Upload
chisiang-ng
View
217
Download
1
Tags:
Embed Size (px)
DESCRIPTION
Group Assignment
Citation preview
Operating System
Module Code: AICT004-3-2-OS
Group Assignment
Name: Ng Chi Siang (TP023024)
Teaw Khin Hong (TP025268)
Lee Yoong Fai (TP022546)
Yaw Zhe Yang (TP022076)
Lecturer Name: Ms. Anushia Inthiran
Due Date: 4th November, 2011
Windows XP Analysis 2011
2
Assessment Weightings
The assignment will contribute 50%, towards the in-course assessment, as mentioned
in the Student Assessment Information Sheet (SAIS). The report must contain the
marking grid as per the sample given below, which should be printed after the cover
page (2nd page).
No Team Member Names R
esea
rch a
nd
Inves
tigat
ion (
20)
Inst
alla
tion(2
0)
Docu
men
tati
on (
10)
Gro
up
Mark
s (5
0)
Anal
ysi
s (2
0)
Pre
senta
tion (
30)
Ind
. M
ark
s (5
0)
Tota
l (1
00)
1
Ng Chi Siang
2
Lee Yoong Fai
3
Teaw Khin Hong
4
Yaw Zhe Yang
Windows XP Analysis 2011
3
Work Breakdown Structure (WBS)
Name Task / Description / Responsibility Signature
Ng Chi Siang - Introduction to the operating system
- User Interface
- Process Control Management
- Memory Management
Lee Yoong Fai - System software and hardware requirements
- Deadlock Management
- Standard Support
Teaw Khin Hong - Requirements of partitioning the hard disk
- Virtual Memory Management
- Secondary Disk Scheduling Management
- Secondary Storage Management
Yaw Zhe Yang - Differences between Windows XP and previous
Windows versions.
- System Administration and Support
- Recovery Strategies
- Security Strategies
Windows XP Analysis 2011
4
Table of Contents
1.0 Introduction ......................................................................................................................... 6
1.1 System Software & Hardware Requirements.................................................................. 6
1.1.1 Kernels ...................................................................................................................... 6
1.2 Hard Disk Partitioning in Windows XP ............................................................................. 7
1.3 64-bit Itanium Support .................................................................................................... 7
1.4 Differences Between Windows XP and Previous Windows Operating Systems ............. 8
1.5 Differences Between Windows XP Home Edition and Professional Edition ................... 8
2.0 User Interface .................................................................................................................... 10
2.1 Examples of User Interfaces in Windows XP ................................................................. 11
3.0 Process Control Management ........................................................................................... 15
3.1 Process States ................................................................................................................ 15
3.2 Process Scheduling in Windows XP ............................................................................... 17
3.3 Scheduling Algorithm of the Dispatcher in Windows XP .............................................. 17
4.0 Deadlock Management ..................................................................................................... 18
4.1 Effects of Deadlock Detection ....................................................................................... 18
4.2 Monitoring Deadlock Detection .................................................................................... 19
4.3 Another Deadlock Prevention ....................................................................................... 19
5.0 Memory Management ...................................................................................................... 20
5.1 How Windows XP Manages Memory ............................................................................ 20
5.2 Memory Pools ............................................................................................................... 20
5.3 How Windows XP Reacts When RAM is Running Low?................................................. 21
5.4 Large Memory Support.................................................................................................. 21
5.5 Improvements in Memory Manager of Windows XP From Previous Windows............ 22
6.0 Virtual Memory Management ........................................................................................... 24
7.0 Secondary Disk Scheduling Management ......................................................................... 26
8.0 Secondary Storage Management ...................................................................................... 31
9.0 System Administration and Support ................................................................................. 34
10.0 Recovery Strategies ......................................................................................................... 37
10.1 How to Enable and Disable Windows XP's System Restore Feature .......................... 37
10.2 What is Restored on User’s Machine When They Use System Restore and What is
Not? ..................................................................................................................................... 38
10.3 Troubleshooting System Restore in Windows XP ....................................................... 39
10.4 Re-Activation for Windows XP .................................................................................... 40
Windows XP Analysis 2011
5
11.0 Security Strategies ........................................................................................................... 41
11.1 Firewall ........................................................................................................................ 41
11.1.1 How Internet Connection Firewall works ............................................................. 41
11.2 Software Restriction Policies ....................................................................................... 42
11.3 The Default Security Level and Exceptions .................................................................. 43
11.4 General Configuration Rules ....................................................................................... 43
12.0 Standard Support ............................................................................................................ 45
13.0 Bibliography ..................................................................................................................... 48
Windows XP Analysis 2011
6
1.0 Introduction
Windows XP is an operating system produced by Microsoft for use on personal
computers, including home and business desktops, laptops and media centers. First
released to computer manufacturers on August 24, 2001, based on installed user
base. The name ―XP‖ stands for ―eXPerience‖. Microsoft has announced that it will
provide security patches and updates to Windows XP until April 2014(Microsoft).
Windows XP was released for retail sale on October 25, 2001, and over 400 million
copies were in use in January 2006 (Microsoft, 2006). According to web
analytics data generated by W3Schools, from September 2003 to July 2011, Windows
XP was the most widely used operating system for accessing the internet. As of
August 2011, Windows XP market share is 38% after having peaked at 76.1% in
January 2007 (W3Schools).
1.1 System Software & Hardware Requirements
System software requirement: The whole Windows XP is built on Windows NT
kernel. Microsoft intends the Windows NT kernel changes to improve the scalability,
reliability, and security of the OS over NT 4.0, and to support new features such as
Plug and Play (PnP) and power management. (Russinovich).
System hardware requirements: Microsoft's minimum requirements for Windows XP
are a 233MHz processor, 64MB of RAM, 1.5GB of available hard drive space, and an
SVGA-capable video card.
1.1.1 Kernels
Windows XP, the successor to Windows 2000 and Windows Me, was the first
consumer-oriented operating system produced by Microsoft to be built on
the Windows NT kernel, giving the user a more stable and reliable environment than
previous versions of Windows. (Microsoft).
The NT-based versions of Windows, which are programmed in C, C++,
and assembly, are known for their improved stability and efficiency over
the 9x versions of Microsoft Windows (Microsoft, Lesson 2 - Windows NT System
Windows XP Analysis 2011
7
Overview). Windows XP presented a significantly redesigned graphical user interface,
a change Microsoft promoted as more user-friendly than previous versions of
Windows. It is also the first version of Windows to use product activation to
combat illegal copying.
1.2 Hard Disk Partitioning in Windows XP Basically Windows XP will automatically partition the hard disks for the machine.
The operating system splits the hard disks into 2 sections, the primary one which is
essential for the operating system to store important data and files , normally the size
is much more smaller than the second one, and the second one which is basically used
to store personal files and windows backup by the users.
Microsoft Windows XP included 'Disk Management' program. Disk Management is a
system utility for managing hard disks and the volumes, or partitions, that they
contain. With Disk Management, user can initialize disks, create volumes, format
volumes with the FAT, FAT32, or NTFS file systems, and create fault-tolerant disk
systems. Disk Management enables user to perform most disk-related tasks without
shutting down the system or interrupting users; most configuration changes take effect
immediately.
1.3 64-bit Itanium Support
Windows XP 64-bit edition is the first released truly 64-bit version of Windows NT. It
runs on the Intel Itanium processor.
