+ All Categories
Home > Documents > CDA Training Session 08 v01

CDA Training Session 08 v01

Date post: 06-Apr-2018
Category:

Documents
Upload: crystal17613
View: 217 times
Download: 0 times
Download Report this document
Share this document with a friend

of 58

Download
Transcript

  • 8/3/2019 CDA Training Session 08 v01

    1/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved

    Cyber Defense Academy

    Session 08November 17, 2011

    Please Note:If you havent viewed all the Sessions

    before this one, please do so now.The topics in this session depend onyou having viewed these priorSessions first.

  • 8/3/2019 CDA Training Session 08 v01

    2/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved 2

    Regular Major Themes

    Topics in CyberPatriot / Computer Science Topics in Windows Topics in Linux (not today)

    Overview of Todays Session

    Additional training in Networking Focus on Windows XP (Part 1)

  • 8/3/2019 CDA Training Session 08 v01

    3/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved

    Quiz

    3

  • 8/3/2019 CDA Training Session 08 v01

    4/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved 4

    Quiz

  • 8/3/2019 CDA Training Session 08 v01

    5/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved 5

    Quiz

  • 8/3/2019 CDA Training Session 08 v01

    6/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved

    CyberPatriot

    6

  • 8/3/2019 CDA Training Session 08 v01

    7/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved 7

    CyberPatriotStrategy Update

    Wait for it Use the time from noon Friday until mid-Saturday to

    explore the image Many teams went to 100% in a few minutes Use your shadows

    Use your techniques, OOB, CDA Benchmarks Analysis of Scores in Round 1

    Large number of 100% scores ASD: 20 teams OD: 67 teams

    Everyone needs a score of 80% - 100% in Round 2 Announcement for Round 2

    Windows XP Windows 2003 Timing Counts

    You can see the scores in real-timeduring the Competition at:

    http://cybernexs.saic.com/cndx/spectator_displays/ranked_scores_by_os.php

  • 8/3/2019 CDA Training Session 08 v01

    8/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved 8

    CyberPatriotNetwork 103 Network Devices

    Network Devices any device attached to a TCP/IP networkwith an IP address

    Hosta workstation or server

    Data terminal equipment a device that is the finaldestination for the packet (e.g. printer)

    Hub connects multiple Ethernet segments into a singlesegment (everyone hears the traffic)

    Switch directs outside traffic to only the specific destinationsegment (only destination hears the traffic)

    Router reads address information and sends packets

    toward their ultimate destination based on a routing table(audience depends on the segment)

    Sniffer a device that can read every packet on the segmentwithout being detected

  • 8/3/2019 CDA Training Session 08 v01

    9/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved 9

    CyberPatriotNetwork 103 Network Diagrams

    Hub

    Computer

    Computer

    Computer Computer

    Computer

    Printer

    Switch

    Computer

    Computer

    Server Computer

    Computer

    Printer

    Router Internet

    Logical Representation Logical Representation

  • 8/3/2019 CDA Training Session 08 v01

    10/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved 10

    CyberPatriotNetwork 103 Network Topology

    Star

    Examples of network topology

    Ring Bus

  • 8/3/2019 CDA Training Session 08 v01

    11/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved 11

    CyberPatriotNetwork 103 - Ping

    Ping - network administration tool to test the reachability ofa node on a network and to measure round-trip time Named after active sonar technology Sends an Internet Control Message Protocol (ICMP)

    echo request packet (8 byte header, 20 byte payload) to

    the target Measures the time of reception and any packet loss Ping floodsare a simple form of denial-of-service attack

    Hear the sound

    http://www.youtube.com/watch?v=D9kv_V5lhiE

    See example on the next slide

    Ping

    http://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiE

  • 8/3/2019 CDA Training Session 08 v01

    12/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved 12

    CyberPatriotNetwork 103 Ping Example

    ping c 5 iSmoke(Send 5 pings to the host named iSmoke)

    command count value targetOn a PC, go to Run > cmd

    http://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiE

  • 8/3/2019 CDA Training Session 08 v01

    13/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved 13

    CyberPatriotNetwork 103 Ping Pros & Cons

    Key tool for Network Administrators Verify known devices are still present Detect noise on the circuit Detect a chatty NIC Identify missing segments

