Premium Members Get 10% Off and Earn Rewards Find Out More
Windows Internals: System architecture, processes, threads, memory management, and more, Part 1

Windows Internals: System architecture, processes, threads, memory management, and more, Part 1

Windows Internals: System architecture, processes, threads, memory management, and more, Part 1

Windows Internals: System architecture, processes, threads, memory management, and more, Part 1

Overview

The definitive guide–fully updated for Windows 10 and Windows Server 2016

 

Delve inside Windows architecture and internals, and see how core components work behind the scenes. Led by a team of internals experts, this classic guide has been fully updated for Windows 10 and Windows Server 2016.

Whether you are a developer or an IT professional, you’ll get critical, insider perspectives on how Windows operates. And through hands-on experiments, you’ll experience its internal behavior firsthand–knowledge you can apply to improve application design, debugging, system performance, and support.

 

 

This book will help you:

·        Understand the Window system architecture and its most important entities, such as processes and threads

·        Examine how processes manage resources and threads scheduled for execution inside processes

·        Observe how Windows manages virtual and physical memory

·        Dig into the Windows I/O system and see how device drivers work and integrate with the rest of the system

·        Go inside the Windows security model to see how it manages access, auditing, and authorization, and learn about the new mechanisms in Windows 10 and Server 2016

Product Details

ISBN-13: 9780133986464
Publisher: Pearson Education
Publication date: 05/05/2017
Series: Developer Reference
Sold by: Barnes & Noble
Format: eBook
Pages: 800
Sales rank: 862,836
File size: 86 MB
Note: This product may take a few minutes to download.

About the Author

Pavel Yosifovich is a developer, trainer, and author specializing in Microsoft technologies and tools. He is a Microsoft MVP and a Pluralsight author, and loves all things software. Pavel has been around since the days of 8-bit machines and still looks back fondly on his programming days on his Commodore 64.

 

Alex Ionescu is Vice President of EDR Strategy at CrowdStrike and an internationally recognized expert in low-level system software, operating system research and kernel development, security training, and reverse engineering. He teaches Windows Internals courses around the world and is active in the security research community through conference talks and bug bounty programs.

 

Mark Russinovich is Chief Technology Officer for Microsoft Azure, Microsoft’s global enterprise-grade cloud platform. Mark is a widely recognized expert in distributed systems and operating systems. He co-founded Winternals Software and joined Microsoft in 2006 when it was acquired. He is the primary author of the Sysinternals tools and website, which include dozens of popular Windows administration and diagnostic utilities.

 

David Solomon (retired) taught Windows kernel internals for 20 years to developers and IT professionals worldwide, including at Microsoft. His first book was Windows NT for OpenVMS Professionals. He then authored Inside Windows NT, 2nd edition, and later, with Mark Russinovich, coauthored the 3rd, 4th, 5th, and 6th editions of the Windows Internals series. David has spoken at many Microsoft conferences and was a recipient of the 1993 and 2005 Microsoft Support Most Valuable Professional (MVP) award.                      

Table of Contents

Chapter 1: Concepts and tools       

Windows operating system versions                             

Foundation concepts and terms   

Digging into Windows internals     

Conclusion

                           

Chapter 2:  System architecture     

Requirements and design goals     

Operating system model                        

Architecture overview                                

Virtualization-based security architecture overview                  

Key system components                          

Conclusion

                           

Chapter 3: Processes and jobs        

Creating a process       

Process internals         

Protected processes 

Minimal and Pico processes               

Trustlets (secure processes)             

Flow of CreateProcess                                  

Terminating a process                              

Image loader                       

Jobs                                               

Conclusion

                           

Chapter 4: Threads          

Creating threads          

Thread internals         

Examining thread activity                    

Thread scheduling    

Group-based scheduling                        

Worker factories (thread pools)       

Conclusion                           

 

Chapter 5: Memory management  

Introduction to the memory manager                        

Services provided by the memory manager          

Kernel-mode heaps (system memory pools)         

Heap manager                   

Virtual address space layouts          

Address translation 

Page fault handling    

Stacks    

Virtual address descriptors              

NUMA  

Section objects               

Working sets                      

Page frame number database            

Physical memory limits                           

Memory compression                                

Memory partitions   

Memory combining  

Memory enclaves         

Proactive memory management (SuperFetch)

Conclusion

                           

Chapter 6: I/O system     

I/O system components                           

Interrupt Request Levels and Deferred Procedure Calls        

Device drivers                  

I/O processing                  

Driver Verifier                

The Plug and Play manager                  

General driver loading and installation                    

The Windows Driver Foundation 

The power manager   

Conclusion  

                         

Chapter 7: Security          

Security ratings            

Security system components           

Virtualization-based security         

Protecting objects      

The AuthZ API                

Account rights and privileges           

Access tokens of processes and threads                     

Security auditing        

AppContainers               

Logon      

User Account Control and virtualization                

Exploit mitigations   

Application Identification                    

AppLocker                            

Software Restriction Policies            

Kernel Patch Protection                          

PatchGuard                       

HyperGuard                       

Conclusion     

From the B&N Reads Blog
Page 1 of

Related Subjects

Computers
Operating Systems
Windows
Windows NT
Operating Systems * Windows NT
Computers
Operating Systems
Windows
Windows NT
Operating Systems * Windows NT

Customer Reviews