Index
A
- Access token — Ch. 22, Ch. 23, Ch. 24, Ch. 27
- ACL / DACL — Ch. 22, Ch. 23
- ALPC — Ch. 7, Ch. 15
- AMSI — Ch. 25
- App Control / WDAC — Ch. 8, Ch. 12, Ch. 13
- AppContainer — Ch. 7, Ch. 14, Ch. 22, Ch. 23, Ch. 24
- AS-REP Roasting — Ch. 15, Ch. 17
- Attestation — Ch. 2, Ch. 4, Ch. 5, Ch. 6, Ch. 21, Ch. 28
- Authenticode — Ch. 12, Ch. 14
B
- BitLocker — Ch. 1, Ch. 2, Ch. 4
- Bitpixie — Ch. 1, Ch. 4
- BlackLotus — Ch. 1, Ch. 4
- Boot Guard (Intel) — Ch. 1, Ch. 4
- BootHole — Ch. 1
- Bootkit — Ch. 1
- BYOVD (vulnerable drivers) — Ch. 8, Ch. 13, Ch. 25, Ch. 26
C
- Catalog file (.cat) — Ch. 12
- cloudap — Ch. 19
- Code integrity (CI) — Ch. 8, Ch. 10, Ch. 11, Ch. 12, Ch. 13
- Conditional Access — Ch. 26, Ch. 27
- Confidential VM / computing — Ch. 5, Ch. 6, Ch. 7, Ch. 28, Ch. 29
- Continuous Access Evaluation (CAE) — Ch. 26, Ch. 27
- Credential Guard — Ch. 6, Ch. 7, Ch. 10, Ch. 14, Ch. 15, Ch. 19
D
- dbx (revocation) — Ch. 1, Ch. 4
- DCSync — Ch. 18
- Delegation (Kerberos) — Ch. 17
- Device join (dsregcmd) — Ch. 19
- DPAPI — Ch. 2, Ch. 15
- DRTM / Secure Launch — Ch. 1, Ch. 4, Ch. 9
E
- EKU (signing) — Ch. 7, Ch. 10, Ch. 15
- ELAM — Ch. 1, Ch. 4, Ch. 10, Ch. 14, Ch. 25
- Entra ID — Ch. 19, Ch. 26, Ch. 27
- ETW (Event Tracing) — Ch. 25
F
- FIDO2 / passkey — Ch. 5, Ch. 20, Ch. 21
G
- Golden Ticket — Ch. 14, Ch. 18
H
- Hello for Business — Ch. 20, Ch. 21
- HVCI / Memory Integrity — Ch. 6, Ch. 8, Ch. 12, Ch. 13
- Hypervisor — Ch. 7, Ch. 9
I
- Integrity level (MIC) — Ch. 16, Ch. 22, Ch. 23
J
- JWT / token — Ch. 27, Ch. 28, Ch. 29
K
- KDC — Ch. 16, Ch. 17, Ch. 18
- KEK — Ch. 1
- Kerberoasting — Ch. 15, Ch. 17
- Kerberos — Ch. 16, Ch. 17, Ch. 18, Ch. 19
- KRBTGT — Ch. 18
L
- LogoFAIL — Ch. 1
- LsaIso / trustlet — Ch. 7, Ch. 10, Ch. 15, Ch. 22
- LSASS — Ch. 10, Ch. 14, Ch. 15, Ch. 19
M
- MBEC — Ch. 6, Ch. 8
- Measured boot — Ch. 1, Ch. 2, Ch. 4, Ch. 6, Ch. 14
- Mimikatz — Ch. 10, Ch. 14, Ch. 15, Ch. 17, Ch. 19, Ch. 22
N
- NTLM — Ch. 16, Ch. 17, Ch. 24
- NTOWF / NT hash — Ch. 14, Ch. 15, Ch. 19
O
- OpenHCL / paravisor — Ch. 28
P
- PAC (privilege attribute) — Ch. 17, Ch. 18
- Pass-the-Challenge — Ch. 6, Ch. 7, Ch. 15
- Pass-the-Hash — Ch. 14, Ch. 16, Ch. 19
- Pass-the-PRT — Ch. 19
- Pass-the-Ticket — Ch. 14, Ch. 19
- PCR — Ch. 1, Ch. 4
- Platform Key (PK) — Ch. 1
- Pluton — Ch. 1, Ch. 2, Ch. 3, Ch. 26
- Potato (privesc family) — Ch. 24
- PPL / RunAsPPL — Ch. 7, Ch. 10, Ch. 14, Ch. 15, Ch. 25
- Primary Refresh Token (PRT) — Ch. 19, Ch. 26, Ch. 27
- Process mitigation policy — Ch. 11
- Protected Users — Ch. 15, Ch. 17, Ch. 19
R
- RBCD — Ch. 15, Ch. 17
- RC4 / etype — Ch. 17
- Root of trust — Ch. 2, Ch. 3, Ch. 4
S
- Sealing (TPM) — Ch. 2, Ch. 4
- Secure Boot — Ch. 1, Ch. 4, Ch. 6, Ch. 7
- Secure Kernel — Ch. 1, Ch. 6, Ch. 7, Ch. 8, Ch. 9, Ch. 25
- Security boundary — Ch. 7, Ch. 9, Ch. 10, Ch. 13, Ch. 23, Ch. 24
- SeImpersonate — Ch. 15, Ch. 22, Ch. 24
- Setup Mode (UEFI) — Ch. 1
- SID — Ch. 18, Ch. 22, Ch. 23, Ch. 24
- Silver Ticket — Ch. 18
- SLAT — Ch. 6, Ch. 9
- SSP (Security Support Provider) — Ch. 15
- Storm-0558 — Ch. 29
T
- TCB — Foundations, Ch. 28
- TGT (ticket-granting ticket) — Ch. 17, Ch. 18, Ch. 19
- TPM — Ch. 1, Ch. 2, Ch. 3, Ch. 4, Ch. 5, Ch. 20
- Trust chain — Foundations, Ch. 6, Ch. 16, Ch. 20, Ch. 29
- Trusted Boot — Ch. 1
U
- UEFI — Ch. 1, Ch. 4, Ch. 14, Ch. 15
- UIPI — Ch. 23
V
- VBS — Ch. 6, Ch. 7, Ch. 9, Ch. 10, Ch. 20, Ch. 28
- VSM master key — Ch. 15
- VTL0 / VTL1 — Ch. 6, Ch. 7, Ch. 8, Ch. 9, Ch. 14
W
- WebAuthn — Ch. 21
Z
- Zero Trust — Ch. 26, Ch. 27
Bold locator marks the chapter where the term is defined or treated in most depth.