Professional Documents
Culture Documents
Storage Management
5.0 Objectives
5.1 Storage Management in Windows 10
5.2 Cloud Storage - One Drive
5.3 Windows 10 NTFS Permissions
5.4 Summary
5.5 Check Your Progress Answers
5.6 Questions for Self Study
5.0 Objectives
At the end of the module, you will be able to:
Explain Local Storage and Disk Pools.
Configure OneDrive Storage.
Configure NTFS, EFS (Encrypted File System) and Share
Permissions.
Manage BitLocker.
Storage Management / 81
Disk Management provides an option to manage the Disks
connected to the computer or virtual machine.
Additionally, you can attach or detach a vhd (virtual hard disk)
file in a specific computer or a virtual machine.
All disk level operation like, format, drive label etc. can be
performed.
82 / Operating System 1
A Real Storage Pool can be created with 3.5 Terabyte of
Storage. Now by using the concept of Storage Spaces and Thin
Provisioning. You can over-provision a storage as shown in the
image.
It contains:
Storage Space 1 with 3 TB of storage. o Storage Space 2
with 2TB of storage. o Storage Space 3 consists of 2.5 TB of
storage.
Storage Management / 83
5.1.4 Creating Storage Spaces
Storage Space is a feature available in Windows Client
Operating like windows 8.1 or Windows 10.
The process for creation of Storage Spaces on your Windows
machine is:
Open Control Panel.
Navigate to storage spaces, select the option “Create a new
84 / Operating System 1
Two-way mirror requires at least two drives. There is a 50%
utilization of the physical disk because duplicate data is
stored on the other disk.
3-Way Mirror is similar to the two-way mirror, but it writes
three copies of your data on the drives, which will help you to
protect your data from two simultaneous drive failures. Three
way mirror requires, at least, three drives. There is 33% of
Physical Disk utilization, as 3 copies of same data are in the
3 disks.
Parity is similar to standard RAID5 technology, Parity for
storage spaces writes your data with parity information and
provides redundancy from single drive failure. This option
needs 3 physical disks.
Storage Management / 85
devices, often referred to as bring-your-own device (BYOD).
86 / Operating System 1
Also, OneDrive App is available for Mobile Platforms like
Windows Phone, Android, iPhone and iPad. You can
configure your mobile photos to auto-upload to cloud from
your phone.
Optional type is OneDrive for Business: It is based on
SharePoint, Office365 (Cloud). It is also included in Office Pro
Plus 2013. Also, you can opt for OneDrive for Business by
using Microsoft Azure subscription.
Storage Management / 87
NTFS permissions are available with drives formatted with
NTFS.
Terms used in NTFS permissions are:
Security Identifier (SID) : It identifies the user or group. The
image marked as 1 shows the SID.
ACL : Access Control List: It consists of Permissions for the
users. These permissions are Full Control, modify etc., as
shown in the image and marked as 2.
ACE is Access Control Entry : It consists of Allow or deny
permissions to specific users. The image marked 3 shows
ace list.
Securable Objects are Files, Folders, Registry keys, shares
and printers.
NTFS Advanced Permissions are:
Inheritance : It is the property of NTFS. It corresponds to any
permissions set on the parent folder, automatically passes to the
child objects inside the folder.
Explicit permissions are permissions that are set by default
when the object (folder or file) is created by user action.
Note - User Rights apply to User Accounts, Permissions
apply to Objects (files and folders).
88 / Operating System 1
You must login with Administrator privileges, to change
Advanced Permissions. The advanced permissions are:
Full Control : Is used to change permissions and attributes.
An Administrator can take ownership of any content (files or
folders). Note - Standard Users have full control on their
Documents folder while an Administrator has full control of
the entire computer.
Auditing : It provides detailed historical information on what
a user or group has done or attempted to do on a particular
content (file or folder). Audit is listed as Success or Fail.
Effective Access : It shows the resultant list of access rights
on a particular user or group.
Some conditions demand that parent folder has different
permissions and child object inside the parent folder must
have different permissions. This requires Administrator to
Disable Inheritance from the parent, and change the new
NTFS permissions for the child object.
Storage Management / 89
network access.
Default Share : It is also known as Hidden Share. By default,
local Disk C is a hidden default share, any folder can be
created to default share by inserting "$” dollar symbol.
90 / Operating System 1
Encryption can be disabled to ensure users don’t encrypt any
files, Disable EFS can be
done by using Group Policy.
The image illustration is as follows:
The user 1 sends an encrypted message to the other user 2
by using internet. This encrypted message is sniffed by a
Hacker, but since the message is encrypted the hacker
cannot decrypt it as decryption keys is not available with the
Hacker. So, this image shows, an encrypted message is
secure on network.
Storage Management / 91
5.3.7 Cipher and Data Recovery Agent (DRA)
Cipher is built-in command tool for managing encryption
tasks.
DRA (Data Recovery Agent): It has permissions to decrypt
data that was encrypted by another user.
The image shows that user uses key "A” to encrypt the data,
while the Recovery Agent that is DRA has a key "B”.
There are 2 scenarios to decrypt the data:
First scenario is where the User uses his private Key "A” to
decrypt the data.
In the second scenario, the recovery agent can use key "B”
to decrypt the data.
BitLocker Basics
Encryption software like BitLocker was introduced in
Windows 7, and revised in later Operating System version
like Windows 8.1.
The objective of BitLocker is to encrypt data stored on
Operating System and Data volumes.
BitLocker provides Offline and Start-Up Protection to the data
stored on the volumes.
BitLocker uses TPM chip to protect the keys used to encrypt
your computer's data. TPM is Trusted Platform Module, TPM
1.2 supports a single "owner" authorization, with RSA 2048
bits security standards.
While, TPM 2.0 has the similar functionality, additionally it
used for signing/attestation with unique "owner” authorization
encryption.
BitLocker To Go is a process in BitLocker used to encrypt the
removable media.
92 / Operating System 1
2) .................. is built-in command tool for managing
encryption tasks.
3) .................. : It is used to "lock” the content that is later.
5.4 Summary
Diskmgmt.msc is used to access the Disk Management
Console in Windows 10 OS.
Storage Spaces combines multiple physical disks.
Storage Spaces features include, Storage Pools and
Resilient Storage
Work Folders, is used to access work files anywhere, any
device.
OneDrive is Microsoft based cloud storage solution; types
of OneDrive are:
OneDrive for Consumers
OneDrive for Business.
Features of OneDrive are, Recycle Bin, Office Online, App
based access from mobile devices, OneDrive "Fetch”
NTFS permissions consist of SID, ACL, and ACE> NTFS and
Share Permissions can be combined for restrictive access to a
network data.
EFS is used to encrypt and secure data, Cryptographic Terms
in EFS:
Public Key, Private Key, Symmetric Key, FEK.
DRA has permissions to decrypt data that was encrypted by
another user.
BitLocker in Windows 10 supports,
Device Health Attestation, Device Guard, Credential Guard.
BitLocker To Go is used to secure contents stored on
removable drives.
Storage Management / 93
5.5 Check Your Progress Answers
5.1, 5.2, 5.3
1) EFS (Encrypting File System)
2) Cipher
3) Public Key
94 / Operating System 1
Notes
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
Storage Management / 95
Notes
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
96 / Operating System 1