I'm a studentI'm an educator

Windows Internals, Part 1: System architecture, processes, threads, memory management, and more, 7th edition

Published by Microsoft Press (May 5, 2017) © 2017

  • Pavel Yosifovich
  • Mark E. Russinovich
  • Alex Ionescu
  • David A. Solomon
  • David A. Solomon
Products list
$57.99
Buy nowOpens in a new tab
Sold by InformIT and ebook resellers
  • Available for purchase from all major ebook resellers, including InformIT.com
Products list
$47.99

Price Reduced From: $59.99

Details

  • A print text
  • Free shipping
  • Also available for purchase as an ebook from all major ebook resellers, including InformIT.com

This product is expected to ship within 3-6 business days for US and 5-10 business days for Canadian customers.

Delve inside Windows architecture and internals - and see how core components work behind the scenes. This classic guide has been fully updated for Windows 10 and Windows Server 2016.

Chapter 1: Concepts and tools       

Windows operating system versions                             

Foundation concepts and terms   

Digging into Windows internals     

Conclusion

                           

Chapter 2:  System architecture     

Requirements and design goals     

Operating system model                        

Architecture overview                                

Virtualization-based security architecture overview                  

Key system components                          

Conclusion

                           

Chapter 3: Processes and jobs        

Creating a process       

Process internals         

Protected processes 

Minimal and Pico processes               

Trustlets (secure processes)             

Flow of CreateProcess                                  

Terminating a process                              

Image loader                       

Jobs                                               

Conclusion

                           

Chapter 4: Threads          

Creating threads          

Thread internals         

Examining thread activity                    

Thread scheduling    

Group-based scheduling                        

Worker factories (thread pools)       

Conclusion                           

 

Chapter 5: Memory management  

Introduction to the memory manager                        

Services provided by the memory manager          

Kernel-mode heaps (system memory pools)         

Heap manager                   

Virtual address space layouts          

Address translation 

Page fault handling    

Stacks    

Virtual address descriptors              

NUMA  

Section objects               

Working sets                      

Page frame number database            

Physical memory limits                           

Memory compression                                

Memory partitions   

Memory combining  

Memory enclaves         

Proactive memory management (SuperFetch)

Conclusion

                           

Chapter 6: I/O system     

I/O system components                           

Interrupt Request Levels and Deferred Procedure Calls        

Device drivers                  

I/O processing                  

Driver Verifier                

The Plug and Play manager                  

General driver loading and installation                    

The Windows Driver Foundation 

The power manager   

Conclusion  

                         

Chapter 7: Security          

Security ratings            

Security system components           

Virtualization-based security         

Protecting objects      

The AuthZ API                

Account rights and privileges           

Access tokens of processes and threads                     

Security auditing        

AppContainers               

Logon      

User Account Control and virtualization                

Exploit mitigations   

Application Identification                    

AppLocker                            

Software Restriction Policies            

Kernel Patch Protection                          

PatchGuard                       

HyperGuard                       

Conclusion     

Need help? Get in touch