warm boot, and memory, 219
warnings
of unsigned drivers, 30-31
from Windows, 42
Web-Based Enterprise Management (WBEM), 187
web resources
on BitLocker encryption algorithm, 191
digital signatures, 239
downloading chml, 144
files for experimenting, 91, 116
"legacy" applications, 120
TPM specifications, 188
wecsvc, 51
wecutil.qc (Windows Event Collector utility), 47, 51
well-known groups, 68
well-known RIDs, 67
WFP (Windows Filtering Platform), 232
whoami.exe, 5, 153
group membership display, 73
to view token, 72-74
WHQL (Windows Hardware Quality Labs), 30
WIC. See Windows integrity control (WIC)
Windows 2000, RunAs feature, 63
Windows, administrative, digital signature absence, 111
Windows Boot Loader sections, in bcdedit report, 11
Windows Boot Manager
default entry changes, 13-14
section in bcdedit report, 11
timeout changes, 13
Windows Classic theme, 3
Windows components, troubleshooting, 235
Windows Defender, 241
Windows Event Collector service, 51
starting, 46, 46-47
Windows Explorer, "Run as administrator" and, 80
Windows Filtering Platform (WFP), 232
Windows Firewall, 44, 255
\Windows folder, 170-171
Administrators group permissions, 171
default permissions, 171
file redirection from, 116, 119
Windows Hardware Quality Labs (WHQL), 30, 108
Windows integrity control (WIC), 131, 139-156
access control entry (ACE)
limits, 168-170
to restrict access, 166-168
and deletes, 160-166
failure of blocking deletes, 165
integrity levels, 139-141
changing, 147-151
chml for changing, 149
icacls for changing, 150
permissions for changing, 148-149
SDDL strings for setting, 180
storage, 141-153
in token, 72
viewing, 143-147
Internet Explorer protected mode and, 157-160
overview, 132-133
process integrity levels, 153-156
viewing, 154-156
second directive, 143
testing prime directive, 150-151
user integrity levels, 152
storage, 152-153
viewing, 153
Windows Management
Interface (WMI) providers, 186, 187
Windows OS Volume, 189
encryption by BitLocker, 190
Windows Platform SDK, Manifest Tool, 93
Windows Remote
Management. See WinRM (Windows Remote Management) tool
Windows Resource Protection (WRP), 233
Windows Side by Side, 87, 88
\Windows\System32 folder, 109
administrator token for writing to, 81
permissions, 172
Windows Vienna, 128
Windows Vista
format utility, 226
GUI
"alertness warnings," 83-84
and User Account Control (UAC), 82-86
logging on as local administrator, 2
with multiple boot options, 9, 9
Windows XP SP2, Remote Desktop Connection 6.0 for, 22
WinRM (Windows Remote Management) tool, 45, 46
authentication between workgroups, 56
configuration parameters, 54
get command, 54-55
set command, 54-55
wiping the disk, 226
WMI (Windows Management Interface) providers, 186, 187
for BitLocker and TPM Base Services, 220
workgroups
authentication between, 56
event forwarding in, 52-57
wrapper for services, 242
wrapping key, 187
write permissions, granting to service SID, 252-253
writing files, under virtualization, 119
WRP (Windows Resource Protection), 233
WS-Management, 45
configuration, 53
schema, 54
testing connectivity, 55-56
Wyse installer, 82