1653
Glossary
cloud In peer-to-peer networks, a grouping of com-
puters that uses addresses of a specific scope. A scope
is an area of the network over which the address is
unique.
CNG services See Crypto Next Generation (CNG)
services.
Code Integrity A feature of Windows that detects
changes to system files and drivers.
compatibility layer A feature of Protected mode in
Windows Internet Explorer that redirects requests for
protected resources (such as the user’s Documents
folder) to safe locations (such as the Temporary Internet
Files folder).
component store A portion of an operating system
image that stores one or more operating system fea-
tures or language packs.
configuration pass A phase of Windows installation
in which different parts of the operating system are
installed and configured. You can specify unattended
installation settings to be applied in one or more con-
figuration passes.
configuration set A file and folder structure containing
files that control the preinstallation process and define
customizations for the Windows installation.
Confirmation Identifier A digitally signed value
returned by a Microsoft clearinghouse to activate a
system.
core application An application that is common to
most computers in your organization, such as a virus

scanner or a management agent.
Crypto Next Generation (CNG) services An exten-
sible cryptographic configuration system that replaces
the CryptoAPI of Windows XP and earlier versions.
Cryptographic Service Provider (CSP) An infrastruc-
ture that developers can use to create applications that
use cryptographic functions such as encryption, hashes,
and digital signatures.
CSC See client-side cache (CSC).
CSP See Cryptographic Service Provider (CSP).
BranchCache A new feature of Windows 7 and
Windows Server 2008 R2 that improves the responsive-
ness of intranet applications for remote offices while
simultaneously reducing WAN utilization. BranchCache
keeps a local copy of data that clients access from
remote Web and file servers. The cache can be placed
on a hosted server located in the branch office, or it can
reside on users’ individual computers. If another client
requests the same file, the client downloads it across
the LAN without having to retrieve it over the WAN.
BranchCache ensures that only authorized clients can
access requested data, and it is compatible with secure
data retrieval over SSL or IPsec.
buffer overflow An attack that submits larger or
longer values than an application or API is designed to
process.
build In the context of MDT 2010, the association of
source files from the distribution share with a configura-
tion. See also Microsoft Deployment Toolkit 2010 (MDT
2010).

C
catalog The system index together with the property
cache.
catalog file A binary file that contains the state of all
settings and packages in a Windows image.
central store In the context of Group Policy, a location
for storing administrative templates for use throughout
an organization. Only Windows Vista and later versions
support using a central store.
channel In Meeting Space, the basis for communi-
cation between participants in a meeting. There are
three kinds of Meeting Space channels: metadata, file,
and streaming. The term channel can also refer to an
application-specific event log.
Clear key A key stored unencrypted on the disk
volume. This key is used to freely access the VMK and,
in turn, the FVEK if BitLocker protection is disabled but
disk volume remains encrypted.
client-side cache (CSC) A Microsoft internal term
referring to Offline Files.
Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark.
1654
Glossary
D
data store In deployment, the location in which the
USMT stores a user state between the time it is read
from the original computer and the time it is deployed
to the target computer.
defense-in-depth A proven technique of layered pro-
tection that reduces the exposure of vulnerabilities. For

example, you might design a network with three layers
of packet filtering: a packet-filtering router, a hardware
firewall, and software firewalls on each of the hosts
(such as Internet Connection Firewall). If an attacker
manages to bypass one or two of the layers of protec-
tion, the hosts are still protected.
Deploying Phase In deployment, this is the phase in
which computers are actually set up and configured.
Additionally, in this phase the deployment team verifies
that deployed computers are stable and usable.
Deployment Image Servicing and Management
(DISM) A new command-line tool introduced in
Windows 7 that can be used to service a Windows
image or to prepare a Windows PE image. It replaces
Package Manager (Pkgmgr.exe), PEImg, and Intlcfg,
which were included in Windows Vista. The functional-
ity that was included in these tools is now consolidated
in DISM, and new functionalities have been added to
improve the experience for offline servicing.
Desktop Windows Manager (DWM) A feature of
Windows that performs desktop composition to enable
visual effects such as glass window frames, three-
dimensional window transition animations, Windows
Flip and Windows Flip3D, and high-resolution support.
destination computer The computer on which you
install Windows during deployment. You can either run
Windows Setup on the destination computer or copy a
master installation onto the destination computer.
developing phase In deployment, the period during
which the team builds and unit-tests the solution.

DirectAccess A new feature of Windows 7 and
Windows Server 2008 R2 that increases the productiv-
ity of remote users by enabling them to seamlessly and
securely access the corporate network any time they
have an Internet connection, without requiring a VPN
connection. DirectAccess also enhances the security
and flexibility of the corporate network infrastructure,
enabling IT professionals to remotely manage and
update corporate computers whenever they connect to
the Internet—even when users are not logged in.
directory junction A technique for redirecting
requests for a specific folder to a different location.
Directory junctions are used to provide backward
compatibility for folder locations used in earlier versions
of Windows.
discoverable A state in which a Bluetooth-enabled
device sends out radio signals to advertise its location
to other devices and computers.
DLL See dynamic-link library (DLL).
DNS Security Extensions (DNSSEC) An Internet
standard supported by Windows 7 and Windows Server
2008 R2 that enables computers to authenticate DNS
servers, which mitigates man-in-the-middle attacks.
A man-in-the-middle attack redirects clients to a mali-
cious server, which can allow an attacker to intercept
passwords or confidential data.
DNSSEC See DNS Security Extensions (DNSSEC).
DWM See Desktop Windows Manager (DWM).
Dynamic Driver Provisioning A new feature of
Windows Deployment Services in Windows Server 2008

R2 that stores drivers in a central location, which saves
IT professionals time by not requiring operating system
images to be updated when new drivers are required
(for example, when the IT department buys different
hardware). Drivers can be installed dynamically based
on the Plug and Play IDs of a PC’s hardware or as
predetermined sets based on information contained in
the BIOS.
dynamic-link library (DLL) A file containing execut-
able code that programs can run. Multiple programs
can reference a single DLL, and a single program might
use many different DLLs.
Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark.
1655
Glossary
E
envisioning phase The phase in a MDT 2010 deploy-
ment in which management creates teams, performs
an assessment of existing systems and applications,
defines business goals, creates a vision statement,
defines scope, creates user profiles, develops a solution
concept, creates risk-assessment documents, writes a
project structure, and approves milestones. See also
Microsoft Deployment Toolkit 2010 (MDT 2010).
escalated Remote Assistance (RA) See solicited
Remote Assistance (RA).
expert In a Remote Assistance scenario, the user who
provides help. Also known as a helper.
F
feature team In the context of MDT 2010, a cross-

organizational team that focuses on solving a particular
problem such as security. See also Microsoft Deployment
Toolkit 2010 (MDT 2010).
feature team guide In the context of MDT 2010, a
document that addresses the tasks required of a specific
feature team. See also Microsoft Deployment Toolkit
2010 (MDT 2010).
Federated Search A new feature of Windows 7 and
Windows Server 2008 R2, based on the OpenSearch
protocol, which enables users to search remote data
sources from within Windows Explorer. The goal of
Federated Search is not to replace server repositories,
like Microsoft Office SharePoint Server, but to enable
these repositories to expose their search capabilities
through Windows and thus get more value out of the
repositories for users.
file sharing The process of making files or folders
available to more than one user.
folder redirection A technique for configuring
computers to access user profile data from an alternate
location. Folder redirection is commonly used to store
user documents and data files on a shared folder.
forced guest See ForceGuest.
ForceGuest A common term for one of the network
access models used by Windows XP that requires all
network users to be treated as guests. Beginning with
Windows Vista, however, ForceGuest is no longer a
supported setting; turning this setting on is not
recommended.
Full Volume Encryption Key (FVEK) The algorithm-

