C

A

access control, and BitLocker, 196-201

access control entry (ACE). See also System Access Control Entry (SACE)

integrity levels in, 169

limits, 168-170

propagated, 176

to restrict access, 166-168

"access denied" error, for Windows integrity control, 133

actions, generating from events, 38-41, 39, 40, 41

Active Directory Domain Services (AD DS)

and BitLocker Drive Encryption, 216-217

recovery password storage, 217

for storing recovery passwords, 194

storing recovery passwords, 216

Active Directory names, 45

active partition, 189, 190

ActiveX Installer Service, 236

AD DS. See Active Directory Domain Services (AD DS)

Address Space Layout Randomization (ASLR), 229-230

administrative tasks, awareness of, 61

Administrative Tools folder, with and without shields, 85

Administrator account

activating, 2-4

creating standard user token from, 74

excluding built-in, 105

file and Registry virtualization for, 123-125

restoring, 1-4

Administrator Approval Mode, 64

administrator command prompt window, colored background for, 76-77, 79

Administrator group, 74

administrator token, 64, 66, 122

indication of need for, 81-101

installers, 81

tasks requiring, 84-86

power needs resulting in, 104-105

quicker access, 76

RunAs to view command prompt window for, 75-80

using, 74-80

Windows use of, 65

administrators

problems from running as, 62

service privileges reduction, 248-249

UAC benefits for, 62

Administrators group, permissions in \Windows folder, 171

"administrators in Administrator Approval Mode," 64

Adobe Acrobat Reader, update status dialog box, 42

Advanced Encryption System (AES), 31, 192

Advanced Properties dialog box, for shortcuts, 78

Advanced Subscription Settings dialog box, 57

AES (Advanced Encryption System), 31, 192

AI flag, 176

allow permissions, 73

anonymous user, named pipe access as, 26

AppData folder, 118, 123

Application Compatibility Database, 81

Application Compatibility Toolkit, 101

file and Registry virtualization as option, 128

Application log, 38

applications

administrator vs. standard user token, 66

code signing, 238-239

data storage in wrong places, 111

deployment after signing by publisher, 239

enabling with Secure Desktop, 108-109

in kernel mode, 237

manifest for instructions on loading and running, 87-88

requiring administrator level, 5

requiring digital signatures, 109-111

token at startup, 65

token use by, 64

AR flag, 176

"are you sure?" dialog box, 61

ASCII text format, for copying event to Clipboard, 34

asInvoker option, for manifest level= entry, 90-91

ASLR (Address Space Layout Randomization), 229-230

at.exe scheduler program, 32

and integrity-changing command, 151

audit, System Access Control List instructions, 141

authentication

and BitLocker, 196-201

between collector and source, 53-55

privilege for impersonating client after, 71

auto-completing, file or folder names, 16