IT442 – Fall 2010
Bruce Mahfood
Project 5 Part 2 (Due 11/03) – The Windows Registry
Objectives:

Gain familiarity with the Windows Registry for system and software settings:
o Use the Regedit GUI which allows direct manipulation of settings.
o Use the CLI to view and edit registry settings.
Book references: The reading for this project is found in Chapter 7, pp. 135-160.
Written Assignment – Part 1:
For this assignment, a written narrative will be turned in on the date shown above at the
beginning of class. This is to be a separate document to the written assignment for
answering questions given below.
1) As far as the author is concerned, there are two keys that are important to the
administrator, and three keys that the administrator will possibly only use only slightly in
their work. What are the two more useful keys in the registry (two parts of the registry
tree starting with “HKEY_”, and give me a description of what kind of settings they are
responsible for holding.
2) Registry Data Types:
a. The book gives five data types, but Windows 2008 Server has a sixth which is
REG_QWORD. What is the exact difference between REG_DWORD and
REG_QWORD on the Windows 2008 Server platform?
b. If an application needed to place icons into the registry for quick retrieval, what
data type would it need to use?
c. The registry can be used to save the state of a running program. When a
program shuts down, it will often be programmed to save as much data as is
necessary in order for it to start up into the same state as when it shut down.
What data type would I need in order to save an array of numbers or strings into
the registry for later? Note that both of these cases would use the same data
type.
d. Why would a program use a REG_EXPAND_SZ data type instead of either of the
other two string data types?
1
3) What do hive files contain, and what do they not contain? Tell how the system protects
hive files during the update process, and how a hive file can be restored by the
protection system if it gets corrupted (which means basically that incorrect values get
into the hive and need to be restored to their former values).
4) What is the one issue that makes it extra difficult to properly back up the Windows 2008
Server registry files? What are two issues that the author points out that are particular to
Windows 2008 Server which cause the administrator to do more work in order to get a
full backup of the registry files?
5) The registry is secured by permissions added to each key, and there are parts of the
registry that administrators do not have permission to make changes in. Can
administrators make changes to these areas of the registry? And if so, how?
2