
Before we move on to the next command, we need to discuss relative paths and absolute paths. If I
type the dir command in my current location without typing a path, it assumes I mean in the current
directory. I can also type dir Work. dir assumes that I want the current directory by default. It sees
that I've specified a folder name, Work. So it will look for a folder in the current directory named
Work and list its contents. This is called a relative path; it's the path from my current location.
The other type of path is called an absolute path. An absolute path contains the drive letter and
the full directory structure to the desired location. So, to see the contents of the Work directory on
the D: drive using an absolute path, I would type dir D:\Work and press Enter. Notice that I see the
same output as using the relative path.
The More Command 3:01-3:33
There's another command that's very useful when working at a command prompt. The more
command makes it so that large amounts of text are only shown one page at a time, allowing you to
navigate when you're ready to read more. The more command is often used with pipe. So, if I
wanted to see the contents of the C:\Windows directory without it automatically scrolling to
the bottom of the output, I would type dir C:\Windows | more. As you can see, it says there's "More"
down at the bottom. If I press the space bar, it scrolls to the next page for me.
Command History 3:34-4:38
There's also a trick that's quite useful at the command prompt. When I've typed and executed a
command, the command prompt window remembers what I typed. If I need the command, I can
press the up arrow to access the cached history of what was typed. Let's say I want to execute
the dir command I just executed again. Instead of typing it again, I can just press the up arrow, then
press Enter when I find the command I want. This cached history only lasts until I close the window.
You may notice I've typed cls and cleared the screen, which is what cls stand for: clear screen. I do
that just so it's easier to read, without the clutter of previous commands.
All right, let's look at what's in the work directory on D:. There's only one file, but there's also a
directory listed with a name of a single period (.). That period is just a shortcut to reference the
current directory. There's another shortcut that isn't listed here, but it's important. The dot dot (..)
directory is a reference to the directory one level up, or one level closer to the root of the drive. We'll
talk about that a bit more when we discuss the cd command.
Command Completion 4:39-5:15
First, let's talk about command completion. When you type a command or path, you can type
parts of the command or path, then press the Tab key to have the computer try to finish typing for
you. For example, at the root of the D: drive, there are two folders, one of which is named School
Project. If I want to see the contents of that folder, I can type dir D:\School, then press the Tab key,
and it'll finish typing the rest of the directory name for me. I can type even less that that. Since I'm
at the D: root, I can just type dir s, then press Tab, and it auto-completes for me.
The cd Command 5:16-5:55
Now let's talk about the cd command. When I type help cd, I see what the cd command does. The cd
command stands for change directory. So, if I want to switch to the Work directory, I can type cd
Work and press Enter. I can also navigate using those special shortcuts I mentioned before. If I want
to switch back to the root of the D: drive from the Work folder, I can type cd.. and press Enter. So
far, I've only used the relative paths with the cd command. It also understands absolute paths: cd
D:\Work. Using Tab to autocomplete paths when using the cd command also works.
The md and rd Commands 5:56-6:30
There are two commands that work in opposition to each other: md, or make directory, and rd, or
remove directory. The md command works like you might expect: type md new-directory, and the
new directory will be created. I can also remove the directory by typing rd new-directory. Both md
and rd have additional information that can be found using help, like we did for the other
commands. One small note for the rd command: unless you use the /s option, the command
won't delete directories that aren't empty.
Summary 6:31-6:37
That's it for our demonstration on managing directories from the command prompt. In this demo, we
looked at the dir command, the cd command, the md command, and the rd command.
9.1.7 Manage Files from the Command Prompt
Manage Files from Command Prompt 0:00-0:35
In this demonstration, we're going to learn how to manage files within the Windows file system from
the command line. We'll search for cmd and open a Command Prompt to start. The files we're going
to look at are on the E: drive, so let's switch to that.
I'm also going to open up File Explorer so you can see the structure of our subdirectories here. I
three folders. I have: Work, which has one file in it; School Projects, which has two files in it;
and Research, which has a subdirectory and a file in it.
copy Command 0:36-4:26
The first thing we're going to do is look at the copy command. It's probably obvious that this
command copies things—in this case, files from one location to another. Let's type help copy to
learn a little more. You can see that the syntax is copy, the source file where you're copying from,
and then the destination.
I'm going to go ahead and get in to the School Projects folder. I'll copy the ipsom.pdf file that I have
in that folder and put it in my Research folder. I'll open up Research so you can see what's
happening. Type e:\research. Now, notice that I didn't specify the full path to ipsom.pdf. The copy
command is going to assume that ipsom.pdf resides in the current directory, which currently is E:\
School Projects.
Now, you don't have to do things this way. If you need to, you could specify the full path to the file
as well. Also, notice that for the destination, I'm simply pointing it to the directory where I want it to
go. So after the copy process is done, this file will have the exact same filename as it did
before. Let's press Enter. It tells us that one file was copied. As you can see over in our Research
folder that, sure enough, the ipsom.pdf is currently there.
I could rename the file during the copy process. To do that, all I have to do is put a backslash at the
end of the command and type in the name. So, let's go ahead and do that. We're going to call it
Lorem.pdf. Now press Enter. We see one file copied, and there it is.
Because I'm copying and not moving files, the source file remains unchanged. It's still in its original
location. A new copy of the file is created, and the original file was retained. So, in this example, I
just copied one file at a time—the source file to the destination location. But you can use what are
called regular expressions with the copy command to copy a bunch of files at once. For example, if
you look over in my Research folder, there are two PDF files.
Let's go ahead and switch over to our Research directory. We use the cd command and type e:\
Research. We can see all of our files here. What we want to do is to copy more than one file, so we
type copy *.pdf. That's the source, and the destination is e:\Work.
The star character means match anything since there are two files over here that have an extension
of .pdf. Basically, this regular expression says anything that ends with an extension of .pdf, copy it
over to Work. Then we switch over to Work, and there they are. Now let's go up one directory
to e:\. There's one limitation of the copy command you need to be familiar with, and that's the
fact that you can't copy a directory tree structure.
For example, our Research directory over here has a subdirectory in it named Competitors. Using the
md command, we're going to create a new folder. We'll call it temp. You can see that temp is
created. Now let's go ahead and try to use the copy command. We are going to copy e:\
Research\ and then *.*. The *.* means to copy everything, no matter what the filename is. So
let's type e:\Temp and press Enter.
Notice that we're using explicit paths for our source and destination instead of relative ones. I
could've used relative paths if I wanted to. But notice that when I do that, three files were copied:
ipsom, Lorem, and Product Research. But what was not copied from the Research directory was the
Competitors folder. That's because the copy command doesn't like directory structures. Let's clear
out this temp folder.
xcopy Command 4:27-5:48
Basically, if you need to copy entire directory structures, use the xcopy or robocopy command. Let's
take a quick look at xcopy first. Type help xcopy and press Enter. This is the copy command on
steroids because it can copy entire directory tree structures.
There are two options here we're going to be primarily concerned with, the /S and the /E options. /S
copies the directories and subdirectories you specify, unless they happen to be empty. If we go to
our Research folder, you can see that our Competitors subdirectory has a file on it. So, it's not
empty, and /S will work. /E will do the same thing, but it'll copy any subdirectory that's empty as
well. For our purposes, we could use either /S or /E.
Let's go back to our command line and back to our other command. We'll just add x for xcopy and
run that. You can see that xcopy worked and copied our files, but we didn't add the /S, so it didn't
copy the subdirectories. Let's go back to our temp folder. You can see that it did the same thing as
copy and didn't add any subfolders. Let's try that again. Add /s and press Enter. Now you can see
the difference here. It copied the Competitors folder along with the New.txt file.
robocopy Command 5:49-8:45
In addition to the xcopy command, you can also use the robocopy command. First, let's clear out the
temp folder again. Now let's look up our robocopy command. Once again, these are all the
options you can use with this command. Let's go to the top here.
Under Copy options, you see that robocopy has the same /S and /E options that allowed us to copy
an entire directory structure. However, robocopy—as you can see by the length of the help screen—
does a lot more. One of the key benefits is that it can resume an interrupted copy job. For example,
if we had network problems while we were copying and lost our connection, that'd blow up the xcopy
process for good, whereas robocopy would pick back up where it left off once the connection
resumed.
Another key benefit of robocopy is the fact that it preserves NTFS file and folder permissions during
the copy process. It also skips copying a file if the source file already exists in the destination
directory and the copy there has the exact same timestamp and the exact same size as the source
file. It basically says, "Hey, that file already exists there, so there's no point in copying it." Let's go
ahead and use the robocopy command to complete the same task that we just did with xcopy. We've
already cleaned out the temp folder, so now let's go ahead and try to copy the Research
directory structure again, but with robocopy this time.
Let's type robocopy, and we have to specify the source directory that we want. It's e:\
research. Then we need to specify the directory we want to copy that structure to, which is e:\
temp. We use the /s option to get the subdirectories.
Notice that when we run robocopy, instead of specifying files that we want, we're specifying
folders instead, although there is a way to get around that. I'll show you that in just a sec. In the
output here, you see all the different files that copied over. There's ipsom, Lorem, and Product
Research again. The Competitive subfolder was also copied along with all the files in it. Here, it tells
us how many directories and files in total were copied. If we look at our temp folder, we can see that
everything was in fact copied over, even the file within Competitors.
Okay, so now you know how to use robocopy. If you need to use robocopy to copy one single file,
you can do that. For example, let's suppose that I want to copy the file that I have in my Work folder
— Schedule.txt—over to my temp folder. I can do that, but the syntax does change a bit. Let's run
the robocopy command again, this time specifying e:\work for where Schedule.txt is. Then the
destination is e:\temp. If I want to copy just Schedule.txt, all I have to do is just tack it on to the
end. So, we're going to type in Schedule.txt and press Enter. You can see that it's copied, and
it populated here in our temp folder.
del Command 8:46-10:25
The last command we want to show you is the del, or delete, command. If I type help del, you see
that the command—as its name implies—deletes one or more files. So let's suppose that I want to
delete that Schedule.txt file that I just copied to temp. First of all, I need to go to my temp directory.
If we do a dir, we see Schedule.txt. If we want to delete it, all we have to do is type del
Schedule.txt and press Enter. Do another dir, and you see that it's gone. We saw it disappear from
File Explorer, too. Now let's go up a level.
Let's say that we want to delete more than just a file. Let's say that we want to delete all the
specified files from all the subdirectories in a particular folder. If we go to help again, we see that the
/S option deletes specified files from all subdirectories. We want to delete all the files within our
temp folder, including everything in the subfolder called Competitors, which has files in it as well.
Let's go ahead and give that a try. The first thing I'm going to do is type del, and we need to specify
where the files that I want to delete reside. They're under e:\temp, and we have to specify the
names. I'm going to use a regular expression again. Type *.*. Again, that indicates everything, or
that we want to delete everything from the temp directory.
Because I want to also delete the contents of the Competitors directory, I need to use
the /s option. Press Enter. It'll ask you if you're sure you want to do this. Type y for yes. It also
asks you if you're sure you want to delete Competitors. Enter y again, and it completes the process.
Great! That's it for this demonstration.
Summary 10:23-10:35
In this demo, we talked about how to manage files from Command Prompt. We first looked at the
copy command, and then we looked at the xcopy and robocopy commands. We ended this
demonstration by going over the del, or delete, command.
9.1.8 File Management Commands

 File management command-line tools

 Common Prompt commands
File Management Command-Line Tools

You may find it easier to perform some file management from a command-line tool instead of from
the graphical user interface (GUI) interface. Windows 11 and newer operating systems provide two
such tools: the Windows Terminal (PowerShell) and the Command Prompt.
Although there are many commands that can be run in either tool, it is important to note that the
syntax and switches may differ depending on the tool you are using. For the purpose of this lesson,
information about only Command Prompt is given.
Use the following steps to open Command Prompt:
1. From the taskbar, click Start.

2. In the search field, type 'CMD' or 'Command'.
3. Under Best match, select Command Prompt.
Notice there is an option to run Command Prompt as an administrator if additional

permissions are required.
The following table lists some commands or options that can help you use Command Prompt:
Option Description
help Displays the list of commands you can execute.
Displays detailed information about a specific command. Type it at the end of a

command.
/?
Example: rmdir /?
Displays the output one screen at a time. At the end of a command, you type | more.
Example: dir | more
While viewing the output:

| more
 Press the Enter key to scroll down one line.
 Press the Spacebar to scroll down a screen at a time.
 Press Ctrl + C to exit.
Causes the most recent command to display. You press the Up arrow key at the prompt
Up
to repeat a command. Press the Up arrow multiple times to scroll through entered
arrow
commands.
Completes the path or filename if there is a match. You press Tab while typing the path
or filename associated with a command. If there are multiple paths or filenames that
start with the same letters you type, pressing the Tab key again to shows the next
possible match.
Tab key
For example, assume you are in the C:\Users\Admin folder. Typing CD doc and then
pressing the tab key displays CD Documentation; pressing the tab key again displays CD
Documents.
Common Prompt Commands

The following table lists common file management commands you can use in Command Prompt.
Command Description
Use the cd command to change the current directory or navigate to another folder.
Common switches you can use with cd are:
 cd by itself shows the current directory. The current directory is usually

shown in the command prompt as well.
 cd [folder name] changes the current directory to the sub directory specified
below the current directory.
cd
 cd [full path] changes to the directory specified by the path.
 cd .. (or cd..) changes the current directory to the immediate parent
directory (moves up one directory level).
 cd /D [file] [path] changes the current drive in addition to changing the
directory.
 cd\ takes you to the root of the current drive.
Use the dir command to display a list of files and subdirectories in a directory.
Common switches you can use with dir are:
 dir /p pauses output at every page.

 dir /s displays information in subdirectories.
dir  dir /a [xx] displays files with the specified attributes:
o Some options may be combined (such as /arh) to show read-only,
hidden files.
o You can use hyphen (-) to show files without an attribute. For
example, dir /a-r shows files that are not read only.
md Use the md and mkdir commands to create (make) a directory. Common switches
mkdir used with md are:
 md [directory] creates a new directory in the current directory.
 md [path] [directory] creates a new directory in the directory specified by
the path.
Use the rmdir or rd command to remove/delete a directory.

You can substitute rd for rmdir in the following explanations.
 rmdir [ directory] removes the specified directory within the current

directory.
rmdir  rmdir [ path] [ directory] removes the directory specified in the path.
rd  rmdir [ directory] /s removes all directories and files in the specified
directory in addition to the directory itself. Confirmation is required when
using this switch.
 rmdir [ directory] /q allows the command to be completed without
confirmation.
Use the del command to delete one or more files on the system. Common switches
you can use with del are:
del  del [file] specifies the file to delete. You can use wildcards and multiple
filenames.
 del /p prompts for confirmation before deleting the specified file(s).
Use the copy command to copy files from one location to another. Common switches
you can use with copy are:
 copy [source] [destination] copies the specified file to the new location.

 copy [folder] [*.*] [path] [destination] copies all files with specified
extensions in a folder to the new location.
 Common switches include:
o /a specifies that the file is an ASCII text file.
o /b specifies that the file is a binary file.
o /n copies files using short filenames.
o /y performs an overwrite operation without prompting you.
copy
o /v verifies files after they are copied.
Moving (copying) files between partitions can affect the file attributes. Be aware of
the following:
 When copying files from a FAT32 partition to another partition, the file
attributes are retained.
 When copying files from an NTFS partition to a FAT32 partition, attributes
such as encryption and permissions that are not available in FAT32 are
removed.
Use the xcopy command to copy files and directory trees. Common switches used
with xcopy are:
 /a copies files with the archive attribute set and doesn't change the
attribute.
 /m copies files with the archive attribute set and turns off the archive
attribute.
 /d copies files changed on or after the specified date. If no date is given, it
xcopy copies only those files whose source time is newer than the destination time.
 /p prompts you before creating each destination file.
 /s copies directories and subdirectories (except empty ones).
 /e copies directories and subdirectories, including empty ones.
 /h copies hidden and system files also.
 /r overwrites read-only files.
 /k copies attributes. Normal xcopy resets read-only attributes.
 /y overwrites existing files without prompting.
Use the robocopy (robust file copy) command to copy entire folder structures between
volumes or across a network. The benefit of using robocopy is that all NTFS file
permissions and attributes are maintained and interrupted transfers can be resumed.
Common switches you can use with robocopy are:
 robocopy [source_folder] [destination] [options] copies entire folder

structures to destination.
 Common switches include:
robocopy
o /s copies subdirectories, excluding empty directories.
o /e copies subdirectories, including empty directories.
o /mov moves all specified files and directories. It deletes them from
the source when complete.
o /copyall copies all files attributes and information.
Robocopy is a very powerful copy utility. Use it only if you fully understand how to use
it.
Use the attrib command to change or view the attributes of one or more files.
 Use the attrib command by itself to display a list of all files in the current
directory.
 Attributes that can be set or removed are identified by the attribute letter:
o R—read-only
o A—archive
o S—system
o H—hidden
o I—not indexed
attrib You cannot encrypt files using the attrib command. Instead, use the cipher
command or edit the properties of the file.
 Use attrib + to add an attribute to a file. For example, the following

command sets the R attribute for the myfile.txt file: attrib +r myfile.txt.
 Use attrib - to remove an attribute from a file. For example, the following
command removes the R attribute from a file: attrib -r myfile.txt.
You can assign or remove multiple attributes at the same time. For example, the
following command assigns both R and S attributes to the file: attrib +r +s myfile.txt.
You can also change attributes by right-clicking a file and selecting Properties from
the menu.
9.2 NTFS and Share Permissions

 How are share permissions different from NTFS permissions?

