Für diesen Artikel ist leider kein Bild verfügbar.

Windows Internals, Part 1

System architecture, processes, threads, memory management, and more
2017 | 7th edition
Addison Wesley (Hersteller)
978-0-13-398648-8 (ISBN)
47,85 inkl. MwSt
  • Keine Verlagsinformationen verfügbar
  • Artikel merken
The definitive guide-fully updated for Windows 10 and Windows Server 2016



Delve inside Windows architecture and internals, and see how core components work behind the scenes. Led by a team of internals experts, this classic guide has been fully updated for Windows 10 and Windows Server 2016.

Whether you are a developer or an IT professional, you'll get critical, insider perspectives on how Windows operates. And through hands-on experiments, you'll experience its internal behavior firsthand-knowledge you can apply to improve application design, debugging, system performance, and support.





This book will help you:

* Understand the Window system architecture and its most important entities, such as processes and threads

* Examine how processes manage resources and threads scheduled for execution inside processes

* Observe how Windows manages virtual and physical memory

* Dig into the Windows I/O system and see how device drivers work and integrate with the rest of the system

* Go inside the Windows security model to see how it manages access, auditing, and authorization, and learn about the new mechanisms in Windows 10 and Server 2016

Pavel Yosifovich is a developer, trainer, and author specializing in Microsoft technologies and tools. He is a Microsoft MVP and a Pluralsight author, and loves all things software. Pavel has been around since the days of 8-bit machines and still looks back fondly on his programming days on his Commodore 64. Alex Ionescu is Vice President of EDR Strategy at CrowdStrike and an internationally recognized expert in low-level system software, operating system research and kernel development, security training, and reverse engineering. He teaches Windows Internals courses around the world and is active in the security research community through conference talks and bug bounty programs. Mark Russinovich is Chief Technology Officer for Microsoft Azure, Microsoft's global enterprise-grade cloud platform. Mark is a widely recognized expert in distributed systems and operating systems. He co-founded Winternals Software and joined Microsoft in 2006 when it was acquired. He is the primary author of the Sysinternals tools and website, which include dozens of popular Windows administration and diagnostic utilities. David Solomon (retired) taught Windows kernel internals for 20 years to developers and IT professionals worldwide, including at Microsoft. His first book was Windows NT for OpenVMS Professionals. He then authored Inside Windows NT, 2nd edition, and later, with Mark Russinovich, coauthored the 3rd, 4th, 5th, and 6th editions of the Windows Internals series. David has spoken at many Microsoft conferences and was a recipient of the 1993 and 2005 Microsoft Support Most Valuable Professional (MVP) award.

Chapter 1: Concepts and tools



Windows operating system versions

Foundation concepts and terms

Digging into Windows internals

Conclusion





Chapter 2: System architecture



Requirements and design goals

Operating system model

Architecture overview

Virtualization-based security architecture overview

Key system components

Conclusion





Chapter 3: Processes and jobs



Creating a process

Process internals

Protected processes

Minimal and Pico processes

Trustlets (secure processes)

Flow of CreateProcess

Terminating a process

Image loader

Jobs

Conclusion





Chapter 4: Threads



Creating threads

Thread internals

Examining thread activity

Thread scheduling

Group-based scheduling

Worker factories (thread pools)

Conclusion






Chapter 5: Memory management



Introduction to the memory manager

Services provided by the memory manager

Kernel-mode heaps (system memory pools)

Heap manager

Virtual address space layouts

Address translation

Page fault handling

Stacks

Virtual address descriptors

NUMA

Section objects

Working sets

Page frame number database

Physical memory limits

Memory compression

Memory partitions

Memory combining

Memory enclaves

Proactive memory management (SuperFetch)

Conclusion





Chapter 6: I/O system



I/O system components

Interrupt Request Levels and Deferred Procedure Calls

Device drivers

I/O processing

Driver Verifier

The Plug and Play manager

General driver loading and installation

The Windows Driver Foundation

The power manager

Conclusion





Chapter 7: Security



Security ratings

Security system components

Virtualization-based security

Protecting objects

The AuthZ API

Account rights and privileges

Access tokens of processes and threads

Security auditing

AppContainers

Logon

User Account Control and virtualization

Exploit mitigations

Application Identification

AppLocker

Software Restriction Policies

Kernel Patch Protection

PatchGuard

HyperGuard

Conclusion

Erscheint lt. Verlag 5.5.2017
Reihe/Serie Developer Reference
Verlagsort Boston
Sprache englisch
Gewicht 1 g
Themenwelt Informatik Betriebssysteme / Server Windows
Mathematik / Informatik Informatik Software Entwicklung
Informatik Weitere Themen Hardware
ISBN-10 0-13-398648-9 / 0133986489
ISBN-13 978-0-13-398648-8 / 9780133986488
Zustand Neuware
Haben Sie eine Frage zum Produkt?