# OS-3: Windows Administrative Tools Status: not started Domain: - 1.0 Operating Systems ## What You Need To Know The exam often describes a problem and expects you to pick the right Windows tool. Core tools: - **Task Manager**: view running apps/processes, resource use, startup apps, and end unresponsive tasks. - **Services**: start, stop, restart, disable, or change startup type for Windows services. - **Event Viewer**: read logs for errors, warnings, failed services, application crashes, security events, and system events. - **Device Manager**: manage hardware devices, drivers, disabled devices, and driver rollback. - **Disk Management**: create, format, extend, shrink, and assign drive letters to partitions/volumes. - **System Configuration (`msconfig`)**: troubleshooting startup configuration and boot options. - **Local Users and Groups**: manage local users and local group membership. - **Performance Monitor**: collect detailed performance counters over time. - **Resource Monitor**: live view of CPU, memory, disk, and network activity. - **Task Scheduler**: run programs or scripts automatically based on time or events. ## Memory Tricks Use the problem wording: - **"What happened?" = Event Viewer** - **"What hardware/driver?" = Device Manager** - **"What starts with Windows?" = Task Manager or System Configuration** - **"What service is stopped?" = Services** - **"What partition/drive letter?" = Disk Management** - **"What account/group?" = Local Users and Groups** - **"What is slow right now?" = Resource Monitor** - **"What is slow over time?" = Performance Monitor** - **"Run this automatically" = Task Scheduler** ## Commands To Enter Enter these on Windows PowerShell or Command Prompt: ```powershell taskmgr ``` What it does: - Opens Task Manager. - Use it to view processes, performance, startup apps, and signed-in users. ```powershell services.msc ``` What it does: - Opens the Services console. - Use it to start, stop, restart, disable, or change startup type for services. ```powershell eventvwr.msc ``` What it does: - Opens Event Viewer. - Use it to investigate system, application, setup, and security logs. ```powershell devmgmt.msc ``` What it does: - Opens Device Manager. - Use it to check hardware status and manage drivers. ```powershell diskmgmt.msc ``` What it does: - Opens Disk Management. - Use it to manage partitions, volumes, and drive letters. ```powershell msconfig ``` What it does: - Opens System Configuration. - Use it for boot and startup troubleshooting. ```powershell lusrmgr.msc ``` What it does: - Opens Local Users and Groups on supported Windows editions. - Use it to manage local accounts and group membership. - This is not available on all Home editions. ```powershell perfmon ``` What it does: - Opens Performance Monitor. - Use it for detailed performance counters and longer-term monitoring. ```powershell resmon ``` What it does: - Opens Resource Monitor. - Use it for live CPU, memory, disk, and network activity. ```powershell taskschd.msc ``` What it does: - Opens Task Scheduler. - Use it to create, view, and troubleshoot scheduled tasks. Linux comparison commands: ```bash ps aux ``` What it does: - Lists running processes. ```bash top ``` What it does: - Shows live process and resource usage. ```bash systemctl status ``` What it does: - Shows systemd service manager status. - You can also check a specific service, such as `systemctl status ssh`. ```bash journalctl -p err ``` What it does: - Shows systemd journal entries with error priority. ```bash lsblk ``` What it does: - Lists disks and partitions. ## Mini Lab Goal: - Match tools to symptoms and practice safe viewing commands. Windows: 1. Open Task Manager with `taskmgr`. 2. Open Event Viewer with `eventvwr.msc`. 3. In Event Viewer, view Windows Logs > System. 4. Open Device Manager with `devmgmt.msc`. 5. Open Disk Management with `diskmgmt.msc`. 6. Open Resource Monitor with `resmon`. 7. Record which tool you would use for: - Failed service startup: - Missing driver: - Drive letter change: - Slow disk right now: - Long-term CPU tracking: Linux: 1. Run `ps aux`. 2. Run `top`, then press `q` to quit. 3. Run `systemctl status`. 4. Run `journalctl -p err`. 5. Run `lsblk`. 6. Record the Linux command closest to: - Task Manager: - Event Viewer: - Services: - Disk Management: ## Quick Check Before Quiz You are ready for the OS-3 quiz when you can answer these without looking: - Which tool shows Windows logs? - Which tool manages drivers? - Which tool manages partitions and drive letters? - Which tool shows live resource usage? - Which tool runs jobs automatically?