In fact, there are virtually no visible differences to the user or administrator other
than text on the system properties page and various system display utilities that
report processor type, and the fact that the new Visual Styles, like the Luna theme,
are not supported on 64-bit Windows; only classic-style Windows is supported.
The most significant change is, of course, the fact that the virtual address space is
huge compared to 32-bit Windows. While 32 bits provides 4GB of address space, 64
bits means over 17 billion GB of available address space. (MSDN)
Windows XP Analysis 2011
8
This larger virtual address space means applications can process vast amounts of data
in a flat address space without resorting to mapping tricks like the AWE introduced in
Windows 2000 that allow 32-bit applications to utilize more than 2GB of memory
(MSDN). Also, since the address space for the operating system is much larger, key
system memory pools can be much larger now.
1.4 Differences Between Windows XP and Previous Windows
Operating Systems Windows XP provides improvements over Windows 2000 Professional and other
Windows, it is designed to appeal to both business and home users. Enhancements
include:
Improved application and hardware device compatibility
Simplified security and logging on
Fast user switching
Enhanced digital media support for movies, pictures, and music
A software-based firewall to protect against outside security threats on the
Internet
Support for Direct X version 8.0 technology for gaming
1.5 Differences Between Windows XP Home Edition and Professional
Edition Windows XP comes into two versions, Home and Professional. The differences
between Home edition and Professional edition are, Home edition is basically for
home users where else Professional edition is targeted to businesses. Professional
edition contains several features that are not included in Home edition, like corporate
management, corporate security, networking, file system and others more.
Windows 95, Windows 98, and Windows Me were designed to support both home
and business users, these versions never were specially designed for specific users
like what Windows XP did. Windows XP Home Edition provides home users with the
reliability and security of Windows XP Professional and the efficient simplicity of
Windows XP Analysis 2011
9
Windows Me. Windows XP Home Edition offers enhanced support for computer
games, storage of digital media, and wizards for connecting to the Internet.
Windows XP Analysis 2011
10
2.0 User Interface
Windows XP featured a new task-based graphical user interface(GUI) and command-
line interface(CLI). In fact, although Windows XP’s user interfaces are more towards
to GUI due to it is more user-friendlier but the CLI is also being included in the
operating system for users to perform more advanced tasks.
A graphical user interface (GUI) is a type of user interface that represents the
information and actions available to a user through graphical icons and visual
indicators and allows users to interact with electronic devices with images rather than
text commands like the interfaces in Linux. The actions are usually performed
through direct manipulation of the graphical elements like folders, icons and drop-
down menus. Besides, with GUI, users can also perform activities like copy, paste, cut
and switching program with keyboard shortcuts in Windows XP.
A command-line interface (CLI) is a mechanism for interacting with a
computer operating system or software by typing commands to perform specific tasks.
Although most users interact with the machine through GUI, but if the user needed to
perform a more advanced task, he needs to resort to a command line in ―Command
Prompt‖ in order to complete that task in Windows XP.
Figure 1: User Interfaces in Windows XP
Figure 1 shows that different kinds of user interfaces in Windows XP. For example,
the icons and drop-down menus in ―Control Panel‖, which allows user to interact with
the machine by clicking on it in order to change the setting. Besides, user can also
input data into the computer by keying in the words in ―Microsoft Words‖. These are
Windows XP Analysis 2011
11
graphical user interfaces. On the other hand, there’s a ―Command Prompt‖ on the
bottom right corner in the screenshot above, it allows the users to interact with the
machine by inputting the command lines. This is the command-line interface which
featured in Windows XP as known as Ms-DOS.
2.1 Examples of User Interfaces in Windows XP
Start menu
Figure 2: Start Menu in Windows XP
To help the user access a wider range of common destinations more easily from a
single location, the Start menu was expanded to two columns; the left column focuses
on the user's installed applications, while the right column provides access to the
user's documents, and system links which were previously located on the desktop.
Frequently used programs are automatically displayed in the left column, newly
installed programs are highlighted, and the user may also to "pin" programs to the
start menu so that they are always accessible without having to navigate through the
Programs folders. The Start menu is fully customizable, links can be added or
removed; the number of frequently used programs to display can be set. The All
Programs menu expands like the classic Start menu to utilize the entire screen but can
be set to scroll programs. The user name and user account picture are also shown on
the Start menu.
Windows XP Analysis 2011
12
Taskbar
Figure 3: Taskbar in Windows XP
Locking the taskbar not only prevents it from being accidentally resized or moved.
The Taskbar grouping feature combines multiple buttons of the same application into
a single button, which when clicked, pops up a menu listing all the grouped windows
and their number. Advanced taskbar grouping options can be configured from
the registry. The user can choose to always show, always hide or hide some or all
notification area icons if inactive for some time. A button allows the user to reveal all
the icons. The Taskbar, if set to a thicker height also displays the day and date in the
notification area.
Navigation pane
Figure 4: Navigation Pane in Windows XP
Windows XP Analysis 2011
13
The navigation pane has been enhanced in Windows XP to support "simple folder
view" which when turned on hides the dotted lines that connect folders and subfolders
and makes folders browsable with single click while still keeping double clicking on
in the right pane. Single clicking in simple folder view auto expands the folder and
clicking another folder automatically expands that folder and collapses the previous
one.
AutoPlay
Figure 5: AutoPlay in Windows XP
AutoPlay examines newly discovered removable media and devices and, based on
content such as pictures, music or video files, launches an appropriate application to
play or display the content. AutoPlay was created in order to simplify the use
of peripheral devices by automatically starting the software needed to access and view
the content on these devices. When a user inserts an optical disc into a drive or
attaches a USB camera, Windows detects the arrival and starts a process of examining
the device or searching the medium. It is looking for properties of the device or
content on the medium so that AutoPlay can present a set of meaningful options to the
user. The content types available vary with the type of drive selected. (MSDN)
Windows XP Analysis 2011
14
Command Prompt
Figure 6: Command Prompt in Windows XP
All versions of Microsoft Windows have had an MS-DOS like command-line
interface (CLI). This could run many DOS and variously Win32, OS/2 1.x and Posix
command line utilities in the same command-line session, allowing piping between
commands.
Command Prompt is the Microsoft-supplied command-line interpreter on Windows
NT-based operating systems, including Windows XP. In other words, A command
prompt is a Command-Line Interface that allows user to interact with his operating
system. At the command prompt, user enter commands by typing their names
followed by options and arguments. Most modern computers use a graphical user
interface (GUI), which allows users to more intuitively access programs and
documents. However, some programs and commands are still only available only
through a command prompt.
Windows XP Analysis 2011
15
3.0 Process Control Management
The major responsibilities of a multitasking operating system fall under process
management. The operating system must be able to allocate resources to processes,
enable processes to share and exchange information, schedule the processes, protect
the resources of each process from other processes and enable synchronization
amongst process.
3.1 Process States A process can simply be defined as a program in execution which progresses in a
sequential manner. A process requires resources like memory, processing time and
files to complete its task. Resources are allocated when a process is created or while
in execution.
The diagram below shows the various states of a process in Windows XP.
Figure 7: Process States Diagram in Windows XP
The states are defined as below:
State Description
New A process that has just been created but has not yet been admitted to the pool of
executable processes by Windows XP.
Ready Processes that are prepared to execute when given the opportunity.