    Identify missing devices

    Key tool for Network Attackers Discover all IP addresses Launch ping floods

    http://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiE

  • 8/3/2019 CDA Training Session 08 v01

    14/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved 14

    CyberPatriotNetwork 103 - SNMP

    Simple Network Management Protocol For managing devices on IP networks Last updated by RFC 3411 3418 SNMPv3 peer-to-peer protocol Architecture is:

    Network Manager an administrative computer

    Network Management System (NMS) softwarethat monitors and controls managed devices

    Management Information Base (MIB) a datastructure on each Managed Device containingobjects and their values for that device

    Agent software on each Managed Device thatgets/sets MIB data and sends in SNMP format

    Network Manager

    NMS

    MIBAgent

    Managed Devices

    MIBAgent

    MIBAgent

    Printer

    Router

    Computer

    http://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiE

  • 8/3/2019 CDA Training Session 08 v01

    15/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved 15

    CyberPatriotNetwork 103 NMS Example

    AutoScan-Network

    For managing an IP network(s) Runs on Macs, Windows XP/Vista, GNU/Linux Free at:

    http://autoscan-network.com/

    http://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiE

  • 8/3/2019 CDA Training Session 08 v01

    16/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved 16

    Prepare for competition Run the ping command Discover the network devices on your network via a free

    NMS

    Homework for CyberPatriot

    http://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiE

  • 8/3/2019 CDA Training Session 08 v01

    17/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved

    WINDOWS

    17

    http://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiE

  • 8/3/2019 CDA Training Session 08 v01

    18/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved 18

    Todays Topics Tools

    Task Manager

    Process Explorer

    Unlocker

    Warp

    Techniques Folder Options

    Prefetch

    Running backups (every hour) Booting in Safe Mode

    Run-time Downloads & the Internet

    Hard Disk Growth

    Advanced Windows TopicsOverview

    http://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiE

  • 8/3/2019 CDA Training Session 08 v01

    19/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved 19

    All Service Packs found at:http://support.microsoft.com/kb/322389

    Windows Security/ Task Manager Process Explorer Unlocker Warp

    Tools

    CDA RankingsRequiredEssentialUsefulInterestingDistracting

    Make sure your Service Pack downloads have the exact file name as shownabove and equivalent size.

    Dont run ComboFix, it thinks CyberNEXS is evil

    and removes it.

    http://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiE

  • 8/3/2019 CDA Training Session 08 v01

    20/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved 20

    Shows currently active Processes Activate the tool by pressing CNTL-ALT-DEL, click the

    Task Manager button, then click the Processes tab

    Free included in OS

    Advanced Windows TopicsTools - Windows Security/ Task Manager

    CDA RankingsRequiredEssentialUsefulInterestingDistracting

    http://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiE

  • 8/3/2019 CDA Training Session 08 v01

    21/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved 21

    A discoverytool showing: Currently active processes

    Description of each process

    Company who wrote the process

    CPU and RAM utilization of each process

    Services consumed by the process

    DLLs used by the process

    Files used/owned by the process

    Free at:http://www.softpedia.com/get/System/System-Info/Process-Explorer.shtml

    Advanced Windows TopicsTools - Process Explorer (1 of 6)

    CDA RankingsRequiredEssentialUsefulInterestingDistracting

    http://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiE

  • 8/3/2019 CDA Training Session 08 v01

    22/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved 22

    Advanced Windows TopicsTools - Process Explorer (2 of 6)

    Main Window

    Indenturedprocesses

    CPU RAM Description Company

    Name

    Note themultipleinstances ofsvchost.exe

    http://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiE

  • 8/3/2019 CDA Training Session 08 v01

    23/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved 23

    Advanced Windows TopicsTools - Process Explorer (3 of 6)

    Two Panes(DLL in lowerpane)

    AvastSvc.exe is selectedin the upperpane

    The DLL filesneeded byAvastSvc.exe are shownin the lower

    pane

    http://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiE

  • 8/3/2019 CDA Training Session 08 v01

    24/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved 24

    Advanced Windows TopicsTools - Process Explorer (4 of 6)

    Two Panes(Handles inlower pane)

