NTFS versus FAT

The Windows NT 2000 and the recent Windows XP

operating systems have some obvious differences
from the Windows 9x operating system. However,
many differences are unseen. These differences
are important to fully understand the environments
in which these operating systems are used. The
following factors must be considered when
choosing an operating system:
Whether the operating system will be for the office
or the home
Whether the computer will be part of a network
Security issues
The types of programs that will be used on the
operating system
Security and permissions
The Windows 9x environment lacks the robust
security and permissions features of the Windows
NT, Windows 2000, and Windows XP
environments. If NTFS is used in these
environments, then these operating systems
benefit from enhanced system security features
like file encryption. Permissions can also be set
on files, directories, or folders.
Permissions
File and directory permissions specify which users and
groups have access to certain files and folders.
Permissions also set what can be done with the
contents of a file or folder. Assigning permissions is an
excellent means of providing security. It is also
effective for files or directories that are accessed over
a network. However, permissions that are assigned for
directories are different from permissions assigned for
files. Figures and describe the different permission
types that can be set on folders and files. These
features are only available in the Windows NT,
Windows 2000, and Windows XP operating systems if
NTFS is used in place of the FAT file system
Encryption
Encryption is another security feature included with the
Windows 2000 and Windows XP operating systems.
Microsoft provides a specific file system for encryption
called the Encrypting File System (EFS). This allows
administrators to encrypt a file or folder so that only the
person who encrypted the file can view it. The
administrator can also specify which other users can
view the file.
It is recommended that the administrator encrypt
folders and not individual files. Any files placed in a
folder become encrypted as soon as a folder has
encryption enabled. This simplifies management of
the encrypted folders. Click the General tab in the
Properties dialog box for the folder to encrypt it. On
the General tab, click the Advanced button, and
then select the Encrypt contents to secure data
check box.
Compression
Microsoft has a compression tool that saves space by
compressing files and folders. After compression, a file
or folder takes up less space on the Windows 2000 or
Windows XP volume. A file can be compressed or
uncompressed, which determines the compression
state of the file. If a compressed file must be accessed,
a user can do so without uncompressing it first. The
operating system automatically uncompresses it upon
opening and then recompresses it when the work is
finished. Then the file is closed.
Compressing files and folders creates more disk
space. However, NTFS allocates disk space based
on the uncompressed file size. When a user tries to
copy a compressed file to a volume with enough
space for the compressed file but not enough
space for the uncompressed file, an error message
appears. It states that there is not enough disk
space to copy the file. This is because NTFS bases
the file size on the uncompressed state and not the
compressed state.
Compression follows the same recommendation
as encryption. Compress the folder first and then
add files to it. Right-click the folder or file in
Windows Explorer to set the compression state of
a folder or file. Click Properties, and then click the
Advanced button. In the Advanced Attributes
dialog box, select the Compress contents to save
disk space check box. Click OK, and then click
Apply in the Properties dialog box. Compression is
less important today because drives are increasing
in size and cost less to buy.
Disk Management
To access disk management, right-click on My
Computer and select Manage, as demonstrated in
Figure .
The two types of disks that are available in
Windows 2000 and XP are basic disks and dynamic
disks. A system with one disk needs to be either
basic or dynamic because both types cannot be
used on the same physical disk. However, one can
be basic and the other dynamic if the system has
more than one disk.
Basic Disks
A basic disk is a physical disk that contains primary
partitions, extended partitions, or logical drives. Basic
disks may also contain the following partitions:

Spanned volumes, or volume sets

Mirrored volumes, or mirror sets
Striped volumes, or stripe sets
Redundant Array of Inexpensive Disks (RAID) 5 volumes,
or stripe sets with parity
Dynamic Disk Volumes
An administrator can use the Upgrade to Dynamic Disk
command to convert a basic disk to a dynamic disk.
Next they can decide which type of volume to create.
The process of upgrading a basic disk to a dynamic
disk involves the following steps:

Open the Computer Management screen as seen in

Figure .
Expand the Storage folder and select Disk
Management as shown in Figure .
Right-click on disk that needs to be upgraded. Figure
shows the options that display. Be sure to right-click on
the disk and not the partition.
Select the Upgrade to Dynamic Disk option. The
Upgrade to Dynamic Disk window displays as shown in
Figure .
Select the disk that needs to be upgraded as shown in
Figure and click OK. Figure shows the window that
displays to confirm the selection.
Press Upgrade. Figure displays the next confirmation
screen.
Press OK to reboot and complete the dynamic disk
upgrade.
Go to the Computer Management screen to confirm that
the disk was upgraded after the system reboots. Figure
shows the upgraded disk.
The type of volume created depends on the need for
storage space. It also depends on how crucial the data is
and if those volumes need to have a backup plan in case
they fail.

The three types of volumes that can be created with

Windows 2000 Professional are Simple, Stripped, and
Spanned volumes, as described in the following list
Simple Volume – This volume acts as a basic disk that
contains disk space from a complete single disk. It is not
fault-tolerant.
Spanned Volume – This volume includes disk space from
multiple disks. There can be up to 32 disks in a spanned
volume. In a spanned volume the operating systems write
data to the first disk until it runs out of space. Then it
continues to write data to the proceeding disks for as many
disks as are included in the volume. A spanned volume is
not fault-tolerant. If one disk in a spanned volume fails, the
data in the entire volume is lost.
Striped Volume – A striped volume, also known as RAID 0,
combines areas of free space from up to 32 multiple hard
disks into one logical volume. This volume optimizes
performance by allowing data to be written to all the disks at
the same rate. This volume is not fault-tolerant as well so if
one disk in the volume fails, then all the data is lost.
Mirrored Volume – This volume contains two
identical copies of a simple volume that stores the
same data on two separate hard drives. Mirrored
volumes provide fault tolerance in the event of hard
disk failure. If one disk fails, a new one can replace
it. All of the data is backed up on the other disk.
RAID 5 Volume – A RAID 5 volume consists of
three or more parts of one or more drives. It can
also consist of three or more entire drives. Users
can have up to a total of 32 disks. Data is written to
all the drives in this volume in equal amounts to
improve performance. Each drive contains parity
information, which holds copies of the data that is
being written to the other two disks. This enables
fault tolerance because in case one of the drives
fails, the remaining two disks can recreate the data
automatically without shutting down the
server. The data is restored to the new drive
when the failed drive is replaced. This is
known as striping with parity.
Local Security Policy
The Local Security Policy is a function of the Administrative Tools utility
that allows the administrator to select additional security options. There
are almost 40 security options that are available to increase the effective
security on a computer as shown in Figure . One option is to set the
number of days before a user is prompt to change their password.
Double-click on Prompt User to change password before expiration.
Figure depicts the window that displays. The administrator can increase
or decrease the number of days that the system prompts a user to change
a password. Domain level policies override local security policies.

The lab activities for this module require a system that runs Windows
2000 with NTFS to perform the following tasks:

Assigning permissions
Creating user accounts
Creating an Emergency Repair Disk