How to become an Azure Expert – for Windows Admins

A good starting point for windows/Linux IT administrators to debut into Azure is to start with the below series – ” Inside Azure datacenter” , “Case of the Unexplained”. Having a mastery on SysAdmin tools(See Defrag tools section below) will be an added advantage.

Watch free on-demand recordings of Mark’s top-rated presentations from TechEd, BUILD and other conferences on Azure, security, Windows troubleshooting, malware hunting. If you have a question about a topic in any of these webcasts, please visit the Sysinternals Forum for answers and help from other users and moderators.

Inside Azure datacenter

Mark takes you on a tour of Azure’s datacenter architecture and implementation innovations, describing everything from Azure’s global infrastructure, to how we enable large-scale enterprise scenarios on both cloud and edge, to how we bring quantum computing to real-world scenarios today, and more.

Case of the Unexplained

• The Case of the Unexplained 2015
• The Case of the Unexplained 2014
• The Case of the Unexplained 2013
• The Case of the Unexplained 2012
• The Case of the Unexplained 2011
• The Case of the Unexplained 2010
• Mark’s “The Case of…” blog posts come alive in these recorded webcasts of his #1-rated TechEd sessions. Learn how to troubleshoot the toughest Windows and application problems by watching Mark use Sysinternals and other advanced tools to solve real-world examples. Be sure to check out all webcasts since they include totally different troubleshooting examples and demonstrate different techniques.

Windows Internals

• Tech-Ed North America 2011: Mysteries of Windows Memory Management Revealed, Part1
  Tech-Ed North America 2011: Mysteries of Windows Memory Management Revealed, Part2
  If you want to know the difference between System Committed memory and Process Committed memory, wondered what all those memory numbers shown by Task Manager really mean, or want to gain insight into the memory-related impact of a process, then this talk is for you. Watch Mark in this on-demand webcast from North America 2011.
• Pushing the Limits of Windows
  Watch as Mark explains Windows limits related to object handles, virtual memory and physical memory. Along the way he explains where the limits come from and how to monitor your applications so that you’re warned when they approach the limits and so that you can size your systems to accommodate their resource requirements.
• Inside Windows Server 2008R2 Virtualization and VHD Improvements
  Mark takes you inside new Windows virtualization and VHD features, including live VM migration, core parking and timer coalescing, hypervisor power management support,and new hardware-assisted guest memory management. He delivers the entire presentation from a Windows installation that was booted from VHD to show you how Windows implements a native VHD stack and how the boot architecture has changed to accommodate booting from VHD images.
• Channel9: Mark Russinovich goes Inside Windows 7
  Mark talks about kernel changes in Windows 7 and Windows Server 2008R2, including the removal of the scheduler’s dispatcher lock, support for up to 256 CPUs, boot from VHD, MinWin, core parking for power savings and more.
• Channel9: Mark Russinovich: Inside Windows 7 Redux
  In a follow-on to the previous Inside Windows 7 discussion, Mark digs into the insides of Windows 7, way deep down in the system (the cumulative effects of which help to make Windows 7 Microsoft’s most reliable, scalable and efficient general purpose operating system to date).
• Channel9: Mark talks about working at Microsoft, Windows Server 2008’s kernel, MinWin vs ServerCore and Hyper-V
  Channel 9 chats with Technical Fellow and Sysinternals founder Mark Russinovich to dig a bit into what’s new in the Windows Server 2008 kernel. Of course, we talk about many things including HyperV, application virtualization, kernel architecture, and more….

Security

• TWC: Pass-the-Hash: How Attackers Spread and How to Stop Them
  Pass-the-hash transforms the breach of one machine into total compromise of infrastructure. The publication of attacks, and lack of tools to respond, have forced enterprises to rely on onerous and ineffective techniques. In this session, we deconstruct the PtH threat, show how the attack is performed, and how it can be addressed using new features and functionality recently introduced in Windows.
• TWC: Malware Hunting with Mark Russinovich and the Sysinternals Tools
  Mark provides an overview of several Sysinternals tools, including Process Monitor, Process Explorer, and Autoruns, focusing on the features useful for malware analysis and removal. These utilities enable deep inspection and control of processes, file system and registry activity, and autostart execution points. He demonstrates their malware-hunting capabilities by presenting several current, real-world malware samples and using the tools to identify and clean malware.
• License to Kill: Malware Hunting with the Sysinternals tools
  This session provides an overview of several Sysinternals tools, including Process Monitor, Process Explorer, and Autoruns, focusing on the features useful for malware analysis and removal. These utilities enable deep inspection and control of processes, file system and registry activity, and autostart execution points. You will see demos for their malware-hunting capabilities through several real-world cases that used the tools to identify and clean malware,and conclude by performing a live analysis of a Stuxnet infection’s system impact.
• Zero Day: A Non-Fiction View
  Mark makes the case for how his hit cyberthriller, ZeroDay, is likely to be realized in non-fiction form in this 20-minute short version of his well-popular RSA Conference session.
• Zero Day Malware Cleaning with the Sysinternals tools
  Slides from Mark’s highly-rated Blackhat US 2011 presentation how to use the Sysinternals tools to hunt down and eliminate malware.
• Channel9: Mark Talks about Windows Security and Core Architecture
  Check out Mark’s Channel 9 interview where he talks about how he got started with Windows internals, new security features in Windows Vista, User Account Control,and what he’s doing at Microsoft.

Defrag Tools

• Defrag Tools Shows
  Episodes 1 – 12 of the Defrag Tools shows focus on Sysinternals tools. Each episode covers a specific tool used on the tech support show Defrag, covering when and why to use the tools, and providing tips on how to get the most out of them:
  • Defrag Tools: #1 – Building your USB thumbdrive
  • Defrag Tools: #2 – Process Explorer
  • Defrag Tools: #3 – Process Monitor
  • Defrag Tools: #4 – Process Monitor – Examples
  • Defrag Tools: #5 – Autoruns and MSConfig
  • Defrag Tools: #6 – RAMMap
  • Defrag Tools: #7 – VMMap
  • Defrag Tools: #8 – Mark Russinovich
  • Defrag Tools: #9 – ProcDump
  • Defrag Tools: #10 – ProcDump – Triggers
  • Defrag Tools: #11 – ProcDump – Windows 8 & Process Monitor
  • Defrag Tools: #12 – TaskMgr and ResMon