    AvastSvc.exe is selectedin the upperpane

    The filesheld by

    AvastSvc.exe are shownin the lower

    pane

    http://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiE

  • 8/3/2019 CDA Training Session 08 v01

    25/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved 25

    Advanced Windows TopicsTools - Process Explorer (5 of 6)

    Properties

    A rich set ofdata isavailable inthePropertieswindow

    TheServices

    tab showsthe servicesconsumed by

    the process

    http://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiE

  • 8/3/2019 CDA Training Session 08 v01

    26/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved 26

    In summary Its small

    Its cheap

    Its safe

    It shows whos grabbing your system

    Recommendation: get an additional monitor (e.g. 24

    LCD/ LED monitor) and leave Process Explorer up all thetime

    Advanced Windows TopicsTools - Process Explorer (6 of 6)

    http://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiE

  • 8/3/2019 CDA Training Session 08 v01

    27/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved

    5 minute break

    27

    http://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiE

  • 8/3/2019 CDA Training Session 08 v01

    28/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved 28

    A discoverytool showing: Who owns the handle on a file

    Allows you to unlock the handle so that you candelete the file or folder

    Free at:http://www.softpedia.com/get/System/System-Info/Process-Explorer.shtml

    Advanced Windows TopicsTools - Unlocker (1 of 2)

    CDA RankingsRequiredEssentialUsefulInterestingDistracting

    http://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiE

  • 8/3/2019 CDA Training Session 08 v01

    29/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved 29

    Advanced Windows TopicsTools - Unlocker (2 of 2)

    1) Try to delete MSNGaming Zone

    2) Error deleting

    3) Right-click theinvoke Unlocker (anExplorer extension)

    4) Unlocker reveals

    PID 964 has a handleon MSN

    5) Process Explorerconfirms the ownerand handle

    6) Unlock All

    releases the handle

    1

    2

    3

    4

    5

    6

    http://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiE

  • 8/3/2019 CDA Training Session 08 v01

    30/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved 30

    A discoveryand repairtool showing: Finds errors in the Registry

    Finds many other types of Windows errors

    Free at:http://www.nchsoftware.com/registry-cleaner/index.html

    Advanced Windows TopicsTools - Warp (1 of 7)

    CDA RankingsRequiredEssentialUsefulInterestingDistracting

    http://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiE

  • 8/3/2019 CDA Training Session 08 v01

    31/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved 31

    Advanced Windows TopicsTools - Warp (2 of 7)

    Scan Results

    Shows theresults froma scan of thesystem

    http://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiE

  • 8/3/2019 CDA Training Session 08 v01

    32/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved 32

    Advanced Windows TopicsTools - Warp (3 of 7)

    Scan Details(screen 1 of 3)

    Shows thedetails from ascan of thesystem

    http://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiE

  • 8/3/2019 CDA Training Session 08 v01

    33/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved 33

    Advanced Windows TopicsTools - Warp (4 of 7)

    Scan Details(screen 2 of 3)

    Shows thedetails from ascan of thesystem

    http://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiE

  • 8/3/2019 CDA Training Session 08 v01

    34/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved 34

    Advanced Windows TopicsTools - Warp (5 of 7)

    Scan Details(screen 3 of 3)

    Shows thedetails from ascan of thesystem

    http://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiE

  • 8/3/2019 CDA Training Session 08 v01

    35/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved 35

    Advanced Windows TopicsTools - Warp (6 of 7)

    Repair Results

    Shows theresults fromthe repair ofthe system

    http://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiE

  • 8/3/2019 CDA Training Session 08 v01

    36/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved 36

    Advanced Windows TopicsTools - Warp (7 of 7)

    Repair Details

    Shows theresults fromthe repair ofthe system

    http://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiE

  • 8/3/2019 CDA Training Session 08 v01

    37/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved 37

    Many, many Registry cleaners are available, most for a fee Two others were evaluated

    RegGenie: $35

    RegZooka: $30

    The commercial Registry cleaners seemed to fix problemsthat are not pertinent to CyberPatriot

    ActiveX

    Uninstall entries

    Empty Registry Keys

    Advanced Windows TopicsTools - About other Registry Cleaners

    http://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiE

  • 8/3/2019 CDA Training Session 08 v01

    38/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved 38

    CDA recommendations for setting your Folder Options Implement at Control Panel > Folder Options