specific key used to encrypt (and optionally, diffuse)
data on disk sectors. Currently, this key can vary from
128 bits through 512 bits. The default encryption algo-
rithm used on disk volumes is AES 128 bit with Diffuser.
FVEK See Full Volume Encryption Key (FVEK).
G
gadget A mini-application that can do almost any-
thing, including show news updates, display a picture
slideshow, or show weather reports.
GPT See GUID Partition Table (GPT).
Group Policy preferences Lets you manage drive
mappings, registry settings, local users and groups,
services, files, and folders without the need to learn a
scripting language. You can use preference items to
reduce scripting and the number of custom system
images needed, standardize management, and help
secure your networks. By using preference item-level
targeting, you can streamline desktop management by
reducing the number of GPOs needed.
GUID Partition Table (GPT) A new disk-partitioning
technology that offers several advantages over MBR,
including support for larger partitions and up to 128
partitions on a single disk.
H
HAL See Hardware Abstraction Layer (HAL).
Hard-Link Migration A new feature of the USMT for
Windows 7 that enables customers to install Windows
Vista or Windows 7 on an existing computer while
retaining data locally on that computer during operat-
ing system installation.

Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark.
1656
Glossary
Hardware Abstraction Layer (HAL) A feature of
Windows that simplifies how the operating system
accesses hardware by providing a single interface that
behaves identically across different platforms.
helper See expert.
high-volume deployment A deployment project that
involves a large number of computers.
HomeGroup A new networking feature of Windows 7
that makes it easier to share files and printers on a
home network. You can share pictures, music, videos,
documents, and printers with other people in your
HomeGroup. Other people can't change the files that
you share unless you give them permission to do so.
hybrid image An imaging strategy that combines
thick and thin images. In a hybrid image, you config-
ure the disk image to install applications on first run,
giving the illusion of a thick image but installing the
applications from a network source. Hybrid images
have most of the advantages of thin images. However,
they aren’t as complex to develop and do not require
a software distribution infrastructure. They do require
longer installation times, however, which can raise initial
deployment costs.
I
ICMP See Internet Control Message Protocol (ICMP).
IFilter A feature of the Windows search engine that
is used to convert documents in different formats into

plain text so they can be indexed. IFilters are
also responsible for extracting a number of format-
dependent properties such as Subject, Author, and
Locale. Microsoft provides IFilters for many common
document formats by default, while third-party vendors
such as Adobe provide their own IFilters for indexing
other forms of content.
IID See Installation Identifier (IID).
image-based setup A setup process based on
applying a disk image of an operating system to the
computer.
in place sharing See in profile sharing.
in profile sharing Sharing a file or folder from within
your user profile. Also known as in place sharing.
InPrivate Browsing Prevents Windows Internet
Explorer from storing data about your browsing session.
InPrivate Filtering Helps prevent Web site content pro-
viders from collecting information about sites you visit.
Installation Identifier (IID) A code generated by
combining a system’s hardware ID (created by scanning
the system hardware) and the product ID (derived from
the Windows installation). This code is transmitted to
a Microsoft activation clearinghouse during system
activation.
installation image An operating system image that
can be installed on a computer. Unlike boot images,
installation images cannot be booted directly from the
image and must be deployed to a computer before
running.
IntelliMirror A set of change and configuration

management features based on Active Directory
Domain Services that enables management of user and
computer data and settings, including security data.
IntelliMirror also provides a limited ability to deploy
software to workstations or servers running Microsoft
Windows 2000 and later versions.
Internet Control Message Protocol (ICMP) A Layer
3 protocol that IP applications use to test connectivity
and communicate routing changes. ICMP is most
commonly used by the Ping tool.
IPConfig A command-line tool that displays the cur-
rent network configuration.
J
Jump List A list of recent items, such as files, folders,
or Web sites, organized by the program that you use
to open them. In addition to being able to open recent
items using a Jump List, you can also pin favorites to a
Jump List so that you can quickly get to the items that
you use every day.
Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark.
1657
Glossary
K
Kernel mode A processing mode provided by
x86-based processors that provides processes with
unrestricted access to memory and other system
resources. Beginning with Windows Vista, only system
features and trusted drivers should run in Kernel mode.
Key Management Service (KMS) An infrastructure
that simplifies tracking product keys in enterprise

environments.
KMS See Key Management Service (KMS).
known folders Windows user profile folders that can
be redirected with Folder Redirection.
L
legacy mode A Windows Deployment Services mode
that uses OSChooser and Riprep (sector-based) images.
This mode is compatible with RIS. Moving from RIS-only
functionality to legacy mode happens when you install
the Windows Deployment Services update on a server
that is running RIS.
library A virtual container for users’ content. A library
can contain files and folders stored on the local
computer or in a remote storage location. In Windows
Explorer, users interact with libraries in a way similar
to the way they would interact with other folders.
Libraries are built upon the known folders (such as My
Documents, My Pictures, and My Music) that users are
familiar with, and these known folders are automatically
included in the default libraries and set as the default
save location.
Lite Touch Installation (LTI) A deployment option in
MDT 2010 that deploys client computers with little hu-
man interaction. An alternative deployment option, ZTI,
deploys client computers with no human interaction,
but that requires more preparation and engineering
time beforehand. Therefore, LTI is more appropriate for
environments that deploy fewer computers. See also
Microsoft Deployment Toolkit 2010 (MDT 2010), Zero
Touch Installation (ZTI).

local sharing The process of making files and folders
available to other users on the same computer. Also
known as same computer sharing.
local user profile The default approach for storing
user profiles in Windows in which the user profile is
stored on the computer’s hard disk.
location-aware printing A new feature of Windows 7
and Windows Server 2008 R2 that makes the Default
Printer setting location aware. Mobile and laptop users
can set a different default printer for each network to
which they connect. They may have a default printer set
for home use and a different default printer set for the
office. Their computers can now automatically select
the correct default printer depending on where the
users are currently located.
LTI See Lite Touch Installation (LTI).
M
MAK See Multiple Activation Key (MAK).
malware A term that describes a broad range of mali-
cious software, including viruses, worms, Trojan horses,
spyware, and adware.
managed service account A new feature of Windows 7
and Windows Server 2008 R2 that allows administrators
to create a class of domain accounts that can be used to
manage and maintain services on local computers.
Mandatory Integrity Control (MIC) A model in which
lower-integrity processes cannot access higher-integrity
processes. The primary integrity levels are Low, Medium,
High, and System. Windows assigns to each process an
integrity level in its access token. Securable objects such

as files and registry keys have a new mandatory ACE in
the system ACL.
mandatory label An ACE used by MIC.
mandatory user profile A user profile that cannot be
modified by the user. Mandatory user profiles are useful
for ensuring consistent desktop environments.
Master Boot Record (MBR) The most common disk
partition system, MBR is supported by every version of
Windows. Gradually, MBRs are being replaced by GPTs.
See also GUID Partition Table (GPT).
master computer A fully assembled computer con-
taining a master installation of Windows.
Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark.
1658
Glossary
master image A collection of files and folders (some-
times compressed into one file) captured from a master
installation. This image contains the base operating
system as well as additional configurations and files.
master index A single index formed by combining
shadow indexes by using a process called the master
merge. See also master merge.
master installation A Windows installation on a
master computer to be captured as a master image. You
create the master installation by using automation to
ensure a consistent and repeatable configuration each
time. See also master computer, master image.
master merge The process of combining index frag-
ments (shadow indexes) into a single content index
called the master index. See also master index.

