IT442 – Fall 2010 Bruce Mahfood Project 5 Part 2 (Due 11/03) – The Windows Registry Objectives: Gain familiarity with the Windows Registry for system and software settings: o Use the Regedit GUI which allows direct manipulation of settings. o Use the CLI to view and edit registry settings. Book references: The reading for this project is found in Chapter 7, pp. 135-160. Written Assignment – Part 1: For this assignment, a written narrative will be turned in on the date shown above at the beginning of class. This is to be a separate document to the written assignment for answering questions given below. 1) As far as the author is concerned, there are two keys that are important to the administrator, and three keys that the administrator will possibly only use only slightly in their work. What are the two more useful keys in the registry (two parts of the registry tree starting with “HKEY_”, and give me a description of what kind of settings they are responsible for holding. 2) Registry Data Types: a. The book gives five data types, but Windows 2008 Server has a sixth which is REG_QWORD. What is the exact difference between REG_DWORD and REG_QWORD on the Windows 2008 Server platform? b. If an application needed to place icons into the registry for quick retrieval, what data type would it need to use? c. The registry can be used to save the state of a running program. When a program shuts down, it will often be programmed to save as much data as is necessary in order for it to start up into the same state as when it shut down. What data type would I need in order to save an array of numbers or strings into the registry for later? Note that both of these cases would use the same data type. d. Why would a program use a REG_EXPAND_SZ data type instead of either of the other two string data types? 1 3) What do hive files contain, and what do they not contain? Tell how the system protects hive files during the update process, and how a hive file can be restored by the protection system if it gets corrupted (which means basically that incorrect values get into the hive and need to be restored to their former values). 4) What is the one issue that makes it extra difficult to properly back up the Windows 2008 Server registry files? What are two issues that the author points out that are particular to Windows 2008 Server which cause the administrator to do more work in order to get a full backup of the registry files? 5) The registry is secured by permissions added to each key, and there are parts of the registry that administrators do not have permission to make changes in. Can administrators make changes to these areas of the registry? And if so, how? 2