Who it's for
Ideal for teams that…
1 Junior Windows system administrators
2 Helpdesk staff (L1 / L2)
3 IT specialists responsible for workstation maintenance
4 Administrators supporting end users
5 Individuals responsible for resolving incidents and problems in Windows 11 environments
Outcomes after the program
Cloud, automation and CI/CD in practice — hands-on for engineering teams.
✓
Have basic administrative knowledge of Windows 10 or Windows 11
✓
Understand concepts such as services, drivers, GPO, DNS, and user profiles
✓
Have experience working with Windows workstations in a corporate environment
✓
Have basic knowledge of PowerShell (recommended)
Program · 13 modules
What we actually do
M01
0. Training Kick-off and Organization
- · Workshop objectives, incident-based workflow, lab structure
- · How to document diagnostics (L2/L3 note format)
- · Overview of the lab environment and baseline (“what is considered normal”)
M02
1. Structured Approach to Windows 11 Troubleshooting
- · Workflow model: symptom → scope → hypotheses → data → fix → verification → prevention
- · Issue classification: boot / logon / network / policy / app / performance / security
- · “Quick triage”: what to check within 5 minutes (checklist)
- · Sources of truth: logs, ETW, tools, policies, configuration
M03
2. Diagnostic Foundations: Logs and Built-in Tools
- · Event Viewer: key channels (System, Application, Security, Microsoft-Windows-*)
- · Reliability Monitor: correlation of failures, updates, and drivers
- · Task Manager and Resource Monitor: CPU / RAM / Disk / Network (bottleneck identification)
- · Services / Scheduled Tasks: diagnosing “what triggers the issue”
- · Basics of evidence collection (log exports, screenshots, reports)
- · Participant receives a symptom (e.g. freezes, random restarts, applications not launching)
- · Data collection: Reliability Monitor + Event Viewer + Resource Monitor
- · Creation of a short note: hypotheses + confirmed/excluded causes
M04
3. System Startup and Recovery
- · Windows 11 boot flow (UEFI → Boot Manager → kernel → logon)
- · Recovery modes: WinRE, Safe Mode, Advanced Startup
- · Repair tools: Startup Repair, System Restore, Reset (when applicable)
- · System image repair: DISM / SFC – scenarios and pitfalls
- · Basics of boot/logon issue diagnostics (logs, recent changes, updates)
- · WinRE / Safe Mode → DISM + SFC → log verification
- · Drawing conclusions: root cause vs symptom + prevention recommendations
M05
4. Drivers, Devices, and Updates
- · Device Manager: common conflicts and symptoms
- · Driver Store management: pnputil, rollback, blocking problematic drivers
- · Windows Update and drivers: when an update “breaks” functionality
- · BSOD diagnostics basics (L2 level): where to look and what to collect (minidumps)
- · Identifying the faulty driver or update
- · Rollback / removal / blocking + repair confirmation
M06
5. Sysinternals in Diagnostics (L2/L3 Essentials)
- · Process Explorer: handles, process tree, signatures, dependencies
- · Autoruns: startup items, services, scheduled tasks, browsers
- · ProcMon: filters and classic scenarios (ACCESS DENIED, missing file/registry)
- · TCPView: quick connection diagnostics
- · Sigcheck: file signature and reputation verification
- · Identifying missing files/keys, access denial, or policy issues
- · Fix and validation (before/after)
M07
6. PowerShell – Diagnostics Starter Pack
- · Get-WinEvent (filtering), Get-Service, Get-Process
- · System snapshot (mini “health check” script)
- · Best practices: what to automate and what not to automate
M08
7. Network Troubleshooting (Windows 11 Client)
- · Problem layers: link → IP → routing → DNS → application
- · Tools: ipconfig, ping, tracert/pathping, nslookup, netsh
- · PowerShell: Test-NetConnection, Get-NetIPConfiguration, Get-DnsClientCache
- · Common corporate issues: DNS suffix, proxy, split tunneling, captive portal, routing conflicts
- · Scenario: DNS + routing / proxy / firewall
- · Identifying the root cause and documenting fix + verification
M09
8. VPN and Remote Access Diagnostics
- · Types of issues: authentication vs tunnel vs resource access
- · Logs and system locations containing relevant errors
- · Common hybrid-work symptoms (home + office)
- · Analysis of routes, DNS, firewall rules, split/full tunnel
- · Fix and final testing
M10
9. Group Policy – Client-side Diagnostics
- · GPO processing logic (order, inheritance, priorities)
- · Common pitfalls: loopback, security filtering, WMI filters, policy conflicts
- · Tools: gpresult /h, rsop.msc, GroupPolicy/Operational logs
- · Diagnostics of logon scripts, mappings, printers, and settings
- · Creating a gpresult report and identifying the failure point
- · Fixing filters/conflicts and confirming deployment
M11
10. MDM / Intune and Hybrid Environment Diagnostics (Client-side)
- · Where to check device management state (AADJ / Hybrid / Workplace)
- · Symptom differences: GPO vs MDM policies
- · Basics: what to check when “policies are not applied”
- · Quick checklist: device state + synchronization + logs
M12
11. Security as a Source of Issues
- · Defender: detections, quarantine, blocks, file reputation
- · Firewall: profiles, rules, common blocks (applications / ports)
- · SmartScreen / application control (common launch blocks)
- · BitLocker: recovery, TPM, post-change scenarios (firmware / boot)
- · Identifying the blocking mechanism (Defender / Firewall / SmartScreen / BitLocker)
- · Fix and prevention recommendations (without weakening security)
M13
12. PowerShell – Network, Policies, and Security
- · Test-NetConnection, Get-NetFirewallRule (basics), quick configuration snapshots
- · Exporting reports to files (for escalation)
Every module is adapted to your stack and context. The above is a starting point — not a fixed agenda.
How we work
From brief to retro in 30 days.
01
Brief & diagnosis
A call with the team lead + a short survey for participants. We define goals, gap and context.
02
Program customization
We adapt modules, case studies and code examples to your stack. Approval in 5 days.
03
Workshop
Trainer-led sessions, hands-on, code review. Mentor available between sessions too.
04
Retro + report
Outcome report for the team and lead. 30 days of consulting included.
Inquiry
Send a brief. We'll reply within 1 day.
After a short brief we'll prepare a program and a quote. No obligations — it's just a starting point.
✓Quote within 48h of the brief
✓First session within 30 days
✓Pilot before the full decision
✓VAT invoice, payment in instalments possible
Thank you!
We'll get back to you within 1 business day.
Other programs for teams
See all →Cloud & DevOps
Advanced Ansible Training
Cloud, automation and CI/CD in practice — hands-on for engineering teams.
Cloud & DevOps →
Cloud & DevOps
Advanced Linux System Administration Training
Cloud, automation and CI/CD in practice — hands-on for engineering teams.
Cloud & DevOps →
Cloud & DevOps
Ansible Basic Training
Cloud, automation and CI/CD in practice — hands-on for engineering teams.
Cloud & DevOps →