BlackBelt – Mastering the Sysinternals Toolkit

ATTENTION! This course is taught in English!

Sysinternals Toolkit is the most important toolkit for all Windows admins. There are lot’s of sessions and there is a great book about it but there hasn’t been a great classroom training about it – Now there is! On this class one of the top experts in Windows Troubleshooting and Security, Sami Laiho, teaches you how to take full advantage of this toolkit! You will learn deep knowledge about the most important tools like Process Explorer, Process Monitor and Sysmon, but also learn how to benefit from not that well known tools in the toolkit. This course teaches you how to sharpen your skills with the tools and save time and money in your day to day job. You will also get a free copy of the brand new “Troubleshooting with the Windows Sysinternals Tools (2nd Edition)”.

Level: 300

Target audience: This training is meant for all administrators and IT professionals who want to be better in their work.

Prerequisites Basic experience with Windows Administration, Basic understanding of Active Directory, Basic understanding of networking infrastructure.

Coursegoals: Join this two day workshop by Sami Laiho, one of the world’s leading Windows Security experts and learn how to master the most important toolkit out there in real life scenarios with hands on labs.

Material: Labmanual, slides and THE BOOK.

Detailed content description (Agenda):

DAY 1:

Working with the Sysinternals Toolkit

• Learning the needed basics of how Windows OS works
• Learning the prereqs of the toolkit and how to install everything
• Learning how to tweak the toolkit to make it perform the best

Troubleshooting Processes and Registry with Process Monitor

• How to work with filesystems, registry, networking and other parts of the tool
• How to use Process Monitor for discovering how the OS and apps work

Troubleshooting Memory and Disks with Sysinternals tools

• How to troubleshoot the two most common bottlenecs: Memory and Disks
• Learning how physical memory works versus virtual memory

Troubleshooting Filesystems with Sysinternals tools

• Working with different filesystem related problems
• Discovering how the filesystems work

DAY 2:

Troubleshooting Security and Active Directory Issues with Sysinternals tools

• Discovering and analyzing the security subsystem
• Troubleshooting issues related to permissions and privileges
• Using Sysinternals tools to find security weaknesses

Troubleshooting Startup and Shutdown sequences with Sysinternals tools

• Finding reasons for slow startup, logon, logoff and shutdown
• Fighting malware that automatically starts with the machine

Working with Memory Dumps and Debugging Using Sysinternals tools

• Learning what debugging is and how it can be easier with assistance from the Sysinternals tools
• Automating the process of memory dump creation and analysis

Exploring the Hidden Gems of Sysinternals toolkit

• Networking tools
• Smaller Powertoys included in the toolkit
• Cool tips on less known tools that many have never tried