Running The process that is currently being executed.
Blocked A process that cannot execute until some event occurs such as the completion of an I/O
operation.
Suspend When all the processes in main memory are in ―Blocked‖ state, the OS can suspend
Windows XP Analysis 2011
16
one process by putting it in the ―Suspend‖ state and transferring it to disk. This
involves the swapping, which moves part or all of a process from main memory to
disk .
Exit A process that has been released from the pool of executable processes by the
OS, either because it halted or because it aborted for some reason.
So basically a process executes like this. Firstly, a few new processes are created in
Windows XP. Then the processes are being placed inside the memory and waiting to
be assigned to a processor in the ―Ready‖ stage.
Whenever the process is given enough memory space and processing time, it will be
executed based on the priority which defined by the scheduling dispatcher. The
number of running processes will depend on the number of processors the machine
has.
A running process now can become blocked when the process itself cannot execute
because it is waiting for an I/O operation to complete. After that the process could go
back to the ready stage once the process got what it needs, this means that the
scheduler in Windows XP can be pre-emptive. Besides, a running process might also
being forced back to the ―Ready‖ state when the process has reached its maximum
allowable time for uninterrupted execution.
Running processes and then being terminated when they are complete or they have
been aborted. The reasons for process termination are normal completion, invalid
instruction, and memory unavailable.
These are the process states in Windows XP.
Windows XP Analysis 2011
17
3.2 Process Scheduling in Windows XP Windows XP schedules processes based on the algorithm called ―multilevel feedback
queue‖.
32 priority levels are defined, 0 through to 31, with priorities 0 through 15 being
"normal" priorities and priorities 16 through 31 being soft real-time priorities,
requiring privileges to assign. 0 is reserved for the Operating System. Users can select
5 of these priorities to assign to a running application from the Task Manager
application, or through thread management APIs.
The kernel may change the priority level of a thread depending on its I/O and CPU
usage and whether it is interactive, raising the priority of interactive and I/O bounded
processes and lowering that of CPU bound processes, to increase the responsiveness
of interactive applications. (Krishnan, 2006)
3.3 Scheduling Algorithm of the Dispatcher in Windows XP Multilevel feedback queue is intended to meet the following design requirements
for multimode systems:
Give preference to short jobs.
Give preference to I/O bound processes.
Quickly establish the nature of a process and schedule the process accordingly.
Every process is given just one chance to complete at a given queue level
before it is forced down to a lower level queue.
Multilevel feedback queue has higher and throughput rates as compared with than
algorithm. Besides, its turnaround time is also shorter than the First In First Out
algorithm, furthermore it responses faster than FIFO.
Windows XP Analysis 2011
18
4.0 Deadlock Management
From analysis about deadlock management in Windows XP, Windows XP detects
deadlock by Deadlock Verifier so call Deadlock Detection. Deadlock verifier is a 1 of
the new verification options that increase the rigorous testing of driver operations.
Deadlock Detection monitors the driver's use of resources which need to be locked --
spin locks, mutexes, and fast mutexes. This Driver Verifier option will detect code
logic that has the potential to cause a deadlock at some future point.
4.1 Effects of Deadlock Detection Driver Verifier's Deadlock Detection routines find lock hierarchy violations that are
not necessarily simultaneous. Most of the time, these violations identify code paths
that will deadlock when given the chance.
To find potential deadlocks, Driver Verifier builds a graph of resource acquisition
order and checks for loops. If create a node for each resource, and draw an arrow any
time one lock is acquired before another, then path loops would represent lock
hierarchy violations.
Driver Verifier will issue a bug check when one of these violations is discovered. This
will happen before any actual deadlocks occur.
Note: Even if the conflicting code paths can never happen simultaneously, they
should still be rewritten if they involve lock hierarchy violations. Such code is a
"deadlock waiting to happen" that could cause real deadlocks if the code is rewritten
slightly.
When Deadlock Detection finds a violation, it will issue bug check 0xC4. The first
parameter of this bug check will indicate the exact violation. Possible violations
include:
Two or more threads involved in a lock hierarchy violation
A resource that is released out of sequence
A thread that tries to acquire the same resource twice (a self-deadlock)
A resource that is released without having been acquired first
A resource that is released by a different thread than the one that acquired it
Windows XP Analysis 2011
19
A resource that is initialized more than once, or not initialized at all
A thread that is deleted while still owning resources
4.2 Monitoring Deadlock Detection Once Deadlock Detection finds a violation, the !deadlock kernel debugger extension
can be used to investigate exactly what has occurred. It can display the lock hierarchy
topology as well as the call stacks for each thread at the time the locks were originally
acquired.
For best results, the driver in question should be running on a checked build of
Windows, since that allows the kernel to obtain more complete run-time stack traces.
(MSDN, Deadlock Detection, 2011)
4.3 Another Deadlock Prevention From the analysis, Windows XP also prevent deadlock happen during resume from
standby mode. The operating system sends S0 IRPs to devices to indicate the change
in system power state. As noted in the Power Management section of this article,
device drivers typically request D0 IRPs to change their device power state. The
operating system is responsible for notifying each device in the correct order. There
are two key ordering rules that must be followed to prevent deadlocks:
A device cannot be turned on until its parent is turned on.
All non-paged devices must be turned on before any paged device is turned on.
Because many devices may take significant time to go from D3 to D0, the key to good
resume performance is to overlap device initialization as much as possible. The
ordering chosen by the operating system is important in maximizing parallelism.
(MSDN, Kernel Enhancements for Windows XP, 2003)
Windows XP Analysis 2011
20
5.0 Memory Management
There are a finite number of memory that are available for a computer's CPU.
Windows XP manages these resources automatically, and can allocate tasks between
processors or manage multiple processes on a single processor. Users can also adjust
how Windows manages these resources by prioritizing them between the foreground
programs and the background services.
Users can optimize their computer's memory usage to reflect their specific needs. If
users computer is used as a workstation instead of as a server, they can increase
performance by devoting more memory to their programs. The programs will work
faster and the system cache size will remain the default size that was included with
Windows XP. Or, users can set aside more computer memory for a larger system
cache if their computer is used primarily as a server, or if they use programs that
require a large system cache.
5.1 How Windows XP Manages Memory
By default, Windows puts a priority on the foreground programs, programs that runs
in the active window (the upper-most window with the highlighted title bar) which
responds to commands that the user issues. The added processing resources cause
programs to respond more quickly. However, if users have background services, such
as printing or disk backup that run while they work and users want them to respond
faster, users can have Windows share processor resources equally between
background and foreground programs. A background program is a program that runs
while the user is working on another task. The computer's microprocessor assigns
fewer memory space to background programs than to foreground programs. (Mark
Russinovich and David Solomon)
5.2 Memory Pools
The memory manager creates the following memory pools that the system uses to
allocate memory: non-paged pool and paged pool. Both memory pools are located in
the region of the address space that is reserved for the system and mapped into the
virtual address space of each process. The non-paged pool consists of virtual memory
Windows XP Analysis 2011
21
addresses that are guaranteed to reside in physical memory as long as the
corresponding kernel objects are allocated. The paged pool consists of virtual memory
that can be paged in and out of the system. To improve performance, systems with a
single processor have three paged pools, and multiprocessor systems have five paged
pools.
