NTFS stores a file as a collection of streams, which are also called NTFS "attributes". I prefer to use the name "stream" since "attribute" commonly refers to a file-attribute flag in a file's $STANDARD_INFORMATION stream, such as "hidden", "system", and "readonly". The two stream types that are commonly used directly by Windows programs are data and index (i.e. $DATA and $INDEX_ALLOCATION).
An NTFS file always has a default (anonymous) data stream, e.g. "filename::$DATA" or, more simply, just "filename". It can also have alternate (named) data streams, such as "filename:streamname:$DATA". A directory can have named data streams, but not a default one since its anonymous stream is the filename index. The /r option of CMD's dir command calls FindFirstStreamW and FindNextStreamW on each file or directory in a listing in order to list its $DATA streams.
An NTFS directory has a $FILE_NAME index that's named "$I30", e.g. "dirname:$I30:$INDEX_ALLOCATION". This index is also aliased anonymously, e.g. "dirname::$INDEX_ALLOCATION" or, more simply, just "dirname". It can be listed via FindFirstFile and FindNextFile.
Named indexes over other stream types are also possible. For example, an NTFS volume has reparse-point index in its reserved "$Reparse" directory at "\$Extend\$Reparse:$R:$INDEX_ALLOCATION". Listing this index requires a a specific directory query, so FindFirstFile can't be used. FindFirstVolumeMountPoint and FindNextVolumeMountPoint list this index in order to search for mount points on the volume, i.e. IO_REPARSE_TAG_MOUNT_POINT reparse points that target volume GUID paths.
