This eBook includes the following formats, accessible from your Account page after purchase:
EPUB The open industry format known for its reflowable content and usability on supported mobile devices.
PDF The popular standard, used most often with the free Adobe® Reader® software.
This eBook requires no passwords or activation to read. We customize your eBook by discreetly watermarking it with your name, making it uniquely yours.
Also available in other formats.
Register your product to gain access to bonus material or receive a coupon.
The definitive guide–fully updated for Windows 10 and Windows Server 2016
Delve inside Windows architecture and internals, and see how core components work behind the scenes. Led by a team of internals experts, this classic guide has been fully updated for Windows 10 and Windows Server 2016.
Whether you are a developer or an IT professional, you’ll get critical, insider perspectives on how Windows operates. And through hands-on experiments, you’ll experience its internal behavior firsthand–knowledge you can apply to improve application design, debugging, system performance, and support.
This book will help you:
· Understand the Window system architecture and its most important entities, such as processes and threads
· Examine how processes manage resources and threads scheduled for execution inside processes
· Observe how Windows manages virtual and physical memory
· Dig into the Windows I/O system and see how device drivers work and integrate with the rest of the system
· Go inside the Windows security model to see how it manages access, auditing, and authorization, and learn about the new mechanisms in Windows 10 and Server 2016
Chapter 1: Concepts and tools
Windows operating system versions
Foundation concepts and terms
Digging into Windows internals
Chapter 2: System architecture
Requirements and design goals
Operating system model
Virtualization-based security architecture overview
Key system components
Chapter 3: Processes and jobs
Creating a process
Minimal and Pico processes
Trustlets (secure processes)
Flow of CreateProcess
Terminating a process
Chapter 4: Threads
Examining thread activity
Worker factories (thread pools)
Chapter 5: Memory management
Introduction to the memory manager
Services provided by the memory manager
Kernel-mode heaps (system memory pools)
Virtual address space layouts
Page fault handling
Virtual address descriptors
Page frame number database
Physical memory limits
Proactive memory management (SuperFetch)
Chapter 6: I/O system
I/O system components
Interrupt Request Levels and Deferred Procedure Calls
The Plug and Play manager
General driver loading and installation
The Windows Driver Foundation
The power manager
Chapter 7: Security
Security system components
The AuthZ API
Account rights and privileges
Access tokens of processes and threads
User Account Control and virtualization
Software Restriction Policies
Kernel Patch Protection
We've made every effort to ensure the accuracy of this book and its companion content. Any errors that have been confirmed since this book was published can be downloaded below.