I'm a student
I'm an educator
Request full copy

Windows Internals, Part 1: System architecture, processes, threads, memory management, and more, 7th edition

Published by Microsoft Press (May 5, 2017) © 2017

  • Pavel Yosifovich
  • Mark E. Russinovich
  • Alex Ionescu
  • David A. Solomon

eTextbook

$57.99

  • Available for purchase from all major ebook resellers, including InformIT.com.
  • To request a review copy, click on the "Request a Review Copy" button.
$47.99

  • A print text (hardcover or paperback) 
  • Free shipping
  • Also available for purchase as an ebook from all major ebook resellers, including InformIT.com

Delve inside Windows architecture and internals - and see how core components work behind the scenes. This classic guide has been fully updated for Windows 10 and Windows Server 2016.

  • Delve inside Windows architecture and internals
  • See how core components work behind the scenes
  • Experience internal behavior firsthand
fully updated for Windows 10 and Windows Server 2016, and now presents its coverage in three volumes: Book 1, User Mode; Book 2, Kernel Mode; Book 3, Device Driver Models.

The full text downloaded to your computer

With eBooks you can:

  • search for key concepts, words and phrases
  • make highlights and notes as you study
  • share your notes with friends

eBooks are downloaded to your computer and accessible either offline through the Bookshelf (available as a free download), available online and also via the iPad and Android apps.

Upon purchase, you'll gain instant access to this eBook.

Chapter 1: Concepts and tools       

Windows operating system versions                             

Foundation concepts and terms   

Digging into Windows internals     

Conclusion

                           

Chapter 2:  System architecture     

Requirements and design goals     

Operating system model                        

Architecture overview                                

Virtualization-based security architecture overview                  

Key system components                          

Conclusion

                           

Chapter 3: Processes and jobs        

Creating a process       

Process internals         

Protected processes 

Minimal and Pico processes               

Trustlets (secure processes)             

Flow of CreateProcess                                  

Terminating a process                              

Image loader                       

Jobs                                               

Conclusion

                           

Chapter 4: Threads          

Creating threads          

Thread internals         

Examining thread activity                    

Thread scheduling    

Group-based scheduling                        

Worker factories (thread pools)       

Conclusion                           


Chapter 5: Memory management  

Introduction to the memory manager                        

Services provided by the memory manager          

Kernel-mode heaps (system memory pools)         

Heap manager                   

Virtual address space layouts          

Address translation 

Page fault handling    

Stacks    

Virtual address descriptors              

NUMA  

Section objects               

Working sets                      

Page frame number database            

Physical memory limits                           

Memory compression                                

Memory partitions   

Memory combining  

Memory enclaves         

Proactive memory management (SuperFetch)

Conclusion

                           

Chapter 6: I/O system     

I/O system components                           

Interrupt Request Levels and Deferred Procedure Calls        

Device drivers                  

I/O processing                  

Driver Verifier                

The Plug and Play manager                  

General driver loading and installation                    

The Windows Driver Foundation 

The power manager   

Conclusion  

                         

Chapter 7: Security          

Security ratings            

Security system components           

Virtualization-based security         

Protecting objects      

The AuthZ API                

Account rights and privileges           

Access tokens of processes and threads                     

Security auditing        

AppContainers               

Logon      

User Account Control and virtualization                

Exploit mitigations   

Application Identification                    

AppLocker                            

Software Restriction Policies            

Kernel Patch Protection                          

PatchGuard                       

HyperGuard                       

Conclusion                           

 

Need help? Get in touch

Video
Play
Privacy and cookies
By watching, you agree Pearson can share your viewership data for marketing and analytics for one year, revocable by deleting your cookies.

Video transcript (PDF | 16KB) 

Pearson eTextbook: What’s on the inside just might surprise you

They say you can’t judge a book by its cover. It’s the same with your students. Meet each one right where they are with an engaging, interactive, personalized learning experience that goes beyond the textbook to fit any schedule, any budget, and any lifestyle. 

Digital Learning NOW

Extend your professional development and meet your students where they are with free weekly Digital Learning NOW webinars. Attend live, watch on-demand, or listen at your leisure to expand your teaching strategies. Earn digital professional development badges for attending a live session.

Explore webinars