5.3 How Windows XP Reacts When RAM is Running Low?
When users computer's physically installed random-access memory (RAM) is running
low, Windows adds available memory by using a paging file, generally known as
virtual memory, on the hard disk to simulate physical RAM. By default, the virtual
memory paging file that is created during installation is 1.5 times the physical RAM
on user computer. Therefore, a computer that has 1GB of installed RAM will have
1.5GB of virtual memory. (Mark Russinovich and David Solomon) Windows XP
supports a larger system virtual address space –— 1.3 GB, of which the contiguous
virtual address space that can be used by device drivers is 960 MB. The Windows XP
Memory Manager is redesigned to consume less paged pool, allowing for more
caching and greater availability of paged pool for any component that needs it. (Mark
Russinovich and David Solomon)
5.4 Large Memory Support There are 4 features enable applications to access more memory in Windows XP:
4-Gigabyte Tuning
On 32-bit editions of Windows, applications have 4 gigabyte (GB) of virtual address
space available. The virtual address space is divided so that 2 GB is available to the
application and the other 2 GB is available only to the system.
The 4-gigabyte tuning (4GT) feature, formerly called 4GT RAM Tuning, increases
the virtual address space that is available to the application up to 3 GB, and reduces
the amount available to the system to between 1 and 2 GB.
Windows XP Analysis 2011
22
Physical Address Extension
Physical Address Extension (PAE) is a processor feature that enables x86 processors
to access more than 4 GB of physical memory on capable versions of Windows.
Certain 32-bit versions of Windows Server running on x86-based systems can use
PAE to access up to 64 GB or 128 GB of physical memory, depending on the physical
address size of the processor.
Address Windowing Extensions
Address Windowing Extensions (AWE) is a set of extensions that allows an
application to quickly manipulate physical memory greater than 4GB. Certain data-
intensive applications, such as database management systems and scientific and
engineering software, need access to very large caches of data. In the case of very
large data sets, restricting the cache to fit within an application's 2GB of user address
space is a severe restriction. In these situations, the cache is too small to properly
support the application.
Large-Page Support
Large-page support enables server applications to establish large-page memory
regions, which is particularly useful on 64-bit Windows. Each large-page translation
uses a single translation buffer inside the CPU. The size of this buffer is typically
three orders of magnitude larger than the native page size; this increases the efficiency
of the translation buffer, which can increase performance for frequently accessed
memory.
5.5 Improvements in Memory Manager of Windows XP From Previous
Windows
The total size of memory-mapped files in Windows 2000 was limited because the
memory manager allocated the Prototype Page Table entries (PPTEs) for all pages
required to map the entire file, even if an application created mapped views to parts of
the file. In Windows XP, the Prototype PTEs are allocated for active views only,
allowing larger mapped files. A benefit of this, for example, is in case of making
backups of large files on low memory systems. The paged pool limit of 470 MB has
been lifted from the Memory Manager in Windows XP, with unmapped views
dynamically reusable by the memory manager depending on pool usage.
Windows XP Analysis 2011
23
Memory pages in working sets are trimmed more efficiently for multiprocessor
systems depending on how recently they were accessed. Lock contention is reduced,
as a number of unnecessary locks used in resource synchronizations (RAM allocation
and mapping through Address Windowing Extensions, system page table entries,
charging non-paged/paged pool quotas, charging commitment of pages) have been
removed. The dispatcher lock contention has been reduced and the Page Frame
Number (PFN) lock has been optimized for increased parallelism and granularity.
Windows XP uses push locks on the event synchronization object if there is no
contention as they support shared and exclusive acquisition. Push locks are used to
protect handle table entries in the Executive, and in the Object Manager (to protect
data structures and security descriptors) and Memory Manager (to protect AWE-
related locks). Windows XP uses the SYSENTER/SYSEXIT mechanisms which
require fewer clock cycles to transition to and from user mode to kernel mode to
speed up system calls.
The kernel page write protection limit in Windows XP is enabled on systems up to
256 MB of RAM beyond which large pages are enabled for increased address
translation performance. (Mark Russinovich and David Solomon)
Windows XP Analysis 2011
24
6.0 Virtual Memory Management
Virtual memory management is using an Intel 386 or later CPU to give instruction or
manage for a program to address up the 4GB of the virtual memory, using its full
32bits. In a 32-bit computer, the memory addresses are 32 bits long and stored as
binary (base 2) numbers. There are approximately 4 billion possible different 32-bit
binary numbers (2^32 = 4,294,967,296 or 4GB). Because of this, there is a 4GB limit
for addressable memory in a 32-bit computer. (Nichol, 2005)
Following that, virtual memory is a common part of the operating system on computer.
That is the separation of user logical memory form physical memory. That also allows
for large virtual memory to be provided to processes even through physical memory is
small that is implemented using demand paging and demand segmentation. So, the
amount of RAM is not enough to run all of the programs that most users expect to run
at once. (What is virtual memory?, 2011)
For example, if the user is uses Windows operating system to run media player
program, and games into RAM then is not enough to hold it all. If RAM is not enough
to hold it all, the computer will use the virtual memory to manage the memory to load
which copy them onto the hard disk. It can frees up space in RAM to load the new
application and it make your computer feel like is has unlimited RAM space to run
the applications. But, applications are not allowed direct access to physical memory, it
is using when an applications is requests more memory. (What is virtual memory?,
2011)
Each of the process is assigned an address space 4GB of virtual memory, regardless
of the amount of available memory. Each of the process is isolated from the rest and
has its own 4GB address space which mean that addressability limit applies on a pre-
applications basic, not across all applications taken together. The processor itself then
translates the virtual addresses from an instruction into the correct physical
equivalents. The processor also manages the mapping in terms of pages of 4KB each
a size that has implications for managing virtual memory. (Petri, 2009)
This is normally far more than the RAM of the machine. The amount of physical
memory on the computer is not related to the amount of memory address space. Even
the computer have 256MB, 8GB, or 16GB, there is still a 4GB memory address space.
Windows XP Analysis 2011
25
That the hardware provides for programs to operate in terms of as much as they wish
of this full 4GB space as virtual memory, those parts of the program and data which
are currently active being loaded into RAM. (Petri, 2009)
Optimizing the page file when that is running low on RAM is always a good idea.
When all physical RAM in a computer is in use, Windows starts using the hard disk
as if it were additional RAM. So, the most effective things is to improve the
performance is ensure that there is enough RAM available to avoid frequent paging of
memory contents between disk and RAM. Because RAM memory is faster than the
hard disk, whenever the computer begins to use Pagefile to relieve memory pressure,
then will begin to experience the drastic performance degradation. (Petri, 2009)
Others then that, there are some of the problems with virtual memory which sometime
will happens the system give ―out of memory‖ messages on trying to load a program,
or give a message about virtual memory space being low. There are some possible
causes which the setting for maximum size of the page file is too low, or there is not
enough disk space free to expand in to that size. The page file has become corrupt,
possibly shutdown. The page file has been put on a different drive without leaving a
minimal amount on C:. (Nichol, 2005)
Windows XP Analysis 2011
26
7.0 Secondary Disk Scheduling Management
Disk management is a system that used for managing hard disks and the volumes, or
partitions. In operating system with have the disk management can initialize disks,
create volumes, format volumes with the FAT, FAT32, or NTFS file systems, and
create fault-tolerant disk systems. Disk management enables to perform most disk-
related tasks without shutting down the system or interrupting users and most of the
configuration can changes take effect immediately. (Disk Management overview,
2011)
In any computer hard disk is considered as the secondary memory device that is used
for the primary data storage and RAM is only temporary storage data. The primary
function of RAM is to load the programs so that Central Processing Unit (CPU) can
easily access and execute the instruction. Hard disk must loading of the hard disk
drive. The operating system cannot boot up without hard disk. The information that is
required to boot a computer is stored in the hard disk boot sector. The importance of
hard disk is to store the backup of the data or any information that is created by user.
