DOCSLIB.ORG

Windows 10 Rollout Programme

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Windows 10 Rollout Programme Windows 10 Rollout Programme Key decision points for consideration 1. Folder Redirection 2. Admin Rights 3. Roaming Profiles 4. Data Ownership W10 - Key Decision 1 - Folder Redirection We are consulting with College and Service Group Representatives on Folder Redirection for Windows 10 as follows: 1) Please respond by accepting the only offered solution option 1 below 2) Or by rejecting with reasons for that response. Options: Option 1 – Folder redirection ON for desktop clients but OFF for mobile clients. This is the same as the existing SD7 “Windows 7” and “MDSD Windows 8” folder redirection configuration. This “option” is recommended by the service team. W10 - Key Decision 2 - Admin Rights 1) Please respond by choosing one or more from the options presented below. 2) Or by rejecting all options with reasons for that response. Option 1 – Admin rights for end users are enabled on request, are not reviewed, and are rarely revoked. This is the current solution. Enables users to install any application they want, which means that: The estate is vulnerable to threats posed by Potentially Unwanted Applications (PUAs). Applications which install to provide some stated function but modify the OS in unknown ways, e.g. install as search toolbar but harvest web activity. The estate is vulnerable to threats from unmanaged applications. E.g. Applications dependant on insecure versions of Java, Flash or .Net. End user’s files, data and information is unprotected. E.g. PUA’s which inspect html traffic on client and inject paid advertisements. Enables users to change a range of setting on a device, which means that: The state of estate is uncontrolled and unknown. The estate cannot be efficiently managed or supported. Ensures that UoE cannot be compliant with certain InfoSec standards, which means that: UoE will be ineligible for some business opportunities. UoE operates W10 with higher than desirable level of risk. This option is not recommended by the service team. Option 2 – Admin rights for end users are off. Fits strictly with principle of least privilege. [See Background, Proposal and Notes below]. All applications would need to be packaged and delivered via the Software Catalogue. Packaging all applications in use within the University would be a monumental task that would have a negative bearing on the project delivery timelines. In the short to medium term, end users with a requirement to run a non-packaged applications must either: 1. Arrange for that application to be packaged 2. Package the application with local resources to a quality determined by ISG 3. Wait for option 3, 4 or 5 to become available. In the medium term this option will become unworkable for a range of devices/users forcing them to become Self Supported. This option is recommended by the service team for early adopters. This option is not recommended for service. Option 3 – Develop a self-service, authorised, temporary enabling of admin rights for end users in accordance with Info Sec policy Reduces the threat opportunity to a limited time window: 1 day of admin rights per year reduces the threat opportunity to 0.3% of the time for a single device. We would need to investigate options to allow the end user to request Administrative rights for a limited period so that any additional exposure to risk is for a very minimal period. We can envisage a service and technical solution with these features: A request and authorisation application; in the SCCM Software Center (similar to application approval process). A request process where requesters confirm compliance with regulations and InfoSec policy, e.g. o confirm completion of required training: Security Essential training is mandatory for new and existing staff o an undertaking to use additional privileges in accordance with regulations and policy o acknowledging a reminder of their increased vulnerability to common threats An approval process where requests are authorised by line managers or other responsible persons Automated revoke of admin rights, e.g. daily at 00:01 hours This option is recommended by the service team. Option 3a – Admin rights for relatively few end users are permanently enabled, are managed, and maybe revoked This a significantly more controlled and limited use version of Option 1 that is additional to Option 3. We will need to assess the individual requirement for admin rights as part of the preparation to migrate to W10 for each area. We can envisage a service and technical solution with those with admin rights will need to periodically confirm compliance with regulations and InfoSec policy, e.g. confirm completion of required training confirm awareness of their increased vulnerability to common threats undertake to use additional privileges in accordance with regulations and policy This option is recommended by the service team. Option 4 – Investigate alternative technology. This is the preferred long-term solution. Identify, purchase and implement a commercially available product which would be fully-featured / updated and maintained by a third party. This option is recommended by the service team. Background The Administrator account gives the user full control of all files, directories, services, and other resources that are under the control of the local computer. The Supported Desktop has previously held the position that there should be, at most, limited granting of administrative rights. However, the final decision on granting administrative rights was left to the discretion of the local computing officer or manager of unit computers. The Windows 10 operating system is designed to be usable by a user possessing