 Which permissions (share or NTFS) apply to both local and network accessed files?
 What does it mean if permissions are cumulative?
 Which actions can you complete within a folder if you have the Modify permission to that
folder?
 How does inheritance work regarding NTFS permissions?
 Share and secure folders

 Configure share and NTFS permissions
 Configure basic and advanced folder sharing on Windows
Term Definition
NTFS Permissions used to manage and secure files and folders within an NTFS file
permissions system.
Shared folder A set of files that are made available to other users over a network.
Share Permissions used to control the level of access users have when accessing
permissions files over the network.
Exam Objective
2.3 Manage file systems

TestOut PC Pro
 Configure file access permissions
 Share and secure files and folders
2.5 Given a scenario, manage and configure basic security settings in the
Microsoft Windows OS.
CompTIA A+ 220-
1102  NTFS vs. share permissions
o Inheritance
9.2.1 NTFS and Share Permissionsteractive Script

close interactive script
NTFS and Share Permissions 0:00-0:15
Oftentimes, you'll need to share files and folders in your local area network. In this lesson, we'll
discuss how to share folders from your hard drive in a controlled way. You can do this with share
permissions and NTFS permissions.
Share Permissions 0:16-0:56
In Windows, share permissions allow access to folders that were shared over a network. These
permissions offer three choices to limit what a user can do with the shared file. Those choices are
Read, Change, or Full Control. The Read permission allows a user to read, copy, and run programs
within a folder. The Change permission allows a user to read, write, create, and delete from the
folder. And the Full Control permission allows a user to act as the folder's owner, meaning that he or
she can do all that the Change permission allows plus alter settings for the folder, its files, and its
subdirectories. Permissions assigned to a folder propagate to the folder's contents.
NTFS Permissions 0:57-1:29
NTFS, or New Technology File System, permissions differ from share permissions in a couple of
significant ways. First, NTFS permissions apply whether the file is accessed over the network or
accessed locally. And second, NTFS permissions offer a more granular control over folders and
files. You can even assign these permissions to system users. NTFS permissions give you six basic
options for controlling the content of folders and five options for controlling the content of files. Let's
look at folder permissions first.
NTFS Folder Permissions 1:30-2:23
The most permissive option is Full Control, which is automatically given to the folder's creator. As the
owner and creator of the folder, you're allowed to create subfolders and files as well as list or
delete any folder contents and change any permissions you like. The next option is the Modify
permission. This allows the user to create subfolders and files and to list and delete any content in
the folder. Then we have the Read and Execute permission, which allows the user to read any files
within the folder and execute any executable files. The List Folder Contents permission only
allows the user to see a list of the folder's contents. The Read permission only allows the user to view
the contents of the folder's files. And finally, we have the Write permission, which allows the user to
create new files and folders within the folder or modify any of the folder's existing files.
NTFS File Permissions 2:24-3:08
The five NTFS file-level permission options share the same names as the folder permissions and are
very similar, but the way they work is a little different. The Full Control file permission allows the
user to read, write, execute, delete, and change permissions. The Modify permission allows the user
to do all the same things as the Full Control permission except it doesn't allow the user to change
permissions or to take ownership. The Read and Execute permission allows the user to open and read
the file and, if it's an executable file, the user is allowed to run it. The Read permission only allows
the user to view the file's contents. The Write permission allows you to create a file and to write and
edit its contents.
Permission Facts 3:09-5:00
There are few important things to understand when working with permissions. First is that NTFS
permissions are cumulative. This means that you can assign one or more permissions to a file or
folder for a user account. The level of access the user has is a combination of all the permissions that
you assigned.
Another important thing to understand is that you can use both share permissions and NTFS
permissions at the same time. While you can use both, please know that the share permissions aren't
applied if a user is accessing the file locally. Share permissions only apply over a network. And when
a file is accessed over a network, the share permission settings trump any NTFS permissions.
For example, let's say you have a file where the user has been assigned the Read share permission,
but they've also been assigned the Write permission in NTFS. If the user tries to modify the file when
accessing it over the network, they'll be denied the ability to modify it and will only have Read
access. It's always most restrictive when combining share and NTFS permissions. If those same
permission were assigned and the user accesses the file locally, the share permissions no
longer apply, and the user would be able to modify the file.
Even though the share permissions trump the NTFS permissions when a user accesses the file
or folder over a network, the share permissions can't allow a permission that was denied by
NTFS. This is because a Deny permission in any case always trumps an Allow permission.
Another really important thing to understand is that any permissions that are assigned to NTFS files
and folders are inherited by default by any files within the folder or subfolders. These permissions will
continue with any children of those folders or files. You can prevent this chain of inheritance at
any level by simply disabling the inheritance setting.
Manage Permissions 5:01-6:35
Assigning share and NTFS permissions for different users can easily get overwhelming. Here are a
few helpful hints to help you mange permissions and prevent you from giving too much or not
enough access to users.
First is to always apply the principle of least privilege. This means that you limit a user's access to
only what is necessary for him or her to be able to do their job. You should also use groups to
manage permissions. It's much easier to set the needed permissions for each role in an
organization and then assign users to the appropriate role. If you assign users to more than one
group, they'll have whatever the least restrictive permission is that's assigned to the folder or file—
unless a Deny permission is assigned, as the Deny permission always trumps anything else. The user
will have the least restrictive access because permissions are cumulative even when they're assigned
to different groups. If a user's role changes, you can easily remove that user from the group and
place them in a new group for their new role. This can keep the permissions in the right place with
the least confusion and work.
Another helpful hint is when using both share and NTFS permissions together, set the share
permissions to Full Control and then use the NTFS permissions to finetune the specific permissions
for the file or folder. This is helpful because there's less chance of creating conflicting permissions in
the two systems since NTFS allows more specific permissions. This is also helpful because NTFS
permissions apply both for a locally accessed file or folder and for one that's accessed over the
network.
Summary 6:36-6:50
That's it for this lesson. In this lesson, we talked about share permissions and NTFS permissions at
the folder and file level. Then we discussed how permissions work when they're combined and how
inheritance works with NTFS. We finished this lesson by talking about best practices for managing
permissions.
9.2.2 NTFS and Share Permissions Facts

Sharing files and folders on a local area network is often necessary in an organization. You can
implement this in a controlled way using share permissions and NTFS permissions.
 Share permissions
 NTFS permissions
 Permission facts
 Permission management
Share Permissions
In Windows, share permissions allow access to files and folders shared and accessed over a network.
Share permissions offer three options to limit what a user can do with the shared file or folder. The
following table displays the three permission options and the allowed actions for each option.
Permission Allowed Action
Full control actions are:
 Ownership
 Read
Full control  Write
 Create
 Delete
 Change permissions
Change actions are:
 Read
Change  Write
 Create
 Delete
Read actions are:
 Read
Read
 Copy
 Run
Be aware of the following when sharing files:
 You must explicitly enable file sharing before network users can access shared folders.
When you share a folder for the first time, you are prompted whether you want to enable
file sharing.
 To switch between simple and advanced sharing, select Advanced Sharing.
 You can use the following tools to manually share a folder:
o Shared Folder snap-in in Computer Management.
o Properties for the folder in Windows Explorer.
o Network and Sharing Center to enable Public folder sharing or media sharing.
 When you share a folder, you give it a name. The share name is not the same as the folder
name, although they can be the same.
 To access a shared folder on the network, you can use:
o The UNC path to the shared folder with the following syntax: \\computername\
sharename.
o The Network feature to browse the network for the computer and view any shared
folders on that computer.
o The net use command to map a drive letter to the shared folder.
 net use—lists the current connected shared folders and drive letters.
 net use drive: folder path—maps the drive letter to the specific shared
folder. For example, net use F: \\Wrk1\shared2.
 net use * folder path—maps the next available drive letter to the shared
folder.
 /persistent:yes—reconnects the connection at each subsequent logon;
/persistent:no— makes the mapping temporary.
 net use /?—lists the valid parameters for the net use command. You can
also enter net use ?.
 To create an administrative share, add a dollar sign ($) to the end of a share name.
o Administrative shares are not visible when browsing the network. You must use
the UNC path to connect to an administrative share.
oBy default, Windows automatically creates an administrative share for every
volume. The share name is the volume letter plus the dollar sign (such as C$).
o Only a member of the Administrators group can access default administrative
shares.
o You can configure share permissions to control access to administrative shares you
create yourself.
 A computer must be powered on (and be awake) before users can access the shared folder.
 Network acts as a built-in network browser showing all networks and shared folders the
user has access to. You can view the same information in This PC and File Explorer.
NTFS Permissions
NTFS permissions differ from share permissions in several significant ways. NTFS permissions:
 Apply to files accessed over the network or locally.

 Offer granular control over folders and files.
 Can be assigned to system users.
NTFS permissions for folders include the following six options and their allowed actions.
 Ownership
 Create new files and subfolders
Full control
 List
 Delete
Modify actions are:
 Create new files and subfolders

Modify
 List
 Delete
Read and execute actions are:
Read and execute  Read files

 Execute any executable files
List folder contents List folder contents allows a user to view the folder's contents.
Read allows a user to view the content within the files in the
Read
folder.
Write actions are:
Write  Create new files and subfolders

 Modify any existing files
The five NTFS permissions options for the file level share the same names as the folder permissions
and are very similar, but the way they work is a little different.
 Ownership
 Read
Full control  Write
 Execute
 Delete
Modify actions are:
 Read
Modify  Write
 Execute
 Delete
Read and execute actions are:

Read and
 Read
execute
 Execute any executable files
Read Read allows a user to view the content within the files in the folder.
Write actions are:
 Create new files

Write
 Write
 Edit
Permission Facts
There are important things to understand when working with permissions.
 NTFS permissions are cumulative.

o You can assign one or more permission to a file or folder for a user account.
o The combination of all assigned permissions determine user access.
 You can use NTFS permissions and share permissions simultaneously.
o Share permissions apply only when the file or folder is accessed over the network.
o Share permissions override NTFS permissions when the file or folder is accessed
over the network. For example, the user has been assigned the Write permission
in NTFS and the Read permission in share permissions.
 The user is denied the ability to modify the file when accessing it over the
network.
 The user can modify the file when accessing it locally.
 A Deny permission setting always overrides an Allow permission. For example, if a user
belongs to two groups, and a specific permission is allowed for one group and denied for the
other, the permission is denied.
 By default, parent folders inherit NTFS permissions.
o Copying or moving files with NTFS permissions can affect the permissions on the
file or folder.
o You must have the proper permissions to copy or move a folder or a file.
 To copy a file or folder, you must have the Read permission to the source
file and the Write permission to the destination location.
 To move a file or folder, you must have Read and Modify permissions to
the source file, and the Write permission to the destination location.
 Copying or moving a file to a non-NTFS partition, removes all permissions.
 In all cases, if you copy or move a file to an NTFS partition, it inherits the permissions
assigned to the parent partition and folders.
 When you assign explicit NTFS permissions to a file:
o Copying or moving the file to a different NTFS partition, removes the explicit
permissions.
o Moving the file to a different folder on the same NTFS partition, retains the explicit
permissions.
o Copying the file to a different folder on the same NTFS partition, removes the
explicit permissions.
 In all cases, the file also inherits permissions from its new partition and folder.
Permission Management
It may feel overwhelming to manage permissions to make sure that users have the access they need
to do their work, but also do not have unnecessary access. The following techniques are best
practices for managing permissions.
 Always apply the principle of least privilege. This means you limit the user's access to only
what is necessary for that user to be able to do the job or tasks.
 Use groups to manage permissions.
o Create a group for each role in the organization and assign the proper permissions
for that role to that group.
o Assign the appropriate users to the group. If the user's role changes, remove the
user from the group and assign the user to the appropriate group.
If you assign users to more than one group, the user has the least restrictive
access of the two groups; permissions are cumulative.
 When implementing share permissions with NTFS permissions, set the share permissions to
Full Control and then use the NTFS permissions to fine tune the level of access to files and
folders. This strategy is helpful because it:
o Eliminates conflicting permission assignments.
o Applies the most restrictive permissions both locally and over the network.
9.2.3 Configure Basic Folder Sharing on Windows

Configure Basic Folder Sharing on Windows 0:00-0:22
In this demonstration, we're going to spend some time learning about basic file sharing on a
Windows system. When we share a folder on this particular Windows system, other users can access
that folder's contents from computers elsewhere on the network. Before we can make that possible,
though, we've got to ensure that sharing is enabled in our Network and Sharing Center.
Network and Sharing Center 0:23-2:27
First things first, go ahead and go to Control Panel and then to Network and Internet > Network and
Sharing Center. Now go to Advanced sharing settings. You can see that we have a few different
sharing settings. We have Guest or Public and All Networks. But first, we're going to talk about our
Private network profile, which you can see is already selected. That's because the network we're on
right now is a private network. Basically, this means that it's not out in the public domain, and it's
not at an airport or public space.
The first thing we need to do to enable sharing on this private network is select Turn on network
discovery and Turn on automatic set up of network connected devices. This allows other network
computers to see it. We also need to enable file and printer sharing. On a private network, there's
nothing wrong with enabling these and, for our purposes, we need to have them enabled in order to
share files.
The next thing we're going to look at is our Guest or Public profile. This profile is mainly for public
networks. You generally don't want to enable network discovery or file and printer sharing with this
profile because you wouldn't want your information being shared over that kind of network. You can
imagine how unsecure that would be, especially if you were in an airport or some other crowded
location. So we're going to go ahead and leave those off.
The next thing we want to look at is down in our All Networks profile. We want to specifically see our
File sharing connections. If we go over here, we can see that Windows uses 128-bit encryption to
help protect file sharing, but some devices don't support 128-bit encryption. Some have to use 40- or
56-bit. If you do have older systems that don't support 128, you probably need to update your
machines. But in our case, we don't have any 40- or 56-bit encryption devices. I'll leave it on 128-
bit.
We also have the ability to turn on or off our password protected sharing. You can turn it off if you
want to, but most of the time, it's just left enabled. There's not a lot of reasons to turn it off. Let's
just close the window.
Share a Folder 2:28-4:07
Now let's go over how to share a folder. The first thing we need to do—now that sharing is enabled
on this network—is to go to our C: drive. You can see that I have this folder right here called
Research. There are technically two ways to share. We can either right-click Research, select show
more options, and go to Give access to. Or we can go to Properties, click the Sharing tab, and click
Share.
We're going to use Give access to. Go there and select Specific people. If we share from Properties,
this is the same screen that'll pop up there as well. This is where we add users to share this folder
with. In this case, you see that John Doe is the owner, and that's the current profile I'm logged in
on. I'm going to go ahead and check out the other users on this machine. I can add the Larry Gygax
and Emily Blue users from here.
Now I've added two users. I can now specify which type of access they have. I could give them Read
access so that they can only read files and not edit them. Or I could give them Read/Write. If a
person doesn't need access anymore, I click Remove to take that off.
Let's go ahead and give the Larry Gygax user Read/Write, and we'll leave Emily Blue with Read. Click
Share. Quickly, notice this right here—\\LABSIM\Research. Labsim is the name of this
computer. Okay, go ahead and click Done.
Now this folder and everything in it is shared. I've given Read access to Emily Blue and Read/Write
access to Larry Gygax. I'll move over to a different machine now and show you how to connect to
this folder.
Connect to a Shared Folder 4:08-6:07
Okay, I'm logged in on another Windows 10 machine on the same network. I'm going to open up File
Explorer. There are two things we can do; one is to link directly to that location. I do that from here
in File Explorer. To do that, I type \\LABSIM, and I already have it listed as \research. You see that I
can immediately link right to it.
I could also add it as a mapped network drive. To do it that way, I click Map Network Drive. If you're
going to add it as a network drive, you have to pick a letter. Let's just go ahead and pick R
for research and type in \\LABSIM\research. The issue here is that, since we're not on a domain, this
computer user isn't someone that's mapped on my LABSIM computer.
For example, if I'm not on the Larry Gygax, Jon Doe, or Emily Blue account—let's say I have a
completely different user that's not mapped on this machine—then I'd have to connect using different
credentials. I'd have to put in either the John Doe, Larry Gygax, or Emily Blue credentials to be able
to log in and skip to this file because they're the only users with access to this location. But in this
case, I'm logged in as Larry Gygax, so I don't have to specify credentials like that.
Let's go back to Map Network Drive and click Finish. This network drive is mapped on this computer
now. While we're in this location, anything I do in here—let's say that I create a new file, save it,
and put simple text in here—will save to the other computer since it's a shared folder not located on
this machine.
Now if I switch back over and open my Research folder, I have my new text file that I just
created. Likewise, if I delete it from here and switch back to the other computer, it's gone.
Summary 6:08-6:20
That's it for this demonstration on basic file sharing. First, we learned how to enable sharing on a
Windows workstation. Then we learned how to share a folder. We ended this demonstration by
talking about how to connect to that share from a different computer over a network connection.
9.2.4 Configure Advanced Folder Sharing on Windows

interactive script
Configure Advanced Folder Sharing on Windows 0:00-0:43
In this demonstration, we're going to spend some time working with advanced folder sharing on
Windows. Advanced folder sharing works in pretty much the same way as basic folder sharing. It just
gives you a lot more control.
Let's come down and open File Explorer. Now I'll navigate to my Research folder on the C: drive. In
my Research folder, I have a folder called Designs, and within Designs, I have some image files for
our products. These are the products that we're working on. I need to share this folder with some
other members of my team. One option I have is to right-click the folder and go to Give access
to. That'd be basic sharing.
Share Using Properties 0:44-3:31

