Lesson 6

Question 1

HKEY_CLASSES_ROOT

Answer 1

Shows relationships (called associations) between applications and data file types defined by file extension. Because of the information in this key you can double-click on a data file and the correct application will open and load the file. This root key contains all the information located in HKEY_LOCAL_MACHINE\SOFTWARE\Classes.

Question 2

HKEY_CURRENT_USER

Answer 2

Contains the user profile for the currently logged on user, storing all the user settings that affect the desktop appearance and default behavior of installed applications

Question 3

HKEY_LOCAL_MACHINE

Answer 3

Contains system information including detected hardware, application associations, and information for hardware configuration and device drivers

Question 4

HKEY_USERS

Answer 4

User profiles for all local user accounts, including the profile of the currently logged on user (also shown under HKEY_CURRENT_USER), and profiles for special user accounts

Question 5

HKEY_CURRENT_CONFIG

Answer 5

Contains configuration information for the current hardware profile which is a set of changes (only changes) to the standard configuration in the Software and System subkeys under HKEY_LOCAL_MACHINE

Question 6

BCD

Answer 6

Boot Configuration Database

store used by Windows during the bootloader phase of startup, providing the bootloader with information it needs to locate and load the operating system files

Question 7

Default

Answer 7

The default hive is the user hive for the local SYSTEM account

Question 8

NTUSER.DAT file

Answer 8

contains the user profile for a single user

application preferences, screen colors, etc.

Question 9

SAM (Security Accounts Manager)

Answer 9

contains the local security accounts database

critical for user authentication because it stores user passwords

Question 10

SECURITY hive

Answer 10

contains local security policy setting for the computer (rules for password complexity and how system will handle numerous failed attempts)

Question 11

SOFTWARE hive

Answer 11

contains configuration settings for software installed on the local computer and other configuration data

Question 12

SYSTEM hive

Answer 12

contains information used at startup, including device drivers to load as well as the order they will load.

also contains configuration settings, instructions for the starting and configuring of services, and various operating system settings

Question 13

Root Key

Answer 13

the top 5 folders in the registry

Question 14

Sub Key

Answer 14

A key the exists within another key

Question 15

Value Entry

Answer 15

Each setting within a Windows registry key

Question 16

Active Key

Answer 16

Key within a sub key

Question 17

REG_BINARY

Answer 17

raw binary data. It shows some hardware data in binary, and shows some binary data in hexadecimal

Question 18

REG_DWORD

Answer 18

A 4 byte long number (32 bits) stored in binary, hexadecimal or decimal format.

Question 19

REG_EXPAND_SZ

Answer 19

A single string of text including a variable, which is a value that an application will replace when called

Question 20

REG_MULTI_SZ

Answer 20

Multiple strings of human readable text separated by a special NULL character that it does not display.