Windows Configuration
Interacting with OS
Task Manager
To get to Task Manager directly in any of the Windows versions that include it, you can press Ctrl+Shift+Esc.
Various tabs in task manager:
- Processes: shows which tasks are open on the machine.
- Details: shows status of apps, usernames etc
o Set priority by right clicking a task and selecting the level of priority – Low 4, below normal 6, normal 8,
above normal 10, high 13, realtime 24. Priority is changed only for that instance and reverts back to normal
when opening the app next time.
o Setting the priority to realtime may cause the processor to give precedence to this process over all others – like
security, spooling etc.
- Services:
- Performance: displays CPU usage, number of processes, number of threads, memory usage, physical memory etc.
- Startup
Microsoft management console
You can start the MMC by pressing Windows + R to open Run, typing mmc in the box, and then
clicking OK.
Computer management
The Computer Management console can manage more than just the installed hardware devices; it can manage all the
services running on a computer in addition to Device Manager. It also contains Event Viewer, which shows any
system errors and events as well as methods to configure the software components of all the computer’s hardware.
1. Event Viewer (eventvwr.msc):
The Security log is used by the Security Reference Monitor inside the Executive kernel. It is responsible for
reporting object audit attempts. Examples of object audit attempts include file access, group membership,
and password changes Most of the useful security-related information will be in the application and system
logs. Using these logs, you can see errors and warnings that will alert you to potential security-related
problems.
2. Disk Management (diskmgmt.msc):
is used to view disk information, such as volumes configured on the physical disk and the filesystems that are
formatted on the volume. Can also partition volumes on a new/existing disk etc.
3. Task scheduler (taskschd.msc):
allows you to configure an application to run automatically or at any regular interval. Action, condition,
setting, Trigger.
4. Device management (devmgmt.msc):
tool for the management of peripherals and components attached to the computer. Allows you to manually
update the driver for a device, roll back a driver to a prior version, uninstall a device, and disable a device.
5. Certificate manager (certmgr.msc):
used to view and manage certificates used by the web browser and the operating system. Allows you to
manage certificates for a user account (only relevant when user is logged in and using an app that needs a
certificate), service account (for a particular service such as VPN) and computer account (relevant only for
the OS even if no one is logged in, commonly used to configure a certificate for the Internet information
services web server).
6. Local users and groups (lusrmgr.msc):
Allows for granular control of local user accounts and groups for the windows operating system.
7. Performance monitor (perfmon.msc):
Displays performance counters.
8. Group Policy editor (gpedit.msc):
Allows to edit the local group policy for the OS. Also allows an administrator to set various settings to
customize the OS. Can also control aspects of security for the OS.
Divides all settings into computer settings and user settings.
Additional Tools
System Configuration Tool (msconfig.exe):
- Allows you to configure how windows 10/11 starts up, as well as launching additional tools.
- Main tabs are general, boot, services, startup (in windows 8/8.1/10/11 startup tab redirects
you to startup tab in device manager) and tools.
System Information tool (msinfo32.exe):
- Displays a fairly thorough list of settings on the machine.
- /computer: Allows you to specify a remote computer on which to run the utility
- /nfo: Creates a file and saves it with an .nfo extension
- /report: Creates a file and saves it with a .txt extension
Resource monitor (resmon.exe):
- is used to identify resource utilization of CPU, disk, network, and memory on Windows
- CPU tab displays processes with CPU utilization
- Memory tab displays memory usage of the processes running on the OS
- Disk tab helps identify a process that is overusing t he hard drive with a high amount of
read/write requests. This tab is extremely useful when you suspect that a process is slowing
down the system.
- Network tab displays all processes that are currently utilizing the network. It can also show
the destination address for each process, can also display processes running on TCP and UDP
port.
- Tool can also display firewall status for processes listening on the operating system.