SRM (SECURITY REFERENCE MONITOR)

3) SRM (Security Reference Monitor)

• The Security Reference Monitor is a security architecture component
that is used to control user requests to access objects in the system.
The SRM enforces the access validation and audit generation. Windows
NT forbids the direct access to objects. Any access to an object must
first be validated by the SRM. For example, if a user wants to access a
specific file the SRM will be used to validate the request. The Security
Reference Monitor enforces access validation and audit generation
policy.

• The reference monitor verifies the nature of the request against a table
of allowable access types for each process on the system. For example,
Windows 3.x and 9x operating systems were not built with a reference
monitor, whereas the Windows NT line, which also includes Windows
2000 and Windows XP, was designed with an entirely different
architecture and does contain a reference monitor.


Windows User Account Architecture

• User account passwords are contained in the SAM in the
Hexadecimal Format called Hashes.



• Once the Passwords converted in Hashes, you cannot
convert back to the Clear Text.