Windows Internals, Part 1: System architecture, processes, threads, memory management, and more, 7th edition
Published by Microsoft Press (May 5, 2017) © 2017
- Pavel Yosifovich
- Mark E. Russinovich
- Alex Ionescu
- David A. Solomon
eTextbook
- Available for purchase from all major ebook resellers, including InformIT.com.
- To request a review copy, click on the "Request a Review Copy" button.
- A print text (hardcover or paperback)Â
- Free shipping
- Also available for purchase as an ebook from all major ebook resellers, including InformIT.com
Delve inside Windows architecture and internals - and see how core components work behind the scenes. This classic guide has been fully updated for Windows 10 and Windows Server 2016.
- Delve inside Windows architecture and internals
- See how core components work behind the scenes
- Experience internal behavior firsthand
The full text downloaded to your computer
With eBooks you can:
- search for key concepts, words and phrases
- make highlights and notes as you study
- share your notes with friends
eBooks are downloaded to your computer and accessible either offline through the Bookshelf (available as a free download), available online and also via the iPad and Android apps.
Upon purchase, you'll gain instant access to this eBook.
Chapter 1: Concepts and tools    Â
Windows operating system versions                            Â
Foundation concepts and terms  Â
Digging into Windows internals    Â
Conclusion
                          Â
Chapter 2:  System architecture    Â
Requirements and design goals    Â
Operating system model                       Â
Architecture overview                               Â
Virtualization-based security architecture overview                 Â
Key system components                         Â
Conclusion
                          Â
Chapter 3: Processes and jobs    Â
Creating a process      Â
Process internals        Â
Protected processesÂ
Minimal and Pico processes              Â
Trustlets (secure processes)Â Â Â Â Â Â Â Â Â Â Â Â Â
Flow of CreateProcess                                 Â
Terminating a process                             Â
Image loader                      Â
Jobs                                             Â
Conclusion
                          Â
Chapter 4: Threads     Â
Creating threads         Â
Thread internals        Â
Examining thread activity                   Â
Thread scheduling   Â
Group-based scheduling                       Â
Worker factories (thread pools)Â Â Â Â Â Â Â
Conclusion                          Â
Chapter 5: Memory management Â
Introduction to the memory manager                       Â
Services provided by the memory manager         Â
Kernel-mode heaps (system memory pools)Â Â Â Â Â Â Â Â Â
Heap manager                  Â
Virtual address space layouts         Â
Address translationÂ
Page fault handling   Â
Stacks   Â
Virtual address descriptors             Â
NUMAÂ Â
Section objects              Â
Working sets                     Â
Page frame number database           Â
Physical memory limits                          Â
Memory compression                               Â
Memory partitions  Â
Memory combining Â
Memory enclaves        Â
Proactive memory management (SuperFetch)
Conclusion
                          Â
Chapter 6: I/O system   Â
I/O system components                          Â
Interrupt Request Levels and Deferred Procedure Calls       Â
Device drivers                 Â
I/O processing                 Â
Driver Verifier               Â
The Plug and Play manager                 Â
General driver loading and installation                   Â
The Windows Driver FoundationÂ
The power manager  Â
Conclusion Â
                        Â
Chapter 7: Security         Â
Security ratings           Â
Security system components          Â
Virtualization-based security        Â
Protecting objects     Â
The AuthZ APIÂ Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â
Account rights and privileges          Â
Access tokens of processes and threads                    Â
Security auditing       Â
AppContainers              Â
Logon     Â
User Account Control and virtualization               Â
Exploit mitigations  Â
Application Identification                   Â
AppLocker                           Â
Software Restriction Policies           Â
Kernel Patch Protection                         Â
PatchGuard                      Â
HyperGuard                      Â
Conclusion                          Â
Â
Need help? Get in touch