Chapter 1: Concepts and tools    Â
Windows operating system versions                            Â
Foundation concepts and terms  Â
Digging into Windows internals    Â
Conclusion
                          Â
Chapter 2:  System architecture    Â
Requirements and design goals    Â
Operating system model                       Â
Architecture overview                               Â
Virtualization-based security architecture overview                 Â
Key system components                         Â
Conclusion
                          Â
Chapter 3: Processes and jobs    Â
Creating a process      Â
Process internals        Â
Protected processesÂ
Minimal and Pico processes              Â
Trustlets (secure processes)Â Â Â Â Â Â Â Â Â Â Â Â Â
Flow of CreateProcess                                 Â
Terminating a process                             Â
Image loader                      Â
Jobs                                             Â
Conclusion
                          Â
Chapter 4: Threads     Â
Creating threads         Â
Thread internals        Â
Examining thread activity                   Â
Thread scheduling   Â
Group-based scheduling                       Â
Worker factories (thread pools)Â Â Â Â Â Â Â
Conclusion                          Â
Â
Chapter 5: Memory management Â
Introduction to the memory manager                       Â
Services provided by the memory manager         Â
Kernel-mode heaps (system memory pools)Â Â Â Â Â Â Â Â Â
Heap manager                  Â
Virtual address space layouts         Â
Address translationÂ
Page fault handling   Â
Stacks   Â
Virtual address descriptors             Â
NUMAÂ Â
Section objects              Â
Working sets                     Â
Page frame number database           Â
Physical memory limits                          Â
Memory compression                               Â
Memory partitions  Â
Memory combining Â
Memory enclaves        Â
Proactive memory management (SuperFetch)
Conclusion
                          Â
Chapter 6: I/O system   Â
I/O system components                          Â
Interrupt Request Levels and Deferred Procedure Calls       Â
Device drivers                 Â
I/O processing                 Â
Driver Verifier               Â
The Plug and Play manager                 Â
General driver loading and installation                   Â
The Windows Driver FoundationÂ
The power manager  Â
Conclusion Â
                        Â
Chapter 7: Security         Â
Security ratings           Â
Security system components          Â
Virtualization-based security        Â
Protecting objects     Â
The AuthZ APIÂ Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â
Account rights and privileges          Â
Access tokens of processes and threads                    Â
Security auditing       Â
AppContainers              Â
Logon     Â
User Account Control and virtualization               Â
Exploit mitigations  Â
Application Identification                   Â
AppLocker                           Â
Software Restriction Policies           Â
Kernel Patch Protection                         Â
PatchGuard                      Â
HyperGuard                      Â
Conclusion   Â