MBR See Master Boot Record (MBR).
MBSA See Microsoft Baseline Security Analyzer
(MBSA).
MBSACLI See Microsoft Baseline Security Analyzer
Command Line Interface (MBSACLI).
MIC See Mandatory Integrity Control (MIC).
Microsoft Baseline Security Analyzer (MBSA) A free
tool available for download from Microsoft.com that
administrators can use to scan computers for security
vulnerabilities and missing security updates.
Microsoft Baseline Security Analyzer Command
Line Interface (MBSACLI) A command-line interface
for MBSA, which administrators can use to scan com-
puters for security vulnerabilities and missing security
updates from scripts. See also Microsoft Baseline
Security Analyzer (MBSA).
Microsoft Deployment Toolkit 2010 (MDT 2010) An
SA that enables rapid deployment of Windows 7,
Windows Server 2008 R2, Windows Vista SP1, Windows
Server 2008, Windows XP SP3, and Windows 2003 SP2.
MDT 2010 provides unified tools, scripts, and docu-
mentation for desktop and server deployment using an
integrated deployment console called the Deployment
Workbench.
mixed mode A Windows Deployment Services mode
that supports both OSChooser and Windows PE for
boot environments and Riprep and ImageX imaging.
Moving from legacy mode to mixed mode happens
when you configure Windows Deployment Services and
add .wim image files to it.

Multicast Multiple Stream Transfer A new feature
of Windows Deployment Services in Windows Server
2008 R2 that enables you to more efficiently deploy
images to multiple computers across a network. Instead
of requiring separate direct connections between
deployment servers and each client, it enables deploy-
ment servers to send image data to multiple clients
simultaneously. Windows 7 includes an improvement
that allows servers to group clients with similar network
bandwidth and stream at different rates to each group
so that total throughput is not limited by the slowest
client.
Multiple Activation Key (MAK) A limited-use product
key that can be used to activate Windows on multiple
computers.
N
name resolution The process of converting a host
name to an IP address.
NAP See Network Access Protection (NAP).
native mode A Windows Deployment Services mode
that supports only the Windows PE boot environment
and ImageX image files. The final move to native mode
occurs after you have converted all legacy images to
the .wim image file format and disabled the OSChooser
functionality.
Nbtstat A command-line tool used to display NetBIOS
networking information including cached NetBIOS
computer names.
Net A command-line tool used to perform a variety
of networking tasks including starting and stopping

services, sharing resources, and connecting to shared
resources.
Netstat A command-line tool used to display network-
ing statistics.
Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark.
1659
Glossary
Network Access Protection (NAP) A feature sup-
ported by Windows Vista and later versions that uses
network authentication to validate the identity and
integrity of client computers before they are allowed to
connect to the network.
Network Monitor A graphical tool that administrators
can use to capture and analyze network communica-
tions.
Network Sharing The process of making a folder
available across the network.
New Computer scenario In MDT 2010, a deployment
scenario that deploys the operating system and
applications to a computer that has not been previously
configured and therefore contains no user data. See
also Microsoft Deployment Toolkit 2010 (MDT 2010).
nondestructive imaging A deployment technique
supported by ImageX and Windows Setup in which an
operating system image is deployed without destroying
the existing data.
novice In a Remote Assistance (RA) scenario, the user
seeking assistance.
Nslookup A command-line tool used to test DNS
name resolution.

O
OEM See Original Equipment Manufacturer (OEM).
offered Remote Assistance (RA) See unsolicited
Remote Assistance (RA).
Office Genuine Advantage (OGA) An initiative that
tracks the product keys from licensed versions of
Microsoft Office programs to ensure that they are not
reused on other computers. Users who validate their
copies of Microsoft Office products gain access to
add-ins and updates to those products.
offline In the context of preparing an image for
deployment, when the operating system is not started
and changes or updates are made directly to the image.
Offline Files A feature of Windows that locally stores a
copy of a file located on a shared folder. Windows can
then access the local copy of the file if the user needs
it while disconnected from the network. Windows
includes technology for synchronizing Offline Files that
have been modified and resolving synchronization
conflicts.
OGA See Office Genuine Advantage (OGA).
online In the context of preparing an image for
deployment, when the operating system is started and
changes or updates are made while Windows is running.
Original Equipment Manufacturer (OEM) An
organization that designs and manufactures computer
hardware.
P
P2P See peer-to-peer (P2P).
package A group of files that Microsoft provides to

modify Windows features. Package types include service
packs, security updates, language packs, and hotfixes.
panning hand A specialized cursor that enables drag-
ging a page.
PatchGuard Microsoft’s kernel patch protection tech-
nology for 64-bit versions of Windows that is designed
to prevent unauthorized and unsupported access to the
kernel. It prohibits all software from performing unsup-
ported patches.
PathPing A command-line tool used to test connec-
tivity to an endpoint. PathPing collects connectivity
statistics for every gateway between the client and the
tested endpoint and displays latency and availability
statistics for every node.
PCR See platform configuration register (PCR).
Peer Name Resolution Protocol (PNRP) A mecha-
nism for distributed, serverless name resolution of peers
in a P2P network. See also peer-to-peer (P2P).
peer-to-peer (P2P) A method for communicating
directly between client computers without involving a
separate server. In Windows Vista and later versions,
P2P refers to a set of networking and collaboration
technologies that are used by Windows Meeting Space
and other applications.
Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark.
1660
Glossary
pen flick A Tablet PC pen technique that enables
users to call menu commands by moving the pen using
various gestures.

People Near Me A subnet-level system that enables
users who are signed on to this service to automatically
publish their availability onto the local subnet and
discover other users using the Web Services Dynamic
Discovery (WS-Discovery) protocol. Once users are
published using People Near Me, they can be invited to
start activities such as Windows Meeting Space.
personal identification number (PIN) This is an
administrator-specified secret value that must be
entered each time the computer starts (or resumes
from hibernation). The PIN can have 4 to 20 digits and
internally is stored as a 256-bit hash of the entered
Unicode characters. This value is never displayed to the
user in any form or for any reason. The PIN is used to
provide another factor of protection in conjunction with
TPM authentication. See also Trusted Platform Module
(TPM).
phishing A form of Internet fraud that aims to steal
valuable information such as credit cards, Social Secu-
rity numbers, user IDs, and passwords. A fake Web site
is created that is similar to that of a legitimate organiza-
tion, typically a financial institution such as a bank or in-
surance company. An e-mail is sent requesting that the
recipient access the fake Web site and enter personal
details including security access codes. The page looks
genuine because it is easy to fake a valid Web site.
Any HTML page on the Web can be modified to suit a
phishing scheme.
PIN See personal identification number (PIN).
Ping A command-line tool used to test connectivity to

an endpoint.
Planning Phase A phase in a MDT 2010 deployment
in which the deployment team lays the groundwork for
the deployment. See also Microsoft Deployment Toolkit
2010 (MDT 2010).
platform configuration register (PCR) A register of a
TPM. This register is sufficiently large to contain a hash
(currently only SHA-1). A register can normally only be
extended, which means that its content is a running
hash of all values that are loaded to it. To learn when
these registers are reset, refer to the TCG specification
document. See also Trusted Platform Module (TPM).
PNRP See Peer Name Resolution Protocol (PNRP).
Point-to-Point Tunneling Protocol (PPTP) A net-
working technology that supports multiprotocol VPNs.
This enables remote users to securely access corporate
or other networks across the Internet, to dial into an ISP,
or to connect directly to the Internet. PPTP tunnels, or
encapsulates, IP or IPX banter traffic inside IP packets.
This means that users can remotely run applications
that depend on particular network protocols. PPTP is
described in RFC 2637.
PortQry A command-line tool that tests connectivity
to a network service by attempting to establish a TCP
connection to an endpoint.
PPTP See Point-to-Point Tunneling Protocol (PPTP).
Pre-Boot Execution Environment (PXE) A DHCP-
based remote boot technology used to boot or install
an operating system on a client computer from a
remote server. A Windows Deployment Services server

is an example of a PXE server.
Print Management An MMC snap-in that administra-
tors can use to manage printers, print servers, and print
jobs across an enterprise.
printer driver isolation A new feature of Windows 7
and Windows Server 2008 R2 that lets you configure
printer driver features to run in an isolated process
separate from the print spooler process. By isolating the
printer driver, you can prevent a faulty printer driver
from stopping all print operations on a print server,
which results in a significant increase in server reliability.
Printer Migrator A tool for backing up printer con-
figurations on print servers so that the configuration
can be moved between print servers or consolidated
from multiple servers onto a single server. A command-
line version (Printbrm.exe) is also available.
product key A code used to validate installation media
such as CDs during installation. Product keys, also
known as CD keys, do not prove licensing for a product,
but they do discourage casual copying of software. All
Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark.
1661
Glossary
Windows product keys use five groups of five charac-
ters, with the format XXXXX-XXXXX-XXXXX-XXXXX-
XXXXX.
protocol handler A feature of the Windows search
engine that is used to communicate with and enumer-
ate the contents of stores such as the file system, MAPI
e-mail database, and the CSC or offline files database.