a standard user access token [See note 1]. It is not a requirement that users be granted administrative rights. A library of user requested software is made available via the “Application Catalog”. Installation of this software via the “Application Catalog” does not require administrative rights. Proposal Therefore, in conjunction with InfoSec, SDX proposes that the “Principle of least privilege” [See Note 2] is implemented, whereby users are granted a standard user token by default. Also, SDX proposes that methods and processes are brought into being which facilitate the managed granting of admin rights to end users where deemed necessary. This proposal is based on the following: 1) Protection of end users, devices and data both directly, from own actions, and indirectly from other’s actions, e.g. an infected machine on local network. [See note 3]. Estimates vary, but conservatively, running with a non-admin account mitigates against over 90% of Microsoft critical vulnerabilities. The most basic tenent of endpoint protection being 1) Patching 2) Anti-Malware 3) “Non admin” account. 2) The Principle of least privilege provides support benefits through increased consistency and automation opportunities. Administrative rights may lead to divergence of endpoint devices. For example, Microsoft Analytics has revealed the installation of competing anti-malware products with the existing Supported Desktop. Consistent data storage paths (e.g. only offline storage permitted) also offers a huge benefit particularly in the areas of data resilience (e.g. hardware failure) & OS migration. 3) SDX recognises that there are situations where Administrative rights may lessen the support burden of specific devices. For example, Administrative rights for laptop devices used in the field where access to support is not available. 4) Similarly, there may be issues with specific software requiring Administrative rights to be fully functional. For example, Veracrypt and MirrorOp. Notes [1] Standard User vs Admin User Windows Implementation. As part of the logon process to a Windows computer the logging on user is granted an access token. This token is used by the operating system to determine the Windows objects the user is permitted to access and what subsequent actions the user is permitted to carry out. For example, a Windows object can be an NTFS file and based on the user’s access token the user can read and add data to that file. Whereas a user with a differing token may read the file but is not able to make changes to its contents. Within Windows there are two classes of tokens, “standard user tokens” and “administrative user tokens”. Administrative user tokens have full rights over the all the operating system and whereas standard user tokens are limited in their scope. Users logging in with an account which is a member of the “Local Administrators” group on that machine are granted an administrative token. If the account is not a member of the “Local Administrators” group they are granted a standard token. [2] Principle of least privilege “When applied to users, the terms least user access or least-privileged user account (LUA) are also used, referring to the concept that all user accounts at all times should run with as few privileges as possible, and also launch applications with as few privileges as possible.” https://en.wikipedia.org/wiki/Principle_of_least_privilege [3] Mitigation https://www.avecto.com/news-and-events/news/removing-admin-rights-mitigates-97-of-critical- microsoft-vulnerabilities [4] Many valid requirements for end user having admin rights 1) Install software 2) Run installed software (which, say, requires direct access to OS (e.g. Visual Studio) or direct access to drivers/hardware) e.g. If we say to laptop users that they should install their own drivers, we have to give them means to do so. Also, NVidia, for example, releases driver update often
Load more

Recommended publications
  • Add Administrator to Roaming Profile Group Policy
    Add Administrator To Roaming Profile Group Policy Imputative and unfashioned Ignacius intruded his waterproofing instigating grump expansively. Shifting and colory Vince burkes while transeunt Tedrick departmentalises her hausfrau long and estranged thenceforth. Carangoid and ex-directory Redford outsum her Gloucestershire pats or annoys disgracefully. Is done to take advantage of horizon agent redirection to administrators group on as the properties panel is created an external network computer settings roaming to profile group policy We have change. The Administrator account so by default the only direction that is enabled Mirroring. The salvage to user store location you define via policy always include AD. Computer group that profile is summoned to add you administrator groups can query and. After checking for roaming policies? By default groups in administrator to a policy is a new gpo icon or implementing new profile version is specified by this is reduce and delegation pane. Not sure if that goal possible can the GUI. System User Profiles Add the Administrators security group to roaming user profiles Enabled. This method allows you to granularly configure a users roaming profile path location however coverage is option lot more laborious process of ensure those they are handsome with your folder redirection policy period is also applied to the users. A junior administrator deleted a GPO accidentally but violet had backed it up. No changes made to statistically evaluate the local credentials from this process more efficient way it allows you to roaming. File share name of roaming. Which adds to administrators can without any policy! Allocate sufficient storage and roaming to add profile group policy provides the footprints and.
