MVA Workshop: Troubleshooting Windows Systems with SysInternals Tools

Corso

A Milano

Prezzo da consultare

Chiama il centro

Hai bisogno di un coach per la formazione?

Ti aiuterà a confrontare vari corsi e trovare l'offerta formativa più conveniente.

Descrizione

  • Tipologia

    Corso

  • Luogo

    Milano

  • Inizio

    Scegli data

Configuring Your System to Run the Sysinternals Tools After completing this unit, students will be able to: Download, configure, and run the Sysinternals tools. Disable the security warning. Explore the Sysinternals tools that they will be using in this workshop.

Sedi e date

Luogo

Inizio del corso

Milano
Visualizza mappa
viale Piero e Alberto Pirelli 6, 20126

Inizio del corso

Scegli dataIscrizioni aperte

Domande e risposte

Aggiungi la tua domanda

I nostri consulenti e altri utenti potranno risponderti

Chi vuoi che ti risponda?

Inserisci i tuoi dati per ricevere una risposta

Pubblicheremo solo il tuo nome e la domanda

Opinioni

Materie

  • Security
  • Windows

Programma

This unit covers basic Windows Internals concepts such as memory management and how threads and processes interact. Students use tools such as Process Explorer, Performance Manager, and Task Manager to explore the various data structures discussed in this unit.


Analyzing Process Creation by Using Process Explorer


Looking at Processes and Threads


After completing this unit, students will be able to:


Use Process Explorer v16.04 to view the relationship between the parent and child processes.


Use Performance Monitor v3.1 and Task Manager to examine processes.


Use Process Explorer to examine threads and context switching.


This unit provides students with a closer look at Process Explorer. In the lab, students have the opportunity to work with Process Explorer to obtain information such as the program that has a particular file or folder open and the associated dynamic-link libraries (DLLs) that the processes have opened or loaded.


Using Process Explorer to View DLLs, Handles, Device Drivers, and Thread Priorities


After completing this unit, students will be able to:


Use Process Explorer v16.04 as the default program for viewing process information.


View DLLs and handles to open processes.


Map a system thread to a device driver.


View and adjust thread priorities.


This unit introduces Process Monitor for performing real-time monitoring of the file system, registry, and process and thread activity. Students will learn how to use Process Monitor to help troubleshoot Windows devices and find related diagnostic information.


Tracking the System Loader Search for DLLs


Using Process Monitor to Find Application Registry Settings


Tracing a Process's Startup


Tracing Internet Explorer's Use of Windows Integrity Mechanisms


Viewing SRPs


After completing this unit, students will be able to:


Examine how the Windows operating system loader searches for dynamic-link libraries (DLLs).


Locate application registry settings.


Trace the startup of a process.


Trace how Internet Explorer uses Windows integrity mechanisms.


View software restriction policy (SRP) enforcement.


This unit introduces some of the commonly used PsTools command-line utilities that can be used to manage remote and local computers. In the lab, students will use PsTools to obtain information about system components, folder permissions, number of processors, and disk volumes. They will also use PsTools to terminate processes and to translate machine and user account names to their security identifiers (SIDs).


Obtaining System Information by Using PsTools


After completing this unit, students will be able to:


Find system information interactively across local or remote systems by using PsExec.


Obtain information about folder permissions by using Accesschk.


Obtain information about system components, number of processors, and disk volumes by using PsInfo.


Use PsKill to terminate a process.


Translate machine and user account names to their equivalent security identifiers (SIDs).


This unit focuses on the enhanced Task Manager in Windows 8.1 and Autoruns, which is one of the Sysinternals tools. These tools help in identifying the apps and services that start automatically when a computer starts.


Working with Apps by Using Task Manager and Task Scheduler


Exploring Autoruns Options


After completing this unit, students will be able to:


Examine autostart processes.


Add an app to the autostart process.


Remove an app from the autostart process.


Use Autoruns to manage autostarts.


Chiama il centro

Hai bisogno di un coach per la formazione?

Ti aiuterà a confrontare vari corsi e trovare l'offerta formativa più conveniente.

MVA Workshop: Troubleshooting Windows Systems with SysInternals Tools

Prezzo da consultare