    Select the View tab and implement the following

    Advanced Windows TopicsTechniques Folder Options

    Also, clickApply to

    All Folders

    http://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiE

  • 8/3/2019 CDA Training Session 08 v01

    39/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved 39

    A folder at C:\Windows\Prefetch (see next slide) A place where Windows remembers which files you

    commonly open

    Aids in preparing Windows to run applications and files thatyou often use

    Is self-maintaining, i.e., if you delete the contents, Windowswill rebuild it over time

    A place of discovery, where you can learn what applications

    and files were popular before you became Administrator ofthis system

    Advanced Windows TopicsTechniques Prefetch

    http://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiE

  • 8/3/2019 CDA Training Session 08 v01

    40/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved 40

    Advanced Windows TopicsTechniques Prefetch Example

    http://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiE

  • 8/3/2019 CDA Training Session 08 v01

    41/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved 41

    Making backups (every hour) Why is this needed?

    Blue Screen of Death*

    Image wont boot*

    Pros

    Can restart from a safe, known configuration

    Can explore multiple paths simultaneously onshadow computers

    Cons

    Takes 10 minutes each time

    *Recovery: Boot in Safe Mode (see next)

    **VMwares Snapshots offers a similar capability

    Advanced Windows TopicsTechniques Making backups

    Re-emphasizes the need toexplore each image beforecompeting

    http://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiE

  • 8/3/2019 CDA Training Session 08 v01

    42/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved 42

    Safe Mode a reduced, basic state of the operating system,excluding the network, startup items, prefetch items, alldrivers except essential ones (mouse, keyboard, etc.), fordiagnosing issues

    Activated by pressing F8 during Restart (Function-F8 on

    Macs)

    Multiple options (see next 5 slides)

    Advanced Windows TopicsTechniques Booting in Safe Mode (1 of 6)

    http://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiE

  • 8/3/2019 CDA Training Session 08 v01

    43/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved 43

    Opens withStart

    WindowsNormally

    selected

    Use thearrow keys to

    move up anddown toselect Safe

    Mode

    Advanced Windows TopicsTechniques Booting in Safe Mode (2 of 6)

    http://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiE

  • 8/3/2019 CDA Training Session 08 v01

    44/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved 44

    Select SafeMode

    Other primeoptions arewith

    Networking

    and with

    CommandPrompt

    Advanced Windows TopicsTechniques Booting in Safe Mode (3 of 6)

    http://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiE

  • 8/3/2019 CDA Training Session 08 v01

    45/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved 45

    All installedoperatingsystems areshown (onlyWindows XPPro in thiscase)

    Use thearrow keys tomove up anddown toselect yourOS

    Advanced Windows TopicsTechniques Booting in Safe Mode (4 of 6)

    http://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiE

  • 8/3/2019 CDA Training Session 08 v01

    46/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved 46

    Advisorynotice

    Advanced Windows TopicsTechniques Booting in Safe Mode (5 of 6)

    http://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiE

  • 8/3/2019 CDA Training Session 08 v01

    47/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved 47

    The desktop,with Safe

    Mode labels

    in all 4corners

    Could youGet MyStatus in

    Safe Mode?

    Advanced Windows TopicsTechniques Booting in Safe Mode (6 of 6)

    http://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiE

  • 8/3/2019 CDA Training Session 08 v01

    48/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved 48

    Download as much as possible before the competition

    Service Packs

    Tools

    Advanced Windows TopicsTechniques Pre-Competition Downloads

    Ad d Wi d T i

    http://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiE

  • 8/3/2019 CDA Training Session 08 v01

    49/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved 49

    Many files have to be downloaded during the competition

    Windows Updates Increase in size does not consider deleting the

    $NTUninstall files (discussed later) Approximately one-third of the size of each update is from

    downloading, the remainder is due to expansion

    Advanced Windows TopicsTechniques Run-time Downloads

    Anyone know how to download these before the Competition starts?

    Ad d Wi d T i

    http://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiE

  • 8/3/2019 CDA Training Session 08 v01

    50/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved 50

    With the Internet and time, you can pre-download

    Service Packs (584 MB)

    Tools (120 MB)

    During the Competition, however, another 1,200 MB has tobe downloaded

    Teams need a stable, reliable, fairly fast (1 3 Mbps)Internet connection

    Get one or more of the following sites:

    A team members house

    A local school

    Hotel with meeting room

    Starbucks

    AT&T AirCards

    Advanced Windows TopicsTechniques Got Internet?