    [Show full text]
  • Understanding Device Configurations | 3
    Understanding Device LESSON 1 Configurations OBJECTIVE DOMAIN MATRIX TECHNOLOGY SKILL OBJECtIVE DOMAIN DEsCRIPtION OBJECtIVE DOMAIN NUMBER Configuring Device Options Configure device options 1.1 • Understanding Microsoft Accounts • Configuring Control Panel • Configuring System Options • Changing Date and Time • Managing Devices Configuring Desktop Settings Configure desktop settings 1.2 • Configuring the Start Menu • Configuring User Profiles • Configuring Display Settings • Configuring Shortcuts • Understanding Group Policy Configuring Drive Encryption Configure drive encryption 1.3 • Preparing for File Encryption • Configuring BitLocker Configuring Updates Configure updates 1.4 • Understanding Windows Update • Understanding App Updates • Understanding Device System Updates COPYRIGHTED MATERIAL KEY TERMS Action Center Computer Configuration node encryption Active Directory accounts decryption Group Policy Administrative Tools device driver Group Policy objects (GPOs) BitLocker Drive Encryption Device Manager Internet Protocol Security (BDE) Devices and Printers folder (IPsec) Cortana domain‐based accounts Jump List Control Panel Encrypting File System (EFS) live previews 1 MOAC_Exam_98-368_c01.indd 1 12/26/2015 2:29:42 PM 2 | Lesson 1 live tiles Recycle Bin user account local user accounts resolution user profile local user profile roaming user profile User State Migration Tool mandatory user profile shortcut Windows Easy Transfer Microsoft accounts Secure Sockets Layer (SSL) Windows Server Update Microsoft Management Transport Layer Security (TLS) Service (WSUS) Console (MMC) Trusted Platform Module Windows Update Patch Tuesday (TPM) pin User Configuration node You work as an IT technician for the Contoso Corporation, which has hundreds of computers with a good mix between desktop computers and laptop computers. In addi‑ tion, several users use smartphones and tablets to access their emails and documents. As an administrator, you need to ensure that your computers are fully functional and secure.
    [Show full text]
  • Vmware User Environment Manager Administrator's Guide
    User Environment Manager Administrator’s Guide ® VMware User Environment Manager V E R S I O N 8 . 7 .0 You can find the most up-to-date technical documentation on the VMware Web site at: http://www.vmware.com/support/ The VMware Web site also provides the latest product updates. Copyright © 2015 VMware, Inc. All rights reserved. Copyright and trademark information. VMware, Inc. 3401 Hillview Ave. Palo Alto, CA 94304 www.vmware.com User Environment Manager Contents 1 Welcome ............................................................................................ 9 1.1 VMware User Environment Manager ................................................ 10 1.1.1 Application Configuration Management ....................................... 10 1.1.2 User Environment settings ........................................................ 10 1.1.3 Personalization ........................................................................ 11 1.1.4 Application Migration ................................................................ 11 1.1.5 Dynamic Configuration ............................................................. 11 2 Planning your deployment ............................................................... 12 2.1 VMware User Environment Manager terminology ............................... 12 2.2 User profile scenario considerations ................................................. 13 2.2.1 Mandatory profiles ................................................................... 13 2.2.2 Roaming profiles .....................................................................