See also client-side cache (CSC).
proximity A measurement of the network latency
between two computers. For Windows Media Sharing
to work, the network latency between two computers
must be 7 milliseconds or less.
Punycode The self-proclaimed “bootstring encoding”
of Unicode strings into the limited character set sup-
ported by DNS, as defined in RFC 3492. The encoding
is used as part of IDNA, which is a system enabling the
use of internationalized domain names in all languages
that are supported by Unicode where the burden of
translation lies entirely with the user application (such
as a Web browser).
PXE See Pre-Boot Execution Environment (PXE).
R
RAC See Reliability Analysis Component (RAC).
Reliability Analysis Component (RAC) A Windows
feature that gathers and processes reliability data.
Replace Computer scenario In MDT 2010, a deploy-
ment scenario that involves giving a new computer
to an existing user. In this scenario, the user receives
a new computer, and the user’s data is migrated to
the replacement computer to minimize impact on the
user. See also Microsoft Deployment Toolkit 2010 (MDT
2010).
requested execution level manifest An application
marking that indicates the privileges required by the
application. Windows uses the requested execution
level manifest, among other factors, to determine
whether to provide a UAC prompt to the user to elevate

privileges when the application is run.
Roaming User Profile An alternative approach for
storing user profiles that involves storing them on a
shared folder on the network. Roaming user profiles
provide simplified backup and enable users to use the
same profile on different computers.
S
SAM See Software Asset Management (SAM).
same computer sharing See local sharing.
screen scraping A technique for automating applica-
tions by simulating keystrokes as if a human were sitting
at the keyboard. Screen scraping is the least reliable
automation technique and should be used only when
no other automation option is available.
Server Message Block (SMB) A network protocol
used for file and printer sharing.
Server Performance Advisor (SPA) A report that
provides a summary of logged performance data.
shadow index A temporary index created during the
indexing process. The shadow indexes created during
indexing are later combined into a single index called
the master index.
sharing The process of making files, folders, printers,
or other resources available to other users.
shatter attack An attack in which a process attempts
to use Windows messages to elevate privileges by
injecting code into another process.
Simple Service Discovery Protocol (SSDP) This
protocol forms the basis of the discovery protocol used
by UPnP and PNRP.

single instance storage A technique for storing multi-
ple Windows images efficiently and in a single location.
The deployment engineer configuring a computer has
the option to select one of the images for deployment
from the client computer.
Sleep A new power state that combines the quick
resume time of Standby with the data-protection
benefits of Hibernate.
slipstreaming The process of integrating a service
pack into operating system setup files so that new
computers immediately have the service pack installed.
Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark.
1662
Glossary
SMB See Server Message Block (SMB).
SME See subject matter expert (SME).
SMS See Systems Management Server (SMS).
sniffer A tool such as Network Monitor that collects
network communications. Sniffers are also known as
protocol analyzers.
Software Asset Management (SAM) An initiative
promoted by Microsoft as a way to maintain accurate
inventories of installed and licensed software. This
practice helps organizations maintain legally licensed
versions of all the software they need.
solicited Remote Assistance (RA) A Remote Assis-
tance request initiated by the novice (the user seeking
help). Also known as escalated Remote Assistance (RA).
SPA See Server Performance Advisor (SPA).
SSDP See Simple Service Discovery Protocol (SSDP).

stabilizing phase In deployment, the phase that
addresses the testing of a solution that is feature
complete. This phase typically occurs when pilots are
conducted, with an emphasis on real-world testing
and with the goal of identifying, prioritizing, and fixing
bugs.
stack A list of memory locations that identify the
calling methods of return locations. Windows uses the
stack to remember the location to return to when a
called method has finished running.
start address A URL that points to the starting loca-
tion for indexed content. When indexing is performed,
each configured starting address is enumerated by a
protocol handler to find the content to be indexed.
Starter GPO Collections of preconfigured administra-
tive templates in Windows 7 that IT professionals can
use as standard baseline configurations to create a
live GPO. They encapsulate Microsoft best practices,
containing recommended policy settings and values for
key enterprise scenarios. IT professionals also can create
and share their own Starter GPOs based on internal or
industry regulatory requirements.
startup key A key stored on a USB flash drive that
must be inserted every time the computer starts. The
startup key is used to provide another factor of protec-
tion in conjunction with TPM authentication. See also
Trusted Platform Module (TPM).
Stop error An error that Windows raises when a Kernel
mode process has been compromised or has experi-
enced an unhandled exception.

subject matter expert (SME) A person who is skilled
in a particular topic. During deployment, you should
use SMEs to help in the planning, development, and
stabilizing processes. SMEs are users who are most fa-
miliar with the applications and data to migrate (though
despite their name, they are not necessarily experts),
and they’re usually stakeholders in seeing that the pro-
cess is properly performed.
subscription Provides the ability to collect copies of
events from multiple remote computers and store them
locally.
supplemental application An application installed
on a select few computers in your environment, such
as specialized applications used by individual groups.
Supplemental applications are in contrast to core ap-
plications, which are installed on most computers.
Sync Center A tool that provides a user interface for
managing content synchronization activities including
redirected folders and other folders marked for offline
use.
System Starter GPO A read-only GPO that provides a
baseline of settings for a specific scenario. Like Starter
GPOs, System Starter GPOs derive from a GPO, let you
store a collection of Administrative template policy set-
tings in a single object, and can be imported. See also
Starter GPO.
Systems Management Server (SMS) A Microsoft
computer management infrastructure used to improve
administrative efficiency and help distribute and
manage software.