We want more control than that, though. Let's go down to Properties. In here, we're going to go to
our Sharing tab. Notice here that the Designs folder isn't currently being shared. There's a button
here called Share. But that's another way to get to the basic sharing interface.
What we want is the advanced sharing interface. Click Advanced Sharing. The first option is to enable
Share this folder. Then we'd have to specify the folder's name. By default, it pulls the name of
the folder and uses that for the share name. You don't have to leave it like that; you can change the
name if you want.
For example, today we're going to rename this RandD for Research and Development
Department. Now we can specify how many simultaneous users are allowed to connect to the
share. In other words, how many people can connect to the share at the same time. The default is
20. We could crank this down if we wanted to, but we're not going to worry about that today. If, for
some reason, you had too many people accessing the share, and it was really bogging down the
system, you could easily restrict that by using this option. The option we're really concerned with on
this page is the permissions. Let's go ahead and click Permissions. We can configure the share
permissions that'll be assigned in order to restrict who can do what with the contents inside of a
share.
Notice that by default, the Everyone group is given Read access. This means that anybody can
look at the contents whenever they want. Let's click Add and make some explicit assignments. We'll
add the Larry Gygax user and Emily Blue. Note that each time I add one of these users, they're given
Read-level access to this share.
Let's say the Larry Gygax user needs to change files. We'd go ahead and grant Gygax the Change
share permission. This will allow him to not only view contents in the share, but also to make
changes to it. Go ahead and click OK, and the folder is now shared. Click OK again.
We see that the network path is \\LABSIM\RandD. I want to show you something kind of cool with
advanced sharing. Go ahead and click Advanced Sharing again. You can see that the Add button is no
longer grayed out. We can click Add now, and let's make another share. We're going to call it Data
and set permissions again. I won't give anybody Change or Full Control access. Click OK.
Maybe this could be a share for upper-level management. They'd need to be able to see the contents
of the Research and Development share, but we wouldn't want them touching anything or making
any changes that could cause problems. We're going to create a special share just for them that has
only Read access. Just click OK and the share path is changed. And now we can access the share,
either by using the name Data or the share name RandD. Click Close. Now sharing is complete.
Share Using Computer Management 3:32-5:57
You can also manage advanced sharing within Computer Management. Let's go down, right-click the
Windows icon, and go to Computer Management. Within Computer Management, click Shared Folders
> Shares. When we do, we see a list of shares that've been defined.
For example, we can see a share that was created using basic Windows sharing, which points to
the Prototypes folder within my Research folder. We can see that the RandD share points to the
Designs folder, and the Data share points there as well.
You'll notice there are other shares defined on the system that we didn't work with. We have our
ADMIN$, C$, print$, and so on. These are special administrative shares that can be accessed only by
a system administrator. This is designed to provide administrative access over the network
connection for a system's various storage devices. If I needed to access the root of the C: drive, I
could access the C$ share. You can also define your own administrative shares if you want.
For example, we could define a third share that points to the same Designs folder, but we can define
it as an administrative share instead of a standard share. The way we do that is we just come over to
Shares, right-click, go to New Share, and click Next. You see the welcome screen. Now we need to
specify the folder path. Click Browse, go to C:, Research, and select Designs. Click OK.
Now we've selected the Designs folder. This will be the third share that points to the Designs folder,
along with our RandD and Data shares. Click Next. We're going to leave it named Designs, but add a
dollar sign. This will specify this folder as an administrative share and make it inaccessible to our
normal users. Click Next.
Now we can set the permissions we want. We have All users have read-only access, Administrators
have full access; other users have read-only access, Administrators have full access; other users
have no access, and Customize permissions.
We're defining an administrative share, so we're going to select this third option, Administrators have
full access; other users have no access. Click Finish and Finish again. You can see right here in our C:
drive that we have an administrative share called Designs$ that points to the Designs folder, just like
Data and RandD.
Connect to Share 5:58-8:07
Now that we have our shares defined, let's go to a different Windows 10 system and show you how
to connect to some of these shares over a network. If you click File Explorer, you have a couple of
different options for accessing the share. You could come down to your Network, click it, and browse
to the computer. That's rather simple. Another way is to map a network drive.
You'd right-click This PC and click Map network drive. Then you'd need to specify a drive letter, so
let's go ahead and say that it's drive Q:. Now we need to specify the share's name. We're going to
connect to the basic share that we created previously on our \\LAB-1 computer. It was called
Prototypes. Remember, the syntax is \\, followed by the computer's hostname and then another \,
followed by the share name for the computer you want to connect to.
You could go to Browse and select the folder there. If you do, remember that you can't see
administrative shares, but you can still connect to them. You just have to manually specify the
name. In this case, we're connecting to the Prototype folder. Since we're dealing with a workgroup
situation, we'll have to be aware of the credentials that we want to connect with.
Since there's no domain to authenticate all users, you have to either provide credentials for a user
who has access to that share, or you can create the same user account on both computers with the
same password. In my case, I've duplicated the LGygax user on both machines, so we don't need to
provide additional credentials.
If you're dealing with a domain instead of a workgroup, this won't be an issue because all the
computers in the domain use one set of user accounts and authenticate against the domain. There's
no need to duplicate accounts or use specific user credentials.
Okay, let's click Finish. We've connected to our Prototype share with our LGygax user. Now we can
see this folder, and we can right-click one of these files. Let's navigate to New Product, right-click,
and Open with Paint. You see that we can edit this file, highlight some things on our product here,
and save it. That's because our LGygax user has access to not only read, but also to change files in
this folder on the share. You can see that it persists with our changes.
Connect from Command Line 8:08-9:39
Now, you can also connect to a share from the command line. Let's close these Windows right now
and talk about that. Let's search cmd. In this case, we're going to need an Administrator Command
Prompt, so let's right-click Run as administrator. Click Yes.
Now we have our Administrator Command Prompt open. We're going to employ the net use
command to map a network drive from the command line. If we type net use ?, we see that
it provides the syntax for the command. In our case, we enter net use and then we specify the
device name. This will be the drive letter we want to map and the name of the share. So, it'll be \\
and whatever the computer name is, and then \ and the share name. That'll map the share to the
drive letter that we specify.
There are some other options we can use as well. For example, if we need to connect as a different
user, we'd use the /user option here to specify the username that we want to connect as. We could
also use the PERSISTANT option. This will cause the shared to be mapped every time you log on to
the system. Let's go ahead and do the net use command.
Type net use. Now type the drive we're going to use. Let's call it the v: drive, put a space,
and then \\LABSIM\Designs$, a space, and /user. We'll have it be the Larry Gygax user again, and
that's it. I don't really want to map anything at this point, but that's pretty much the syntax you
use to add the shared drive via the command line.
Summary 9:40-10:04
That's it for now. In this demo, we talked about advanced sharing in Windows 10. We first looked at
using a folder's properties to configure advanced sharing. We talked about sharing the folder with
multiple share names. Then we looked at managing sharing from within Computer Management. We
went into creating some administrative shares and connected a share from File Explorer. We ended
this demonstration by showing you the syntax for mapping a drive to a share using the net use
command in Command Prompt.
9.2.5 Configure Share and NTFS Permissions
Configure Share and NTFS Permissions 0:00-0:19
In this demonstration, we're going to work with NTFS and share permissions. Since these two
permissions overlap, it's important to understand how they relate to each other. I'm on two different
machines here. On one machine, I'm logged in as the TestOut user. On the other, I'm logged in as
the jdoe user.
Share a Folder 0:20-2:00
We're going to share from this machine. I'll go to File Explorer > This PC > C: > Research. Now I'll
right-click and select Properties > Sharing. You can see that this folder is currently shared on the
network. I'll click on the Share button. Currently, only the TestOut user has rights to access the
share—both Read and Write access. Let's close this.
Let's go to our Security tab, which houses our NTFS file system permissions. Currently, the System
group, the TestOut user, and the Administrators group have NTFS permissions to the Research
folder. The jdoe user—which is the user currently logged in to the other system—doesn't have any
access. I'll switch to the other machine and try to connect to the share. Since I'm logged in as jdoe,
those are the credentials that'll be used to try to connect to the Research folder. When I browse to it
and click on it, it pops up and explains that I don't have permission to access this folder.
Let's go back to the first machine and change it so the jdoe user can access the network
share. Again, on the Properties page for the Research folder, I need to add permissions for jdoe. I'll
change the Permission Level to Read/Write and then click Share.
Now let's go to our NTFS permissions found on the Security tab and view the jdoe user's
permissions. Notice that the jdoe user has been added to the NTFS permissions automatically when
we added the user to the share. As you can see, jdoe has Full control over files on this share. So,
both share and NTFS permissions have been given to the jdoe user for the Research folder. Let's test
from the other machine. Browsing back to the share, instead of an error, the jdoe user has access
now.
Share and NTFS Permissions Mismatch 2:01-3:13
Now, what happens when your NTFS and share permissions aren't aligned or they conflict with each
other? Let's change the settings and see what happens. Back on the Properties page of the
Research folder, let's change the NTFS settings so the jdoe user doesn't have the ability to change
files. We just click Edit, select the user, and then remove the Full control, Modify, and Write
permissions. Then we click OK. Again, switching back to the other machine, I'll open the Research
folder and open a file to make changes to it. When I click Save now, it asks me where to save the
file because the current location—which is actually on the other machine—isn't allowing me to save
changes to the file. I can only save a copy to a different location. So, the jdoe user has permission to
change the file as far as the network share is concerned, but the NTFS permissions don't allow any
changes.
If you go back in to share rights and give jdoe access to read the files, but you don't change the
NTFS rights, you'll have the same problem. It's not that share rights or NTFS rights supersede the
other. It's that whichever one is more restrictive will be enforced. So since the NTFS rights are more
restrictive here, they supersede all the other rights.
Summary 3:14-3:27
Okay, that's it for this demonstration. In this demo, we talked about configuring share and NTFS
permissions. We first looked at how to assign NTFS and share permissions for a folder and for a user
account. And we talked about how rights are applied when there's a conflict between the two types of
permissions.
9.2.6 Configure NTFS Permissions
NTFS Permissions 0:00-0:05
In this demonstration, we're going to talk about configuring NTFS permissions.
NTFS File System 0:06-0:48

NTFS permissions allow us to specify who can access and modify files in your file system. To use
NTFS permissions, you need to have an NTFS file system configured on the volume you want to
manage.
Let's go to this computer's local C: drive, right-click, and go to Properties. You can see this is an
NTFS file system. Another way we can tell that this is an NTFS file system is the appearance and
availability of the Security tab.
If this were FAT32, for example, you wouldn't see the Security tab. Let's go ahead and click
Security. You can see the object name is the C: drive, and we're configuring root permissions for the
root of the C: drive.
Assigned Permissions 0:49-3:26
Now, for this directory, we have a list of users and groups who have been assigned these
permissions. Down here, you can see the list of permissions. I don't have any specific users listed. I
just have groups. Most of these groups were automatically added to this drive as soon as that they
were created.
This one, Power Users, is different. I added it explicitly. We'll talk about that more later. Now, let's
move on to the permissions we've applied. We can see we have a full list of permissions here. One is
called Full Control.
Full Control simply gives full, complete, undeniable access to the file system. A user with Full Control
can access files, create files, modify files—they can do whatever they want. Normally, system admins
only make this right available to administrators.
The Modify right allows reading and writing of files and all subfolders. It also allows the deletion of a
folder from the drive. Read and execute allows you viewing and listing of files and subfolders, as well
as executing executable files that may exist in the C: drive.
List folder contents is practically the same. However, it can only be applied to a folder, whereas read
and execute can be applied to individual files. We also have our Read permission, which gives a user
the ability to read and open files, but does not grant the ability to modify. The Write permission
allows users to create a new folder in the directory or create new files in the directory.
We also have the Administrator group. It contains all the user accounts that have been defined as
administrators in the system. Notice that they all have all rights to the system, including the Full
Control that we talked about.
Now, in the case of this computer and the C: drive, Full Control permission allows reading, writing,
changing, and deleting of files and subfolders from within the C: drive.
We also have our Users group. Now, Users is just a group that contains all the list of users who have
been defined on this system. These particular users have Read & execute, List folder contents, and
Read permissions.
As I mentioned before, we've added Power Users to our list of users and groups with access on the
C: drive. Now, since we've added access to this group, we're going to go ahead and go in to the C:
drive. Go to our Research folder, go to our Designs folder, right-click, go to Properties. Now click the
Security tab.
When we do that, you can see the permissions have been assigned to the Power Users group on this
folder. You can see that, just like the parent directory, the Design folder, within the parent directory
of the C: drive, both have the Power Users.
Explicit vs Inherited Rights 3:27-6:19
Let's look at the root directory of the C: drive. Notice that the check marks down here were black,
but they're not black when we're looking at this Design folder. They're grayed out.
That's very important. If you see black check marks, it means that the permission was explicitly
assigned to the security principal. But if you see gray check marks, like we see here, it means these
permissions weren't explicitly assigned to the security principal. They were instead inherited by this
security principal.
For example, let's look at our Power Users group. Our Power Users weren't assigned permissions to
the Design folder by default when Design was created. Instead, we made this assignment just a
minute ago. Because it's assigned to the parent directory, it's automatically inherited by the Design
directory.
Inheritance makes life easier for the system administrator because instead of having to
manually define permissions any time you create a new file or folder in the system, the NTFS file
system just assumes that you want to assign the same permissions to that new file or folder as were
assigned to its parent directory.
Again, for the Design folder, the parent directory is the C: drive. So, when Design was created, the
NTFS file system took a look at the permissions that were assigned to C: and said, "That looks
good. Let's go ahead and assign those, inherit them down here, and apply them to the Design as
well."
If you think about it, it's really a good security measure. Otherwise, you could potentially end up with
files and folders created in the file system that don't have any permission assigned to them because
we forgot to do it. Any time you rely on human beings to do something really important like that, you
can guarantee that somebody's going to forget it. That's why we want NTFS takes care of it for us
through inheritance.
Inheritance really makes life easier for the system administrator. With inheritance, we go to the top
level of the file system that we're going to be working with, which could be any directory or
subdirectory in the file system.
In this case, we went to the C: drive itself, the root file system. We made an explicit permission
assignment to a security principal at this level, and because we did this, it will be inherited by all
subfolders of this subdirectory as well as the files located in the subfolders. Everybody will receive
that permission by default through inheritance that we assigned. Basically, with inheritance, what we
do is assign the most common level of access that most users are going to need in this file system.
Now, if most of the users on the system are going to need this level of access, we can make that
assignment high in the file system at, say, the C: drive. For example, if we had a specific user who
needed a different level of access to our particular folders, we could make an explicit assignment to
that folder, and that explicit assignment would override anything that's being inherited from the
parent folder. Now, there's something you need to see here, and that's the fact that we can't modify
inherited permissions.
Inherited Permission Conversion 6:20-9:17
So, let's go back to Research > Design > Properties. Now let's click Edit. If we try to edit our
inherited permissions, it doesn't allow us to. Now, to do this, we'll have to come over to our
Advanced button. Go in here, and you can see our C: drive. You can see the name of the
machine, the owner, and our permissions.
Now, basically, to be able to remove inheritance from this folder or to change those inherited rights,
you have to select Disable inheritance. When we select it, it gives us two options. One is Remove all
inherited permissions from this object, which is not what we want to do.
Basically, it'll remove all permissions currently assigned to every file within that subfolder. That's a
pain because then, if you need to administer, change, or do whatever to those rights, you have to go
in and manually do it. We're going to use this option, Convert inherited permissions into explicit
permissions on this object. What that allows us to do is to basically administer those check
marks. Let's go ahead and click that, then Apply and then OK.
We see that this changed from Disable to Enable. That's because we can go back and re-enable
inheritance. So, the subfolders and files within them will reconnect back with the inherited rights that
their parent folders have. Let's go ahead and click OK.
Now you can see, when we click here, we can go ahead and change all these if we want to. Now
everything's changed. Instead of gray check marks, we have black check marks. This means we can
go and edit these permissions.
Now, I want to point out that when we turned off inheritance, it didn't just do it for one particular
group. For example, if we go to our other groups, we can see it changed for all of them. Now, for all
of these groups, the permission assignments are explicitly assigned instead of inherited. That's why
choosing that first option is so important. If we hadn't, then all of these permissions would be gone
for all of the principals listed. So with this done, now we can make some changes to the inherited
permissions.
For example, if we click Edit and we come down to our Power Users, we can now change the
permissions to the parent directory, such as allow or deny to the modify permission. We'll keep
Modify selected and click OK.
This far in the demonstration, we've been assigning permissions to folders. You can also assign
permissions to specific files. We have our Product.jpg here. Right-click and go to Properties. You can
see some similar things in the Security tab on files as you can in folders.
You can see the Administrators group and SYSTEM group, and other groups that can be added. You
can also see a specific user here, which is something a little different that we haven't seen in folders,
And you can also add specific users to folders as well. In this case, we've given a single user explicit
access to this folder.
You can also see the same inherited rights applied to this folder because in our Prototypes folder, we
didn't remove its inherited rights like we did our Design folder.
Allow and Deny Access 9:18-9:54
The last thing we're going to cover in this demonstration is the difference between Allow and Deny
access. Let's go ahead and click Edit. Here's the key thing to remember: Deny access always
overrides Allow access. If there's any situation where there's conflicting rights between Allow and
Deny, Deny always takes precedence.
So, for example, Let's say my Don Joe user is part of our administrative users, and he has
administrator rights through the administrators group with Allow access to this file. But Deny access
to this file is also selected. Then Don Joe can't access this file, even though he has administrative
access.
Summary 9:55-10:09
Now, that's it for this demonstration. In this demo, we talked about NTFS file permissions. First, we
practiced assigning NTFS permissions to a folder in the file system. We talked about
inheritance. Then we showed you how to assign permissions to files in the NTFS file system.
9.3 File Encryption

 Which encryption method encrypts individual files so that only the owner and authorized
users can decrypt the file and read it?
 Why is it important to not move files encrypted with EFS to a non-NTFS partition?
 How does file encryption differ from disk encryption?
 What is the role of a TPM when implementing whole disk encryption?
 Which editions of Windows provide BitLocker support?
 How can BitLocker be implemented on Windows systems that don't have a TPM chip on the
motherboard?
 Which protocols are commonly used to establish a VPN? Which protocol is typically used for
web transactions?
 Which protocols are commonly used to encrypt and secure wireless communications?
 Configure file encryption

 Use BitLocker
 Use BitLocker To Go
Term Definition
A process that makes digital materials accessible only through

Encryption
authorized decryption software or devices.
File encryption A process that encrypts the contents of an individual file.
Disk encryption A process that encrypts the entire contents of a hard drive.
Data transmission
A process that uses encryption to protect data sent through a network.
encryption
BitLocker partition A volume that contains the boot files.
Trusted Platform Module A special hardware chip that generates and stores cryptographic keys.
(TPM)
File Encryption Key

A symmetric encryption key used to both encrypt and decrypt a file.
(FEK)
Exam Objective
3.3 Implement security best practices

TestOut PC Pro
 Implement drive encryption
2.5 Given a scenario, manage and configure basic security settings in the
Microsoft Windows OS.
CompTIA A+ 220-
 BitLocker
1102
 BitLocker To Go
 Encryption File System (EFS)
9.3.1 File Encryption

