Exam 312-49v10 topic 1 question 253 discussion

A. NTOSKRNL.EXE: This is the Windows XP kernel executable, responsible for managing system resources and providing core operating system functionality. While it's involved in the boot process, it's not directly responsible for initializing the logon dialog box. B. NTLDR: This is the Windows XP bootloader, responsible for loading the operating system. It's involved in the early stages of the boot process, but not in initializing the logon dialog box. D. (link unavailable) This is a component of the Windows XP boot process that detects hardware and configures system settings. While it runs early in the boot process, it's not responsible for initializing the logon dialog box.

This question is driving me crazy. Elb has the steps perfect. So let's read the question again. Processed at the END. LSASS is last

C is a better answer. LSASS (Local Security Authority Subsystem Service)

A > https://bookshelf.vitalsource.com/reader/books/9781635676969/pageid/240 7. The Windows loader loads the OS kernel ntoskrnl.exe 8. Once the Kernel starts running, the Windows loader loads hal.dll, boot-class device drivers marked as BOOT_START, and the SYSTEM registry hive into the memory 9. The kernel passes the control of the boot process to the Session Manager Process (SMSS.exe), which loads all other registry hives and drivers required to configure the Win32 subsystem run environment 10. The Session Manager Process triggers Winlogon.exe, which presents the user login screen for user authorization

A is correct. In the CHFI V10 book page 225, the main Windows loader steps are: 1) Winload.exe 2) NTOSKRNL.exe 3) SMSS.exe 4) Winlogon.exe (display user login dialog box) 5) LSASS.exe So even if Logon is triggered by SMSS, the sole correct answer is NTOSKRNL

Page 226 "9. The kernel passes the control of the boot process to the Session Manager Process (SMSS.exe), which loads all other registry hives and drivers required to configure the Win32 subsystem run environment 10. The Session Manager Process triggers Winlogon.exe, which presents the user login screen for user authorization"

The answer is not LSASS.exe... this service is used to verify user credentials are correct

The ntoskrnl.exe file is an executable file that contains the XP boot screen. During the boot process, XP executes this file, found in C:\Windows\System32, which in turn displays the boot screen graphic.

C. LSASS.EXE. The local security authentication (LSA) subsystem server component generates the process that authenticates users for the Winlogon service. http://technet.microsoft.com/en-us/library/bb457123.aspx

Isn't this GINA?

C. LSASS.EXE