    [Show full text]
  • Copyrighted Material
    Index Note to the reader: Throughout this index boldfaced page numbers indicate primary discussions of a topic. Italicized page numbers indicate illustrations. Active Directory groups, strict control of, Numbers 476–479 802.3 and Wireless Policy Client-Side Active Directory Sites and Services tool, 24 Extension, 368 for manual replication, 398 802.3 Wired Policy Active Directory Users and Computers, 27, on slow networks, 172 54, 612 for Vista, 527–528 attribute editor, 455 802.11 Wireless Policy vs. GPMC, 35–36 on slow networks, 171 and Group Policy, 33 for Vista, 527–528 logon script visibility to user, 795 for Windows XP, 527 to view GPCs and GUIDs, 351, 352 Active X controls, 804 Add or Remove Programs folder, 736 user removal of application with, 743 A Add/Remove Programs control panel, application display on, 746 files, 363, 749 .AAS Add/Remove Snap-in dialog box, 15, 35 account management, auditing, 460 Add/Remove Templates dialog box, 317 Accounts: Administrator account status Add the Administrators Security Group to policy setting, 440, 515 Roaming User profiles policy setting, Accounts: Guest account status policy 596, 606 setting, 441 Add Upgrade Package dialog box, 750, 750 Accounts: Rename administrator account .ADM files, 238–239, 293, 362 policy setting, 440 vs. ADMX files, 301–302 Accounts: Rename guest account policy distributing updated definitions to setting, 440 administrators, 305–306 settings available for, 112 for Group Policy Object Editor, 184 ACLs, troubleshooting, 404–405 introduction, 298–299 Action on Server
    [Show full text]
  • Mac OS X Server Windows Services Administration for Version 10.3 Or Later
    034-2356_Cvr 9/12/03 10:28 AM Page 1 Mac OS X Server Windows Services Administration For Version 10.3 or Later LL2356.book Page 2 Thursday, September 4, 2003 3:21 PM Apple Computer, Inc. © 2003 Apple Computer, Inc. All rights reserved. The owner or authorized user of a valid copy of Mac OS X Server software may reproduce this publication for the purpose of learning to use such software. No part of this publication may be reproduced or transmitted for commercial purposes, such as selling copies of this publication or for providing paid for support services. Every effort has been made to ensure that the information in this manual is accurate. Apple Computer, Inc., is not responsible for printing or clerical errors. The Apple logo is a trademark of Apple Computer, Inc., registered in the U.S. and other countries. Use of the “keyboard” Apple logo (Option-Shift-K) for commercial purposes without the prior written consent of Apple may constitute trademark infringement and unfair competition in violation of federal and state laws. Apple, the Apple logo, AppleScript, AppleShare, AppleTalk, ColorSync, FireWire, Keychain, Mac, Macintosh, Power Macintosh, QuickTime, Sherlock, and WebObjects are trademarks of Apple Computer, Inc., registered in the U.S. and other countries. AirPort, Extensions Manager, Finder, iMac, and Power Mac are trademarks of Apple Computer, Inc. Adobe and PostScript are trademarks of Adobe Systems Incorporated. Java and all Java-based trademarks and logos are trademarks or registered trademarks of Sun Microsystems, Inc. in the U.S. and other countries. Netscape Navigator is a trademark of Netscape Communications Corporation.
    [Show full text]
  • Installing and Configuring Vmware Dynamic Environment Manager
    Installing and Configuring VMware Dynamic Environment Manager VMware Dynamic Environment Manager 9.11 Installing and Configuring VMware Dynamic Environment Manager You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/ VMware, Inc. 3401 Hillview Ave. Palo Alto, CA 94304 www.vmware.com © Copyright 2020 VMware, Inc. All rights reserved. Copyright and trademark information. VMware, Inc. 2 Contents About Installing and Configuring VMware Dynamic Environment Manager 6 1 Introduction to VMware Dynamic Environment Manager 7 Application Configuration Management 7 User Environment Settings 8 Personalization of Application and Windows Settings 8 Migration of Application Settings 9 Dynamic Configuration of the Desktop 9 2 VMware Dynamic Environment Manager Scenario Considerations 10 Using VMware Dynamic Environment Manager with Mandatory Profiles 10 Using VMware Dynamic Environment Manager with Roaming Profiles 11 Using VMware Dynamic Environment Manager with Local Profiles 12 3 Installation and Deployment Prerequisites 14 VMware Dynamic Environment Manager Infrastructure and Terminology 14 Overview of the VMware Dynamic Environment Manager Deployment 16 Infrastructure Requirements 16 VMware Dynamic Environment Manager Configuration Share 17 Profile Archives Share 18 Software Requirements 19 Registry Access Requirements 20 Licensing Requirements 20 4 Installing VMware Dynamic Environment Manager 21 Overview of the VMware Dynamic Environment Manager Deployment 22 Install VMware Dynamic Environment
    [Show full text]
  • Working with Workgroups and Domains
    Working with Workgroups and Domains Lesson 9 Objectives • Understand users and groups • Create and manage local users and groups • Understand the difference between workgroups and domains • Configure user account control (UAC) Working with Users and Groups • Users • Group – A collection of users – Authentication – Authorization •Permissions •User rights Understanding Local and Domain Users • Homegroup • Workgroup • Domain Introducing the Homegroup • Simplified networking • Allows users on a home network to share the contents of their libraries without creating user accounts and permissions Introducing the Workgroup • Peer-to-peer network • Each computer can function as both a server and a client • Each computer has its own set of users and groups to control access to its own resources • Small networks, little security required Introducing the Domain • Collection of computers that utilize a central directory service for authentication and authorization • At least one Domain Controller is required Domain Controller Local User Accounts Local User Account Properties Domain User Accounts Domain Account Properties Introducing Built-In Local Users • Administrator • New User Account • Guest Understanding Local and Domain Groups Using Local Groups • You can only use local • Local groups cannot have other groups on the computer local groups as members. where you create them. However, they can have domain • Only local users from the groups as members. same computer can be • You can only assign members of local groups. permissions to local groups • When the computer is a when you are controlling access member of an AD DS to resources on the local domain, local groups can computer. have domain users and • You cannot create local groups domain global groups as on a Windows server computer members.