File Encryption 0:00-0:14
In this lesson, we're going to look at encrypting data at the file and folder levels using the Encryption
File System, or EFS. We use EFS to provide encryption for individual files or folders.
EFS Facts 0:15-1:26
EFS has been available since Windows 2000 on all versions of Windows except the Home edition. EFS
is also only supported by the NTFS file system, which allows the file owner to set the permissions for
who can do what with a file. EFS basically adds an extra layer of security to files, folders, and
directories. So, a file's owner can use NTFS to grant access to the file, but this access doesn't decrypt
the file to be able to view the contents.
EFS also differs from Windows BitLocker, which encrypts an entire volume, meaning the part of the
hard drive that has the file system the user interacts with. You can enable EFS on a file or folder by
simply clicking the box in the Advanced section of Properties. If you enable EFS on a folder, all the
current files or folders and any future file or folder created within that folder will be encrypted.
Once enabled, EFS works in the background without the user seeing the process. This is because EFS
encrypts the data as it's written to the disk when the file is saved. When the file is opened, EFS
decrypts the data as it's read from the disk—all without the user having to take any action or wait for
decryption.
EFS Process 1:27-2:31
The EFS encryption process is done through keys. Let's look at how this works. EFS first creates a file
encryption key, or FEK, for the file or folder. The FEK is a symmetric key, which means that the same
key used to encrypt the data is used to decrypt the data as well. To add a much greater level of
security, EFS then encrypts the FEK through asymmetric encryption. Asymmetric encryption uses a
key pair for stronger security. The pair includes a public key—which can be seen by anyone—and a
private key that only the user has access to. So in our example here, EFS takes the FEK and encrypts
it with the user's public key and then stores it with the encrypted file. The user's private key is used
to decrypt the FEK when the file is opened, and the FEK then decrypts the data within the file. If the
user account doesn't already have a key pair the first time EFS is enabled, Windows
will automatically create a public key—called the EFS certificate—and its associated private key.
EFS Security 2:32-4:10
There are a few things to be aware of when you use EFS. First, it's recommended to encrypt at
the folder level rather than the file level. This is to avoid a security breach from decrypted temporary
files. For example, many word processing applications generate a temporary file while the file is open
and in use. The data in the file is in an unencrypted state, and some applications leave temporary
files unencrypted in the file system even after the file is saved. Anyone who can access the
temporary files has access to the unencrypted data. By encrypting the folder that the file is in, all
data within the folder is always encrypted, including any temporary files.
Next, it's important to understand what happens to encrypted files when they're moved or copied. If
an encrypted file is moved to a different file system, the file encryption doesn't move with the file,
and the data will be left unencrypted. If a file is moved into an encrypted folder, the file will inherit
the encryption of the destination folder. This means that if you move an encrypted file into
an encrypted folder, the file will retain its encryption. And if you move an unencrypted file into
an encrypted folder, it will become encrypted. On the other hand, if you copy an unencrypted file into
an encrypted folder, the file will be encrypted.
Keep in mind the difference between NTFS and non-NTFS systems. Because EFS works only with
NTFS, any files that are copied to a device—such as a USB drive that's formatted using FAT32 or
eFAT—will drop their encryption. This happens because FAT32 and eFAT file systems don't support
EFS.
Summary 4:11-4:20
That's it for this lesson. In this lesson, we discussed what EFS is and how it works, including its use
of symmetric and asymmetric encryption. We ended this lesson by reviewing some EFS-related
security issues.
9.3.2 File Encryption Facts

Encryption is the process of scrambling data to make it unreadable except to those who have the key
to unlock the obscured data.
 File encryption
 Disk encryption
 Data transmission encryption
File Encryption
File encryption changes the content of individual files so that only authorized users can read the
contents.
 The Encrypting File Service (EFS) on Windows systems encrypts individual files. Windows
automatically decrypts a file when the file owner accesses it.
 With EFS, you can allow other users to access the decrypted file.
 EFS is available only on NTFS partitions. Moving an encrypted file to a non-NTFS partition
removes the encryption.
 Files remain encrypted and inaccessible even when the drive is moved to another computer or
another operating system is used. The encryption keys needed to decrypt the file do not exist
on these other systems.
 You can't use encryption with compression. You can use either, but not both.
How EFS works:
 EFS creates a file encryption key (FEK) for the file or folder. The FEK is a symmetric key.
A symmetric key is a key that both encrypts and decrypts the data.
 To add a much greater level of security, EFS also encrypts the FEK using asymmetric
encryption.
o Asymmetric encryption is a type of encryption that uses a key pair for stronger security.
o The key pair includes a public key that can be seen by anyone and a private key that only
the user has access to.
 EFS takes the FEK, encrypts it using the public key, and then stores it with the encrypted file.
 The user's private key is used to decrypt the FEK when the file is opened. The FEK then decrypts
the data within the file.
 If the user account doesn't have a key pair, Windows automatically creates a public key (called
the EFS certificate) and its associated private key the first time EFS is enabled.
Disk Encryption
Whole disk encryption encrypts the entire contents of a hard drive, which protects all files on the
disk.
 During system startup, a special key is required to unlock the hard disk. Without the key, data
on the drive is inaccessible. Providing the key allows the system to decrypt files on the hard
drive.
 You cannot access the contents of an encrypted drive by moving it to another computer because
the encryption keys needed to decrypt the data do not exist on the other computer system.
 Most solutions provide for a backup recovery key that can unlock the drive if the original key is
lost. If both the encryption key and the recovery key are lost, data cannot be retrieved.
 BitLocker is a Microsoft solution that provides whole disk encryption. BitLocker is supported on
Ultimate or Enterprise editions of Windows.
 You can implement BitLocker with or without a Trusted Platform Module (TPM).
o When using BitLocker with a TPM, you can store the key in the TPM. This means that the
computer can boot without a prompt as long as the hard drive is in the original computer.
o Without a TPM, the startup key must be stored on a USB drive.
On Windows 10 or 11, you can also supply a password at system boot to unlock a BitLocker-
encrypted drive.
o When the startup key is saved in the TPM, you can require an additional PIN or startup key
that must be used to start the system.
 You can use BitLocker to encrypt removable storage devices (such as USB flash drives).
Data Transmission Encryption
An attacker can potentially intercept and read data sent through a network. It's best to secure
transactions by encrypting data sent through a network. You should be aware of the following
solutions to protect data communications.
 A virtual private network (VPN) uses an encryption protocol to establish a secure communication
channel between two hosts, or between two sites. Data that passes through the unsecured
network is encrypted and protected. IPsec, PPTP, and L2TP are common protocols used for
establishing a VPN.
 Secure Sockets Layer (SSL) is a protocol you can add to other protocols to provide security and
encryption. For example, HTTPS uses SSL to secure web transactions.
 You can use WPA, WPA2, or WEP to secure wireless communications, which are highly
susceptible to eavesdropping (data interception). WEP, WPA Personal, and WPA2 Personal use a
common shared key configured on the wireless access point and on all wireless clients.
 When implementing network services, do not use protocols such as FTP or Telnet that pass
logon credentials and data in clear text. Instead, use a secure alternative such as FTP-S or SSH.
9.3.3 Encrypt Files

Encrypt Files 0:00-0:19
In this demonstration, we're going to talk about protecting sensitive files with encryption using the
Encrypting File System, or EFS, on Windows. We'll demonstrate with files that are stored on an NTFS
file system volume. Let's get started.
Encrypt a File 0:20-2:03
We begin by going down here to File Explorer. I'm going to go to my C: drive, and you can see that
I've created this folder called Confidential. I have two different files in here.
The first one is my Org Chart, and the second one is where I keep my performance reviews. Now, the
Org Chart file isn't really sensitive at all. Pretty much everybody in the organization knows who
reports to who.
The Performance Reviews file, on the other hand, is highly confidential. I don't want any of my
employees to access it. One thing I can do to prevent this is to encrypt the file so that only my user
account can open it.
To do this, I right-click the file, go to Properties, and then to Advanced. I can either compress the
file's contents or encrypt it. Notice that you can't select both at the same time. We're just going to
select Encrypt contents to secure data, click OK, and click Apply.
We're prompted to either encrypt the file and its parent folder, which would encrypt the entire
Confidential folder and everything in it, or the file alone. In this case, we want to select Encrypt only
the file. Select OK and then Ok again. You can see that, right here, there's a little lock on the icon
now. That means that the file is now fully encrypted.
To clarify, I'm logged in as the TestOut user right now. At this point, only this account is allowed to
access this file's contents. If I double-click it, I can easily open it up and see everything. I read that
all my employees have met expectations. That means I have some really great employees.
Let's move on to testing what we've done by logging on as a different user—Kim Sanders—whose
user account is named ksanders.
Test the Encryption 2:03-3:02
Now, ksanders is a member of my administrative group, and so she's obviously an administrator on

this system. Let's go ahead and go back to the file system the same way we did before—File Explorer
> C: drive > Confidential.
We see the encrypted Performance Reviews file here. Let's try to open it. You can see that access to
this file has been denied to this user because, although she's a system administrator, she doesn't
have access to this specific file.
This file wasn't set up with NTFS permissions that are blocking the access. It's the encryption. Since
ksanders is an administrator, she technically has access to all the data that other users have on the
system. Let's go ahead and close this window.
By default, only the user who encrypted the file is allowed to decrypt it and access its contents, but
we can change that.
EXPLANATION
Complete this lab as follows:
1. Open the D:\ drive.

a. From the Windows taskbar, select File Explorer.
b. From the left pane, select This PC.
c. From the right pane, double-click Local Disk (D:).
2. Encrypt the Finances folder.
a. Right-click Finances and then select Properties.
b. Select Advanced.
c. Select Encrypt contents to secure data and then select OK.
d. Select OK to close the properties dialog.
e. Select OK to confirm the attribute changes.
3. Give John authorization to modify the encrypted 2022report.xls file.
a. Double-click Finances.
b. Right-click 2022report.xls and then select Properties.
c. Select Advanced.
d. Select Details.
e. Select Add.
f. Select John and then select OK.
g. Select OK as many times as needed to close all remaining dialogs.
Grant Access to Another User 3:01-4:12
We're going to go ahead and sign out of ksanders and log back in to our TestOut user account again.
We'll navigate again to File Explorer > C: drive > Confidential > Performance Reviews. Right-click, go
to Properties, and click the Advanced button. Here you can see that the Details option is now
available, whereas before we encrypted the file, it wasn't.
If we go into Details, we can specify other users that we want to give file access to. Let's click
Add. Notice that ksanders isn't listed here. It just shows my TestOut user.
The issue is that my TestOut user has a certificate. It was created automatically when I encrypted
this file. The ksanders user, however, doesn't have a certificate.
That means that before we can add the ksanders user account to the list of users who are allowed to
access the Performance Reviews file, we have to create a certificate for her, which we do in the
ksanders profile.
Create a File Encryption Certificate 4:06-5:30
So let's go back out again and switch our user. Sign out. Now log back in as ksanders and provide
the password.
With the Start button, search for Control Panel > User Accounts > User Accounts again. Here, we'll
go to Manage your file encryption certificates. This wizard easily walks us through creating a file
encryption certificate. We just need to hit Next. Then we click Create a new certificate and Next
again.
We have some options here. The basic one is to create a self-signed certificate. If you had a smart
card or if your domain had a certificate authority, you could use either of those as well. Click
Next. We're prompted to back up the certificate after it's created. That's a really good idea. Let's say
that something were to happen and we needed to re-create the ksanders user account. The new key
won't be the same, and ksanders will lose access to all the files that she encrypted on the system.
But if you have a backup of the original encryption key, that'll be the one that's used to encrypt the
file. Instead of creating a new key, you just restore your old one from backup.
Back Up the Encryption Key 5:27-6:25
You won't lose access to anything.
We won't worry about that specifically today, but just know that this is important to think about. I'll
just click Back up later and Next to move on. We need to check the I'll update my encrypted files
later box and click Next as well before we can keep going.
You now see that our certificate is created. Click Close. Now what we need to do is go back in to our
TestOut user account and allow Kim Sanders access via that certificate.
Let's close this and go back to Sign out. Now we're going to log back in as our TestOut user once
again. Let's go back to our file system and to the Confidential folder.
We'll return to the Performance Reviews file, click Properties, go to Advanced, and then to Details.
Add Another User 6:23-7:26
We need to click Add, select More choices, and then you can see the ksanders certificate here. Just
select it and click OK.
We're warned here that the certificate is self-signed, and it's not issued by a trusted root certificate
authority. It wants to know if we trust it. Since we created it, we should obviously trust it. I click OK,
OK again, and Apply.
And now, one last time, we're going to sign out and back in to the ksanders user account. Select Kim
Sanders and back through File Explorer > C: drive > Confidential > Performance Reviews and
double-click. As you can see, the file opened without a problem.
Now ksanders has access to an encrypted file that was encrypted by another user.
Summary 7:27-7:49
So that's it for this demonstration. In this video, we talked about EFS file encryption on Windows. We
first talked about how this works with the NTFS file system. Then we encrypted a sensitive file for the
TestOut user account. After that, we switched users and created a certificate for the ksanders user
account, and we assigned that account access to the encrypted file with the security certificate.
9.3.5 BitLocker
Bitlocker 0:00-0:58
EFS works great if you want to encrypt individual folders or files in the Windows file system. But what
should you do if you want to encrypt an entire volume? Since EFS isn't designed to do this, a better
option is to use Bitlocker.
Bitlocker can help prevent unauthorized data access by encrypting the entire Windows operating
system volume on the hard disk as well as other fixed volumes. The data is inaccessible on those
volumes without the Bitlocker encryption key.
Bitlocker is available in the Enterprise editions of Windows Vista and later. Windows 7 Ultimate also
provides this feature. It's not available in the Home or Starter editions of Windows.
Bitlocker provides enhanced protection against data theft from computers that are lost or stolen. The
main purpose of Bitlocker is to protect data while the computer is offline. For example, it protects the
data on storage devices should they be removed and plugged into another computer in an attempt to
gain access to their files.
How Bitlocker Protects Data 0:59-1:17

Bitlocker does this by implementing two data protection procedures.
It encrypts the entire Windows operating system volume and all the data volumes on the hard
drive including the paging file and any hibernation files.
It checks the integrity of your early boot components and your boot configuration data.
TPM 1:18-2:39
Bitlocker does this using the Trusted Platform Module (TPM).
Bitlocker leverages the enhanced security capabilities provided by TPM to ensure this data is
accessible only when the computer's boot components appear unaltered, and the encrypted disk is in
the same computer it was in when originally encrypted by Bitlocker.
This means that if someone were to obtain that hard drive and put it in a different computer,
they would not be able to access the data on that drive. The data stays encrypted.
To implement Bitlocker, you must have a system volume on that drive that doesn't get encrypted, as
well as your standard volume where the Windows operating system is installed. Which will be
encrypted. These two volumes should be automatically created during the installation of Windows. If
for some reason the system volume didn't get created, you can use the command line Bitlocker Drive
Preparation Tool to create it prior to enabling Bitlocker on the drive.
Once the installation of the operating system is complete, you can turn on Bitlocker drive encryption
in Control Panel. When you do, you will be prompted to create a recovery password. This is critical
because the recovery password is required if you ever move the hard drive to a different computer
system, make changes to the system startup configuration, or if Bitlocker enters a locked state. In
these situations, you use the recovery password to unlock the encrypted data on the volume.
Recovery Password 2:40-3:11
Because of its importance, carefully guard this password. There are several options available. You
can save it to a USB drive, save it to a network share, and print it out.
You should never store the password on the encrypted volume. It should be stored separately both
for security reasons and for efficiency reasons. If you need to retrieve the recovery password
and Bitlocker is in a locked state, you won't be able to access the file if it is stored on the encrypted
volume. Also, the password should be kept in a locked cabinet or safe to keep it secure.
Implement Bitlocker 3:12-3:30
After enabling Bitlocker you'll be prompted to reboot the system. After the computer restarts,
Bitlocker checks the system hardware to verify that it is Bitlocker compatible and that the hard disk
can be encrypted. If it is Bitlocker compatible, then you'll see an encryption progress status
indicator. When done, the hard drive will be encrypted.
Bitlocker without TPM 3:31-3:52
Computers without TPM can still take advantage of Bitlocker. To do this, you can use a USB flash
drive to store the Bitlocker encryption key. In this configuration, the USB device must be present
every time you turn on the computer. You can strengthen Bitlocker security when using a USB device
by also requiring a PIN to be entered before the computer is allowed to boot.
Bitlocker Protection and Transparency 3:53-4:37
With Bitlocker, the encryption and decryption processes are transparent to the user. They won't
notice any changes; everything will work as expected. All of the encryptions and decryptions happen
in the background. The user doesn't have to do anything.
However, if any key changes occur after Bitlocker has been enabled, the system won't boot. These
could include conditions such as:
* The TPM certificate has changed
* The TPM can't be accessed
* Key system files have changed
* The computer is being booted from a DVD or USB drive

* The hard drive has been moved to a different computer.
If one of these things happens, Bitlocker will switch to recovery mode and you won't be able to
access the disk unless you supply your recovery password.
Bitlocker to Go 4:38-5:24
Bitlocker also provides a feature called Bitlocker To Go. While Bitlocker is designed to protect system
hard drives, Bitlocker To Go is designed to protect removable storage devices, such as flash
drives. USB flash drives are incredibly useful, but from a security standpoint their use is
risky. Imagine what could happen if sensitive information were to be copied to a flash drive and then
that drive were to be stolen. By default there are no access controls on the device, so anyone could
potentially read the data on it.
Instead you can use Bitlocker To Go to protect data on removable drives. If a removable drive is
protected with Bitlocker To Go and that drive gets stolen, the data will be inaccessible. When the
drive is connected to a different system, a recovery password must be entered to access the data on
the drive.
Summary 5:25-5:36
In this lesson, we reviewed how you can use Bitlocker to protect data. We first reviewed how
Bitlocker could be implemented on internal hard disks to protect critical data. We then discussed how
Bitlocker To Go can be used to protect removable storage devices.
9.3.6 Use BitLocker

