Professional Documents
Culture Documents
Fundamento de Seguridad
I
Practica
Laboratorio 2
I
Participante
Aneuris Canot Arias 2021-0551
I
Facilitador
Juan Alexander Ramirez
I
Sección
#07
I
Fecha
28/09/2023
© Cisco and/or its affiliates. All rights reserved. Cisco Confidential Page 1 of 4 www.netacad.com
Class Activity – Identify Running Processes
Background / Scenario
In this lab, you will explore processes. Processes are programs or applications in execution. You will explore
the processes using Process Explorer in the Windows Sysinternals Suite. You will also start and observe a
new process.
Required Resources
• 1 Windows PC with Internet access
© Cisco and/or its affiliates. All rights reserved. Cisco Confidential Page 2 of 4 www.netacad.com
Class Activity – Identify Running Processes
b. Open Tcpview.exe. Accept the Process Explorer License Agreement when prompted. Click Yes to allow
this app to make changes to your device.
c. Exit the File Explorer and close all the currently running applications.
b. Double-click lsass.exe.
What is lsass.exe? In what folder is it located?
Local Security Authority Process
C:\Windows\System32\Isass.exe
c. Close the properties window for lsass.exe when done.
d. View the properties for the other running processes.
Note: Not all processes can be queried for properties information.
© Cisco and/or its affiliates. All rights reserved. Cisco Confidential Page 3 of 4 www.netacad.com
Class Activity – Identify Running Processes
c. Reopen the web browser. Research some of the processes listed in TCPView. Record your findings.
El proceso Isass.exe verifica la valides del inicio de sección del usuario en la PC. Services.exe es
usado para iniciar y parar servicios y cambiar los ajustes de inicio de los servicios por defecto. El
proceso svchost.exe service hot ayuda al proceso de compartir recursos del Sistema mucho de
estos recursos y estados son localizados en la carpeta C:\Windows\System32\ si estos
ejecutables son encontrados en otro lugar del Sistema podría ser malware, como virus espías,
troyanos y gusanos
© Cisco and/or its affiliates. All rights reserved. Cisco Confidential Page 4 of 4 www.netacad.com