Scribd
Upload
24 views

WIndows File System

Uploaded by

Deepak Raut
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
24 views

WIndows File System

Uploaded by

Deepak Raut
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 5

Windows file system

Ms. Vandita Srivastava


Ph.D. Scholar
SITAICS
RRU
File system
• A file system is a structure that organizes and manages files on a
storage device, such as a hard drive, solid state drive (SSD), or USB
flash drive. It's the part of an operating system that allows users to
store and retrieve information, which is represented as named files.
• For digital forensics, understanding these file systems is crucial
because the structure impacts how data can be recovered, how
deleted files behave, and how encryption works. For example, NTFS
stores metadata in a Master File Table (MFT), which forensically
important, as it holds file information, including deleted files' data.
Windows file system: FAT32
• FAT: File Allocation Table
• Oldest file system, commonly used in older Windows systems and USB drives.
• Maximum file size: 4 GB.
• Partition size limit: 8 TB.
• Compatibility: FAT32 is widely compatible with other operating systems (e.g., macOS,
Linux), which is why it is commonly used in external storage devices.
• Structure: Uses a file allocation table to keep track of where files are located on the
disk.
• Drawbacks:
• Limited security features (no built-in encryption).
• Lacks support for large file sizes.
• No file compression or journaling.
Windows file system: NTFS (New
Technology File System).
• Modern file system for all Windows versions from Windows XP onward.
• Maximum file size: 16 EB (Exabytes).
• Partition size limit: 256 TB.
• Security features:
• File permissions: NTFS supports detailed access control lists (ACLs) to define who can read, write, or execute files.
• Encryption: Built-in support for file encryption using Encrypting File System (EFS).
• Journaling: NTFS keeps a log (journal) of changes to files, which helps recover data in case of system
crashes.
• Compression: NTFS can compress individual files to save space.
• Fault tolerance: NTFS is designed to automatically detect and fix disk errors.
• Additional features:
• Hard links and symbolic links.
• Disk quotas: Administrators can limit the amount of space users can use.
• Sparse files: Allows files to take up less disk space when they contain lots of zeroes.

You might also like