Use BitLocker 0:00-0:29
In this demonstration, we're going to show you how to use BitLocker to encrypt a drive on
Windows. Before anything else, you should know that BitLocker isn't available unless you
have Windows Professional version or higher. Home version doesn't support this feature. That being
said, let's go to the Start menu and type bitlocker. Clicking Manage BitLocker brings up the settings
we want. Now, the first thing we have to cover in order to understand the BitLocker setup is a TPM.
TPM 0:30-1:38
The TPM, or Trusted Platform Module, is a chip on the motherboard that's known as a cryptographic
module. Basically, it's what stores your BitLocker keys. Without the TPM, you'd have to enter a long
recovery key each time—especially if the BitLocker drive were installed on a computer other than the
original one. It used to be common for motherboards to ship without a TPM, but as security has
progressed, they're on pretty much every motherboard nowadays. In fact, a TPM is actually
required with the latest versions of Windows.
Okay, let's move on. Look at the TPM Administration down here. This is an area that I'd highly
suggest checking first before you consider BitLocker for your system. The TPM needs to be in a ready
for use status and enabled in the UEFI or BIOS. If it was previously used for BitLocker, you may have
to clear the TPM chip before using it. This system we have here hasn't been encrypted before, so we
don't need to do that. Also, if it isn't in a ready for use status, you'll need to use this Prepare the TPM
option up here. Let's close this Window.
Initialize BitLocker 1:39-3:03
To start the process, we need to click Turn on BitLocker. First, it'll ask us how we want to back up
our recovery key. You have a few options, but we're just going to use Save to a file. When saving to
a file, you're supposed to put this key on something else other than the drive being encrypted—
usually something like a flash drive or network drive. We have a flash drive as drive letter E: that we
can use to store this. After selecting the drive and clicking Save, it tells us that our recover key has
been saved. Were able to select Next.
Here we have options to encrypt just the used disk space or encrypt the entire drive. Typically, the
Encrypt whole drive option takes longer because it doesn't care if space is used or not. This PC
happens to be new, so we'll just choose Encrypt used disk space only. Okay, click Next.
Now, Microsoft introduced a new type of encryption method with the most recent versions of
Windows. We could use it, but for now, we'll just leave it set to New encryption mode. Click Next.
The last part asks if you're ready to encrypt. I like to select the Run BitLocker system check just in
case something ends up causing problems. In most cases, BitLocker deployment should go fine, but
there are instances where it doesn't work properly. It's a good idea to have your computer backed up
in some way so that your data can't be lost forever during this process. Click Continue.
Restart the System 3:04-3:27
Now we're ready to restart the computer. You'll get a pop up that lets you know a restart is required
before you can keep going with the encryption. I'm going to reboot this computer and pause the
recording.
Alright, after the restart, we see an option down in our taskbar that shows us that the drive is
encrypting. When we click on it, it gives us a percentage of where it's at. Let's pause the recording
again while this finishes.
BitLocker Settings 3:28-4:33
Great! Our encryption is now done, and we're ready to go. Just to show you some options you have
after the encryption is complete, let's go back. You can click Manage BitLocker, or you can access it
like before through the Start menu.
The first option we have is Suspend protection, which means it'd put BitLocker on hold from securing
your system. This might be good if Windows updates are needed and your PC is already secured with
a BitLocker PIN. Make note that the BitLocker PIN won't be enabled unless you modify Group Policy
and turn it on. That adds an extra layer of security, so it's definitely something to consider. Now, this
isn't the same as a recovery key, as the recover key is typically 48 digits and is used as a last resort
to decrypt your drive. Backup your recover key gives us the same box we had before—remember the
Azure AD, Save to file, and Print options from earlier? And the last one is Turn off BitLocker. This
process will take nearly the same amount of time to decrypt since it has to undo all the changes
made during encryption.
Summary 4:34-4:47
That's it for this demonstration on BitLocker. In this demo, we talked about how to encrypt a system
drive. First, we looked at the TPM and the purpose that it serves in the BitLocker process. Then we
discussed which settings you have available after BitLocker has successfully encrypted a drive.
9.3.7 Use Bitlocker To Go

Use BitLocker To Go 0:00-0:20
BitLocker To Go is exactly what it sounds like. It allows drive encryption on removable devices, such
as flash drives, external disks, and SD cards. You're able to encrypt the device on the source
computer and have a different destination computer decrypt it—as long as you have the password or
smart card.
BitLocker Settings 0:21-0:36
To begin the process, we first need to go to the Start menu and type bitlocker. This brings up an
option to select Manage BitLocker. Keep in mind that you'll have to have the Professional or higher
version of Windows to do this. Windows Home version doesn't support this feature.
USB BitLocker Setup 0:37-3:18
You can see that we have some drives already encrypted, like our operating system drive and one
fixed-data drive. I currently have a USB drive plugged in that doesn't have BitLocker installed on it
yet. This is the one we're going to use today. After clicking Turn on BitLocker, it initializes and asks
you how you want to unlock the drive. Your options are to either use a password or a smart card. In
our case, we don't have a smart card, so we'll just encrypt using a password. It does have some
suggestions here to make sure that the password isn't easy to guess. Let's go ahead and enter our
password and then re-enter it again on the line below. Click Next.
Just like a regular BitLocker system drive, it asks you to save the recovery key somewhere. In our
case, we'll use the Save to a file option. Know that to prevent problems, BitLocker doesn't allow you
to save any recovery keys on the local operating system drive. You have to do this on a network
drive or another flash drive that's not being encrypted during this process. If you don't have a
mapped network drive, you might have to go to This PC and map one manually. Check to see if NAS
—that's Network Attached Storage—or some other storage option is available on your network. A
business might have a certain location where all the recovery keys are supposed to be
stored. Regardless of where the location is, just make sure it's secure. We're going to click Save.
Okay, our recovery key has saved, and we can click Next. Here we have the Encrypt used disk
space only and Encrypt entire drive options. Since my drive is only 32 gigabytes, I'm going to select
Encrypt entire drive to ensure that all the space is encrypted. With it being portable, I want to make
sure that even the deleted files can't be recovered without the password or recovery key. All deleted
files typically get marked as free space until the need arises to write over them again. Click Next.
Since Windows 10 version 1511, we have two options for encryption. New encryption mode is
recommended for fixed drives, meaning that the drive is meant to stay on the PC. Compatible mode
is better for removable drives. Now, if all the devices you're going to use are at least this version of
Windows or higher, it might be good to select New encryption mode. But the default is
Compatible mode, so we'll just leave it there. Click Next to start encrypting.
Make sure that you don't eject the removable drive during this process, or you could cause some
serious data loss. This is going to take a few minutes, so we'll pause the recording.
BitLocker To Go Options 3:19-4:03
Great! Our drive is encrypted and ready to go. We do want to point out some of the options we have
here. If you need to back up your recover key, you could click here and select a new destination or
print it off. Change password and Remove password give you the ability to make changes to the
password that you set before. Granted, it's not a good idea to remove the password on a BitLocker
drive since you're trying to keep things secure. The Turn on auto-unlock allows this computer
to auto-unlock every time this USB device is plugged in. Otherwise, it'll prompt for a password every
time it's inserted. The last option we have here is Turn off BitLocker. If you want, this will decrypt the
drive and remove the password from it so that it's not encrypted anymore.
Unlock with the Password 4:04-4:37
We're going to go down to our taskbar and make sure the drive is ejected safely. It tells us that
we're good to go to safely take it out. After it's re-inserted, we won't be able to access it again until a
password is provided. Let's show that quickly. We enter our password, we have access to the drive
again. Let's go to File Explorer and check it out. Clicking on This PC and going to our E: drive now
lets us see the documents there that were encrypted with BitLocker.
Summary 4:38-4:40
That's it for this demo. We discussed how to set up BitLocker To Go on a removable drive.
9.3.8 BitLocker Facts

 BitLocker facts
 BitLocker components
 BitLocker vs. Encrypting File System (EFS)
BitLocker Facts
BitLocker protects against unauthorized data access on lost or stolen laptops and on other
compromised systems.
 BitLocker encrypts the entire contents of the operating system partition, including operating
system files, swap files, hibernation files, and all user files. A special BitLocker key is
required to access the contents of the encrypted volume.
 BitLocker uses integrity checking early in the boot process to ensure that the drive contents
have not been altered and that the drive is in the original computer. If any problems are
found, the system will not boot and the drive contents remain encrypted. The integrity
check prevents hackers from moving the hard disk to another system to try to access to its
contents.
 BitLocker requires data to be decrypted before it can be used. The decryption process
reduces disk I/O throughput.
 BitLocker is available on Windows Pro and Enterprise editions of Windows 10 and newer
operating systems.
 In Windows 8 and newer, you can choose to encrypt the entire volume or just the used
space on the volume.
BitLocker Components
BitLocker has the following components:
Component Description
Implementing BitLocker requires two NTFS partitions:
 The system partition is a 100 MB volume that contains the boot files.
This partition is set to active; it is not encrypted by the BitLocker
process.
 The operating system partition must be large enough for the
operating system files. This partition is encrypted by BitLocker.
BitLocker
partitions Be aware of the following:
 A new Windows installation creates both partitions prior to the

installation of the operating system files.
 For operating systems already installed on a single partition, you may
need to resize the existing partition and create the system partition
required by BitLocker.
A Trusted Platform Module is a special hardware chip (included on the computer

motherboard) that contains software in firmware that generates and stores
cryptographic keys.
The TPM chip must be enabled in the BIOS/UEFI.
The TPM chip stores the BitLocker key used to unlock the disk partitions and
stores information about the system to verify the integrity of the system
hardware. The TPM ensures system integrity as follows:
Trusted Platform
1. The TPM examines the startup components present on the
Module (TPM)
unencrypted partition.
2. Based on the hardware and system components, a system identifier
is generated and saved in the TPM.
3. At startup, components are examined and a new system identifier is
generated.
4. The new identifier is compared to the saved identifier. If the
identifiers match, the system is allowed to boot.
You have the following options for implementing Bitlocker on systems without a
TPM chip:
 You can save the BitLocker key on a USB device. The USB device is
inserted before starting the computer and provides authentication
before the operating system drive is decrypted.
The BIOS must support reading USB devices during startup.

Non-TPM
security  Windows 8 and later allows you to configure an unlock password for
the operating system drive. To use this feature, enable Configure
Use Of Passwords For Operating System Drives policy in the
Administrative Templates\Windows Components\BitLocker Drive
Encryption\Operating System Drives node of Computer Configuration.
 Windows supports authentication using a smart card certificate. The
smart card certificate is stored on a USB device and is used similarly
to the BitLocker key on a USB device.
BitLocker vs. Encrypting File System

BitLocker differs from the EFS in the following ways:
 BitLocker encrypts the entire volume. EFS encrypts individual files.

 BitLocker encrypts the volume for use on the computer, regardless of the user. Any user
who has the PIN or startup key and who can successfully log on can access a BitLocker
volume. With EFS, only the user who encrypted the file can access the file unless access has
been granted to other users.
 BitLocker protects files against offline access only. If the computer boots successfully, any
authorized user who can log on can access the volume and its data. EFS protects against
offline access as well as online access for unauthorized users. EFS does not provide online
protection if an authorized user's credentials are compromised.
9.4 Linux File Management
 Which Linux command displays the current working directory?

 Which Linux command displays a listing of all files and subdirectories in the current
directory?
 Which Linux command navigates between directories?
 Which Linux commands copy and move data?
 Which Linux command deletes data?
 Which Linux command can you use to view the contents of files?
 Which Linux command can you use to edit a text file?
 Which Linux commands manage file and folder ownership and permissions?
 Manage the Linux file system

 Manage Linux file ownership
Key terms for this section include the following:
Term Definition
File system A system that organizes a computer's files on a hard drive.
A utility used at the shell prompt to view the syntax along with the
man utility_name
options that can be used.
Second Extended
One of the oldest Linux file systems.
Filesystem (ext2)
Third Extended Filesystem

An updated version of ext2 that supports journaling.
(ext3)
Fourth Extended Filesystem

The fourth-generation file system in the ext file system family.
(ext4)
swap A file system used for virtual memory.
Network File System (NFS) A distributed file system used for file sharing on Unix and Linux.
Virtual File Allocation Table

A FAT32 file system for Linux.
(VFAT)
Extended File System

High performing and flexible file system.
(XFS)
A Linux file system with copy-on-write functions. Sometimes referred

B Tree File System (Btrfs)
to as butter FS or better FS.
Exam Objective
2.2 Use operating system features and utilities
 Use Windows features and command line utilities

TestOut PC Pro
2.3 Manage file systems
CompTIA 220- 1.8 Explain common OS types and their purposes

1102
 Various filesystem types
o New Technology File System (NTFS)
o File Allocation Table 32 (FAT32)
o Third extended filesystem (ext3)
o Fourth extended filesystem (ext4)
o Extensible File Allocation Table (exFAT)
1.11 Identify common features and tools of the Linux client/desktop OS.
 Common commands
o ls
o pwd
o mv
o cp
o rm
o chmod
o chown
o su/sudo
o df
o man
o cat
o nano
EXPLANATION
1. Give the bcassini user ownership of the /hr/payroll file.

a. From the Favorites bar, select Terminal.
b. At the Terminal prompt, type chown bcassini /hr/payroll and press Enter to give bcassini ownership of the /hr/payroll
file.
c. Type ls -l /hr and press Enter to verify the change in ownership.
9.4.1 Use Linux Shell Commands

Use Linux Shell Commands 0:04-0:42
In this demonstration, we're going to spend some time learning how to manage a Linux system from
the shell prompt. As you can see, a Linux system can provide two different user interfaces, just like a
Windows system can.
We have the graphical interface, where we can click on things with the mouse and make selections to
bring up applications. It works in pretty much the same way as it does on Windows. Also, just like a
Windows system, we have a command line interface. The command line interface, which we call the
shell, allows us to enter commands at the shell prompt.
For example, if I wanted to see which directory I'm currently working in, I'd type pwd. This command
tells me that I'm currently in the /home/demo directory.
Command Line Interface Standard 0:43-3:07
If you're going to manage Linux systems, you need to learn how to use the command line
interface. Why? Is it because it's easier to use? No, it's actually quite a bit more difficult to use
than the graphical user interface that we're all used to.
The reason why it's important to learn the command line interface is because it's more consistent
across all different flavors of Linux. We call these flavors distributions, and there are literally
hundreds of different Linux distributions. Each Linux distribution uses a slightly different graphical
user interface.
For example, let's say that I want to configure system settings on this Linux system. I come down
here, search for settings, click Settings, and then I can configure the background of the desktop. I
can configure the display resolution, power settings, add a printer, and so on. However, if I were to
switch over to a different Linux distribution, such as openSUSE, the Settings application that I just
accessed won't exist.
Instead, it uses a completely different system management utility called YAST. But for almost all
Linux distributions, the commands you use at the command line within the shell environment are the
same. So if you learn how to manage Linux systems within a shell, you can manage just about any
Linux distribution. That's what we're going to focus on in this lesson.
As you just saw, you run commands within the command line environment in pretty much the same
way that you run them on Windows. You enter the name of the command you want to run and then
press Enter to execute it. For example, here I need to know which IP address has been assigned to
this, so I type ifconfig.
When I run ifconfig, it displays such things as the IP address assigned to the system, which
is 192.168.1.199, and I can also see the subnet mask that's been assigned, which is
255.255.255.0. Be aware that while this command still works, it's been deprecated, and you should
now use the ip addr command.
In a similar fashion, to view a listing of all the files and folders within the current directory, I can type
the ls command, which is short for list. I press Enter and it shows me a listing of all the files and
folders in the current directory.
Now there are literally hundreds of different Linux commands that you can enter at the shell
prompt. We aren't going to cover all of them here. Instead, we're going to focus more on how to use
the shell environment to manage the system. We'll look at specific commands in different lessons.
Path Environment Variable 3:08-5:41
There's one thing that I need to point out before we go any further, and that's that the command
line environment in Linux has one key difference when compared to the command line environment
in Windows. On a Windows system, if you type a command at the command prompt, the command
interpreter is first going to look in the current directory for whichever executable file you entered at
the command prompt.
If that file can't be found in the current directory, the command interpreter is going to read the
path environment variable and search through every listed directory, looking for the command that
you entered. When it's found, it'll run that executable. If it can't find the name of the command, it
displays an error message on the screen.
Linux does a similar thing. It also uses a path environment variable. But Linux doesn't check the
current directory. This can be very, very confusing for those who are just getting started working
with Linux. For example, in my current directory, I have an executable file called helloworld. I know
it's an executable because it's green, whereas the other files and folders within this directory are
blue.
If I want to run the helloworld command on a Windows system, I'd switch to the directory where this
file resides, and then I'd type helloworld at the command line and press Enter. On a Windows
system, this would work. It'd run helloworld.
But as you can see, on Linux, it doesn't work because Linux doesn't look in the current
directory. Instead, it looks through all the directories contained in the path environment variable. To
view this, I'll type echo $PATH and press Enter. As you can see, the path contains several folders,
each separated by a colon.
So, anytime I type a command such as helloworld at the command prompt, it first looks in the
sbin directory, and then it looks in the bin directory, and then it looks in this directory, all the way
through the list until it finds the command named helloworld.
In our previous example, it never found the helloworld command because the command wasn't found
in any of the directories found in the path environment variable. If you run into this situation, all you
need to do is to provide the full path to the file that you want to run.
So, in this case, I'd enter /home/demo/helloworld at the shell prompt and press Enter. The
command is found and run. It's a very simple program-all it does is write "Hello World!" and the
current date and time on the screen. If the command you want to run resides in one of these
directories-and most system commands do-you don't have to provide the full path. For example, a
minute ago we typed pwd. I didn't have to provide the full path to pwd because it resides in one of
the directories in the path environment variable.
Command History 5:42-6:17
One of the nice things about the command line environment in Linux is the fact that it supports
command history. Every time you enter a command at the shell prompt, that command is
saved. That way, if I want to run the same command multiple times, instead of retyping it, all I need
to do is press the up arrow key and it'll bring up the last command that I entered.
When I press it again, it brings up the second-to-last command that I entered. If I press it again, it
brings up the third-to-last command, and so on. For example, if I wanted to run the helloworld
script again, instead of typing out this long command, I press the up arrow key twice, press Enter,
and the command runs.
Command Completion 6:18-6:55
In addition to the command history feature, the Linux command line environment also provides the
command completion feature. This feature is extremely helpful when you need to type a very long
file name at the shell prompt.
To use this feature, you start typing the name of the command that you want and then press the Tab
key. When you do, the Linux shell will guess what it is you're trying to type and automatically
complete the command for you.
For example, let's type /home/demo and then just the first two characters of the helloworld
command. Now I'll press the Tab key. Notice that it completed the command for me. I didn't have to
type it all the way out. I can press Enter and run it.
Help System 6:56-7:41
Since there are so many different commands that you can use at the shell prompt, learning the
syntax for all of them can take some time. In fact, I seriously doubt that anyone could memorize all
of them.
Fortunately, Linux includes an extensive help system for shell commands. Let's open a new shell
session and see how this works. One option for getting help is to type the name of the command,
such as ls, and then a space, and then --help. When I press Enter, a summary of how to use the
command is displayed.
You can see that an extensive summary of how to use the command is shown. Up here, it tells us the
usage or basic syntax. It also tells us what the command does, and then it provides a list of all the
different options you can use with the command and what those options do.
Man Pages 7:42-9:03
Another option is to use the manual pages, or man pages. Linux provides extensive
documentation within the system itself for all the different shell commands that you can enter. The
way you use this is to enter man followed by the name of the command that you want to get help
for.
For example, let's enter man ls to find out more details about how to use the ls command. When I
do, the man page, or the manual page, for that command is displayed. It's very similar to the help
screen we saw earlier, but it provides more detail.
First, it tells us what the command's name is. It provides a description of what the command does. It
provides us the syntax for using the command. For example, it shows us that we need to enter ls,
followed by an option, followed by a file. However, because these options are in brackets, they're
optional.
It also shows us a list of all the different options you can include with the command. For example, if
you use the -a option with the ls command, it'll list all the files, including hidden files. On the other
hand, if you run the ls command without the -a option, you won't see any of the hidden files in the
directory.
Then when we come down here to the -l option, we see that it uses the long listing format, which
provides additional details about the files and folders in the directory. When you're done working
inside this man page, you can use the q key to quit and go back to the shell prompt.
info Command 9:04-9:46
There's one other help resource you can use to get help with shell commands, and that's the info
command. When we looked at the previous commands, you might've noticed that the --help option
provided a brief summary of how to use the desired command. You then saw that the man pages
provided a little more detail about how to use the command. But, if you really need in-depth training
on a specific command, you need to use the info command.
To use it, type info and then the name of the command. For example, let's type info ls and then
press Enter. Here you see extensive documentation about the command with detailed instructions
on how the command works and how to use it. Once again, to get out of info, you press the q key.
System Shutdown 9:47-10:38
The last thing I want to show you before ending this demo is how to properly shut down a Linux
system from the command prompt. This is done using the shutdown command. The shutdown
command can be used to do many different things. It can be used to shut the system down all the
way or reboot it and more.
I'm going to pretend that I'm not exactly sure which option I should use to shut the system down, so
to find out the options I have, I'll run man shutdown. I can now scroll down to find out what they
are. In doing so, we see that the -p option powers off the machine. And if we use a -r, it reboots the
machine.
If I use -h, it'll basically do the same thing as the power off option. I'm going to press the q key to
get out of the man page. Since I want to power the system off, I'll type shutdown -h and press
Enter. And I'm told that the system will be shut down in about 1 minute.
Summary 10:39-11:00
That's it for this demonstration. In this demo, we talked about how to use system commands at the
shell prompt on a Linux system. We first talked about how to enter commands. We then talked about
command history and about using the tab complete feature. Then we looked at how to get help with
shell commands. And we ended this demo by learning how to shut the system down from the shell
prompt.
EXPLANATION
1. From the wadams home directory, use the rm command to delete the old_myfile.txt file.
b. From the Terminal prompt, type ls -l and press Enter to see a listing of the files in the directory.
c. Type rm old_myfile.txt and press Enter.
d. Type y and then press Enter to remove the old_myfile.txt file.
e. Type ls -l and press Enter to see that the old_myfile.txt file was removed from the directory.
2. Use the touch command to add the new_myfile.txt file.
a. From the Terminal prompt, type touch new_myfile.txt and press Enter to create a new file in the wadams
home directory.
b. Type ls -l and press Enter to see that the new_myfile.txt file was created.
3. Use nano to add a line to the new_myfile.txt file.
a. From the Terminal prompt, type nano new_myfile.txt and press Enter to use the nano editor to open the
new_myfile.txt file for editing.
b. From within the editor, type some text of your choosing.
c. Press Ctrl+x to exit the edit mode.
d. Press y to save the modified buffer and then press Enter to save and exit the file.
4. Use the cat command to view the changes you made to the new_myfile.txt file.
a. Type cat new_myfile.txt and then press Enter to view the contents of this file.
5. Use the cp command to copy the new_myfile.txt file to the directory named practice.
a. From the Terminal prompt, type cp new_myfile.txt /home/wadams/practice and press Enter to copy the
new_myfile.txt file to the practice directory.
b. Type cd practice and press Enter to move to the practice directory.
c. Type ls -l and press Enter to see that the new_myfile.txt file is in the /home/wadams/practice directory.
6. Use the mv command to rename the new_myfile.txt file to final_myfile.txt.
a. Type mv new_myfile.txt final_myfile.txt and press Enter to rename the new_myfile.txt file.
b. Type ls -l and press Enter to see that the file name has changed.
9.4.2 Linux Shell Facts

