Question

On a Windows OS what are Security Identifiers or SID’s? How are they important to digital...

On a Windows OS what are Security Identifiers or SID’s? How are they important to digital forensics? Explain the different sections of the SID.


Engineering   Computer-Science   
0 0
Add a commentTranscribed image text
Next >

Homework Answers

Answer #1

A security identifier (SID) is a unique value of variable length that is used to identify a security principal (such as a security group) in Windows operating systems. SIDs that identify generic users or generic groups is well known. Their values remain constant across all operating systems.

This information is useful for troubleshooting issues that involve security. It is also useful for troubleshooting display issues in the Windows access control list (ACL) editor. Windows tracks a security principal by its SID. To display the security principal in the ACL editor, Windows resolves the SID to its associated security principal name.

A SID value includes components that provide information about the SID structure and components that uniquely identify a trustee. A SID consists of the following components:

The revision level of the SID structure
A 48-bit identifier authority value that identifies the authority that issued the SID
A variable number of subauthority or relative identifier (RID) values that uniquely identify the trustee relative to the authority that issued the SID
The combination of the identifier authority value and the subauthority values ensures that no two SIDs will be the same, even if two different SID-issuing authorities issue the same combination of RID values. Each SID-issuing authority issues a given RID only once.

SIDs are stored in binary format in a SID structure. To display a SID, you can call the ConvertSidToStringSid function to convert a binary SID to string format. To convert a SID string back to a valid, functional SID, call the ConvertStringSidToSid function.

These functions use the following standardized string notation for SIDs, which makes it simpler to visualize their components:

S-R-I-S…

In this notation, the literal character "S" identifies the series of digits as a SID, R is the revision level, I is the identifier-authority value, and S… is one or more subauthority values.

The following example uses this notation to display the well-known domain-relative SID of the local Administrators group:

S-1-5-32-544

In this example, the SID has the following components. The constants in parentheses are well-known identifier authority and RID values defined in Winnt.h:

A revision level of 1
An identifier-authority value of 5 (SECURITY_NT_AUTHORITY)
A first subauthority value of 32 (SECURITY_BUILTIN_DOMAIN_RID)
A second subauthority value of 544 (DOMAIN_ALIAS_RID_ADMINS)

0 0
Know the answer?
Your Answer:

Post as a guest

Your Name:

What's your source?

Earn Coins

Coins can be redeemed for fabulous gifts.

Log In

Sign Up

Not the answer you're looking for?
Ask your own homework help question
Similar Questions
This is a question about digital forensics and how it relates to Windows file systems, specifically...
This is a question about digital forensics and how it relates to Windows file systems, specifically FAT and NTFS. How might knowledge about these two file structures (NTFS and FAT) be useful to a digital forensics examiner? How would it help them with their process? Please explain in detail. Thank you!
Digital forensics Forensics laboratories are not always confined to a single location, or a location whatsoever....
Digital forensics Forensics laboratories are not always confined to a single location, or a location whatsoever. Explain the benefits and disadvantages to establishing a digital forensics virtual lab. In addition, describe how the issues surrounding evidence storage and lab security in virtual labs could be mitigated.
Question 2 Vehicles are fast becoming another important source of digital evidence in a criminal investigation....
Question 2 Vehicles are fast becoming another important source of digital evidence in a criminal investigation. Traditionally, when a vehicle is involved in a crime scene (e.g. drink driving) or a terrorist attack, the investigators focus on the acquisition of DNA, fingerprints and other identifying materials that are usually non-digital in nature. However, modern-day cars, particularly smart or driverless cars, store a wealth of digital information. Vehicle forensics, therefore, is a valuable source of digital forensics data. Assume that you...
How do you envision the role of a digital forensics professional being different under civil and...
How do you envision the role of a digital forensics professional being different under civil and criminal law, if at all?
What important aspects of communication are missing in a digital message? Name three missing aspects and...
What important aspects of communication are missing in a digital message? Name three missing aspects and explain them and why you feel they are missing in a digital message.
Question 1 answer the following questions: 1. What is digital marketing? 2. How does digital marketing...
Question 1 answer the following questions: 1. What is digital marketing? 2. How does digital marketing differ from traditional marketing? 3. What is the difference between SEO and SEM? a. What are the basics a business needs to understand about SEO? b. What are the basics a business needs to understand about SEM? 4. How does remarketing work? How is remarketing different from banner ads? 5. How is mobile changing viewing consumer’s habits overall? a. What tips do you offer...
To complete this week’s interactive assignment, you will continue building the OS Theory Concept Map by...
To complete this week’s interactive assignment, you will continue building the OS Theory Concept Map by addressing the following topics concerning mechanisms necessary to control the access of programs, processes, or users: Outline the goals and principles of domain- and language-based protection in a modern computer system, and describe how an access matrix is used to protect specific resources a process can access. (Consider using a matrix representation to illustrate concepts.) Describe how security is used to protect programs, systems,...
What is one of the most important "take-aways" that you have learned from digital marketing ?...
What is one of the most important "take-aways" that you have learned from digital marketing ? How will it help you in the future?
How are flip-flop circuits used in most digital circuits today? Why are they important to know...
How are flip-flop circuits used in most digital circuits today? Why are they important to know and understand?
What is Hundred days and why is it important? What is the Social Security Act and...
What is Hundred days and why is it important? What is the Social Security Act and why is it important? What is Korematsu v United States and why is it important?
ADVERTISEMENT
Need Online Homework Help?

Get Answers For Free
Most questions answered within 1 hours.

Ask a Question
ADVERTISEMENT