T
task sequence A series of actions to run on a destina-
tion computer to install Windows and applications and
Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark.
1663
Glossary
then configure the destination computer. In MDT 2010,
the task sequence is part of a build, and the feature
responsible for executing the task sequence is the Task
Sequencer. See also Microsoft Deployment Toolkit 2010
(MDT 2010).
Task Sequencer The MDT 2010 feature that runs the
task sequence when installing a build. See also
Microsoft Deployment Toolkit 2010 (MDT 2010).
TCP receive window size The number of bytes that a
TCP/IP host can transmit without receiving a response
from the remote computer. The TCP receive window
size can have a significant impact on performance. If the
size is too large and the network is unreliable, a great
deal of data might need to be retransmitted if data is
lost. If the size is too small, utilization is unnecessarily
low while the sending computer waits for confirmations
from the receiving computer.
technician computer The computer on which you
install MDT 2010 or Windows SIM. This computer is
typically in a lab environment, separated from the pro-
duction network. In MDT 2010, this computer is usually
called the build server. See also Microsoft Deployment
Toolkit 2010 (MDT 2010).
Telnet A protocol and tool for remotely managing

computers using a text-based interface similar to a
command prompt.
Test TCP A network troubleshooting tool for testing
TCP connectivity between two computers.
thick image An operating system installation image
that contains core, and possibly supplemental, applica-
tions. Thick images simplify deployment by installation
applications alongside the operating system. However,
because they are more specialized, you typically require
more thick images than thin images.
thin image An operating system installation image
that contains few if any core applications. Thin images
have the advantage of being applicable to a larger
number of computers in your organization than a thick
image, which is more specialized.
TPM See Trusted Platform Module (TPM).
Trusted Platform Module (TPM) The Trusted
Platform Module is a hardware device defined by the
Trusted Computing Group (TCG). A TPM provides
a hardware-based root of trust and can be used to
provide a variety of cryptographic services. Version 1.2
TPMs with TCG-compliant BIOS upgrades allow
BitLocker to provide drive encryption as well as
integrity checking of early boot features, which helps
prevent tampering and provides a transparent startup
experience.
U
UIPI See User Interface Privilege Isolation (UIPI).
Unattend.xml The generic name for the Windows
answer file. Unattend.xml replaces all the answer files in

earlier versions of Windows, including Unattend.txt and
Winbom.ini.
unhandled exception An error that is not processed
by an application. When a User mode process has an
unhandled exception, the process is closed and Windows
can present the user with an opportunity to send an
error notification to Microsoft. When a Kernel mode
process has an unhandled exception, a Stop error occurs.
unsolicited Remote Assistance (RA) A Remote Assis-
tance request initiated by the expert (the user offering
help). Also known as offered Remote Assistance (RA).
Upgrade Computer scenario In MDT 2010, a deploy-
ment scenario that deploys a new version of Windows
to an existing computer that has an earlier version of
Windows installed. The Upgrade Computer scenario
preserves user data. See also Microsoft Deployment
Toolkit 2010 (MDT 2010).
URL-based Quality of Service A new feature of
Windows 7 and Windows Server 2008 R2 that enables
IT administrators to use Group Policy settings to priori-
tize Web traffic based on a URL. With URL-based QoS,
IT administrators can ensure critical Web traffic receives
appropriate prioritization, improving performance on
busy networks.
User Broker A feature of Protected mode in Windows
Internet Explorer that provides a set of functions that lets
the user save files to areas outside low-integrity areas.
Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark.
1664
Glossary

User Interface Privilege Isolation (UIPI) A feature
of Windows that blocks lower-integrity processes from
accessing higher-integrity processes. This helps protect
against shatter attacks. See also shatter attack.
User mode A processing mode provided by x86-based
processors that provides only limited access to memory
and other system resources. Processes that run in User
mode can access memory allocated to the process, but
must be elevated to Kernel mode by calling system APIs
before the process can access protected resources.
user profile The set of user documents and settings
that make up a user’s desktop environment.
user profile namespace The hierarchy of folders
within a user’s profile folder.
user state The data files and settings associated with a
user profile.
user state migration The process of transferring user
files and settings from one computer to another or
from an older version of Windows to a newer version of
Windows installed on the same computer.
V
VHD Boot The Windows 7 bootloader can be con-
figured to start Windows from a VHD file exactly as
though the VHD file were a standard partition. Simply
copy the VHD file to the local computer and then use
BCDEdit.exe to add an entry to the boot menu for the
VHD file. Windows 7 can also mount VHD files in the
Disk Management console as if they were native
partitions.
View Available Networks A new feature of wireless

networking in Windows 7 that lets users display avail-
able wireless networks and quickly choose one to
connect to.
VMK See Volume Master Key (VMK).
Volume License A license purchased from Microsoft
or another software vendor to use multiple copies of an
operating system or program.
Volume Master Key (VMK) The key used to encrypt
the FVEK.
VPN Reconnect A new feature of Windows 7 that
provides seamless and consistent VPN connectivity
by automatically re-establishing a VPN connection if
users temporarily lose their Internet connection. For
example, if a user connected over mobile broadband
passes through an area without reception, Windows 7
automatically reconnects any active VPN connections
once Internet connectivity is reestablished.
W
Wake on Wireless LAN (WoWLAN) A new feature of
Windows 7 that can reduce electricity consumption by
enabling users and IT professionals to wake computers
connected to wireless networks from Sleep mode
remotely. Because users can wake computers to access
them across the network, IT professionals can configure
them to enter the low-power Sleep mode when not in
use.
WAU See Windows Anytime Upgrade (WAU).
WCS See Windows Color System (WCS).
Web Services for Devices (WSD) A new type of
network connectivity supported by Windows Vista and

later versions. WSD enables users to have a Plug and
Play experience similar to that of USB devices, except
over the network instead of for locally connected
devices.
WER See Windows Error Reporting (WER).
WGA See Windows Genuine Advantage (WGA).
.wim A file name extension that identifies Windows
image files created by ImageX.
Windows AIK See Windows Automated Installation Kit
(Windows AIK).
Windows Anytime Upgrade (WAU) An upgrade
service primarily intended for home users that allows
upgrades from one edition of Windows to a more
advanced edition.
Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark.
1665
Glossary
Windows Automated Installation Kit (Windows
AIK) A collection of tools and documentation that you
can use to automate the deployment of the Windows
operating system. Windows AIK is one of several
resources that you can use to deploy Windows; for
example, tools and software such as MDT 2010 and
Microsoft System Center Configuration Manager use
features of Windows AIK to create system images and
automate operating system installations.
Windows Color System (WCS) A feature that works
with the Windows print subsystem to provide a richer
color printing experience that supports wide-gamut
printers (inkjet printers that use more than four ink

colors) for lifelike printing of color photos and graphic-
rich documents.
Windows Defender A feature of Windows that
provides protection from spyware and other potentially
unwanted software.
Windows Easy Transfer The feature in Windows 7
and Windows Vista that replaces the Windows XP Files
And Settings Transfer Wizard. This tool leads the user
through a series of pages to determine how much data
to migrate and which migration method (disc or remov-
able media, direct cable connection, or network) to use.
Windows Error Reporting (WER) The client fea-
ture for the overall Watson Feedback Platform (WFP),
which allows Microsoft to collect reports about failure
events that occur on a user’s system, analyze the data
contained in those reports, and respond to the user in a
meaningful and actionable manner. WER is the technol-
ogy that reports user-mode hangs, user-mode faults,
and kernel-mode faults to the servers at Microsoft or to
an internal error-reporting server.
Windows Genuine Advantage (WGA) A Microsoft
initiative to ensure that users of copied Windows
operating systems become aware of their counterfeit
versions. By recording the product key and a signature
from the computer’s BIOS, Microsoft can effectively
determine when retail versions of Windows have been
copied and when volume-activated versions of
Windows have been excessively distributed.
Windows Imaging A single compressed file containing
a collection of files and folders that duplicates a