 About Linux shells

 Linux shell commands
About Linux Shells

Linux is an open-source operating system. You can even create your own custom version of Linux
called a distribution. Some of the more popular Linux distributions include openSUSE, Fedora, and
Ubuntu.
Like Windows, Linux provides two different user interfaces. There is a graphical interface where you
can click on things with a mouse and make selections to bring up applications. There is also a
command line interface called the shell that allows you to enter commands at the shell prompt to
manage the system. The command line interface is consistent across all distributions of Linux. Each
Linux distribution uses a slightly different graphical user interface. If you learn how to manage Linux
systems from within a shell, you can manage just about any Linux distribution.
The shell is often referred to as the bash (Bourne-again shell) shell. Although there are other shells
available, such as csh and zsh, bash is the most common.
A superuser in Linux is equivalent to an administrator in Windows. In Linux, the root user is the
superuser.
Linux has two especially important features, which are called command history and command
completion. Command history saves commands entered at the shell prompt. The command
completion feature tries to guess a command you are entering and will complete the command for
you if you press the TAB key.
Linux Shell Commands

Use the shell commands listed in the following table to manage the file system on Linux.
Command Description
Displays the path of the current directory on the screen. pwd stands for print working
pwd
directory.
ip Displays or changes IP configuration settings.
Displays a list of files and subdirectories that exist within a directory. Several options
are commonly used with this command:
 -a displays all files, including hidden files.

ls
 -l displays a detailed (long) listing of directory contents, including
ownership, permissions, modification dates, and file sizes.
 -R displays the contents of the directory and all of its subdirectories.
--help Displays a brief summary of how to use the command.
bash Starts a new Bourne-again shell (bash) session.
Displays the manual page for a command. It's very similar to the help screen, but it
man
provides more detail. Use the Q key to quit and go back to the shell prompt.
Displays more extensive documentation about the command. Use the Q key to quit
info
and go back to the shell prompt.
Changes directories in the file system. For example, to change to the /home directory
cd
in the file system, you would enter cd /home at the shell prompt.
Copies files and directories from one location in the file system to another. For
example, to copy the widget.odt file to the /home/rsmith directory, you would
cp enter cp widget.odt /home/rsmith at the shell prompt.
To copy an entire directory structure, include the -R option, which specifies that the
directory contents be recursively copied.
Moves and/or renames files and directories from one location or name to another. For
example, to move the widget.odt file in your current working directory to the
/home/rsmith directory, you would enter mv widget.odt /home/rsmith at the shell
mv
prompt. Before moving it, you could rename it to newwidget.odt by entering mv
widget.odt newwidget.odt or, alternatively, you could rename and move it
simultaneously by entering mv widget.odt /home/rsmith/newwidget.odt.
Deletes files and directories from the file system. For example, to delete the
rm
widget.odt file, you would enter rm widget.odt at the shell prompt.
Displays the contents of a text file on the screen. For example, to view the contents of
cat
the widget.txt file, you would enter cat widget.txt at the shell prompt.
Displays the contents of a text file on the screen, pausing the output one screen at a
less time. For example, to view the contents of the widget.txt file one page at a time, you
would enter less widget.txt at the shell prompt.
Displays the first few lines of a text file on the screen. For example, to view the first
head
lines of the widget.txt file, you would enter head widget.txt at the shell prompt.
Displays the last few lines of a text file on the screen. For example, to view the last
lines of the widget.txt file, you would enter tail widget.txt at the shell prompt.
tail The -f option can be used with tail to monitor a file for changes. If new content is
added to the end of the file (such as a log file), the new lines will be displayed on the
screen.
Edits the contents of a text file. Current Linux systems use vim (an improved version
of vi). Executing the vi command will launch the vim executable. The vi uses four
different operating modes:
Command mode
 Command line mode

 Insert mode
vi/vim  Replace mode
For example, to edit the contents of the widget.txt file, you would enter vi
widget.txt at the shell prompt. You would then press the i key to enter Insert mode
and make the necessary changes to the file. When done editing the file, you would
press the Esc key to enter command mode. Then you would press the : key to enter
command line mode where you would enter exit or wq (for write and quit) to save
your changes and exit the vi editor.
Allows you to switch user accounts.
su  su - (su with a space and a hyphen) is used to switch to the root user with
the home directory and environment variables assigned to the root user.
Shuts down or reboots the system in a secure manner. The syntax of the shutdown
command is shutdown -h|-r +m message. The options for the shutdown command
include:
 +m specifies when to perform the shutdown operation. m is the amount of

time (specified in minutes).
shutdown
 -h instructs the system to shut down and power down.
 -r instructs the system to reboot after the shutdown.
 -p powers off the machine.
 message specifies a message that is sent to all users that accompanies the
standard shutdown notification.
9.4.4 Manage the Linux File System

Manage the Linux File System 0:00-1:03
In this demonstration, we're going to spend some time learning how to manage files and directories
using shell commands. The first command we want to look at is the pwd command. It's a very simple
one, but sometimes very useful. PWD is an acronym for Present Working Directory. To use this
command, I type pwd and press Enter, and it tells me what my current working directory is.
Although it's not obvious, my current Command Prompt includes the current directory. You might
ask, "Well, where is that? I don't see /home/demo anywhere." But if you look closely, you'll see that
there's a tilde character at the end of the prompt. That tilde is a shortcut that says we're currently in
the home directory of whatever user is logged in.
I'm currently logged in as the demo user, so my home directory is /home/demo. If I were logged in
as the ksanders user instead, this tilde would be a shortcut to /home/ksanders. So anytime you see a
tilde there, just understand that it's talking about the current user's home directory.
ls Command 1:04-3:32
The next command we want to look at is the ls command. LS is an acronym for LIST. This command
is used to display the contents of a directory, including any subdirectories that might be there.
When using ls, if I don't specify the directory whose files I want to list, the command assumes that I
want to list the contents of the current directory, which in this case is /home/demo. Let's go ahead
and type ls and press Enter.
Notice that I have several different types of files and folders in my home directory. I have a folder
called Desktop. I have other folders called Downloads, Music, Templates, Documents, Pictures,
Public, and Videos. This is very similar to what you'd find in the home directory of a user on a
Windows System. How do I know these are directories? Well, they're colored blue. Anything you see
here that's blue is a directory.
I also have a file named projectsched, which is short for project schedule. How do I know that's a
file? Because the name is white. That tells me that it's just a standard file. I also have another file
over here in green called helloworld. Because it's green, I know that this file is an executable. It's a
command that I can run from the shell prompt that'll do something.
If I want to view the contents of a different directory, I use the ls command, but then provide the
path to the directory that I want to list. For example, to list the files in the /var directory, I'll type
ls /var and press Enter. Notice that the output is different from what we saw earlier because I'm
listing the files in a completely different directory.
There are a couple of options you can use with the ls command. One of the most useful, in my
opinion, is the -l option. Using -l causes ls to reformat its output in a long listing format. This allows
you to view additional details about the files and folders in the directory.
When I use this option, I see the same folders and files as before, but there's a lot more information
about each one. For example, for the projectsched file, it shows the assigned permissions. It also
shows the user and group who owns the file. It lists the size and the last time that file was modified.
Another useful option is -a. This option causes ls to list all the files in the specified directory,
including those that are hidden. When I press Enter, you'll notice that several additional files and
folders are listed now that weren't showing before.
Note that all the files and folders that weren't showing up before have a period at the beginning of
their name. Any file or folder on Linux that begins with a period is a hidden file or folder, which won't
be displayed by default.
cd Command 3:33-6:28
Now, let's talk about the cd command. The cd, or Change Directory, command is used to change
directories and works the same in Linux as it does on a Windows System. When I run the pwd
command again, we see that I'm still in the /home directory.
However, if I want to change to the /var directory we looked at earlier, all I need to do is type cd
/var and press Enter. Notice that the prompt changed. Instead of the tilde that we had before, now
we have var. That tells me the name of the current directory. And when I type the pwd command,
I see that my current directory is /var. And when I type ls with no arguments, it displays the listing
of the current directory, which is /var. In this example, I used what's called an explicit path, meaning
that I started at the top of the file system—which is the / directory, or the root directory—and then
used name of the subdirectory, which was var.
With the cd command, I can also use a relative path. For example, let's suppose that I want
to change to the games subdirectory in var. To use an explicit path like we did before, I'd type
cd /var/games, and I could switch into the games directory. But because we're already in var, I can
just type cd games, and the cd command is going to say, "Okay, they didn't provide any path
information to the games directory, so I'm going to assume that the games directory is a
subdirectory of the current directory." And as you can see, when I press Enter, I'm changed to
/var/games.
Another shortcut you can use with the cd command is the .. option. The .. refers to the parent
directory of whichever directory I'm in, while a single . refers to the current directory. For example,
when I type cd . and press Enter and then type pwd and press Enter, you see I didn't go anywhere
because . refers to whatever the current directory is. But if I type cd .., that tells the cd command to
go up one level in the directory structure. Let's see how this works.
Currently I'm in /var/games, but when I type cd .. and press Enter and then run the pwd
command, you see that I'm in the /var directory. I went up one level in the hierarchy. Now, there's
one major difference when using the .. command in Linux than in Windows. In Windows, you can
type cd.. with no space after the command, but in Linux, you have to include the space after the cd
command. Otherwise, you'll get a "Command not found" message.
Before going to the next command, let's use the cd command one more time to get me back to my
home directory. To do that, I could type cd /home/demo, and that'd be fine—it'd take me to my
home directory. However, since the tilde command is a shortcut for the home directory of whichever
user is currently logged in, it's a lot faster just to type cd ~ and press Enter. And now notice I'm back
in /home/demo.
cp Command 6:29-8:03
The next command we want to look at is the cp, or the copy, command. To see how this works, let's
first run ls to view a listing of the files in my home directory. I now want to copy the projectsched file
to the /var directory. To do this, I type cp and the name of the file to be copied.
Instead of typing the full name of projectsched, I'm going to just type the first part of the name and
then use the shell's Tab Complete feature to finish typing the rest. As long as you've typed enough of
the name to distinguish it from any other file in the same directory, when you press the Tab key, the
system automatically fills out the rest of the filename for you. Next, I type the destination where I
want to copy the file, which in this case is /var.
But when I press Enter, I'm shown a message indicating that I don't have the permissions to move
this file. That's because my user account is a standard user, and a standard user isn't allowed to put
files in the /var directory because it's a system directory. I need to have superuser permissions to do
that.
So, let's do something different. When I look up here, I see that there's a subdirectory in my home
directory called Desktop. Let's copy it to that folder instead. To do that, I'll type cp projectsched
Desktop and press Enter. Now let's use the cd Desktop/ command to switch into the desktop
directory and run the ls command, and we see that I made a copy of that file and put it in that
directory.
Note that because the cp command is only making a copy, it doesn't affect the original file at
all. When I type cd .., press Enter, and then run the ls command, the file is still there.
mv Command 8:04-8:45
Another useful command is the mv, or move, command. As the name implies, you can use this
command to move a file instead of making a copy. The syntax to move a file is similar to copying,
except for the fact that it'll get rid of the source file. So in this example, let's move projectsched to a
different folder. Let's move it to the folder called Templates. And because I'm using the mv
command, this original copy will be removed.
To do that, I'll type mv projectsched Templates/ and press Enter. Now when I run the ls command,
you see that the projectsched is no longer in my home directory. But if I go into the Templates
directory and run the ls command, there it is right there.
rm Command 8:46-9:07
In addition to cp and mv, you can also use the rm command to manage files. The rm command is
short for—you guessed it—remove. So let's suppose that I don't want this file in my Templates
directory anymore. I just want to get rid of the projectsched file. I type rm projectsched and press
Enter. And when I run the ls command, I see that the file is gone. The directory is empty.
dd Command 9:08-10:26
The last command that we want to cover in this demonstration is called dd. The dd command copies
files just like cp does, but it does it in a different way and provides you with a lot of flexibility. For
example, you can copy entire hard disks bit by bit using the dd command, which you can't do with
cp. You can also copy entire disc partitions as well. However, for the purposes of this demo, we'll
keep it simple by using this command to copy a file.
Earlier, we copied the projectsched file to the Desktop subdirectory of my home directory, so

let's now copy that file back to my home directory using dd. The syntax for using the dd command is
to first use the if= option to specify the name of the input file. In other words, which file is it that I
want to copy?
So for this example, I'll type if= and then the file's current location, which is
/home/demo/Desktop/projectsched. And next, I need to specify where I want to copy the file, so I'll
use the of= options, with stands for output file—in other words, the destination. And for this
example, that's /home/demo/projectsched. Then I press Enter. Now when I run the ls command, we
see that my projectsched file has been copied back to the home directory using the dd command.
Summary 10:27-10:34
That's it for this demonstration. In this demo, we talked about how to manage files in the Linux file
system. We talked about the pwd, ls, cd, mv, cp, rm, and dd commands.
9.4.5 View File Contents

