ITM is an open framework - Submit your contributions now.

Insider Threat Matrix™

  • ID: PV007
  • Created: 25th May 2024
  • Updated: 25th May 2024
  • Contributor: The ITM Team

Restrict Access to Registry Editor

Windows Group Policy can be used to prevent specific accounts from accessing Registry Editor. This can prevent them from reading the registry or making modifications, if their permissions allow, using this utility.

Sections

ID Name Description
PR001Read Windows Registry

A subject may read the Windows registry using Registry Viewer or PowerShell to help them gain more information about the system, such as keys related to security controls.