    [Show full text]
  • Microsoft Shared Computer Toolkit for Windows XP Handbook
    Microsoft Shared Computer Toolkit for Windows XP Handbook The Microsoft Shared Computer Toolkit for Windows XP, v1.0 The information in this document and any document referenced herein is provided for informational purposes only, is provided AS IS AND WITH ALL FAULTS and cannot be understood as substituting for customized service and information that might be developed by Microsoft Corporation for a particular user based upon that user’s particular environment. RELIANCE UPON THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN IS AT THE USER’S OWN RISK. MICROSOFT CORPORATION PROVIDES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION CONTAINED IN THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN. Microsoft Corporation provides no warranty and makes no representation that the information provided is in this document or any document referenced herein is suitable or appropriate for any situation, and Microsoft Corporation cannot be held liable for any claim or damage of any kind that users of this document or any document referenced herein may suffer. Your retention of and/or use of this document and/or any document referenced herein constitutes your acceptance of these terms and conditions. If you do not accept these terms and conditions, Microsoft Corporation does not provide you with any right to use any part of this document or any document referenced herein. Complying with the applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording or otherwise), or for any purpose, without the express written permission of Microsoft Corporation.
    [Show full text]
  • Virtualizing Desktops and Apps with Windows Server 2012 R2 Inside
    with Windows Server 2012 R2 Virtualizing Desktops & Apps Virtualizing Desktops & Apps with Windows Server 2012 R2 Inside OUT Conquer Windows Server 2012 R2 For Experienced virtualization—from the inside out! IT Professionals • Your job role: IT administrator in any Dive into Windows Server 2012 R2 virtualization—and really put midsized or large organization that is using or considering Microsoft virtual­ your systems expertise to work. Focusing on both virtual desktop ization technologies based on Windows infrastructure and virtualized applications, this supremely organized Server 2012 R2 reference packs hundreds of timesaving solutions, tips, and work­ • Prerequisites: Working knowledge of arounds. Discover how the experts tackle Windows virtualization— Windows client and server administra­ and challenge yourself to new levels of mastery. tion; basic knowledge of virtualization concepts • Use virtualization to prevent business disruption, help improve security, simplify upgrades, and support mobile users About the Authors Inside OUT Byron Wright, MVP (Microsoft Exchange Plan and deploy User State Virtualization for a consistent experience • Server), is a consultant specializing in across locations and devices Windows Server, Exchange Server, and The ultimate, in-depth reference • Define users, applications, and scenarios for any virtualization project Microsoft Office 365 solutions. He teaches Hundreds of timesaving solutions • Compare and deploy both session­based and virtual machine–based Management Information Systems (MIS) (VM­based) desktops and networking at the University of Man­ Supremely organized, packed itoba’s Asper School of Business and has Configure Client Hyper-V and work with VMs in a Client Hyper-V • co authored Microsoft official curricula with expert advice environment and the Windows Server 2008 Active • Install, design, configure, and administer Microsoft Application Directory Resource Kit.