(Hard Disk, 2006)
The data transmission may be over the network between many computer systems or
else there may be many forms of the data transfer which can be machine to machine
data transfer, machine to storage media such as floppy disk or CD- ROM. The hard
disk drives of data transmission is better than others storage devices. The data transfer
rates in the hard disk drives are usually measured with the unit called as the revolution
per minute. The unit is in accordance with the rotating Disk Platter in the hard disk
drive which measuring the data transmission speed. The data transmission rate of
5600 rpm is considered as the normal for any hard disk drives. (Hard Disk Data
Transmission, 2006)
The Windows XP Professional operating system was improved disk management.
The table below which show that enhancement of Windows XP Professional compare
to previous version, Windows 2000.
Windows XP Analysis 2011
27
New Features Description
Manage disks at the
command line by using
DiskPart.
That can perform disk-related task at the command line as an alternative to using
the Disk Management snap-in. That also can create scripts to automate tasks, such
as creating volumes or converting disks to dynamic.
Extend basic volumes by
using DiskPart.
Use DiskPart to extend primary partitions and logical drives on basic disks that
use the MBR partition style.
Use a new partition style
for disk in 64-bit
computers
Windows XP professional x64 Edition supports a partition style called GUID
partition table (GPT). The GPT partition style offers benefits such as support for
volumes up to 18 exabytes and 128 partitions per disk.
Normally, that will need a local administrator to perform most system configuration
functions on a Windows XP Professional system. Some cases there may be a local
policy set by some other administrator or if the system is in a Domain policy which
setting may prevent from performing some actions.
Figure 8: Disk Management MMC, shows to open the Disk Management MMC, can
select Start, right-click My Computer, and then click Manage, which can open the
Computer Management MMC. Under the Storage icon, click Disk Management to
open the Disk Management MMC.
Windows XP Analysis 2011
28
The picture below is shows type compmgmt.msc in the RUN box or from a command
line to launch the Computer Management MMC.
Figure 9: Launch Computer Management MMC
The picture below shows which can have a number of basic physical and logical
drives on the system, as well as two CD-ROM drives which not shown in the above
picture.
Figure 10: Computer Management
Windows XP Analysis 2011
29
The removable drives which CD-ROM drives will either show ―no media‖ when they
are empty or the file system of the installed media. The picture below shows when
inserted a CD to CD-ROM, the Disk Management MMC will automatically detected
the change, refreshed the view and displayed the data. The Compact Disk File System
(CDFS) is file system of the inserted disk and displayed.
Figure 11: CD-ROM
The picture below show when select a drive in the upper window by left clicking on it
once, not only will it become highlighted in blue, but also will also become shaded in
the lower part of the window.
Figure 12: Drives in Disk Management
Windows XP Analysis 2011
30
The picture below shows that can change the appearance of both the top and bottom
window view by selecting VIEW from the menu and then selecting whichever or both
view that wish to change. Top and Bottom, along with Settings and Drive Paths are
controlled.
Figure 13: Change Views
The picture below shows that can change the colors and wallpaper for volumes and
disk regions by selecting VIEW and the SETTINGS. The APPEARANCE tab shows
all of the current default colors for the available disk regions.
Figure14: Apperance
The picture below shows that can change how the disk sizes are displayed on the
SCALING tab. The default settings are shown below.
(Zandri)
Windows XP Analysis 2011
31
8.0 Secondary Storage Management
Secondary storage management is manage or allocate the data or information into
secondary storage devices such as hard disk drive, portable hard disk drive, CM-ROM,
USB flash drive, and floppy disk drive. The secondary storage devices can also is a
permanent storage device because the data stored inside will not delete or erased
when the power is switched off. (S, 2010)
Figure 15: Types of computer storage in Windows XP
Above pictures shows that hard drive, CD-RW, USB thumb drive, and tape drive are
secondary storage in the computer. (Secondary storage device, 2011)
The secondary storage devices also can called non volatile memory element and that
can ever retrieve and storage the data and information. The hard disk is defined based
on the capacity and the information was stored inside the hard disk in a magnetic disk
in the form of the sectors. Every sector that is present in the hard disk holds data.
(Hard Disk, 2006)
Others than that, USB flash drive is a convenience secondary storage devices that
contain the memory can be used to store, retrieve, backup the data and information.
That is an easy-to-use devices which can store the personal data such as pictures,
songs and applications which can easily share with friends. USB flash drive in year
2005 can hold up to 4GB of data, which is over 1700 three-minutes songs which 66
hours recorded as MP3s or about three times the content of a standard CD, but
nowadays the capacity of the USB flash drive is up to 4GB. (Microsoft USB Flash
Drive Manager (Standard), 2011)
Windows XP Analysis 2011
32
On the others hand, CD-ROM is stands for Compact Disk Read Only Memory. It is a
device that reads the data and information that stored on the compact disks (CDs).
CD-ROM is adaptation for the CD which is designed to store the computer data in the
form of text, graphics, application and hi-fi stereo sound. The information is read
from pits and lands such as 1s and 0s, so computer can read it. One CD can hold
650MB of data or 300,000 pages of text. (CD-ROM)
The CD-ROM drive is controlled by both the application software and internal
controller circuitry. The data and information is recorded on the CDs in a clockwise
spiral from the center. It is recorded and read in a series of lands and pits as a 1or
0.They are counted in groups of 14 and then converted into standard 8-digit data. The
speed of the drive determines how fast the drive can transfer data to the computer. 1X
speeds of the CD-ROM drive is the oldest and slowest. (CD-ROM)
Nowadays, most of the computer and laptop have the CD and DVD combination
drives which mean the CD-ROM also can uses for DVD. There have some types of
CD-ROM which compact disk-recordable (CD-R) only have record and cannot erased
or changed, compact disk-recordable rewritten (CD-RW) can be recorded and erased
or changed data, and digital video disc (DVD-ROM) can stored data starting at 4.7BG.
(CD-ROM)
Windows XP does not need any software also can create a music or data CD. Pictures
below will show the step of creating a data CD.
Figure 16: Insert a black CD into drive. Right-click the file copy and select Sent To,
then select CD-RW drive.
Windows XP Analysis 2011
33
Figure 17: Open My Computer and double-click CD writer. Then click File and select
Write these files to CD.
Figure 18: After that, CD writing wizard will appear then name the CD and click Next.
Figure 19: Wait for the CD to finish writing and then eject it.
