Windows Security Components !

The site moved to root domain where all post are imported. Please go to

There are some components which are for windows security. Often I have searched on google that how the windows security is actually implemented. From my understanding i want to describe the basic here so that any interested person can get some quick idea. See below:

SAM database: SAM is a databases where users information are stored. It stores all users information excluding domain users. The SAM can be found in HKEY_LOCAL_MACHINESAM and Directory : C:WINDOWSsystem32configSAM.

LSASS: Local Security Authority Subsystem(LSASS) is responsible for security policy of the windows system. It also alerts security warning to events logs. LSASS is completely responsible for users loging, password changing, token generating etc. If we open the task manager then we will see that there is a running process called lsass.exe as SyStEM user. If we force to exit this process then we have relogin to windows system.



AppLocker: It specify which application, file can be used by an specified users. This can set Restriction to access specific file(Access control).

Active Directory: Active Directory stores information of users,groups, computers of domain. 

Security reference monitor (SRM):

Quickly written for searching purpose :)….

Leave a Reply

Your email address will not be published. Required fields are marked *