Windows installation on a disk volume.
Windows PowerShell Integrated Scripting Environ-
ment (ISE) A GUI for Windows PowerShell that lets
you run commands and write, edit, run, test, and debug
scripts in the same window. It offers up to eight inde-
pendent execution environments and includes a built-in
debugger, multiline editing, selective execution, syntax
colors, line and column numbers, and context-sensitive
Help.
Windows PowerShell Modules Windows PowerShell
modules let you organize your Windows PowerShell
scripts and functions into independent, self-contained
units. You can package your cmdlets, providers, scripts,
functions, and other files into modules that you can
distribute to other users. Modules are easier for users to
install and use than Windows PowerShell snap-ins.
Windows PowerShell Remoting A feature introduced
in Windows PowerShell 2.0 that lets you run Windows
PowerShell commands for automated or interactive
remote management.
Windows Product Activation (WPA) A way to ensure
that customers are using genuine Windows operating
systems purchased from Microsoft resellers. This tool,
which began with Windows XP, defeated casual copying
of Windows XP by ensuring that other systems had not
recently been activated with the same product key.
Windows Server Update Services (WSUS) A free
server tool available for download from Microsoft.com
that administrators can use to manage which updates
are distributed to computers running Windows on their

internal network.
Windows System Assessment Tool (WinSAT) A
command-line tool included with Windows for assess-
ing the features, capabilities, and attributes of computer
hardware.
Windows Troubleshooting Packs Collections of
Windows PowerShell scripts that attempt to diagnose
a problem and, if possible, solve the problem with the
user’s approval. Windows 7 includes 20 built-in Trouble-
shooting Packs that address more than 100 root causes
Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark.
1666
Glossary
of problems. Troubleshooting Packs can also perform
ongoing maintenance of a specific feature.
Windows Virtual PC A new optional feature that you
can use to evaluate and migrate to Windows 7 while
maintaining compatibility with applications that run on
older versions of Windows. This feature is available as a
downloadable update package for Windows 7.
WinSAT See Windows System Assessment Tool
(WinSAT).
WPA See Windows Product Activation (WPA).
WSD See Web Services for Devices (WSD).
WSUS See Windows Server Update Services (WSUS).
X
XML Paper Specification (XPS) A set of conventions
for using XML to describe the content and appearance
of paginated documents.
XPS See XML Paper Specification (XPS).

Z
Zero Touch Installation (ZTI) A MDT 2010 deploy-
ment option that fully automates the deployment of
client computers. During a ZTI installation, the Windows
operating system and all applications are automatically
deployed the first time a computer is connected to the
network and turned on. See also Microsoft Deployment
Toolkit 2010 (MDT 2010).
ZTI See Zero Touch Installation (ZTI).
Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark.
1667
Index
Symbols and
Numbers
$modulePath variable, 471–472
6to4 technology, 1406
A
A records, 1385
AAAA records, 1385–1387
absolute symbolic links, 666–668
accelerators, 892–893
access control entry (ACE), 898
access control list (ACL), 324, 1236
access tokens, 70, 1126
ACE (access control entry), 898
ACL (access control list), 324, 1236
ACM (Application Compatibility
Manager)
configuring, 155–156
defined, 143, 145

Quick Reports area, 158
testing and mitigation issues,
169–178
ACPI (Advanced Configuration and
Power Interface), 681, 732
ACT (Application Compatibility
Toolkit)
analyzing compatibility data,
158–167
application manifests, 1131
collecting compatibility data,
157–158
Compatibility Administrator, 153,
169, 173–177
compatibility evaluators, 147–148
configuring, 155–156
functionality, 128, 143–145, 902
hardware requirements, 154
installing, 155
migrating user state data, 233
planning considerations, 148–153,
250
preparation process, 153–154
software requirements, 153
support topologies, 146
synchronizing data, 167
ACT Community, 162, 164
ACT database, 145–146, 153, 167
ACT Log Processing Service,
145–146, 154–155

ACT Log Processing share, 145–146,
152, 154
Action Center
configuring WER, 1029–1033
functionality, 12
notification area changes, 6
Reliability Monitor support, 1477
Remote Desktop support, 388
Windows Defender support, 39
Windows Memory Diagnostics,
1496
actions
bulk print, 790–791
defining, 996–997
functionality, 985
activation count cache, 339–340
activation threshold, 339
Active Directory And Computers
MMC snap-in, 297, 325
Active Directory Domain Services.
See AD DS (Active Directory Domain
Services)
ActiveX controls, 1125
ActiveX Data Objects, 276
AD DS (Active Directory Domain
Services)
802.1x authentication, 1201–1202
configuring UAC, 1135
connection considerations,
1223–1224

DirectAccess support, 1303
Group Policy support, 61, 152, 481
GUID support, 324
implementing Folder Redirection,
562–563
key management and, 64
KMS support, 341
logon considerations, 60
preparing for BitLocker, 658
pre-staging client computers, 325
publishing printers, 783–784
roaming user profiles, 533
Windows Deployment Services
support, 297, 304
Windows Firewall support, 50
Adaptive Display Brightness, 17
Add Features Wizard, 858
Add Printer Wizard, 792–793,
801–802
Add-BitsFile cmdlet, 1093
Add-on Manager, 906
address autoconfiguration,
1383–1385
Address Resolution Protocol (ARP),
1196, 1381–1382
Address Space Layout Randomization
(ASLR), 59
ADM (Administrative Template) files
comparison to ADMX files, 494,
518–520

filtering policy settings, 486
functionality, 482
Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark.
1668
Admin Broker process
setting enhancements, 487
Admin Broker process, 901
administrative privileges
security considerations, 71
UAC considerations, 1121–1122,
1129–1131, 1133
Administrative Template (ADM) files.
See ADM (Administrative Template)
files
administrative tools, 128, 140
administrators
configuring administrator approval,
325–326
setting secure desktop, 73
software update considerations,
1106
trustworthy, 65
UAC considerations, 1126–1128
Administrators group, 1121
AdminStudio tool, 263
ADML (Architecture Description
Markup Language), 484
ADMX Migrator, 518–520
ADMX template files
adding to central store, 497,

503–504
considerations when working with,
497–498
domain storage, 496
functionality, 484, 494
local storage, 496
migrating ADM templates,
518–520
registry considerations, 495
types supported, 495
Advanced Configuration and Power
Interface (ACPI), 681, 732
Advanced Group Policy Management
(AGPM), 392, 521
Advanced Query Syntax (AQS), 822
AEM (Agentless Exception
Monitoring), 1019
Aero interface, 7, 15
Aero Peek feature, 6
Aero Shake feature, 7
Aero Snap feature, 7
AES algorithm, 642, 1312, 1315
Agentless Exception Monitoring
(AEM), 1019
AGPM (Advanced Group Policy
Management), 392, 521
AIS (Asset Inventory Service), 392
alerts, Action Center support, 12
All Users profile, 538
allow list, 910

Alt + Tab combination, 7
AMD-V feature, 144
answer files
automating Windows PE, 289
deployment process overview, 106
functionality, 87, 91–92
platform interconnection, 90
Windows SIM support, 87, 91–92
Anti-Phishing Working Group, 909
antivirus software, 205, 1107, 1632
anycast addresses, 1374
API (application programming
interface)
biometric support, 79
EAPHost support, 1208–1209
improved peer networking,
1206–1207
Layered Service Provider support,
1209
NAP support, 57, 1160
Network Awareness, 1205–1206
NLA support, 1240
notification-based indexing, 846
Pacer.sys driver support, 1176
SUA support, 172
Windows Deployment Services
support, 297
Windows PE support, 95, 276
WSD support, 1209
APIPA (Automatic Private IP