(Save files to CD-R/CD-RW in Windows XP, 2005)
Windows XP Analysis 2011
34
9.0 System Administration and Support
Remote Desktop
Users can log into Windows XP Professional remotely through the Remote Desktop
service. It is built on Terminal Services technology (RDP), and is similar to "Remote
Assistance", but allows remote users to access local resources such as printers. Any
Terminal Services client, a special "Remote Desktop Connection" client, or a web-
based client using an ActiveX control may be used to connect to the Remote
Desktop(Remote Desktop clients for earlier versions of Windows, Windows 95,
Windows 98 and 98 Second Edition, Windows Me, Windows NT 4.0, or Windows
2000 have been made available by Microsoft . This permits earlier versions of
Windows to connect to a Windows XP system running Remote Desktop, but not vice-
versa.)
There are several resources that users can redirect from the remote server machine to
the local client, depending upon the capabilities of the client software used. For
instance, "File System Redirection" allows users to use their local files on a remote
desktop within the terminal session, while "Printer Redirection" allows users to use
their local printer within the terminal session as they would with a locally or network
shared printer. "Port Redirection" allows applications running within the terminal
session to access local serial and parallel ports directly, and "Audio" allows users to
run an audio program on the remote desktop and have the sound redirected to their
local computer. The clipboard can also be shared between the remote computer and
the local computer. The RDP client in Windows XP can be upgraded to 7.0. The
Remote Desktop Web Connection component of Internet Information Services 5.1
also allows remote desktop functionality over the web through an ActiveX control for
Internet Explorer. (msdn -- Remote Desktop Web Connection, 2011)
Remote Assistance
Remote Assistance allows a Windows XP user to temporarily take over a remote
Windows XP computer over a network or the Internet to resolve issues. As it can be a
hassle for system administrators to personally visit the affected computer, Remote
Assistance allows them to diagnose and possibly even repair problems with a
Windows XP Analysis 2011
35
computer without ever personally visiting it. Remote Assistance allows sending
invitations to the support person by email, Windows Messenger or saving the
invitation as a file. The computer can be controlled by both, the support person
connecting remotely as well as the one sending the invitation. Chat, audio-video
conversations and file transfer are available. (microsoft support -- Overview of
Remote Assistance in Windows XP)
Fast User Switching and Welcome Screen
Windows XP introduces Fast User Switching and a more end user friendly Welcome
Screen with a user account picture which replaces the Classic logon prompt. Fast user
switching allows another user to log in and use the system without having to log out
the previous user and quit his or her applications. Previously (on both Windows Me
and Windows 2000) only one user at a time could be logged in (except through
Terminal Services), which was a serious drawback to multi-user activity. Fast User
Switching, like Terminal Services, requires more system resources than having only a
single user logged in at a time and although more than one user can be logged in, only
one user can be actively using their account at a time. This feature is not available
when the Welcome Screen is turned off, such as when joined to a Windows Server
Domain or with Novell Client installed. Even when the Welcome screen is enabled,
users can switch to the Classic logon by pressing Ctrl+Alt+Del twice at the Welcome
screen. ces Fast User Switching and a more end user friendly Welcome Screen with a
user account picture which replaces the Classic logon prompt. Fast user switching
allows another user to log in and use the system without having to log out the
previous user and quit his or her applications. Previously (on both Windows Me and
Windows 2000) only one user at a time could be logged in (except through Terminal
Services), which was a serious drawback to multi-user activity. Fast User Switching,
like Terminal Services, requires more system resources than having only a single user
logged in at a time and although more than one user can be logged in, only one user
can be actively using their account at a time. This feature is not available when the
Welcome Screen is turned off, such as when joined to a Windows Server Domain or
with Novell Client installed. Even when the Welcome screen is enabled, users can
Windows XP Analysis 2011
36
switch to the Classic logon by pressing Ctrl+Alt+Del twice at the Welcome screen.
(microsoft support -- Architecture of Fast User Switching)
Windows Task Manager
Windows Task Manager incorporates a number of improvements in Windows XP. It
has been updated to display process names longer than 15 characters in length on the
Processes tab, which used to be truncated in Windows 2000. Session ID and User
name columns have been added on the Processes tab. The Delete key can also be used
to terminate processes on the Processes tab. A new Networking tab shows statistics
relating to each of the network adapters present in the computer. By default the
adapter name, percentage of network utilization, link speed and state of the network
adapter are shown, along with a chart of recent activity. More options can be shown
by choosing Select columns... from the View menu. The Users tab shows all users that
currently have a session on the computer. On server computers there may be several
users connected to the computer using Terminal Services. There may also be multiple
users logged onto the computer at one time using Fast User Switching. Users can be
disconnected or logged off from this tab. A Shutdown menu has been introduced that
allows access to Standby, Hibernate, Turn off, Restart, Log Off and Switch User.
Holding down Ctrl while clicking New Task opens a command prompt.
Command lines tools
Windows XP includes new command line tools and WMI-based scripts:
Schtasks.exe (Task Scheduler)
Shutdown.exe (Shutdown commands)
Sc.exe (Service Control Manager)
Gpupdate.exe and Gpresult.exe (Group Policy)
Logman.exe, Relog.exe, Typeperf.exe and Tracerpt.exe (Performance monitoring)
Eventquery.vbs, Eventcreate.exe, EventTriggers.exe (Event log)
Windows XP Analysis 2011
37
10.0 Recovery Strategies
10.1 How to Enable and Disable Windows XP's System Restore Feature
To enable or disable System Restore, perform the following steps:
1. Start the System Control Panel applet. Select the System Restore tab. Clear the
"Turn off System Restore on all drives" check box to enable System Restore,
or select this check box to disable System Restore. Click OK. Also here:
2. To delete older restore points, but leave the system restore turned on: Right
Click the Drive in question/Properties/Disk Cleanup/More Options/System
Restore/Cleanup.
3. User can also click the Settings button to set a maximum amount of space that
user want each drive to use for restore information. If the drive user select isn't
the system drive, user can disable System Restore on a per-drive basis. The
maximum amount of space that user can use for restore information is 12
percent per drive.
4. An alternative to the usual method of enabling and disabling Windows XP's
System Restore feature is using the registry. To use this alternative, perform
the following steps: Start the registry editor (regedit.exe).
5. Go to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\SystemRestore.
6. If a "DisableSR" value doesn't exist, go to the Edit menu, select New,
DWORD value, and create the value.
7. Set the value to 1 to disable System Restore or 0 to enable System Restore.
8. Go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sr
to prevent the System Restore service from starting.
9. Double-click Start, and set the value to 4 to stop the service from starting or to
0 for normal startup. Close the registry editor.
10.2 System Restore Usage System Restore Requirements: System Restore is automatically installed and
configured on Windows XP if user’s computer has at least 200MB of free disk space
after Windows XP is installed.
Windows XP Analysis 2011
38
Enabling System Restore: Right click my computer icon, properties. System Restore
Tab, Clear "Turn Off System Restore on all Drives".
Adjust System Restore Disk Usage: By default, System Restore is given 12% of
user’s hard disk space when user install Windows XP. Change amount: Right click
my computer icon, properties. System Restore Tab, Settings.
Creating Restore Points: Start/Programs/Accessories/System Tools/System Restore.
In the System Restore window, click "Create a Restore Point button, next. In the
window that appears, enter a description. The date and time is created automatically.
Running System Restore: If user can boot Windows,
Start/Programs/Accessories/System Tools/System Restore. Click the Restore My
Computer to an earlier time, next. If user cannot boot Windows, boot into safe mode.
Click the System Restore link. Click the Restore My Computer to an earlier time,
next.
Note: Current documents, files and e-mail are not affected during a restoration.
