Windows Fundamentals III

Learn about the built-in Microsoft tools such as Windows Updates, Windows Security, BitLocker, and more...

Windows Updates

This is a service provided by Microsoft to provide security updates, feature enhancements and patches for the Windows OS and other products such as Microsoft Defender.

Throughout the years, Windows users have grown accustomed to pushing Windows Updates off to a later date or not installing the updates at all. Various reasons caused this action, one being the fact that a reboot is typically required after a Windows update.

Microsoft notably addressed this issue with Windows 10. The updates can no longer be ignored or pushed to the side until forgotten. Windows updates can only be postponed, but eventually, the update will happen, and your computer will reboot. Microsoft provides these updates to keep the device safe and secure.

Windows Security

This is (according to Microsoft): "your home to manage the tools that protect your device and data."

Some information on the status icons:

  • Green | Your device is sufficiently protected

  • Yellow | There is a safety recommendation for you to review

  • Red | Warning the user that something needs your immediate attention

Virus & Threat Protection

There are a few scan options which include quick, full, or customs scans. There are also types of threat history which include the last scan, quarantined threats, and allowed threats.

Some settings which can be managed:

  • Real-time protection | Locates and stops malware from installing or running on your device.

  • Cloud-delivered protection | Provides increased and faster protection with access to the latest protection data in the cloud.

  • Automatic sample submission | Send sample files to Microsoft to help protect you and others from potential threats.

  • Controlled folder access | Protect files, folders, and memory areas on your device from unauthorized changes by unfriendly applications.

  • Exclusions | Windows Defender Antivirus won't scan items you've excluded.

  • Notifications | Windows Defender Antivirus will send notifications with critical information about the health and security of your device.

Firewall & Network Protection

A firewall controls and protects (a network or system) from unauthorized access.

What is the difference between the 3 options on the firewall page?

  1. Domain | This applies to networks where the host system can authenticate to a domain controller.

  2. Private | This is a user-assigned profile and is used to designate private or home networks.

  3. Public | This is used to designate public networks such as Wi-Fi hotspots at coffee shops and airports.

You can view the current settings for any firewall profile. Some of the apps will provide additional information if it's available via the Details button.

The command to open Windows Defender Firewall is WF.msc.

App & Browser Control

Microsoft Defender SmartScreen protects against phishing or malware websites and applications, and the downloading of potential malicious files. Exploit protection is built into Windows as well.

Device Security

On the settings screen, the option "Core Isolation" is a virtualization-based security running to protect the core parts of your device. The memory integrity option prevents attacks from inserting malicious code into high-security processes.

Another setting is "Security Processor Details" which gives information about the Trusted Platform Module (TPM). The TPM is a technology which is designed to provide hardware-based, security-related functions. A TPM chip is a secure crypto-processor that is designed to carry out cryptographic operations. The chip includes multiple physical security mechanisms to make it tamper-resistant, and malicious software is unable to tamper with the security functions.

BitLocker

BitLocker Drive Encryption is a data protection feature that integrates with the OS and addresses the threats of data theft or exposure from lost, stolen, or inappropriately decommissioned computers.

According to Microsoft, when BitLocker is used with TPM. The TPM is a hardware component installed in many newer computers by computer manufacturers. It works with BitLocker to help protect user data and to ensure that a computer has not been tampered with while the system is offline.

Volume Shadow Copy Service

The VSS (Volume Shadow Copy Service) coordinates the required actions to create a consistent shadow copy of the data that is to be backed up.

If VSS is enabled on a system:

  • Create a restore point

  • Perform system restore

  • Configure restore settings

  • Delete restore points

Answers

Task 2

There were two definition updates installed in the attached VM. On what date were these updates installed? 5/3/2021

Task 3

In the above image, which area needs immediate attention? Virus & threat protection

Task 4

Specifically, what is turned off that Windows is notifying you to turn on? Real-time protection

Task 5

If you were connected to airport Wi-Fi, what most likely will be the active firewall profile? Public network

Task 7

What is the TPM? Trusted Platform Module

Task 8

What must a user insert on computers that DO NOT have a TPM version 1.2 or later? USB startup key

Task 9

What is VSS? Volume Shadow Copy Service

PreviousWindows Fundamentals IINextIntroductory Researching

Last updated