Addressing), 1217, 1375, 1383
AppHelp messages, 174, 176–177
application compatibility. See also
ACT (Application Compatibility
Toolkit)
Application Virtualization, 145
assessing, 162–163
checking, 1632
creating and assigning categories,
159–161
defined, 140
deployment considerations,
149–152
filtering data, 166–167
identifying missing applications,
168
Internet Explorer considerations,
901–902
managing issues, 164–166
migration considerations, 132–133
mitigation issues, 169–178
primary testing tools, 141–145
prioritizing compatibility data,
161–162
Program Compatibility Assistant,
142
Program Compatibility
troubleshooter, 142
rationalizing application inventory,
168–169

reasons for failure, 140–141
selecting specific versions,
168–169
setting deployment status,
163–164
testing, 127–128, 169–178
troubleshooting, 24
UAC considerations, 1133–1134
user profile namespace issues,
540–545
Windows XP Mode, 144
Application Compatibility Manager.
See ACM (Application Compatibility
Manager)
Application Compatibility Toolkit.
See ACT (Application Compatibility
Toolkit)
Application Compatibility Toolkit
Data Collector, 143
Application Data folder, 535
application deployment
adding to deployment shares,
189–194, 265–267
adding to task sequence, 190, 205
App-V support, 391
automating installation, 252,
257–261
choosing deployment strategy,
253–256
choosing sample data, 236

injecting disk images, 264–269
installing applications, 268–269
Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark.
1669
Best Effort (BE)
manipulating dependencies,
193–194, 267–268
migrating user state data, 232
planning deployment, 127–128,
249–253
preparing lab environment, 248
repackaging legacy applications,
252, 262–264
Windows PE support, 284
application fixes, 173–176
application mitigation packages, 174,
177–178
application packaging software. See
packages
application programming interface.
See API (application programming
interface)
Application Virtualization. See App-V
(Application Virtualization)
applications. See software
Applications.xml file, 187
AppLocker
auditing rules, 1146–1148
custom error messages, 1149
DLL rules, 1148

functionality, 61, 66–67, 390
Group Policy support, 487
rule types supported, 1143–1146
software restriction policy
comparison, 1142–1143
Windows PowerShell support, 1149
AppStations, 151
App-V (Application Virtualization),
145, 391–392
AQS (Advanced Query Syntax), 822
Architecture Description Markup
Language (ADML), 484
arithmetic operators, 446–447
ARP (Address Resolution Protocol),
1196, 1381–1382
Arp tool, 1522, 1524–1525
arrays, evaluating, 451
ASLR (Address Space Layout
Randomization), 59
Asset Inventory Service (AIS), 392
asset management, 392
ATA storage devices, 1634
ATTEMPTED_WRITE_TO_READONLY_
MEMORY (Stop message), 1621
auditing
AppLocker rules, 1146–1148
configuring UAC, 1140
deployment process overview, 107
enhancements, 62, 76–78
Global Object Access Auditing, 78

Group Policy support, 487
software updates, 1097–1102,
1111
Sysprep tool support, 94
Windows Firewall support,
1288–1290
Auditpol /get command, 76
Auditpol /set command, 78
authentication
802.1x support, 1199–1202
BitLocker support, 648
IKEv2 support, 1298–1301, 1333
IP address, 50
logon considerations, 60
PIN, 645
smart cards and, 79
VPN Reconnect support, 1297
VPN support, 1315–1316,
1332–1333
Auto-Cast transmissions, 330
Automatic Private IP Addressing
(APIPA), 1217, 1375, 1383
Automatic Updates, 41, 43
automatic variables, 406, 413, 426
Autoruns tool, 389
Autounattend.xml file, 87
availability (CIA triad), 64
B
Background Intelligent Transfer
Service. See BITS (Background

Intelligent Transfer Service)
backtick character, 426
backup/restore considerations
Action Center support, 12
backup process overview, 625–626
best practices, 632
BitLocker support, 64
file and folder backup structure,
626–628
functionality, 624–625
Group Policy settings, 632–634
manipulating previous versions,
634–639
reinstalling Windows, 1456–1457
software updates, 1108
System Image backups, 628–632
Windows NT Backup-Restore
utility, 389
BAD_POOL_CALLER (Stop message),
1621–1623
bandwidth considerations, 1089,
1093, 1106, 1176
Base Filter Engine (BFE), 1232–1233
batteries, 16–17
BBE (Better than Best Effort), 1177
BCD registry file
additional information, 1423
backing up/restoring settings,
1441–1442
enhancements, 1420

manually updating, 1454
modifying, 1421
ntldr entry, 1423, 1443
overview, 1420–1421
removing boot entries, 1444
viewing settings, 1441
BCD stores, 1422–1423
BCD WMI provider, 1421
BCDboot tool, 96, 277
BCDEdit.exe utility
backing up/restoring settings,
1441–1442
changing boot menu time-outs,
1442–1443
changing defaults, 1442
changing menu item order, 1443
creating entries for other OSs,
1443–1444
functionality, 1440–1441
global debugger settings, 1445
interpreting output, 1441
modifying BCD registry file, 1421,
1424
removing boot entries, 1444
BDD_Welcome_ENU.xml file, 220
BDT (Bitmap Differential Transfer),
587
BE (Best Effort), 1177
Behavior.xml file, 708
Best Effort (BE), 1177

Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark.
1670
beta testing
beta testing, 1114
Better than Best Effort (BBE), 1177
BFE (Base Filter Engine), 1232–1233
BgInfo tool, 389
BitLocker Drive Encryption
clear key, 646, 657
configuring data recovery agent,
658–659
cost considerations, 662
data theft and, 44
decommissioning permanently,
657–658
disabling, 656–657
enabling on data volumes, 652–653
enabling on system volumes,
650–652
external key support, 646
functionality, 61–66, 390, 641–643
indexing considerations, 856
managing from command line,
653–655
managing on local computer, 653
managing with Group Policy,
659–661
MDT solution framework, 116
phases, 648–649
preparing AD DS, 658

protecting data, 643–646, 650
recovering protected data,
655–656
recovery password, 646
removing, 656–657
TPM support, 643–646
Windows Setup support, 94
BitLocker Drive Preparation Tool, 650
BitLocker Repair Tool, 656
BitLocker To Go, 45, 61, 66, 390,
646–648
Bitmap Differential Transfer (BDT),
587
BITS (Background Intelligent Transfer
Service)
Bitsadmin tool support, 386
BranchCache considerations, 1188
managing, 1090–1094
thin image strategy, 255
Bitsadmin.exe tool, 386, 1093
blackhole routers, 1548
Bluetooth protocol, 1516
Boolean logic, 209
boot code, 1428
boot images
adding driver packages, 323
capturing custom, 327–329
importing, 315–316
MDT support, 331
staging, 285

boot logs, 1461–1462, 1465–1466
Boot Manager. See Windows Boot
Manager
Boot.ini file, 1420
Boot.wim file, 91
bootable media, creating, 285–288
bootable partitions, 1428
BootPRO tool, 1421
Bootrec.exe tool, 1424, 1451–1452
Bootsect tool, 97, 277, 1424, 1454
BootStrap.ini file, 372
BranchCache
architectures supported, 1185
benefits, 1305–1306
configuring, 1187–1188
Distributed Cache mode, 15,
1186–1187, 1306
functionality, 390, 1185, 1294,
1306
Hosted Cache mode, 15,
1185–1186, 1306
implementing, 1307
performance improvement, 15
protocols supported, 1188–1189,
1307
SMB support, 1189
web browsing considerations,
1189–1190
break statement (Windows
PowerShell), 443

BrmDrivers.xml file, 790
BrmForms.xml file, 790
BrmLMons.xml file, 790
BrmPorts.xml file, 790
BrmPrinters.xml file, 790
BrmSpooolerAttrib.xml file, 790
broker process, 900
browsers
BranchCache considerations,
1189–1190
Network Explorer support, 1168
protecting against malware,
41–42, 1157
buffer overflow attacks, 58, 903–904
BUGCODE_USB_DRIVER (Stop
message), 1627
Build SMF, 120–121
built-in diagnostics, 1491–1499
bundling malware, 39–40
BYE message, 1171
C
CA (certification authority), 1223,
1230, 1304
caching
client-side, 587, 599, 607–608
disabling nonvolatile, 1506
transparent, 589–590
calcs command, 281
Capture utility, 297
Case Else statement (VBScript), 449

catalogs
automating Windows PE, 289
default indexing scopes, 838
default system exclusion rules,
835–836
defined, 88, 827
FANCI bit, 836–837
files/subfolders structure, 833–835
functionality, 832–833
initial configuration, 838
cd command, 404
central store, 484, 497, 502–504
CER (Corporate Error Reporting), 1019
certificates. See personal certificates
certification authority (CA), 1223,
1230, 1304
Challenge Handshake Authentication
Protocol (CHAP), 1315–1316
channels, 965–966
CHAP (Challenge Handshake
Authentication Protocol), 1315–1316
ChkDsk tool
BitLocker support, 651
examples, 1501
functionality, 1500–1501
graphical interface support, 1503
NTFS support, 1503–1505
scheduling considerations, 1503
Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark.
1671