10.3 What is Restored on User’s Machine When They Use System
Restore and What is Not? The following are restored when user use System Restore to restore their system to a
previous time using a restore point:
Registry
Profiles (local only—roaming user profiles not impacted by restore)
COM+ DB
WFP.dll cache
WMI DB
IIS Metabase
Files type which are monitored by System Restore as specified in the SDK available
from the following are not restored by System Restore:
DRM settings
Windows XP Analysis 2011
39
Passwords in the SAM hive.
WPA settings (Windows authentication information is not restored)
Specific directories/files listed in the Monitored File Extensions list in the
System Restore section of the Platform SDK e.g. 'My Documents' folder.
Any file types not monitored by System Restore like personal data files
e.g. .doc, .jpg, .txt etc.
Items listed in both Filesnottobackup and KeysnottoRestore (hklm->system-
>controlset001->control->backuprestore->filesnottobackup and
keysnottorestore) in the registry.
User-created data stored in the user profile
Contents of redirected folders
10.4 Troubleshooting System Restore in Windows XP To troubleshoot System Restore issues, try one or more of the following steps:
If user receive an error message that is related to System Restore, always make
sure that should first record the error message and follow the instructions that
the error message contains to try to resolve the issue. Most System Restore
issues generate an error message that contains a description of the issue and
suggestions for how to resolve the issue.
Make sure that user have enough disk space on all of the drives on while
System Restore enabled.
Make sure that the System Restore service is running by using one of the following
methods:
Check in Control Panel:
1. Click Start, click Control Panel, and then click "Performance and
Maintenance".
2. Click Administrative Tools, click Computer Management, and then click
Services and Applications.
3. Click Services, and then click System Restore Services.
Open a command prompt window:
Windows XP Analysis 2011
40
1. Click Start, click Run, and then type "CMD" (without the quotation marks).
2. Press the ENTER key, and then type "Net Start" (without the quotation marks)
at the command prompt to make sure that the System Restore service is up and
running.
Make sure that System Restore is enabled on the drives that user want System Restore
enabled on.
Try to run System Restore in Safe mode.
If user suspect that they do not have as many restore points , make sure that
the data store is the size that user want the data store to be.
Check the event logs to investigate System Restore service errors:
1. Click Start, click Control Panel, and then click "Performance and
Maintenance".
2. Click Administrative Tools, click Computer Management, double-click Event
Viewer, and then click System.
3. Click the Source tab to sort by name, and then look for "sr" or "srservice."
Double-click each of these services, and then evaluate the event description
for any indication of the cause of the problem.
10.5 Re-Activation for Windows XP Should user restore their system to a point before they activated XP on their computer,
the OS will forget that user activated it and need to reactivate XP. If the system
restore point is past the 30-day grace period that Microsoft allows for activation,
user'll have to activate XP immediately.
The only workaround to reactivating your system is to perform the following steps:
Start user Windows installation in Minimal Safe mode.
Move to the \%systemroot%\system32 folder.
Rename wpa.dbl to wpa.noact.
Rename wpa.bak to wpa.dbl.
Reboot system as normal. (harder, 2009)
Windows XP Analysis 2011
41
11.0 Security Strategies
11.1 Firewall Internet Connection Firewall is software that user can use to set restrictions on the
information that is communicated between home or small office network and the
Internet.
If network uses Internet Connection Sharing to provide Internet access to multiple
computers, it is a good idea to turn on Internet Connection Firewall on the shared
Internet connection. However, user can turn on Internet Connection Sharing and
Internet Connection Firewall separately. It is a good idea to turn on Internet
Connection Firewall on the Internet connection on any Microsoft Windows XP-based
computer that is connected directly to the Internet.
Internet Connection Firewall is help to protect a single computer while is connected to
the Internet. If user have a single computer that is connected to the Internet with a
modem, Internet Connection Firewall helps protect Internet connection. Don’t turn
on Internet Connection Firewall for virtual private network (VPN) connections
because Internet Connection Firewall interferes with file sharing and other VPN
functions.
11.1.1 How Internet Connection Firewall works
Internet Connection Firewall is a "stateful" firewall. A stateful firewall is one that
monitors all aspects of the communications that cross its path and examines the
source and the destination address of each message that the firewall handles. To
prevent unsolicited traffic from the public side of the connection from entering the
private side, Internet Connection Firewall keeps a table of all the communications that
have originated from the computer that is running Internet Connection Firewall. For a
single computer, Internet Connection Firewall tracks traffic that originates from the
computer. If user use Internet Connection Firewall in conjunction with Internet
Connection Sharing, Internet Connection Firewall tracks all the traffic that originates
from the computer that is running Internet Connection Firewall and Internet
Connection Sharing, and tracks all the traffic that originates from private network
computers. Internet Connection Firewall compares all inbound traffic from the
Windows XP Analysis 2011
42
Internet to the entries in the table. Inbound Internet traffic is permitted to reach the
computers in user’s network only if there is a matching entry in the table that shows
that the communication exchange began in user’s computer or private network.
Communications that originate from a source outside the computer that is running
Internet Connection Firewall, such as from the Internet, are dropped by the firewall
unless user want create an entry on the Services tab to permit passage. Instead of
sending the user notifications about activity, Internet Connection Firewall silently
discards unsolicited communications. This stops common hacking attempts such as
port scanning. Such notifications might be sent frequently enough to become
distraction. Instead, Internet Connection Firewall can create security log so that user
can view the activity that is tracked by the firewall.
User can configure services so that unsolicited traffic from the Internet is forwarded
by the computer that is running Internet Connection Firewall to the private network.
For example, if user are hosting an HTTP Web server service, turned on the HTTP
service on your computer, unsolicited HTTP traffic is forwarded by the computer that
is running Internet Connection Firewall to the HTTP Web server. Internet Connection
Firewall requires operational information (known as a service definition) to permit the
unsolicited Internet traffic to be forwarded to the Web server on user’s private
network.
11.2 Software Restriction Policies Administrators can use software restriction policies to allow software to run. By using
a software restriction policy, an administrator can prevent unwanted programs from
running. This includes viruses and Trojan horse software, or other software that is
known to cause problems.
User can use the Group Policy tool in Windows XP to implement software restriction
policies. To enable a software restriction policy, use either of the following methods:
1. Using Group Policy
2. Click Start, and then click Run.
3. Type gpedit.msc, and then click OK.
4. Expand the following items:
Windows XP Analysis 2011
43
5. Computer Configuration
6. Windows Settings
7. Security Settings
8. Software Restriction Policies
9. Using the Local Security Policy
10. Click Start, and then click Run.
11. Type secpol.msc, and then click OK.
12. Follow the instructions to enable a policy.
11.3 The Default Security Level and Exceptions User can configure the default security level and define additional rules that form
exceptions to the default rules. The default security level determines the behavior for
all programs. Additional rules provide exceptions to the default security level. The
two security levels are:
Disallowed - If user set Disallowed as the default rule, no programs are permitted.
user must create additional rules that enable particular programs to run.
Using Disallowed as the default is not a good idea unless the administrator has a
complete list of permitted programs.
Unrestricted - If user set Unrestricted as the default rule, all programs are allowed to
run. user must create additional rules if user want to restrict individual programs.
Unrestricted is best if the administrator does not have a complete list of permitted
programs, but needs to prevent certain programs from running.
