Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
23 Cards in this Set
- Front
- Back
|
User Account Control
How do UAC tokens work for Standard Users ? |
When a standard user logs on to Windows 7, the system will create only one access token. The token specifies the level of access that the user has. The token also contains information about Windows privileges and specific security identifiers, more commonly known as SIDs.
|
|
|
UAC
How do UAC tokens work for Administrative Users ? |
When an administrator logs on to a computer in Windows 7, the system creates two access tokens. The one token is an administrator token, and the other is a standard user access token.
Both the administrator access token and the standard user access token contain the same user-specific information. However, the standard user access token doesn't contain information about administrative Windows privileges or the SIDs, where the administrator access token does contain this information. |
|
|
UAC
What is an Elevation prompt ? |
Windows 7 will automatically prompt the user for approval if the administrator access token is required to perform a task. This is an elevation prompt.
|
|
|
UAC
Tip : Elevation prompt`s behavior can be configured using Group Policy, or using Secpol.msc – the Local Security Policy snap-in. |
UAC
Tip : Elevation prompt`s behavior can be configured using Group Policy, or using Secpol.msc – the Local Security Policy snap-in. |
|
|
|
|
|
|
UAC
UAC settings are modified using ? |
User Account Control Settings
|
|
|
UAC
PROJECT UAC has four settings. Check it for details. |
UAC
PROJECT UAC has four settings. Check it for details. |
|
|
UAC
PRACTICAL Study Elevation prompts Color Coding |
UAC
PRACTICAL Study Elevation prompts Color Coding |
|
|
UAC
Tip : Most Windows executables are auto-elevated by the system. |
UAC
Tip : Most Windows executables are auto-elevated by the system |
|
|
UAC
When do windows excutable not produce a prompt ? |
Windows executables must hold two factors true:
1. they must be located in secure directories 2. Windows publisher must sign the Windows executables they must be located in secure directories, and 1. Windows executables must be located in one of the secure directories that standard users aren't allowed to modify. These directories include certain directories under Program Files, System32, most of the System32 subdirectories, and Ehome. The Program Files directories include Windows Journal and Windows Defender. the Windows publisher must sign them digitally 2. Windows publisher must sign the Windows executables digitally. All code in Windows needs to be signed by Windows publisher, which is the certificate used to sign code. |
|
|
Tip : Auto Elevation has extra conditions for Executable COM objects
|
Tip : Auto Elevation has extra conditions for Executable COM objects
|
|
|
UAC
Tip : MSC files part of MMC Console may require an elevation prompt depending on whether its on the windows internal list |
UAC
Tip : MSC files part of MMC Console may require an elevation prompt depending on whether its on the windows internal list |
|
|
UAC
Tip Windows executables that are auto-elevated include * the Service Pack installer, Spinstall.exe * the package manager, Pkgmgr.exe, and * the migration wizard, Migwiz.exe |
UAC
Tip Windows executables that are auto-elevated include * the Service Pack installer, Spinstall.exe * the package manager, Pkgmgr.exe, and * the migration wizard, Migwiz.exe |
|
|
UAC
Components of the UAC Architecture ? |
Kernel
User System |
|
|
UAC
The USER COMPONENT of UAC has three elements ? |
User performs an operation requiring privilege,
ShellExecute, CreateProcess. |
|
|
UAC
How does ShellExecute (User Element ) perform tasks ? |
When an operation calls ShellExecute, this in turn calls CreateProcess. CreateProcess must send the ERROR_ELEVATION_REQUIRED error to ShellExecute. If ShellExecute finds this, it will call the Application Information service to try to perform the task requested with the elevated prompt.
CreateProcess will reject the call with ERROR_ELEVATION_REQUIRED if the application requires elevation. |
|
|
UAC
8 elements of the System Component of the UAC architecture ? |
Application Information Service
Active X Note : More to be added |
|
|
UAC
What does the Application Information Service do ? |
Application Information service, is a system service that helps to start applications that need user rights or elevated privileges to run.
|
|
|
UAC
How does create process assess if an application requires Elevation ? |
To assess whether the application requires elevation, CreateProcess calls:
AppCompat Fusion Installer |
|
|
UAC
How do Fusion, AppCompat, and Installer determine an elevation is required by an application ? |
Fusion, AppCompat, and Installer detection inspect the executable file's application manifest to establish the application's requested
|
|
|
UAC
The kernel component of the UAC architecture has two subcomponents ? |
Virtualization
File system and registry |
|
|
UAC
UAC Group policy location ? |
Security Settings >> Local Policies >> Security Options.
|
|
|
UAC
Tip Some of the UAC policies listed are * Allow UIAccess applications to prompt for elevation without using the secure desktop * Behavior of the elevation prompt for administrators in Admin Approval Mode * Behavior of the elevation prompt for standard users * Detect application installations and prompt for elevation, and * Only elevate executables that are signed and validated |
UAC
Tip Some of the UAC policies listed are * Allow UIAccess applications to prompt for elevation without using the secure desktop * Behavior of the elevation prompt for administrators in Admin Approval Mode * Behavior of the elevation prompt for standard users * Detect application installations and prompt for elevation, and * Only elevate executables that are signed and validated |
