Windows Computer Management
We're continuing with Tools that are available through the System
Configuration panel.
The Computer Management (compmgmt) utility has three primary sections: System Tools, Storage,
and Services and Applications.
System Tools
Let's start with Task Scheduler. Per Microsoft, with Task Scheduler, we can create and manage common tasks that our
computer will carry out automatically at the times we specify.
A
task can run an application, a script, etc., and tasks can be configured to
run at any point. A task can run at log in or at log off. Tasks can also be
configured to run on a specific schedule, for example, every five mins.
To
create a basic task, click on Create Basic Task under Actions (right
pane).
Next is Event Viewer.
Event Viewer allows us to view events
that have occurred on the computer. These records of events can be seen as an
audit trail that can be used to understand the activity of the computer
system. This information is often used to diagnose problems and investigate
actions executed on the system.
Event Viewer has three panes.
- The pane on the left provides a hierarchical tree listing of the event log providers. (as shown in the image above)
- The pane in the middle will display a general overview and summary of the events specific to a selected provider.
- The pane on the right is the actions pane.
There are five types of events that can be logged. Below is a
table from
docs.microsoft.com
providing a brief description for each.
The standard logs are visible under Windows Logs. Below is a table from docs.microsoft.com providing a brief description for each.
Shared Folders is where you will see a complete list of shares
and folders shared that others can connect to.
In the above image, under Shares, are the default share of Windows,
C$, and default remote administration shares created by Windows, such
as ADMIN$.
As with any object in Windows, you can
right-click on a folder to view its properties, such as Permissions (who can
access the shared resource).
Under Sessions, you will see a list
of users who are currently connected to the shares. In this VM, you won't see
anybody connected to the shares.
All the folders and/or files that
the connected users access will list under Open Files.
The Local
Users and Groups section you should be familiar with from Windows Fundamentals
1 because it's lusrmgr.msc.
In Performance, you'll see a utility called Performance Monitor
(perfmon).
Perfmon is used to view performance data
either in real-time or from a log file. This utility is useful for
troubleshooting performance issues on a computer system, whether local or
remote.
Device Manager allows us to view and configure the hardware, such as disabling any hardware attached to the computer.
Storage
Under Storage is Windows Server Backup and Disk Management. We'll only
look at Disk Management.
Note: Since the virtual
machine is a Windows Server operating system, there are utilities available
that you will typically not see in Windows 10.
Disk Management is a system utility in Windows that enables you to
perform advanced storage tasks. Some tasks are:
- Set up a new drive
- Extend a partition
- Shrink a partition
- Assign or change a drive letter (ex. E:)
Services and Applications
Recall from the previous task; a service is a special type of application that
runs in the background. Here you can do more than enable and disable a
service, such as view the Properties for the service.
WMI Control configures and controls the
Windows Management Instrumentation (WMI) service.
Per
Wikipedia, "WMI allows scripting languages (such as
VBScript or Windows PowerShell) to manage
Microsoft Windows personal computers and servers, both locally and remotely.
Microsoft also provides a command-line interface to WMI called
Windows Management Instrumentation
Command-line (WMIC)."
Note: The
WMIC tool is deprecated in Windows 10, version 21H1. Windows
PowerShell supersedes this tool for WMI.
1) What is the command to open Computer Management? (The answer is the name
of the .msc file, not the full path)
Ans :- compmgmt.msc
2) At what time every day is the GoogleUpdateTaskMachineUA task configured
to run?
Ans :- 6:15 am
3) What is the name of the hidden folder that is shared?
Ans :- sh4r3dF0Ld3r
Disclaimer
All tutorials are for informational and educational purposes only and have been made using our own routers, servers, websites and other vulnerable free resources. we do not contain any illegal activity. We believe that ethical hacking, information security and cyber security should be familiar subjects to anyone using digital information and computers. Hacking Truth is against misuse of the information and we strongly suggest against it. Please regard the word hacking as ethical hacking or penetration testing every time this word is used. We do not promote, encourage, support or excite any illegal activity or hacking.