    [Show full text]
  • User Data and Settings Management Page 1 of 27
    User Data and Settings Management Page 1 of 27 Windows XP Professional User Data and Settings Management By Craig Marl Microsoft Corporation Published: March 2002 Abstract This white paper explains the IntelliMirror® user data and settings management features in Microsoft® Windows® Server 2003. These key components of change and configuration management can help administrators reduce total cost of ownership (TCO). Acknowledgements Craig Marl, program manager, Microsoft Corporation. John Kaiser, technical editor, Microsoft Corporation. Introduction User data includes the documents, images, spreadsheets, presentations and e-mail messages on a user’s computer. User settings include application configurations, preferences, window sizes, toolbar settings and so forth on a user’s computer. With Microsoft® IntelliMirror® management technologies, administrators can manage user data and settings in ways that reduce the total cost of ownership (TCO) for the computing systems. By using IntelliMirror on both the server and client, administrators can protect and manage user data and settings. Non-recoverable data from local workstations can be copied to servers, where it can be easily backed up and centrally managed. Personalized data, applications, and settings can follow each user to different computers throughout the network. Administrators can easily replace faulty computers and restore all user data and settings on a new computer. When fully deployed, IntelliMirror uses the Active Directory® service and Group Policy for policy-based management of user desktops. A Windows 2000, Windows XP Professional or Windows Server 2003 computer can be automatically configured to meet specific requirements of a user’s business roles, group memberships, and location. Group Policy and the Active Directory are not necessary for every IntelliMirror feature.
    [Show full text]
  • Enabling Modern Workstyles with Microsoft Virtual Desktop
    Enable Modern Work Styles with Microsoft VDI David De Backer Device and Desktop Solutions Specialist Empowering User and Device People-centric IT Management Access and Microsoft Information Virtual Protection Desktop Infrastructure Today’s challenges Users Devices Apps Data Users expect to be able to The explosion of devices is Deploying and managing Users need to be productive work in any location and eroding the standards-based applications across while maintaining have access to all their approach to corporate IT. platforms is difficult. compliance and reducing work resources. risk. People-centric IT Enable your end users Allow users to work on the devices of their choice and provide consistent access to corporate resources. Unify your environment Deliver a unified application and Users Devices Apps Data device management on- premises and in the cloud. Protect your data Help protect corporate Management. Access. Protection. information and manage risk. Why Microsoft VDI? Enable users to access Protect against loss corporate apps and and leaks of sensitive data from any corporate data device/any location Deliver great user experience Why Microsoft Centrally administer and VDI? manage desktops Balance user requirements with Save resources with Reduce time to deploy corporate compliance the flexible storage applications and options right to your updates environment VDI with Windows Server 2012 Powered by Windows Server 2012 Desktop Pooled Personal Firewall sessions VMs VMs 1 platform • 1 experience • 3 deployment choices Corporate Office Branch Office Home Public Location Choosing the Right VDI Architecture Sessions Pooled VMs Personal VMs Good Better Best Personalization App compatibility Ease of management Cost effectiveness Solution Principles Efficient Management Best Value for VDI Rich User Experience Easy deployment automates deploying and User Profile Disk maintains user RemoteFX for wide area network (WAN) configuring server roles.
    [Show full text]
  • Microsoft 98-349
    MICROSOFT 98-349 Microsoft Windows Operating System Fundamentals Certification Questions & Answers Exam Summary – Syllabus –Questions 98-349 Microsoft Technology Associate (MTA) - Windows Operating System Fundamentals 40-60 Questions Exam – 700/1000 Cut Score – Duration of 45 minutes 98-349 Exam Questions Table of Contents: Know Your 98-349 Certification Well: ................................ 2 Microsoft 98-349 Windows Operating System Fundamentals Certification Details: ................................... 2 98-349 Syllabus: ................................................................ 3 Understanding operating system configurations (15–20%) ........................................3 Installing and upgrading client systems (15–20%) .......................................................3 Managing applications (15–20%) .....................................................................................3 Managing files and folders (15–20%) ..............................................................................4 Managing devices (15–20%) .............................................................................................4 Understanding operating system maintenance (15–20%) ...........................................4 Microsoft 98-349 Sample Questions: ................................ 5 Study Guide to Crack Microsoft Windows Operating System Fundamentals 98-349 Exam: ............................... 8 Microsoft Windows Operating System Fundamentals Certification Practice Exam 1 98-349 Exam Questions Know Your 98-349 Certification
    [Show full text]