    Test the connectionahead of time

    Ad d Wi d T i

    http://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiE

  • 8/3/2019 CDA Training Session 08 v01

    51/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved 51

    Your C:\ drive usage grows throughout the Competition

    Procrastination is Punished The Evil Growth Engine A malware that deliberately fills your hard drive with

    garbage

    Found by watching the C:\ properties and ProcessExplorer

    Advanced Windows TopicsTechniques Hard Disk Growth

    The Round 1image was

    particularly full

    The Round 1image grew by

    582 MB overnight,doing nothing

    Ad d Wi d T i

    http://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiE

  • 8/3/2019 CDA Training Session 08 v01

    52/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved 52

    Search for large files (i.e. greater than 30000 KB) using the

    following search criteria

    Advanced Windows TopicsTechniques Detecting HD Growth

    Turn on Advancedsearch settings toinclude:

    Search system

    folders

    Search hiddenfiles and folders

    Searchsubfolders

    Ad anced Windo s Topics

    http://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiE

  • 8/3/2019 CDA Training Session 08 v01

    53/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved 53

    Take a snapshot at the beginning of the Competition

    Take a snapshot(s) later. Compare

    Advanced Windows TopicsTechniques Detecting HD Growth

    http://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiE

  • 8/3/2019 CDA Training Session 08 v01

    54/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved 54

    Verify you have the right XP Service Packs

    Practice the new Tools Windows Security/ Task Manager Process Explorer Unlocker Warp

    Practice booting in Safe Mode

    Belarc on the XP Pro image Goal: Get the highest Belarc score Goal: Get your time-to-safe down

    Homework for Windows

    http://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiE

  • 8/3/2019 CDA Training Session 08 v01

    55/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved

    LINUX

    55

    Linux

    http://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiE

  • 8/3/2019 CDA Training Session 08 v01

    56/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved 56

    No tux today

    LinuxTodays Topics

    http://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiE

  • 8/3/2019 CDA Training Session 08 v01

    57/58

    C D A Session 08

    Copyright 2011, Cyber Defense Academy All Rights Reserved 57

    None

    Homework for Linux

    http://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiE

  • 8/3/2019 CDA Training Session 08 v01

    58/58

    C D A Session 08

    On schedule with Windows

    Behind schedule with Linux (but so we can emphasizeWindows for Qualification Round 1)

    Now have: Basic Strategy and Mechanics for running images Order of Battle Toolkits Expanding Repertoire of Techniques

    Basic Networking with Protocols and Encryption Advanced Windows skills (Administering, Registry,

    Hotfixes, Updated CIS Benchmarks for W2K)

    Summary

    http://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiEhttp://www.youtube.com/watch?v=D9kv_V5lhiE

Recommended
Training session: Clinical Document Architecture (CDA) and ... · Training session: Clinical Document Architecture (CDA) and Fast Healthcare Interoperability Resources (FHIR), introduction,

Training session: Clinical Document Architecture (CDA) and ... · Training session: Clinical Document Architecture (CDA) and Fast Healthcare Interoperability Resources (FHIR), introduction,

Documents

AdultDS- CDA · Title: AdultDS- CDA Author: darre Created Date: 20190109160524Z

AdultDS- CDA · Title: AdultDS- CDA Author: darre Created Date: 20190109160524Z

Documents

(AP) New Delhi CDA Chennai CDA Patna CDA Secundrabad 10. CDA Jabalpur 11. CDA (IDS) New Delhi (Through CGDA's Website) Sub:- Levy of IGST on import of Defence Equipment reg. For better

(AP) New Delhi CDA Chennai CDA Patna CDA Secundrabad 10. CDA Jabalpur 11. CDA (IDS) New Delhi (Through CGDA's Website) Sub:- Levy of IGST on import of Defence Equipment reg. For better

Documents

FAST CDA: FHIR Tool Stack for CDA...Certified HL7 CDA Specialist, 2015 Oliver Egger phone: +41765795005 oliver.egger@ahdis.ch twitter: @oliveregger . FAST CDA: FHIR Tool Stack for

