A5002: Windows Registry
Summary
| ID | A5002 |
|---|---|
| Brief Description | This artifact describes windows registry entity |
| Author | @Cyberok |
| Creation Date | 2023/02/03 |
| Modification Date | 2023/02/03 |
| References | |
| Ontology mappings |
|
Description
The Windows Registry is a hierarchical database that stores low-level settings for the Microsoft Windows operating system and for applications that opt to use the registry. The kernel, device drivers, services, Security Accounts Manager, and user interface can all use the registry. The registry also allows access to counters for profiling system performance.
Response Actions Implementations
Listing registry keys with Powershell
Remove Windows registry key with Powershell