Windows Internals, Part 1
Addison Wesley (Hersteller)
978-0-13-398648-8 (ISBN)
- Keine Verlagsinformationen verfügbar
- Artikel merken
Delve inside Windows architecture and internals, and see how core components work behind the scenes. Led by a team of internals experts, this classic guide has been fully updated for Windows 10 and Windows Server 2016.
Whether you are a developer or an IT professional, you'll get critical, insider perspectives on how Windows operates. And through hands-on experiments, you'll experience its internal behavior firsthand-knowledge you can apply to improve application design, debugging, system performance, and support.
This book will help you:
* Understand the Window system architecture and its most important entities, such as processes and threads
* Examine how processes manage resources and threads scheduled for execution inside processes
* Observe how Windows manages virtual and physical memory
* Dig into the Windows I/O system and see how device drivers work and integrate with the rest of the system
* Go inside the Windows security model to see how it manages access, auditing, and authorization, and learn about the new mechanisms in Windows 10 and Server 2016
Pavel Yosifovich is a developer, trainer, and author specializing in Microsoft technologies and tools. He is a Microsoft MVP and a Pluralsight author, and loves all things software. Pavel has been around since the days of 8-bit machines and still looks back fondly on his programming days on his Commodore 64. Alex Ionescu is Vice President of EDR Strategy at CrowdStrike and an internationally recognized expert in low-level system software, operating system research and kernel development, security training, and reverse engineering. He teaches Windows Internals courses around the world and is active in the security research community through conference talks and bug bounty programs. Mark Russinovich is Chief Technology Officer for Microsoft Azure, Microsoft's global enterprise-grade cloud platform. Mark is a widely recognized expert in distributed systems and operating systems. He co-founded Winternals Software and joined Microsoft in 2006 when it was acquired. He is the primary author of the Sysinternals tools and website, which include dozens of popular Windows administration and diagnostic utilities. David Solomon (retired) taught Windows kernel internals for 20 years to developers and IT professionals worldwide, including at Microsoft. His first book was Windows NT for OpenVMS Professionals. He then authored Inside Windows NT, 2nd edition, and later, with Mark Russinovich, coauthored the 3rd, 4th, 5th, and 6th editions of the Windows Internals series. David has spoken at many Microsoft conferences and was a recipient of the 1993 and 2005 Microsoft Support Most Valuable Professional (MVP) award.
Chapter 1: Concepts and tools
Windows operating system versions
Foundation concepts and terms
Digging into Windows internals
Conclusion
Chapter 2: System architecture
Requirements and design goals
Operating system model
Architecture overview
Virtualization-based security architecture overview
Key system components
Conclusion
Chapter 3: Processes and jobs
Creating a process
Process internals
Protected processes
Minimal and Pico processes
Trustlets (secure processes)
Flow of CreateProcess
Terminating a process
Image loader
Jobs
Conclusion
Chapter 4: Threads
Creating threads
Thread internals
Examining thread activity
Thread scheduling
Group-based scheduling
Worker factories (thread pools)
Conclusion
Chapter 5: Memory management
Introduction to the memory manager
Services provided by the memory manager
Kernel-mode heaps (system memory pools)
Heap manager
Virtual address space layouts
Address translation
Page fault handling
Stacks
Virtual address descriptors
NUMA
Section objects
Working sets
Page frame number database
Physical memory limits
Memory compression
Memory partitions
Memory combining
Memory enclaves
Proactive memory management (SuperFetch)
Conclusion
Chapter 6: I/O system
I/O system components
Interrupt Request Levels and Deferred Procedure Calls
Device drivers
I/O processing
Driver Verifier
The Plug and Play manager
General driver loading and installation
The Windows Driver Foundation
The power manager
Conclusion
Chapter 7: Security
Security ratings
Security system components
Virtualization-based security
Protecting objects
The AuthZ API
Account rights and privileges
Access tokens of processes and threads
Security auditing
AppContainers
Logon
User Account Control and virtualization
Exploit mitigations
Application Identification
AppLocker
Software Restriction Policies
Kernel Patch Protection
PatchGuard
HyperGuard
Conclusion
Erscheint lt. Verlag | 5.5.2017 |
---|---|
Reihe/Serie | Developer Reference |
Verlagsort | Boston |
Sprache | englisch |
Gewicht | 1 g |
Themenwelt | Informatik ► Betriebssysteme / Server ► Windows |
Mathematik / Informatik ► Informatik ► Software Entwicklung | |
Informatik ► Weitere Themen ► Hardware | |
ISBN-10 | 0-13-398648-9 / 0133986489 |
ISBN-13 | 978-0-13-398648-8 / 9780133986488 |
Zustand | Neuware |
Haben Sie eine Frage zum Produkt? |