Ace Your Exams with Our Notes and Mock Tests!

EC-Council: Computer Hacking Forensic Investigator(CHFI-V10)
Module 6 : Windows Forensics
Questions available : 94		You are not logged in. Please Login for track your learning progress

Q. No: 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 |
		Go to Question No.

Question No 0

---

If you want to share the link of this question, please click here to "Copy Question Link" and share that generated link. Link from URL may change in future.

 

---

Bookmark this Question		QID: 768
What is kept in the following directory? HKLM∖SECURITY∖Policy∖Secrets
A:    Cached password hashes for the past 20 users
B:    Service account passwords in plain text
C:    IAS account names and passwords
D:    Local store PKI Kerberos certificates

Diffence opinion in Correct Answer or any comment?
Vote / Comment for correct Answer

Voting and comment option is available only for Logged in Users.
Please Login

Chosen Answer: A    B    C    D

Comment on this Answer:

Nickname to be shown:

Comunity Comments:

Banwari on 17/05/2025
Opted Answer: B

Question should be "what is not kept ..."

The HKLM∖SECURITY∖Policy∖Secrets registry key in Windows stores sensitive security-related data, including service account passwords, cached credentials, and encryption keys. This location is used by the Local Security Authority (LSA) to manage authentication secrets.


Service Account Passwords: Stored in an encrypted format for Windows services.

Cached Password Hashes: May contain credentials for previously logged-in users.

LSA Secrets: Includes auto-login credentials, VPN passwords, and other sensitive authentication data.

Kerberos Certificates: Stores local PKI-related authentication certificates

0	0			Reply / response option is available only for Logged in Users. Please Login.    Registration is free!!
Your Comment / Reply Nickname to be shown
Reason for Report

Go to Modules