2 - Security Policy and Registry Flashcards
What are Windows Security Policies?
(Definition)
Windows Security Policies are a set of configurations that can be applied on desktops to enhance security.
What do Windows Security Policies determine?
Security policies determine the various security restrictions that can be imposed on the users in a network.
Where can the security settings for Active Desktop, Computer, Control Panel, Explorer, Internet Explorer, Network, and System categories be defined?
The above policies can be defined using Security Policies Configuration
Name the three categories of keys that exist in the Windows registry.
The three types / categories of keys in the Window Registry are:
- Root Keys
- Subkeys
- Value entries
How many Root keys are there?
Hint: answer is a number
5
What is another name for Root keys?
High Level keys
Each root key contains one or more subkeys.
[True / False]
True
Subkeys can have their own subkeys.
[True / False]
True
Value entries contain what three pieces of information?
- Name
- Data Type
- Value
Name the 5 main Root keys.
- HKCR - HKEY_CLASSES_ROOT - Associates filename extensions (such as .doc and .exe) with the actions Windows is supposed to take when, for example, you double-click a file.
- HKCU - HKEY_CURRENT_USER - Controls many settings for the currently logged-on user, from the user’s name to his or her desktop background.
- HKLM - HKEY_LOCAL_MACHINE - Thousands of settings that apply to all users, no matter who is logged on to the PC at any given moment.
- HKU - HKEY_USERS - A collection of all the HKCU entries for everyone who has ever logged on to the PC.
- HKCC - HKEY_CURRENT_CONFIG - A tiny key that describes the current hardware configuration and a few basic system settings.
How many subkeys does HKLM have?
6
Name the 6 HKLM subkeys
- SAM
- SECURITY
- SYSTEM
- SOFTWARE
- HARDWARE
- BCD
Describe the HKLM SAM subkey.
SAM – This subkey appears empty to most users. It is used with the security and accounts management databases.
Describe the HKLM SECURITY subkey.
SECURITY – This is more security-related information that appears blank to most users.
Describe the HKLM SYSTEM subkey.
SYSTEM – This information is created by users with administrative privileges. It includes the Windows settings, file system information, and critical hardware configurations as well as other information needed to run the core system.