Exploring Windows Fundamentals with TryHackMe (Pre-Security Module)

Durre ShaffaDurre Shaffa
4 min read

Table of contents

The Windows Operating System (OS) is one of the most widely used operating systems across the globe. From home computers to corporate networks, Windows continues to dominate, which also makes it a primary target for attackers. Understanding how Windows works at a fundamental level is a critical skill for anyone starting out in cybersecurity.

Recently, I worked on the Windows Fundamentals 1 room TryHackMe, as part of their Pre-Security learning path. In this blog, I’ll summarize my key learnings from Tasks 1 to 5 and highlight some practical exercises I performed on the virtual machine provided in the room.

1. Introduction to Windows

Windows has a rich history, beginning with its first release in 1985. Over the years, we’ve seen versions such as XP, Vista, 7, 8, 10, and the current Windows 11.

  • Windows XP was widely popular but faced security challenges.

  • Vista was an ambitious redesign but wasn’t well-received.

  • Windows 7 brought much-needed stability and became a trusted OS for corporations.

  • Windows 10 modernized the experience, and now Windows 11 continues the journey with new features and a redesigned interface.

For servers, the current release is Windows Server 2025, while in my TryHackMe practical, I worked with Windows Server 2019 Standard.

2. The Windows Desktop & GUI

The Windows Desktop is the first screen a user sees after logging in. It contains essential elements like:

  • Start Menu → Quick access to apps, settings, power options.

  • Search Box (Cortana) → Search for apps, files, or web results.

  • Taskbar & Task View → Manage open applications and multitasking.

  • Notification Area → Displays time, date, network, volume, and Action Center notifications.

Through my hands-on exercise, I explored how:

  • The Search Box can be hidden by selecting Hidden.

  • The Task View button can be toggled from the taskbar menu.

  • Icons like Clock, Network, and Action Center appear in the Notification Area by default.

3. File Systems: FAT vs NTFS

Windows primarily uses the NTFS (New Technology File System), which replaced older systems like FAT16, FAT32, and HPFS.

Key features of NTFS include:

  • Support for files larger than 4GB

  • File and folder permissions

  • File compression

  • Encryption via EFS (Encrypting File System)

I also learned about Alternate Data Streams (ADS), a feature in NTFS that allows hidden data within files. While useful for metadata, attackers can misuse ADS to hide malicious content.

Hands-On: Exploring File Permissions

During my practical session, I actually opened the permissions section of a folder to see how NTFS handles access control. Here’s the path I followed:

  1. Navigated to the C:\Windows directory.

  2. Right-clicked on the Windows folder → selected Properties.

  3. Opened the Security tab.

Here I could see a list of Groups and Users, such as:

  • Administrators

  • System

  • Users

When I clicked on Users, the permission breakdown showed entries like:

  • Read & Execute ✔️

  • List Folder Contents ✔️

  • Read ✔️

  • Write / Modify / Full Control ❌ (not granted by default to normal users).

This practical step made it clear how Windows uses NTFS to restrict certain critical operations only to administrators or the system itself.

4. Critical Windows Folders

One of the most important directories in Windows is the C:\Windows folder, which contains essential system files. Within it, the System32 folder is especially critical, as it holds executables and libraries required for the OS to function.

  • Accidentally deleting files here can render the OS unusable.

  • Many built-in tools we use in security (like ipconfig, tasklist, etc.) live inside System32.

I also learned about environment variables, such as %windir%, which is used to reference the Windows folder regardless of its location.

5. Security & Practical Insights

From my practical work on the TryHackMe virtual machine, I noticed how even basic navigation checking properties, right-click menus, and personalization settings gives insight into how users and attackers interact with Windows.

Some highlights:

  • BitLocker encryption is only available on Windows Pro and above, not Home editions.

  • Right-click menus provide quick access to security-related properties, like file permissions.

  • System settings are deeply integrated with user accounts, making privilege management a key focus area for security professionals.

Conclusion

Working through Windows Fundamentals 1 on TryHackMe gave me a strong foundation in how Windows functions at a core level. From the GUI and file systems to critical system folders, these basics are essential for anyone entering cybersecurity.

My biggest learning was how seemingly simple features (like the Taskbar or NTFS permissions) play a huge role in system security. As I progress further in this series, I’m excited to explore Windows Fundamentals 2 and 3, where I’ll dive deeper into system tools, processes, and security configurations.

0
Subscribe to my newsletter

Read articles from Durre Shaffa directly inside your inbox. Subscribe to the newsletter, and don't miss out.

cybersecurityEthical Hackingethicalhacking#cybersecuritytryhackmeTryHackMe Walkthrough

Written by

Durre Shaffa
Durre Shaffa