Ok first, here is a collection I'm setting up:
I want to test the value of the "DisabledByDefault" entry directly under the key above (HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Client)
The registry path above is tested for it's presence. But from my understanding the testing of "DisabledByDefault" is for it's presence anywhere in the scanned registry, not specify under that key... correct?
That "DisabledByDefault" entry is possibly under many various subkeys of HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\ so testing for it's presence under a specific key is important here!
Is that accurate or am I getting it wrong?
My registry scanner is set to scan HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\**\
Please sign in to leave a comment.