FAST CDA: FHIR Tool Stack for CDA...Certified HL7 CDA Specialist, 2015 Oliver Egger phone: +41765795005 [email protected] twitter: @oliveregger . FAST CDA: FHIR Tool Stack for

Documents

CDA (SH 121) +CDA (SH 161) +NTTA (Regional 5) $$

CDA (SH 121) +CDA (SH 161) +NTTA (Regional 5) $$

Documents

iihmsp2009 program release v01 · 2012-12-07 · Computin Session A04 : Wired and Wireless Multimedia Networking and Applications Session A05 : Intelligent Surveillance and Pattern

iihmsp2009 program release v01 · 2012-12-07 · Computin Session A04 : Wired and Wireless Multimedia Networking and Applications Session A05 : Intelligent Surveillance and Pattern

Documents

CDA Rules0001

CDA Rules0001

Documents

What is The Clinical Document Architecture Release … of this Session What is the Clinical Document Architecture (CDA)? – The characteristics of a CDA document. – What is human

What is The Clinical Document Architecture Release … of this Session What is the Clinical Document Architecture (CDA)? – The characteristics of a CDA document. – What is human

Documents

cdapatna.bih.nic.incdapatna.bih.nic.in/scan0043.pdf · Through Website NO. DDP/NPS/QPR/V01-111 0/0 the CDA Patna Dated: 28.072016 The Officer in Charge All PAOs/Nodal Office (Under

cdapatna.bih.nic.incdapatna.bih.nic.in/scan0043.pdf · Through Website NO. DDP/NPS/QPR/V01-111 0/0 the CDA Patna Dated: 28.072016 The Officer in Charge All PAOs/Nodal Office (Under

Documents

bsbproduction.s3.amazonaws.com · Web viewCBA Rules v01/15. CBA Rules v01/15. CBA Rules v01/15. C. BA. Rules. v01 / 15. CBA Rules v01/15. C. BA. Rules. v01 / 15. Page 1 of 24. Page.

bsbproduction.s3.amazonaws.com · Web viewCBA Rules v01/15. CBA Rules v01/15. CBA Rules v01/15. C. BA. Rules. v01 / 15. CBA Rules v01/15. C. BA. Rules. v01 / 15. Page 1 of 24. Page.

Documents

BlackJack v01

BlackJack v01

Documents

Eurocloud v01

Eurocloud v01

Documents

CDA INFANT/TODDLER SAMPLE CURRICULUMbkc-od-media.vmhost.psu.edu/.../CDA_Curriculum... · CDA INFANT/TODDLER SAMPLE CURRICULUM 1 CDA Infant/Toddler Sample Curriculum The CDA Infant/Toddler

CDA INFANT/TODDLER SAMPLE CURRICULUMbkc-od-media.vmhost.psu.edu/.../CDA_Curriculum... · CDA INFANT/TODDLER SAMPLE CURRICULUM 1 CDA Infant/Toddler Sample Curriculum The CDA Infant/Toddler

Documents

CDA Inspector

CDA Inspector

Documents

HL7 CDA R2 Basic Requirements - Gazellegazelle.ihe.net/cda/cda-basic-req.pdf · HL7 CDA R2 Basic Requirements Abderrazek Boufahja April 14, 2014 gazelle team /IHE-Europe ersionV 0.1

HL7 CDA R2 Basic Requirements - Gazellegazelle.ihe.net/cda/cda-basic-req.pdf · HL7 CDA R2 Basic Requirements Abderrazek Boufahja April 14, 2014 gazelle team /IHE-Europe ersionV 0.1

Documents

Feb 2013 cda 2 0 information session

Feb 2013 cda 2 0 information session

Documents

CDA Annual Session 2014

CDA Annual Session 2014

Documents

Vabaduse väljak 7, 15199 Tallinn · 2019-11-25 · Kristiine CDA SA Tallinna Hambapolikliinik Lasnamäe CDA SA Tallinna Lauluväljak Mustamäe CDA SA Tallinn 2011 Nõmme CDA Pirita

Vabaduse väljak 7, 15199 Tallinn · 2019-11-25 · Kristiine CDA SA Tallinna Hambapolikliinik Lasnamäe CDA SA Tallinna Lauluväljak Mustamäe CDA SA Tallinn 2011 Nõmme CDA Pirita

Documents