/build/static/layout/Breadcrumb_cap_w.png

Check Registry Security Requirements

Similar to File Monitor, Registry Monitor (Regmon.exe) is a tool available as a free download from Sysinternals at http://www.sysinternals.com/Utilities/Regmon.html. This tool monitors all registry requests and records them for your review. Again, without even running your application, you will find that Windows Vista generates a great many entries, so it is again necessary to adjust the optional filters in order to better identify any attempts to access or update registry keys to which a restricted user may not have access. Below are recommended steps and filter settings to help identify the requirements of the application being tested.

1. As a privileged user (an administrative account), launch the File Monitor utility

2. Select Filter/Highlight (CTRL-L) from under the Options menu and make the following updates:

Include: *

Exclude: SUCCESS;NOT FOUND;NO MORE ENTRIES;BUFFER OVERFLOW;BAD IMPERSONATION

Highlight: ACCESS DENIED

3. Right click on the application shortcut to be tested and choose "Run AsÂ…"

4. Specify the credentials of a restricted user account, representative of a user with non-administrative privileges on the network.

5. 5. Make use of the application, running through any provided test procedures and make note of any subkeys or values which report “Access Denied” (highlighted in red). It is these subkeys that may require security changes in order for the application to function properly in your environment.


Comments

This post is locked
 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