From the course: CompTIA CySA+ (CS0-002) Cert Prep: 5 Security Operations and Monitoring
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Process analysis with SysInternals
From the course: CompTIA CySA+ (CS0-002) Cert Prep: 5 Security Operations and Monitoring
Process analysis with SysInternals
- [Instructor] Sysinternals is one of the most valuable sets of tools for cybersecurity analysts working in a Windows environment. The Sysinternals suite began as a collection of tools developed over 20 years ago by a company called Winternals. Winternals recognized that Windows made it difficult for administrators to peer under the hood and see what was going on within their systems. So they developed a set of tools designed to do just that. Microsoft acquired Winternals about a decade ago, and they continue to update the Sysinternals Suite and make it available for free to Windows users. The Sysinternals Suite is available on the Microsoft TechNet website, and you can choose to download the tools, either one by one, or as an entire suite. On this Windows server, I've already downloaded the entire Sysinternals Suite. As you can see, it contains over a hundred utilities, each with a very specific purpose. I'll show you a few…