Archive for the ‘Certification’ Category
Monday, May 11th, 2009
This is an example from the sample question set of the forthcoming memory dump analysis certification planned by Memory Analysis and Debugging Institute. You can reply to this post with your answers.
Q. Interpret the fragment from WinDbg output below.
0:002> !teb
[...]
TEB at 7efaf000
[...]
0:002> dds poi(7efaf000+8) poi(7efaf000+4)
01192000 00000000
01192004 00000000
01192008 00000000
[...]
0119e448 00010020
0119e44c 00030002
0119e450 00050004
0119e454 00070006
0119e458 00090008
0119e45c 000b000a
0119e460 000d000c
0119e464 000f000e
0119e468 00110010
0119e46c 00130012
0119e470 00150014
0119e474 00170016
0119e478 00190018
0119e47c 001b001a
0119e480 001d001c
0119e484 001f001e
0119e488 00210020
0119e48c 00230022
0119e490 00250024
0119e494 00270026
0119e498 00290028
0119e49c 002b002a
0119e4a0 002d002c
0119e4a4 002f002e
0119e4a8 00310030
0119e4ac 00330032
0119e4b0 00350034
0119e4b4 00370036
0119e4b8 00390038
0119e4bc 003b003a
0119e4c0 003d003c
0119e4c4 003f003e
0119e4c8 00410040 MyService!__InternalCxxFrameHandler+0x5c
0119e4cc 00430042
0119e4d0 00450044
0119e4d4 00470046
0119e4d8 00490048
0119e4dc 004b004a
0119e4e0 004d004c
0119e4e4 004f004e
0119e4e8 00510050 advapi32!`string'+0x164
0119e4ec 00530052 advapi32!GetPerflibKeyValue+0x184
0119e4f0 00550054 advapi32!`string'+0x20c
0119e4f4 00570056 advapi32!_NULL_IMPORT_DESCRIPTOR+0x2714
0119e4f8 00590058 advapi32!szPerflibSectionName <PERF> (advapi32+0x90058)
0119e4fc 005b005a shlwapi!_CRT_INIT+0xaf
0119e500 005d005c shlwapi!_OpenProgidKey+0xee
0119e504 005f005e shlwapi!_pRawDllMain <PERF> (shlwapi+0x5005e)
0119e508 00410060 MyService!__InternalCxxFrameHandler+0x7c
0119e50c 00430042
0119e510 00450044
0119e514 00470046
0119e518 00490048
0119e51c 004b004a
0119e520 004d004c
0119e524 004f004e
0119e528 00510050 advapi32!`string'+0x164
0119e52c 00530052 advapi32!GetPerflibKeyValue+0x184
0119e530 00550054 advapi32!`string'+0x20c
0119e534 00570056 advapi32!_NULL_IMPORT_DESCRIPTOR+0x2714
0119e538 00590058 advapi32!szPerflibSectionName <PERF> (advapi32+0x90058)
0119e53c 007b005a
0119e540 007d007c
0119e544 007f007e
[...]
Choose all answers that are valid:
a. ASCII string fragment
b. Raw stack data
c. Exception handling
d. UNICODE string fragment
e. Partial stack traces
f. Performance monitoring
g. Execution residue
- Dmitry Vostokov @ DumpAnalysis.org -
Posted in Certification, Crash Dump Analysis, Debugging, Education and Research, Memory Dump Analysis Jobs | 2 Comments »
Tuesday, November 25th, 2008
I’m pleased to announce that OpenTask has submitted the book Dumps, Bugs and Debugging Forensics: The Adventures of Dr. Debugalov for printing and here is the link to TOC:
Table of Contents
- Dmitry Vostokov @ DumpAnalysis.org -
Posted in Announcements, Books, Bugtations, Cartoons, Certification, Code Reading, Crash Dump Analysis, Crash Dumps for Dummies, Debugging, Fun with Crash Dumps, Memory Analysis Forensics and Intelligence, New Words, Philosophy, Publishing, Science of Memory Dump Analysis, Software Technical Support, Testing, WinDbg Tips and Tricks | No Comments »
Saturday, October 18th, 2008
Paperback edition of Memory Dump Analysis Anthology, Volume 2 is finally available on Amazon
and Barnes & Noble. Search Inside is also available on Amazon. In addition, I updated the list of recommended books:
Listmania! Crash Dump Analysis and Debugging
Hardcover edition will be available on Amazon and B&N in 2-3 weeks.
- Dmitry Vostokov @ DumpAnalysis.org -
Posted in Announcements, Assembly Language, Books, Bugchecks Depicted, CDF Analysis Tips and Tricks, Certification, Citrix, Common Mistakes, Crash Dump Analysis, Crash Dump Patterns, Crash Dumps for Dummies, Data Recovery, DebugWare Patterns, Debugging, Fun with Crash Dumps, Hardware, Kernel Development, Memory Analysis Forensics and Intelligence, Memory Dump Analysis Jobs, Memory Visualization, Minidump Analysis, Music for Debugging, New Words, Philosophy, Publishing, Science of Memory Dump Analysis, Security, Software Architecture, Software Technical Support, Stack Trace Collection, Testing, Tools, Training and Seminars, Troubleshooting Methodology, Virtualization, Vista, WinDbg Scripts, WinDbg Tips and Tricks, WinDbg for GDB Users, Windows Server 2008 | No Comments »
Friday, October 17th, 2008
I was surprised when I found on Microsoft MCP site that I can print my certificate for Windows Internals exam. Here it is:
Seems Microsoft certificates changed colours again. I was certified as MCSD in Microsoft® Windows® Architecture, OLE 2.0 and MFC in 1997 and after upgrading the status by passing “Analyzing Requirements and Defining Solution Architectures” exam around the turn of the century I got updated certificates with silver colors. I’ll put pictures of them later.
- Dmitry Vostokov @ DumpAnalysis.org -
Posted in Announcements, Certification | No Comments »
Friday, October 17th, 2008
Shortly after celebrating 5 years at Citrix I got my first certificate since the 1st of December, 2006 when I was certified in Kernel Debugging for Windows®. Now it is also my first Citrix certificate and it marks my 5 year service:
- Dmitry Vostokov @ DumpAnalysis.org -
Posted in Announcements, Certification, Citrix, History, Software Technical Support | No Comments »
Saturday, October 11th, 2008
Seems railroad to it was a success: just got this message in my e-mail:
“Congratulations on passing your recent Microsoft Certification exam, inspiring confidence for your employer, your peers, and yourself with a widely-recognized validation of your skills on Microsoft technology.“
Because I haven’t done any exam since Windows Internals beta I assumed that I passed it and I was right! After registering at Microsoft certification site as MCP I was able to build my logo:
_1125.png)
Here is the link to Exam 70-660 information and required skills:
http://www.microsoft.com/learning/en/us/Exams/70-660.aspx
- Dmitry Vostokov @ DumpAnalysis.org -
Posted in Announcements, Assembly Language, Bugchecks Depicted, Certification, Citrix, Crash Dump Analysis, Debugging, Hardware, Kernel Development, Memory Analysis Forensics and Intelligence, Minidump Analysis, Software Technical Support, Tools, Training and Seminars, WinDbg Tips and Tricks | 6 Comments »