View File Contents 0:00-0:32
In this demonstration, we're going to talk about managing the contents of text files on a Linux
system. Now, you might ask why you'd be concerned about managing text files. On a Windows
system, it frankly isn't that big of a deal.
On a Linux system, though, it is a big deal—for two reasons. The first is that almost all the
configuration changes you need to make for Linux are made using text files. The second reason is
that a lot of your logging is stored within text files. Being able to access the contents of those files is
very important.
cat Command 0:33-1:47
I'm currently in my home directory, and I have a file named projectsched. Let's suppose that I need
to see the contents of this file. One command you can use to do that is the cat command.
The cat command takes the file that you tell it to look at, reads its contents, and writes those
contents on the screen. To do this, I type cat followed by the name of the file I want to view—in this
case, projectsched—and press Enter. The contents of the file are displayed on the screen.
Be aware that the cat command works only with text files. If you try to view a binary file, all you'll
see is junk. Also, be aware that the cat command works best if you're working with a shorter file. In
this case, I displayed a file that's only five lines long, so using cat was a perfect choice. If you're
using cat with a long file, you'll have to use other parameters to display only a portion of the file at a
time.
For example, I've copied the bootup log file from my system to my home directory. It's a text file, so
I can use cat to view it. I'll type cat boot.log, but notice what happens when I press Enter. The entire
contents of the file are displayed all at once on the screen. This is a really long file; it goes on and
on. It didn't pause a page at a time to let me see the contents, either.
more Command 1:48-2:53
If you're dealing with a long file, there are two other commands you can use that are better. One of
them is the more command. The more command does pretty much the same thing as the cat
command. It reads the file that you tell it to look at and then it displays the output on the
screen. Unlike cat, though, the more command will pause the output one page at a time to give you
a chance to read the contents.
For example, let's use more to look at the boot.log file. Just like with cat, it reads the contents of the
file and displays them on the screen, but notice that it pauses one page at a time. I have a chance to
read what's in the file now. To go to the next page, I press the space bar, and it goes down one
page.
Press the space bar again, it goes down another page. I can keep working my way through the
file. When I'm done looking at the file contents, I can exit out by pressing the Q key. Using more
works great when you look at a long file. But it has one key limitation, and that's the fact that it's
unidirectional, meaning that you can only scroll from the top of the file to the bottom. You can't go
backwards. For example, if I used more to look at a file and missed something, I couldn't go back.
less Command 2:54-4:18
Another command you can use to view and navigate through files is the less command. The less
command automatically displays one page at a time, just like the more command does, but it also
allows you to go backwards through the file.
To see how this works, let's type less boot.log and press Enter. When I do, notice that since this file
contains some special formatting characters that it doesn't understand, less thinks it's a binary file
and asks us if we want to continue. Since I know it's a text file, I can proceed by pressing the Y key.
And as you can see, less doesn't know what to do with a lot of the text formatting codes that are
embedded in this file, but it'll try to display them anyway. You can see that some codes were used to
color the text "OK" green, and less isn't very happy with that. But the information we need to look at
is still here.
If I want to scroll down through the file, I press the Page Down key, or I can press the space bar as
well. Either one works fine. I can also press Page Up to go up through the file. I mostly stick with the
less command because its ability to navigate through a file is much more useful. To get out of the
less command, I press the Q key.
So those are three key commands you can use to view the contents of text files on a Linux system—
cat, more, and less. Now, there's two other commands we need to look at before we end this lesson,
and they deal with locating files or content within files.
find Command 4:19-5:42
When you're working with a Linux system, there may be times when you know the name of a
file, but you can't remember where it's located. In this situation, you can use the find command.
The syntax for using it is to type find and then specify the name of the directory where you want to
start searching. By default, the find command starts in the directory you specify and looks for the
filename that you indicate. It'll also search through all the sub-directories of that starting directory.
For example, I'm going to type find /home -name boot.log. With this command, my starting directory
is /home, and the -name indicates that what follows is the name of the file I'm looking for, which is
boot.log. When I press Enter, the find command will start looking in /home for any file named
boot.log, and then it'll traverse through all the sub-directories trying to find it.
It found one instance—the boot.log file located in my home directory, or /home/demo. If you need to
search the entire system, you can just use the forward slash, which specifies that you want to start
at the top of the Linux file system. This is the root directory.
Using this syntax, you'd type find / -name boot.log and then press Enter. The find command would
search through the entire file system looking for any file named boot.log. I'm not going to run it now
because it'd take a long time to complete.
grep Command 5:43-6:50
The last command we're going to look at in this lesson is named grep. Even though it has a really
weird name, it's extremely useful. While the find command looks for files based on their file name,
the grep command inspects the contents of a file looking for lines that match the search criteria. So
instead of looking for a file name, grep looks for specific contents within a file.
For example, if I were looking for all instances in the boot.log file that contain the search term kernel
—referring to the Linux operating system kernel—that could take me a little while. If you're like me,
you start searching through a long file like that, and your mind starts to wander and you miss things.
Using grep is a much better option. It'll parse through the file that you specify, looking for just the
term you want. If a line has that term in it, it'll display it on the screen. If it doesn't, it'll just skip
it. So let's type grep kernel boot.log and press Enter. It now searches the boot.log file for the term
kernel, and as you can see, it only found one line that contained that word. Notice that it highlighted
the search term with red text so it's easy to see.
Summary 6:51-7:07
That's it for this demonstration. In this demo, we talked about how to manage and view the contents
of text files on a Linux system. We first looked at the cat command, and then we looked at the more
and less commands. Then we looked at the find command and how to locate files in the file
system. We finished up by learning how to search through files for specific content using the grep
command.
EXPLANATION
1. Open the D:\ drive.

a. From the Windows taskbar, select File Explorer.
b. From the left pane, select This PC.
c. From the right pane, double-click Local Disk (D:).
2. Encrypt the Finances folder.
a. Right-click Finances and then select Properties.
b. Select Advanced.
c. Select Encrypt contents to secure data and then select OK.
d. Select OK to close the properties dialog.
e. Select OK to confirm the attribute changes.
3. Give John authorization to modify the encrypted 2022report.xls file.
a. Double-click Finances.
b. Right-click 2022report.xls and then select Properties.
c. Select Advanced.
d. Select Details.
e. Select Add.
f. Select John and then select O
9.4.6 Edit File Contents

Edit File Contents 0:00-1:21
In this demonstration, we're going to show you how to use the vi text editor. To use this editor, you
first type vi at the shell prompt, and then at this point, you have three different choices. You could
just press Enter. That would open a blank document with no filename associated with it.
If you want to create a new file as you run vi, you could enter the name of the file here, such as
mynewfile, and press Enter. Or if you wanted to edit an existing file, you would enter vi and the
name of that file. Keep in mind that if the file you want to edit isn't in the current directory, you'll
also need to include path to the file you want to edit.
For our purposes today, let's go ahead and create a new file. I'll type vi mynewfile and press
Enter. Just as with any other text editor, the changes that we're going to make to this file won't be
committed to the disk until it's saved, which we'll do in just a minute.
I'm currently in my text editor, but notice what happens if I try to type text. I'm typing and nothing
is happening. This is often a point of confusion for new Linux users, because with other text editors
like Windows Notepad—once you've opened the file, you can immediately start adding or editing
text. However, with the vi editor, you start in command mode by default, and you can't edit text in
this mode.
Insert Mode 1:22-2:09
To enter text, we need to switch from Command Mode into Insert Mode. To switch to Insert Mode,
you can press one of three keys. You can press the i key, the s key, or the Insert key on your
keyboard. Notice that when we press any of these keys, the --INSERT-- prompt appears at the
bottom of the screen, telling us that we're now in insert mode.
Once we're in Insert Mode, we can then enter text in the file. I'll type, This is my new file. It is very
nice. Because we're in insert mode, anytime we move the cursor around and then type new text in a
line, it forces whatever text that comes after the cursor to be pushed down the line.
For example, I can add the word very, so now it's a very nice file. Notice that when I did that, it
pushed the remaining text down the appropriate amount of space on the line.
Replace Mode 2:10-2:51
vi has two different editing modes. The first one is Insert, which we're already in, but there's another
one called Replace Mode. If I press the Insert key again, notice that the prompt at the bottom
changes from --INSERT-- to ---REPLACE--. In Replace Mode, whichever characters we type replace
the text that's currently under the cursor. For example, if I wanted to use the word very again like I
did before, I type very and it replaces the word nice.
I don't use Replace Mode very often. I've never found a great use for it. I almost exclusively use
Insert Mode. If I want to get back to Insert Mode, I press the Insert key again. Then you can type as
you normally would in most word processing and text editing programs.
Command Line Mode 2:52-3:29
As I mentioned a minute ago, all the changes we're making to this file aren't actually being
committed to disk. They're only saved in memory. To save these changes, we need to write this
information out to the file. However, you can't do that while you are still in the Insert or Replace
Modes.
To have the option to save a file, you must first change to the Command Line mode. Notice I said
Command Line Mode, not Command Mode.
We can't go there directly from Insert Mode. Instead, we first press Esc once to go into Command
Mode. Then we enter a :. You can see at the bottom of the screen that a : is displayed and a line is
provided where we can enter commands. Hence the name.
Save File 3:30-4:45
Now that we're in Command Line mode, we have a couple of different option we can use to save our
file. One would be to type w and press Enter. When I do, the file is saved. And it tells us at the
bottom that my new file has been created, and it has some information about the file—such as that
it's new, it has one line and 38 characters, and it has been written to the disk.
There are other options. If we go back into Command Line mode by typing : again, another option
would be to type w, space, and then a different filename. This is the equivalent of doing a save as in
a traditional text editor. If I were to enter w mynewfile2 and press Enter, it'd save the file using this
new filename.
Another option is to save the file and exit the editor in one operation. I do this all the time. I go in,
edit a configuration file, make the changes, and then I'm done. I want to save the changes and get
out of the editor and continue doing other tasks.
There are two ways to do this. One is to enter wq, which stands for write quit, or you can type exit
and press Enter. They both do the exact same thing. They save the file, and they exit out of the
editor. If you want to just quit without performing a write operation, you enter a q. And you exit out
of the vi editor, but the changes aren't saved.
Editing Mode 4:46-7:28
Let's get back in into vi. However, this time instead of creating a new file, I want to edit an existing
file. Because the file resides in the current directory, I don't have to specify any path information. I
just enter vi mynewfile and it opens the file again.
Just like before, we're in Command Mode by default. There are several different commands that
we can use to manipulate the text within this file. For example, a very common text editing task is to
cut and paste text. You're probably very familiar with how to do that in a word processor or graphical
text editor. You can do the same thing in vi; it's just done a little differently.
While in command mode, we cut and paste text using the dw command. The dw command cuts the
word that comes immediately after the cursor, along with the space that follows that word, and puts
it in a memory buffer. It's basically like doing an Edit + Cut in a graphical editor.
Let's go down here to the word very, and I type dw. It takes the word very and the space
that follows and puts it in a memory buffer. Once done, I can then move the cursor around to
wherever it is I want the word to go.
Then to paste the word that's in the buffer, I type p, and the word very is pasted from the memory
buffer into the line of text. In addition to dw, you can also use the de command. It basically does the
same thing, except that it cuts only the word that comes after the cursor, but not the space that
follows the word.
Just like before, it puts the word in the memory buffer. But unlike before, it does not cut the space
that came after the word. At this point, we could paste it again, just like we did before, using the p
command. It puts the word back in the line where the cursor is.
With a graphical text editor, you have the option to undo the last action. You have that same option
in command mode in vi. You press the u key and then whatever change you just made is undone. In
this case, we pasted the word very and now the paste operation is undone. We go back to the state
we were in before we performed that operation. I'm going to put the word back in by pasting it.
In addition to dw and de, we can also use the dd command. The dd command works in much the
same way as de and dw, except that it cuts the entire line of text. For example, here I'll put my
cursor at the beginning of the line and type dd. The entire line is cut. Then I can paste it just as
before using the p key.
There's a variation on dd called d$. It works in the same way as dd, except that it cuts from the
current cursor position to the end of the line. For example, if I wanted to cut this last sentence
and preserve the first half of the sentence, I'd enter d$. It cuts from the cursor position to the end of
the line. And as before, we can paste it using the p key.
Search Text 7:29-8:51
Another useful feature of the vi editor is the fact that it allows you to search for text within the
file. To do this in Command Mode, you enter / followed by the text that you want to search for. Let's
search for the term nice. When I do, it automatically jumps to the first instance of the term nice in
the file.
This is only a one-line file, so I have only one instance of the word nice, but if I had multiple
instances, I could use the n key at this point to jump to the next instance. It's important to note that
when you use /, it searches from the cursor position forward in the file. There may be situations
when you need to search from the cursor position backwards in the file.
Notice that I have the cursor on the period at the end of the line. We can perform the same search
we did before for the word nice, but this time we want to search backwards through the file. To do
this, we use a question mark instead of a /. Notice that when I type ? nice and press Enter, it finds
the next previous instance of the word specified.
Just as you can cut and paste text within the vi editor, you can also copy and paste text just like you
can in a graphical editor. For example, you can use the yy command to copy an entire line of text to
the memory buffer. Notice that the text didn't change because we copied. We didn't cut it. Then we
can go to another point in the document and use the p key to paste once again. Before we end this
demonstration, there's one more thing I want to show you.
Edit/Save File in vi 8:52-9:44
There may be instances when you've opened a configuration file in vi and you've made some
changes. Then you realize that you've made a lot of mistakes and you don't want to try to go back
and fix all the mistakes you made. You want to get out of the editor without saving your changes to
the file so you can come back in the second time and do it the right way.
The default way to exit out of vi is to go into Command Line Mode and type q. We have made many
changes to this file since we opened it. Watch what happens if I try to use the q option. It says, "You
can't do that because you made lots of changes since the last time this was written to a file."
Notice here that it gives us a prompt as to how to do this. It says, "Add ! to override." Once again,
let's go into Command Line Mode. This time we type q! and press Enter. We exit out of the file. If we
type cat mynewfile and press Enter, we should see that none of the changes we made were saved.
Summary 9:45-9:55
That's it for this demonstration. In this demo, we talked about how to use the vi editor to edit
files. We talked about how to use Insert and Replace Mode. We also talked about how to use
Command Line Mode, and then we reviewed several of the commands that you can use.
9.4.7 Manage Ownership and Permissions

Manage Ownership and Permissions 0:00-0:09
In this demonstration, we're going to manage file ownership and permissions using the chown
command and chmod command.
The chown Command 0:10-2:37
Let's start by looking at the chown command, which is short for "change owner". This command is
used to change ownership of files and directories. In this user's home directory, I'll run the command
ls -l. As you can see, the file named projectfile is owned by the user named student, and the group
owner is also student. By default, when you create a new file on Linux, that file is owned by the user
that created it, as well as by that user's group.
So the user and group owners for the projectfile are student and student. When a new user is
created on most Linux distributions, a new group is created with the same name. My other user on
this system—named student2—has a group of student2 as well. On some Linux systems, this isn't
the case, and a group called users is created instead.
An important fact of file and folder ownership on Linux is that only the root user can change file
ownership. So even if my user owns a file, I can't assign it to anyone else unless I use sudo or the su
command to get root privileges.
Let's copy the file to another user's home directory, and then we'll change ownership. I'll run this
sudo command like this since this user doesn't have rights to the /home/student2 directory. Now that
it's copied, I'll change to that directory and run ls -l to see what the permissions look like. Since I
copied the file as the root user, the permissions show root as the owner and group owner.
This file is meant for the student2 user, but since root owns it, they won't be able to do anything with
it. Let's change that with the chown command. I'll execute sudo chown student2 projectfile and then
run the ls -l command to review the changes. As we can see, the owner of the file is now
student2. Notice, though, that the group owner is still root.
We can use the chown command again to change the root group owner to student2 like this—sudo
chown .student2 projectfile. The period in front of the group name tells the chown command that we
just want to modify the group owner. By running ls -l again, we can see that the file now has
student2 as the group owner.
We ran the chown command twice—once to change the owner, and once to change the group
owner. Using a slight modification, we can do both at once by putting a colon between the owner and
group, like this—sudo chown student2:student2 projectfile. That gets the same result as executing
the command twice.
The chmod Command 2:38-4:32
Let's work with the chmod command, which stands for "change mode". A mode is basically another
name for the permissions on a file or folder. Before we can use the command, we first need to talk
about how permissions work on Linux.
To begin with, there are three permissions—read, write, and execute. Each of these are assigned to
three distinct categories—the owner, the group owner, and others, meaning everyone else. When we
use the chmod command, we modify the permissions for the three categories.
Let's look at an example. In the /share directory, I have a file named specifications.txt. Looking at
the ownership, we can see that it's owned by the student user and the devel group. Notice that the
directory, denoted by the ./, also has the same owner and group. This /share directory is designed as
a place for users on the system to place files where others on the devel team can access them.
Currently, the student and student2 users are both members of the devel group. So whichever
permissions I assign to the devel group will be automatically inherited by student and student2. For
student, it doesn't matter as much because student is also the owner and has a separate set of
permissions assigned. But the permissions we assigned to the student group will affect student2
because student2 isn't an owner of this file. The only permissions they'll receive are those that are
delivered by the group membership assignment.
Using the ls -al command, we can see which permissions are assigned. The permissions are listed as
an r for read, w for write, and x for execute. A dash means that a permission has been revoked or
isn't given. The first character in the list is usually a dash or a d for directory. This first character isn't
relevant to this discussion on permissions. The following nine characters relate to the owner, group,
and others. As you can see in this example, the specifications.txt file has read and write permissions
for the owner. The group and everyone else are only given read access.
Linux Permissions and Files vs. Directories 4:33-6:02
Before explaining further, let's talk about what read, write, and execute mean. For a file, read gives
the ability to see the contents, write allows changes to be made, and execute allows the file to be run
as an executable. For a directory, read allows a user to see the contents of the directory, write allows
users to create, modify, or delete files or subdirectories, and execute allows a user to change into
that directory.
Looking at the current permissions for specifications.txt, if we want others in the devel group to be

able to make changes, we'll have to update the permissions to include write. Unlike changing
ownership of files, the owner of a file can modify access to a file or directory. Since the
specifications.txt file is owned by student, I can execute the permissions change without sudo or
su. I'll execute the chmod g+w specifications.txt command like this. The g+w means add the write
permission. Executing ls -al shows that it's been updated accordingly.
Another problem we have is with this /share directory in that it allows everyone to read the contents
and change into it. We want to restrict access to just those who need it. To do that, we use chmod
again, like this—chmod o-rx /share. The o-rx command removes read and execute
permissions. Using ls -al again, we see that the permissions now look correct.
Summary 6:03-6:12
That's it for this demonstration. In this demo, we talked about managing ownership and
permissions. We first looked at the chown command. Then we looked at using the chmod command
to modify the permissions that are assigned to a file or directory.
1. View the current rights for the /sales directory.
b. At the Terminal prompt, type CD / and then press Enter to go to the root of the system.
c. Type ls -l and then press Enter.
d. From the upper right, select Answer Questions.
e. Answer Question 1.
2. Give Other the rights needed to browse the /sales directory.
a. At the prompt, type chmod o+rx /sales and then press Enter to enable the Other group to browse the /sales
directory.
b. Type ls -l and then press Enter to verify the change.
Notice that the /sales directory now has the read and execute (r-x) permission. The read and execute
permissions are necessary to see the directory and list its contents.
3. Give Other the permissions to read all documents in the /sales directory.
a. From the prompt, type ls -l /sales and then press Enter.
b. From the upper right, select Answer Questions.
c. Answer Question 2.
d. At the prompt, type chmod o+r /sales/* and press Enter to allow the Other group to read all documents in
the /sales directory.
e. Type ls -l /sales and press Enter.
Notice that Other now has read permissions (r--) for all documents in the /sales directory.
f. Select Score Lab.
9.4.8 Linux File Management Facts

 Linux file system types

 Linux shell commands
Linux File System Types

The file system determines how a computer's files are organized on a hard drive. Linux supports
many file system types. The following table describes several common file systems.
Type Description
ext2 is one of the oldest Linux file systems still available.
 ext2 stores data in a standard directory and file hierarchy.

