access control, and BitLocker, 196-201
access control entry (ACE). See also System Access Control Entry (SACE)
integrity levels in, 169
limits, 168-170
propagated, 176
to restrict access, 166-168
"access denied" error, for Windows integrity control, 133
actions, generating from events, 38-41, 39, 40, 41
Active Directory Domain Services (AD DS)
and BitLocker Drive Encryption, 216-217
recovery password storage, 217
for storing recovery passwords, 194
storing recovery passwords, 216
Active Directory names, 45
active partition, 189, 190
ActiveX Installer Service, 236
AD DS. See Active Directory Domain Services (AD DS)
Address Space Layout Randomization (ASLR), 229-230
administrative tasks, awareness of, 61
Administrative Tools folder, with and without shields, 85
Administrator account
activating, 2-4
creating standard user token from, 74
excluding built-in, 105
file and Registry virtualization for, 123-125
restoring, 1-4
Administrator Approval Mode, 64
administrator command prompt window, colored background for, 76-77, 79
Administrator group, 74
administrator token, 64, 66, 122
indication of need for, 81-101
installers, 81
tasks requiring, 84-86
power needs resulting in, 104-105
quicker access, 76
RunAs to view command prompt window for, 75-80
using, 74-80
Windows use of, 65
administrators
problems from running as, 62
service privileges reduction, 248-249
UAC benefits for, 62
Administrators group, permissions in \Windows folder, 171
"administrators in Administrator Approval Mode," 64
Adobe Acrobat Reader, update status dialog box, 42
Advanced Encryption System (AES), 31, 192
Advanced Properties dialog box, for shortcuts, 78
Advanced Subscription Settings dialog box, 57
AES (Advanced Encryption System), 31, 192
AI flag, 176
allow permissions, 73
anonymous user, named pipe access as, 26
AppData folder, 118, 123
Application Compatibility Database, 81
Application Compatibility Toolkit, 101
file and Registry virtualization as option, 128
Application log, 38
applications
administrator vs. standard user token, 66
code signing, 238-239
data storage in wrong places, 111
deployment after signing by publisher, 239
enabling with Secure Desktop, 108-109
in kernel mode, 237
manifest for instructions on loading and running, 87-88
requiring administrator level, 5
requiring digital signatures, 109-111
token at startup, 65
token use by, 64
AR flag, 176
"are you sure?" dialog box, 61
ASCII text format, for copying event to Clipboard, 34
asInvoker option, for manifest level= entry, 90-91
ASLR (Address Space Layout Randomization), 229-230
at.exe scheduler program, 32
and integrity-changing command, 151
audit, System Access Control List instructions, 141
authentication
and BitLocker, 196-201
between collector and source, 53-55
privilege for impersonating client after, 71
auto-completing, file or folder names, 16