11.4 General Configuration Rules By default, all users are subject to the security restriction policy settings on the
computer. user can configure enforcement for all users except local administrators,
which allows local administrators to run disallowed programs.
Designated Files Types - user can use this policy to configure the file types to which
the security restriction policy settings apply.
Windows XP Analysis 2011
44
Trusted Providers - user can use the Trusted Providers properties to configure which
users can select trusted publishers. user can also determine which, if any, certificate
revocation checks are performed before trusting a publisher. (microsoft support --
Description of the Software Restriction Policies in Windows XP)
Windows XP Analysis 2011
45
12.0 Standard Support
After installation of Windows XP, Windows XP comes with a empty desktop with a
wallpaper and a icon at the bottom right corner which is Recycle Bin.
Figure 20: Empty Windows XP
And there were some default programs provide by Windows XP in Start menu, such
as windows Media Player, Internet explorer, Windows Movie Maker and others.
Windows XP Analysis 2011
46
Figure 21: Start Menu in Windows XP
Click on all programs in the Start menu, then will show user all the programs
currently stored inside Windows XP. There is lot of default programs provide by
Windows XP stored inside Accessories. Inside accessories included Accessibility,
Communications, Entertainment, System Tools and some utilities.
Figure 22: Communications’ Programs in Windows XP
Windows XP Analysis 2011
47
Figure 23: System Tools’ programs in Windows XP
Windows XP Analysis 2011
48
13.0 Bibliography
CD-ROM. (n.d.). Retrieved October 26, 2011, from CD-ROM web sites:
http://library.thinkquest.org/11309/data/cdrom.htm
Disk Management. (2011). Retrieved October 23, 2011, from Disk Management web
site: http://technet.microsoft.com/en-us/library/bb457110.aspx
Disk Management overview. (2011). Retrieved October 23, 2011, from Disk
Management overview web site:
http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-
us/sag_diskconcepts_02a.mspx?mfr=true
Hard Disk. (2006). Retrieved October 23, 2011 , from Hard Disk web site:
http://www.harddiskhome.com/
Hard Disk. (2006). Retrieved October 26, 2011, from Hard Disk web sites:
http://www.harddiskhome.com/
Hard Disk Data Transmission. (2006). Retrieved October 23, 2011, from Hard Disk
Data Transmission: http://www.harddiskhome.com/hard-disk-data-transmission.html
Krishnan, S. (2006, August 06). A Tale of Two Schedulers Windows NT and Windows
CE. Retrieved October 21, 2011, from Sriram Krishnan:
http://sriramk.com/blog/2006/08/tale-of-two-schedulers-
win_115489794858863433.html
Kleinrock, L., and R. R. Muntz, "Processor Sharing Queueing Models of Mixed
Scheduling Disciplines for Time Shared System," Journal of the ACM (JACM),
Volume 19, Issue 3 (July 1972).
Mark Russinovich and David Solomon. (n.d.). Windows XP: Kernel Improvements
Create a More Robust, Powerful, and Scalable OS. Retrieved October 21, 2011, from
MSDN Magazine: http://msdn.microsoft.com/en-us/magazine/cc302206.aspx
Microsoft Developer Network -- Remote Desktop Web Connection. (n.d.). Retrieved
10 29, 2011, from Microsoft Developer Network: http://msdn.microsoft.com/en-
us/library/aa383019(v=vs.85).aspx
Windows XP Analysis 2011
49
Microsoft. (2006, April). FACT SHEET: Windows XP N Sales. Retrieved October 13,
2011, from Microsoft News Center:
http://www.microsoft.com/presspass/legal/european/04-24-
06windowsxpnsalesfs.mspx
Microsoft. (n.d.). Lesson 2 - Windows NT System Overview. Retrieved October 13,
2011, from Microsoft|TechNet: http://technet.microsoft.com/en-
us/library/cc767881.aspx
microsoft support -- Architecture of Fast User Switching. (n.d.). Retrieved 10 30,
2011, from microsoft support: http://support.microsoft.com/kb/294737
Microsoft USB Flash Drive Manager (Standard). (2011). Retrieved October 26, 2011,
from Microsoft USB Flash Drive Manager (Standard) web sites:
http://www.microsoft.com/download/en/details.aspx?id=20034
MSDN. (2011, July 9). Deadlock Detection. Retrieved October 31, 2011, from msdn:
http://msdn.microsoft.com/en-us/library/windows/hardware/ff543668(v=vs.85).aspx
MSDN. (2003, January 13). Kernel Enhancements for Windows XP. Retrieved
October 31, 2011, from msdn: http://msdn.microsoft.com/en-
us/windows/hardware/gg463468
MSDN. (n.d.). Windows XP: Kernel Improvements Create a More Robust, Powerful,
and Scalable OS. Retrieved October 21, 2011, from MSDN Magazine:
http://msdn.microsoft.com/en-us/magazine/cc302206.aspx
Nichol, A. (2005). Virtual Memory in Windows XP. Retrieved October 19, 2011, from
Virtual Memory in Windows XP web site: http://www.aumha.org/win5/a/xpvm.php
Petri, D. (2009, January 8). How can I optimize the Windows 2000/XP/2003 virtual
memory (Pagefile)? Retrieved October 21, 2011, from How can I optimize the
Windows 2000/XP/2003 virtual memory (Pagefile)? Web site:
http://www.petri.co.il/pagefile_optimization.htm
Russinovich, M. (n.d.). Inside the Windows 2000 Kernel. Retrieved October 14, 2011,
from windowsitpro.com: http://www.windowsitpro.com/content1/topic/inside-the-
windows-2000-kernel/catpath/internals-and-architecture/page/1
Windows XP Analysis 2011
50
Russinovich, Mark; David Solomon (2005). "Memory Management". Microsoft
Windows Internals (4th ed.). Microsoft Press. ISBN 978-0-7356-1917-3.
S, B. (2010, July 04). Importance of Storage devices in a system. Retrieved October
26, 2011, from Importance of Storage devices in a system web sites:
http://www.mywindowsclub.com/resources/3140-Importance-Storage-devices-
system.aspx
Save files to CD-R/CD-RW in Windows XP. (2005, January 12). Retrieved October 26,
2011, from Save files to CD-R/CD-RW in Windows XP web sites:
http://www.cod.edu/it/howdoi/burncd.htm
Secondary storage device. (2011). Retrieved October 26, 2011, from Secondary
storage device web sites: http://www.computerhope.com/jargon/s/secostor.htm
UITS. (n.d.). Knowledge Base. Retrieved October 14, 2011, from UITS:
http://kb.iu.edu/data/akma.html
W3Schools. (n.d.). OS Statistics. Retrieved October 14, 2011, from W3Schools.com:
http://www.w3schools.com/browsers/browsers_os.asp
What is virtual memory? (2011). Retrieved october 21, 2011, from What is virtual
memory? web site: http://computer.howstuffworks.com/question684.htm
windows xp professional product documentation -- New command-line tools. (n.d.).
Retrieved 10 30, 2011, from windows xp professional product documentation:
http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-
us/ntcmds_new_tools.mspx?mfr=true
Zandri, J. (n.d.). Disk Management in Windows XP Professional. Retrieved October
23, 2011 , from Disk Management in Windows XP Professional web site:
http://www.mcmcse.com/microsoft/guides/diskmanagement.shtml