 It supports a 2 TB maximum file size.
 An ext2 volume can be up to 4 TB in size.
Second Extended
 File names can be 255 characters long.
Filesystem (ext2)
 ext2 supports Linux users, groups, and permissions.
 It does not use journaling (which is used in most modern file
systems). As a result, recovery takes a long time if the system shuts
down abruptly.
ext3 is an updated version of ext2 that supports journaling. Key points include:
 Before committing a transaction to a storage device, the ext3 file

system records the transaction to the journal and marks it as
incomplete.
Third Extended  After the disk transaction is complete, the file system marks the
Filesystem (ext3) transaction as complete in the journal.
 Journaling allows ext3 to track of the most recent file transactions and
indicates if they were completed.
 Journaling allows ext3 to recover much more quickly than ext2 in the
event of an unclean system shutdown.
Fourth Extended ext4 includes all features found with ext2 and ext3. It also:
Filesystem (ext4)
 Supports file sizes up to 16 TB and disk sizes up to 1 exabyte (EB).
 Allows for up to four billion files in the file system.
 Uses checksums to verify the integrity of the journal file.
Checksums help improve the overall reliability of the system because
the journal file is the most heavily used file of the disk.
A swap file system is used as virtual memory (the portion of the hard disk used
to temporarily store portions of main memory) by the operating system.
swap
A recommended practice is to make the swap file size between 1 and 1.5 times
the amount of memory on the computer.
CDfs is a virtual Linux file system that provides access to individual data and
Compact Disc File
audio tracks on compact discs (CDs). A compact disc mounted with the CDfs
System (CDfs)
driver appears as a collection of files, each representing a single track.
Network File NFS is a distributed file system protocol that allows a user on a client computer
System (NFS) to access files over a computer network much like local storage is accessed.
New Technology
File System Microsoft operating systems use NTFS. Linux provides limited support for NTFS.
(NTFS)
VFAT is a FAT32 file system for Linux. VFAT
Virtual File  Does not support journaling.

Allocation Table  Includes long name support.
(VFAT)  Requires support for VFAT to be compiled into the kernel for the
system to recognize the VFAT format.
XFS was developed for the Silicon Graphics IRIX operating system. An XFS file
system:
Extended File  Proficiently handles large files.

System (XFS)  Offers smooth data transfers.
 Provides journaling.
 Can reside on a regular disk partition or on a logical volume.
Btrfs is a Linux file system that uses a copy-on-write file system. Using copy-
on-write technology, Btrfs provides several key features not found in earlier file
systems:
 Storage pools—Btrfs allows you to create storage pools from the

storage devices in the system.
o From the storage pool, you can allocate space to specific
storage volumes.
B Tree File
o You mount storage volumes at mount points in the file
System (Btrfs)
system.
 Snapshots—The snapshot functionality provided by Btrfs protects
data.
o You can configure it to take snapshots of data at specified
intervals and save it on separate media.
o If a file gets lost or corrupted, you can restore a previous
version of the file from a snapshot.
Linux Shell Commands

Use the shell commands listed in the following table to manage the file system on Linux.
Command Description
pwd Displays the current directory on the screen.
ls Displays a list of files and subdirectories that exist within a directory. Some options
commonly used with the ls command include the following:
 -a displays all files, including hidden files.

 -l displays a detailed (long) listing of directory contents including ownership,
permissions, modification dates, and file sizes.
 -R displays the contents of the directory as well as its subdirectories.
Changes directories in the file system. For example, to change to the /home directory
cd
in the file system, you enter 'cd /home' at the shell prompt.
Copies files and directories from one location in the file system to another. For
example, to copy the widget.odt file to the /home/ksmith directory, you enter 'cp
widget.odt /home/ksmith' at the shell prompt.
cp
To copy an entire directory structure, include the -R option. It specifies that the
directory contents be recursively copied.
Moves files and directories from one location in the file system to another. For
mv example, to move the widget.odt file to the /home/ksmith directory, you enter 'mv
widget.odt /home/ksmith' at the shell prompt.
Deletes files and directories from the file system. For example, to delete the
rm
widget.odt file, you enter 'rm widget.odt' at the shell prompt.
Displays the contents of a text file on the screen. For example, to view the contents of
cat
the widget.txt file, you enter 'cat widget.txt' at the shell prompt.
Displays the contents of a text file on the screen, pausing the output one screen at a
less time. For example, to view the contents of the widget.txt file one page at a time, you
enter 'less widget.txt' at the shell prompt.
Displays the first few lines of a text file on the screen. For example, to view the first
head
lines of the widget.txt file, you enter 'head widget.txt' at the shell prompt.
Displays the last few lines of a text file on the screen. For example, to view the last
lines of the widget.txt file, you enter 'tail widget.txt' at the shell prompt.
tail
You can use the -f option with tail to monitor a file for changes. If new content is
added to the end of the file (such as a log file), the new lines display on the screen.
Edits the contents of a text file. Current Linux systems use vim (an improved version
of vi). Executing the vi command launches the vim executable. The vi command uses
four operating modes:
 Command mode
 Command-line mode
 Insert mode
 Replace mode
vi/vim For example, to edit the contents of the widget.txt file, enter 'vi widget.txt' at the
shell prompt. Next:
 Press the Ins key to enter Insert mode and make the necessary changes to
the file.
 Press the Esc key to enter Command mode.
 Press : (colon) to enter command-line mode.
 Enter 'exit' to save the changes.
 Enter 'exit' to exit the vi editor.
Allows you to switch user accounts. Enter 'su -' (su with a space and a hyphen) to
su switch to the root user with the home directory and environment variables assigned
to the root user.
Changes the user or group that owns a file or directory. For example, to change the
chown
owner of the widget.txt file to the mlanders user, enter 'chown mlanders widget.txt'.
Changes the group that owns a file or directory. For example, to change the group
chgrp
that owns the widget.txt file to the RandD group, enter 'chgrp RandD widget.txt'.
Changes the permissions assigned to three file system entities:
 Owner—The user account assigned to be the file or directory's owner.

Permissions assigned to the owner apply only to that user account.
 Group—The group that has been assigned ownership of the file or directory.
Permissions assigned to the group apply to all user accounts that are
members of that group.
 Others—Identifies all other users who have successfully authenticated to the
system. Permissions assigned to this entity apply to these user accounts.
You can assign files and folders in the Linux file system one or more of the following
permissions:
 Read—Allows a file to be opened and viewed. Allows the contents of a

directory to be listed. This permission is represented by a numeric value 4.
 Write—Allows a file to be changed. Allows files to be added or deleted from a
directory. This permission is represented by a numeric value 2.
 Execute—Allows an executable file to be run. Allows a directory to be
entered. This permission is represented by a numeric value 1.
"Execute" allows the user to execute executable files. For directories, execute
provides the allowance to enter the directory using the cd command.
There are several ways you can use the chmod command to modify the permissions
assigned to a file or directory. Syntax options include:
chmod
 chmod entity= permissions filename
o Entity can be:
 u for Owner
 g for Group
 o for Others
o Permission can be:
 r for read
 w for write
 x for execute
 chmod entity+/- permissions filename
o Entity can be:
 u for Owner
 g for Group
 o for Others
o Permission can be:
 r for read
 w for write
 x for execute
 chmod 3-digit_numeric_permission filename. The digits assign permissions
as follows:
o 1 for Owner
o 2 for Group
o 3 for Others
Copies file system data using records. It can copy files, directories, partitions, or even
entire hard disks. For example, to copy a disk partition to a file on a removable USB
dd
drive, use the syntax:
dd if=/dev/sdb1 of=/media/usb/partition.bak
Brings the system down or reboots the system in a secure manner. The syntax of the
shutdown command is:
shutdown +m -h|-r message
The options for the shutdown command include:
 +m specifies when to perform the shutdown operation. The amount of time

shutdown
is specified in minutes.
 -h instructs the system to shut down and power down.
 -r instructs the system to reboot after the shutdown.
 message specifies a message that accompanies the standard shutdown
notification. This is sent to all users.
Use the man utility_name command at the shell prompt to view the syntax along with all of the
options that can be used with these commands.
Question 1:
Correct
You need to install a 32-bit application on a 64-bit version of Windows 11. In which default directory
will the application be installed?
Answer
%systemdrive%\Program Files
%systemdrive%\Applications (32-bit)
%systemdrive%\Applications
Correct Answer:
%systemdrive%\Program Files (x86)
Explanation
On a 64-bit Windows operating system, all 32-bit programs are installed in the Program Files (x86)
directory by default.
References
4.1.1 Workstation Operating Systems
4.1.2 Workstation Operating System Facts
4.2.1 Windows Operating Systems
4.2.2 Windows Operating System Facts

4.2.4 Windows 11 Editions
9.1.2 System File Locations
q_os_files_32_bit_app_win_11_pp7.question.fex
Question 2:
Correct
Which file attribute identifies the file as having been modified since the last backup?
Answer
Read-only
Hidden
Encrypted
Correct Answer:
Archive
Explanation
The Archive (A) attribute identifies whether a file has been modified since the last backup.
The Read-only (R) attribute marks a file as read-only, meaning that the file cannot be altered by
subsequent users.
The Encrypted attribute encrypts a file.
The Hidden (H) attribute hides a file within the file system so that it cannot be viewed or accessed by
users who do not have access to its specific filename.
References
9.2.1 NTFS and Share Permissions
9.3.3 Encrypt Files
q_os_files_modified_attrib_pp7.question.fex
Question 3:
Correct
A user needs to copy a file from an NTFS partition to a FAT32 partition. The file has NTFS permissions
and the Read-only (R) and Encryption attributes.
Which of the following will be true when the file is copied?
Answer
None of the NTFS permissions or attributes are retained on the file.

All the attributes and NTFS permissions are retained on the file.
Only the R and Encryption attributes are retained on the file.
Correct Answer:
Only the R attribute is retained on the file.
Only the NTFS permissions are retained on the file.
Explanation
Only the Read-only (R) attribute is retained (not the Encryption, nor NTFS permissions).
The FAT32 file system only supports the following attributes: R, H, S, and A. When you copy files
from an NTFS partition to a FAT32 partition, attributes unavailable under FAT32 do not remain with
the file. Moving NTFS files to a non-NTFS partition removes the permissions.
References
9.2.1 NTFS and Share Permissions

9.3.3 Encrypt Files
q_os_files_r_attrib_retained_pp7.question.fex
Question 4:
Correct
You have installed Windows 11 on your C: drive. What is the path to the directories that hold user
profiles in Windows 11?
Answer
C:\Users\Profiles\username
Correct Answer:
C:\Users\username
C:\Documents and Settings\username
C:\Users\Documents and Settings\username
Explanation
On Windows 11, user profiles are stored on the system root drive in the Users\username directories.
If C: is the system root drive, user profiles are stored in C:\Users\username.
All the other listed directory paths do not exist in Windows 11.
References

q_os_files_usr_prof_path_win_11_pp7.question.fex
Question 5:
Correct
You have used a template as the source for a new sales proposal. To avoid overwriting the template,
you have saved the proposal using the Save as feature.
Knowing that Mark has been your best editor in the past, you decide to send him this new proposal
to review and edit. However, when Mark receives the file, he promptly sends you an email stating
that the file cannot be opened. You resend the file again, but Mark still cannot open the file.
Which of the following is the MOST likely reason the file will not open on Mark's computer?
Answer
The wrong default app is selected for the type of file that you sent.
Correct Answer:
The wrong file extension was used when saving the file.
The file was corrupted during the sending process.

Mark's computer does not have the same program you used to write the proposal.
Explanation
When you saved the file using the File > Save as feature, you probably deleted or misspelled the file
extension. When Mark tried to open the file, his system didn't know which program it should use to
open the file. You can easily fix this problem by renaming the file with the correct file extension. As
an example, the text file may have been saved as myfile.tzt instead of myfile.txt.
Since you have used Mark as an editor in the past, it is highly unlikely that he doesn't have the same
program you used to write the proposal or that his computer is configured to use the wrong
application for the type of file that you sent him.
A corrupt file is always a possibility, but very unlikely.
References
q_os_files_wrong_file_ext_sol_pp7.question.fex
Question 6:
Correct
You are working at the command line and want to add the Read-only attribute to a file and remove
the Hidden attribute. Which command would you use?
Answer
Correct Answer:
attrib +r -h
attrib add r remove h
attrib /add r /remove /h
attrib +ro -h
Explanation
Use attrib +r -h to add the Read-only attribute and remove the Hidden attribute.
+ro is not a valid attribute.
The add and remove options are not valid to use with the attrib command.
References
q_fil_com_add_ro_attrib_rmv_hide_pp7.question.fex
Question 7:
Correct
While researching a fix to a system file issue, you find that using the attrib command should resolve
the issue you are experiencing. The instructions you found said to run the following command:
attrib +s +r -a myfile.dll
Which of the following BEST describes the function of this command?
Answer
Correct Answer:
It adds the System file attribute, adds the Read-only attribute, and removes the Archive attribute for
myfile.dll.
It adds the System file attribute, removes the Read-only attribute, and removes the Archive attribute
for myfile.dll.
It removes the System file attribute, removes the Read-only attribute, and adds the Archive attribute
for myfile.dll.
It adds the System file attribute, adds the Write-only attribute, and removes the Archive attribute for
myfile.dll.
Explanation
The attrib +s +r -a myfile.dll command adds the System file attribute, adds the Read-only attribute,
and removes the Archive attribute for myfile.dll.
References
q_fil_com_attrib_s_r_a_pp7.question.fex
Question 8:
Correct
Which command would you use to copy all files and subdirectories in a directory, including empty
subdirectories?
Answer
copy /n
xcopy /s
copy /v
Correct Answer:
xcopy /e
Explanation
Use xcopy /e to copy directories and subdirectories, including empty ones.
Use xcopy /s to copy directories and subdirectories, but not empty ones.
Use copy /n to copy a single directory with short filenames.
Use copy /v to verify the files after the copy.
References
7.1.12 Explore System Commands
7.1.13 System Command Facts
q_fil_com_copy_all_files_dir_cmd_pp7.question.fex
Question 9:
Correct
While troubleshooting a Windows computer, you open a Command Prompt to explore the folders
(directories) on the hard drive. You notice that one of the folders required for your project is missing.
Which of the following Microsoft command line tools would allow you to QUICKLY create the missing
folder?
Answer
rd
sfc
Correct Answer:
md
del
cd
Explanation
The md (make directory) command creates a directory/folder or subdirectory/subfolder.
The rd command removes a directory.
The cd command changes which directory you are working in.
The del (delete) command deletes files and directories.
The sfc command scans the integrity of all protected system files and replaces incorrect versions with
correct Microsoft versions.
References
7.1.13 System Command Facts
9.1.6 Manage Directories from the Command Prompt

9.1.9 Manage Files and Folders
q_fil_com_create_missing_folder_pp7.question.fex
Question 10:
Correct
You need to duplicate a large number of files from your PC to a network server. Due to the number
of files, you start the process and go home for the evening.
When you return the next day, you find that only part of the files were duplicated to the server due
to the router being temporarily unplugged by the janitor while cleaning.
Which of the following Windows command line tools would BEST prevent this type of glitch from
happening again?
Answer
xcopy
teracopy
Correct Answer:
robocopy
copy
Explanation
The robocopy (short for robust file copy) command is used to copy entire folder structures between
volumes or across a network. The benefit of using robocopy is that interrupted transfers can be
resumed. In this scenario, when the janitor plugged the router back into the outlet, robocopy would
have resumed the copy process, and the files would have been copied when you returned the next
day.
If you had used the copy and xcopy commands, the copying process would have failed when the
router was unplugged.
Although teracopy provides the same solution, it is not a Windows command line utility.

9.1 Manage Files On Windows: 9.1.1 Windows File and Folder Properties

Uploaded by

Copyright:

Available Formats

9.1 Manage Files On Windows: 9.1.1 Windows File and Folder Properties

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

9.1 Manage Files On Windows: 9.1.1 Windows File and Folder Properties

Uploaded by

Copyright:

Available Formats

9.

1 Manage Files on Windows

As you study this section, answer the following questions:

In this section, you will learn to:

 Manage files and folders

The key terms for this section include:

2.2 Use operating system features and utilities

 Use Windows features and command line utilities

TestOut PC Pro 2.3 Manage file systems

 Manage files and folders

1.2 Given a scenario, use the appropriate Microsoft command-line tool.

9.1.1 Windows File and Folder Properties

FAT32 and NTFS File Naming 0:16-1:14

File and Folder Attributes 2:28-3:42

9.1.2System File Locations

Windows System Files 1:30-1:55

The hosts file is located in a subdirectory of System32—the System32\drivers\etc folder. Let's open it

9.1.3 File Management Facts

This lesson covers the following topics:

following table lists common NTFS file attributes.

Encrypted The encrypted attribute encrypts a file.

Be aware of the following regarding file attributes:

command prompt. (You cannot change permissions with the Attrib command.)

remain with the file.

File type Variable Windows 7, 8. x, 10, and 11

Fonts n/a C:\Windows\Fonts

User files (user profiles) %userprofile% C:\Users\ username

Temporary files (per %temp%

letter where Windows is installed.

The extension identifies:

 What the file is

 Which program was used to create and modify the file

The main types of filename systems are:

 < (less than)

 > (greater than)

 | (pipe or vertical bar)

 " (double quote)

File Type Extension

Batch files .bat

.dll (dynamic link library)

System files .drv (device driver)

.vxd (virtual device driver)

Document files .wpd

Windows Installer files .msi

Compressed files .zip

Be aware of the following:

 By default, Windows hides the extension for files with associations.

9.1.4 Manage Files on Windows

Copy, Cut, and Paste Files 0:19-1:54

Make File Extensions Visible 4:24-4:43

9.1.6 Manage Directories from the Command Prompt

Manage Directories from the Command Prompt 0:00-0:31

The dir Command 0:54-2:08

Relative and Absolute Paths 2:09-3:00

The More Command 3:01-3:33

The md and rd Commands 5:56-6:30

9.1.7 Manage Files from the Command Prompt

Manage Files from Command Prompt 0:00-0:35

Great! That's it for this demonstration.