Control Panel
self-healing NTFS comparison,
1481
syntax, 1501–1502
System Recovery limitations, 1424
time considerations, 612
CI (Code Integrity), 53
CIA triad, 64
CID (confirmation ID), 344
CIDR (Classless Inter-Domain Routing)
notation, 1373
CIFS (Common Internet File System).
See SMB (Server Message Block)
CIM (Common Information Model),
384
Classless Inter-Domain Routing
(CIDR) notation, 1373
clear key, 646, 657
Clear-EventLog cmdlet, 979
client machine identification (CMID),
339–340
client-side caching
BDT support, 587
Folder Redirection technology, 599
roaming user profiles, 599
search considerations, 823
troubleshooting, 607–608
client-side computers
CMID support, 339–340
deploying driver packages to,

317–321
grouping, 367–368
pre-staging, 325
print management, 792–804
VAMT support, 344
Client-Side Rendering (CSR), 762
clock speeds, 1634
clouds, 1040, 1206
CLR (Common Language Runtime),
278
CMAK tools, 1321, 1338
Cmd.exe (command prompt), 388
cmdlets. See also specific cmdlets
alias support, 410, 413
AppLocker support, 1149
BITS support, 1093–1094
filtering output, 416–418
functionality, 385, 397
gathering event information,
978–982
gathering performance data,
954–955
Group Policy support, 486,
509–511
naming convention, 397, 399
output objects, 419–421
parameter considerations, 411–412
property considerations, 414
verbs supported, 399–402
wildcard characters, 412, 414

CMID (client machine identification),
339–340
CNG (Crypto Next Generation)
services, 58
Code Integrity (CI), 53
CodeRed worm, 58
Color Management CPL,, 800
COM (Component Object Model),
508
command line
configuring disk quotas, 671–672
configuring network settings,
1220–1221
configuring RDC, 1357
configuring wireless settings,
1211, 1213–1215
managing BitLocker, 653–655
Remote Assistance support,
1055–1058
System Image backups, 628–629
transitioning Windows PowerShell
scripts, 425–427
WinSAT tool support, 1011
Command Prompt tool, 1424
Common Information Model (CIM),
384
Common Internet File System (CIFS).
See SMB (Server Message Block)
Common Language Runtime (CLR),
278

comparison operators, 446–447
Compatibility Administrator tool
ACT support, 169
creating AppHelp messages,
176–177
creating compatibility fixes,
174–176
creating compatibility mode, 176
creating custom databases, 174
process flow, 173
starting, 174
system requirements, 153
terminology supported, 173–174
compatibility evaluators, 147–148,
157
compatibility mode, 173, 176
Complete-BitsTransfer cmdlet, 1093
Component Object Model (COM),
508
components, 88, 91–92
Computer Browser service, 1170
Conditions list
filtering groups, 206
If statements, 208
operating system versions, 209
task sequence variables, 207–208
WMI queries, 209–210
confidentiality (CIA triad), 64
Config.xml file, 241
Configuration Manager. See SCCM

(System Center Configuration
Manager)
configuration passes, 88, 90–91, 107
configuration sets, 88
confirmation ID (CID), 344
constant special item ID list (CSIDL),
535–537
Contacts subfolder, 537
Control Panel
Add Hardware utility, 696
configuring index location, 851
configuring indexing encrypted
files, 856
configuring indexing scopes,
852–853
configuring indexing similar
words, 857
configuring indexing text in TIFF
documents, 858
configuring Offline Files indexing,
855
configuring power management,
733–734
configuring UAC, 1139
Devices And Printers, 764
Display utility, 683–684
enabling BitLocker, 63
Folder Options, 863–865
Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark.
1672

Cookies folder
Indexing Options, 838, 847, 857
managing Offline Files, 595–596
managing Windows Firewall, 1262
Power Options utility, 733–734
WBF support, 79
Cookies folder, 535
Copy-Item cmdlet, 472
Copy-Module function, 470, 472
Copype.cmd script, 280
core networking
802.1x network authentication,
1199–1202
BranchCache support, 1185–1190
DNSSec support, 488, 1190
efficiency considerations,
1191–1195
GreenIT, 1190–1191
improved reliability, 1197
IPv6 support, 1198–1199
scalability considerations,
1196–1197
Server Message Block, 1202–1203
strong host model, 1203
Volume Activation scenario, 345,
347
wireless networking, 1203–1205
Corporate Error Reporting (CER),
1019
corporate roaming. See Folder

Redirection technology; roaming
user profiles
crawl scopes, 827, 838
Create Task dialog box
Actions tab, 996–997
Conditions tab, 997–999
depicted, 991
General tab, 991
Settings tab, 999–1001
Triggers tab, 992–996
create vdisk command, 620
CreateProcess function, 988
CreateSymbolicLink function, 666
Credential_ENU.xml file, 221
credentials management
Credentials Manager, 984, 987
CustomSettings.ini file, 360
enhancements, 52
Windows Deployment Services
considerations, 299
Credentials Manager, 984, 987
Cross-Site Scripting (XSS), 74
Crypto Next Generation (CNG)
services, 58
CSC. See client-side caching
CSIDL (constant special item ID list),
535–537
CSR (Client-Side Rendering), 762
Ctrl + Alt + Delete combination, 1046
CustomSettings.ini file

adding custom migration files, 245
configuring, 361–362
customizing, 371–372
depicted, 243
properties supported, 362–363
providing credentials, 360
Refresh Computer scenario, 364
D
DaRT (Diagnostics and Recovery
Toolset), 392
Data Collection Package. See DCP
(Data Collection Package)
data collector sets
as diagnostic tools, 1492–1493
configuring, 946–947
creating, 943–945
starting/stopping logging, 949
troubleshooting support,
1545–1546
types supported, 942
viewing performance data,
947–951
viewing properties, 947
data collectors, 942
Data Encryption Standard (DES),
1312–1315
Data Execution Prevention (DEP), 55,
58, 75
Data Manager, 947–949
data recovery agent, configuring,

658–659
data stores
choosing location, 234–235
defined, 133
local, 234–235
remote, 235
specifying location, 243–244
data theft
blocking IDN spoofing, 914–916
copying confidential files, 45–46
deleting browser history, 913–914
phishing, 909–913
physical theft of device, 44
protecting against, 907–916
security considerations, 44–46
Security Status bar, 907–908
sharing confidential documents,
46
data volumes, 652–653
DATA_BUS_ERROR (Stop message),
1609–1610
DCOM (Distributed Component
Object Model), 1039, 1066–1067
DCP (Data Collection Package)
collecting compatibility data, 157
creating, 157–158
defined, 145
deployment considerations,
149–152
log file locations, 152–153

DCS. See data collector sets
DDI (Device-Driver Interface), 682
DDNS (Dynamic DNS), 340, 342
dead gateway detection, 1197
debugging
kernel debugger, 1602, 1633
logging support, 524
memory dump files and,
1598–1600
Default profile, 538
default statement (Windows
PowerShell), 449
Default User profile, 538
defense-in-depth technique, 41, 899,
1142
definition files, 220
definition updates, 1155
defragmentation, disk, 622, 1124
del command, 404
delete volume command, 619
deleting
browser history, 913–914
files, 674
folders, 404
tasks, 1004
text files, 404
volumes, 619
Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark.