Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Cybersecurity Blue Team > Windows Registry > Flashcards

Windows Registry Flashcards

1
Q

Windows Registry

A

A collection of databases that contains the system’s configuration data. This configuration data can be about the hardware, the software, or the user’s information. It also includes data about the recently used files, programs used, or devices connected to the system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Registry Keys

A

The folders you see within the Registry

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Registry Hive

A

A group of Keys, subkeys, and values stored in a single file on the disk.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

HKEY_CURRENT_USER

A

Contains the root of the configuration information for the user who is currently logged on. The user’s folders, screen colors, and Control Panel settings are stored here. This information is associated with the user’s profile. This key is sometimes abbreviated as HKCU.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

HKEY_USERS

A

Contains all the actively loaded user profiles on the computer. HKEY_CURRENT_USER is a subkey of HKEY_USERS. HKEY_USERS is sometimes abbreviated as HKU.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

HKEY_LOCAL_MACHINE

A

Contains configuration information particular to the computer (for any user). This key is sometimes abbreviated as HKLM.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

HKEY_CLASSES_ROOT

A

The information that is stored here makes sure that the correct program opens when you open a file by using Windows Explorer. This key is sometimes abbreviated as HKCR.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

HKEY_CURRENT_CONFIG

A

Contains information about the hardware profile that is used by the local computer at system startup.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

UserAssist

A

Registry keys that contain information about the programs launched, the time of their launch, and the number of times they were executed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

ShimCache

A

A mechanism used to keep track of application compatibility with the OS and tracks all applications launched on the machine. Its main purpose in Windows is to ensure backward compatibility of applications. It is also called Application Compatibility Cache (AppCompatCache)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

AmCache

A

An artifact related to ShimCache. This performs a similar function to ShimCache, and stores additional data related to program executions. This data includes execution path, installation, execution and deletion times, and SHA1 hashes of the executed programs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

BAM

A

Background Activity Monitor
Keeps a tab on the activity of background applications.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Cybersecurity Blue Team (12 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions