Unintended Consequences and Sysinternals at Tech-Ed North America 2011

I'm presenting a couple of sessions at Tech-Ed in Atlanta (May 16-19, 2011):

The first is "Unintended Consequences of Security Lockdowns", which was very highly rated when I presented it last month at TechReady, Microsoft's internal training event.

Security-conscious organizations often lock down their systems based on prescriptive guidance from Microsoft, US Federal government agencies or other security organizations. Sometimes these settings can lead to unpleasant surprises and unexpected side effects. This session will describe and demonstrate some of the common issues that can arise, and whether and how those settings actually help or hurt. Is there benefit to not granting Administrators the “Debug” privilege? Does “Hide mechanisms to remove zone information” break anything? Is the “Require trusted path for credential entry” setting worth the inconvenience? Come see!

It's got several eye-opening demos, including a couple that led to changes in Microsoft's and others' security guidance.

The second session is "Sysinternals Primer: Autoruns, Disk2vhd, ProcDump, BgInfo and AccessChk":

The Sysinternals utilities are vital tools for any computer professional on the Windows platform. Mark Russinovich's popular "Case Of The Unexplained" demonstrates some of their capabilities in advanced troubleshooting scenarios. This complementary tutorial session focuses primarily on the utilities themselves, giving you tips and techniques for using their full functionality for troubleshooting and systems management. This session follows the same format as last year’s highly-rated delivery (*) , and covers a different set of the most useful Sysinternals tools.

(*) Last year's session, which I delivered with Tim Reckmeyer, covered Process Explorer, Process Monitor and PsExec.

I guess you might be wondering why I'm delivering a session on Sysinternals utilities. That would be a good question, because I see now that I haven't actually blogged about it yet: I am the co-author with Mark Russinovich of the upcoming Windows Sysinternals Administrators Reference on Microsoft Press, so I've been getting to know the Sysinternals utilities really well :). More info on the book soon. In the meantime, here is the updated cover:

656727.indd