Windows Internals for Windows 8 & Windows Server 2012

מק"ט: #4105 | משך קורס: 40 שעות אק'

The Windows OS exposes many advanced services to system programmers through the Windows API, and to device driver writers through the Kernel API. The .NET framework wraps these services and runs on top of the Windows API and the Kernel.

Good knowledge of what’s going on under the hood of the OS, which services are available and how to best utilize them helps in building better and more efficient software for Windows. This course discusses the internal workings of Windows and its exposed services, so they can be leveraged better by you!
 

הקורס פעיל לקבוצות מטעם ארגונים בלבד, ניתן לשלוח פנייה רק אם מדובר בקבוצה
*שדות חובה
PDF version

קהל יעד

Experienced windows programmers, interested in writing better programs, by getting a deeper understanding of the internal mechanisms of the windows operating system, as exposed by the Windows API and the Kernel API.

מטרות

Understand the underlying mechanism and advanced services of the windows OS and use that knowledge to write better and more efficient programs on windows 7, 8, Server 2008/R2 & 2012

תנאי קדם

  • Basic knowledge of OS concepts and architecture.
  • Practical experience developing windows application
  • C/C++ knowledge is an advantage
     

משך הקורס

משך הקורס הינו 40 שעות

נושאים

Module 1: System Architecture

 

  • Windows NT History
  • Basic Concepts
  • Windows Editions – Client, Server, Server Core
  • Tools: Windows, SysInternals, Debugging Tools
  • Processes, Threads, Virtual Memory
  • User mode vs. Kernel mode
  • Requirements and Design Goals
  • Architecture Overview
  • Key Components
  • APIs: Win32, Native, .NET, COM, WinRT
  • User/kernel transitions
  • Introduction to WinDbg
  • Lab: Task manager, Process Explorer, WinDbg

 

Module 2: Kernel Mechanisms

 

  • Trap Dispatching
  • Interrupts & Exceptions
  • System Crash
  • Object Management
  • Objects and Handles
  • Sharing Objects
  • Synchronization
  • Synchronization Primitives
  • Signaled vs. Non Signaled
  • Windows Global Flags
  • Advanced Local Procedure Calls (ALPC)
  • Kernel Event Tracing
  • Wow64
  • Lab: Viewing Handles, Interrupts; creating maximum handles

 

Module 3: Management Mechanisms

 

  • The Registry
  • Services
  • Starting and controlling services
  • The Task Scheduler
  • Windows Management Instrumentation
  • Kernel Transaction Manager
  • Lab: Viewing and configuring services; Process Monitor

 

Module 4: Processes & Threads

 

  • Multitasking and Multiprocessing
  • Process Internals & Data Structures
  • Prcessor Groups, 256 cores & NUMA overview
  • Creating and terminating processes
  • DLL explicit and implicit linking
  • The Portable Executable Format
  • Thread Internals
  • Creating Threads
  • Thread Priorities
  • Thread Scheduling
  • Thread Stacks
  • Thread States
  • Thread Synchronization
  • User Mode Scheduler
  • The C++ Concurrent Runtime & .NET Thread Parallel Extension
  • Jobs
  • Hyper-V Overview
  • Windows Compatibility Platfrom
  • Lab: creating threads; thread synchronization; viewing process & thread information

 

Module 5: Memory Management

 

  • Overview
  • Small and large pages
  • VMM Services
  • Memory states
  • Address Space Layout
  • Address Translation Mechanisms
  • APIs in User mode and Kernel mode
  • Page Faults
  • Workings Sets
  • Memory Mapped Files
  • Page Frame Database
  • Optimization Techniques
  • Lab: committing & reserving memory; using shared memory; viewing memory related information

 

Module 6: Security

 

  • Security System Components
  • Protecting Objects
  • User access control
  • Access Rights and Privileges
  • Auditing
  • Logon
  • Address space layout randomization
  • Session 0 Service Isolation
  • UIPI
  • Object Private Namespace
  • Lab: viewing security info with Process Explorer & psgetsid

 

Module 7: I/O System

 

  • I/O System overview
  • I/O Function
  • Device Drivers
  • The Windows Driver Model (WDM)
  • The Kernel Mode Driver Framework (KMDF)
  • I/O Processing and Data Flow
  • Plug & Play
  • Power Management
  • Mount VHD file & Boot from VHD & Windows 8 VHDX format
  • Windows Server 2012 – ReFS Overview
  • Windows 8 & Server 2012 Storage Space
  • Lab: viewing driver and device information

 

Module 8: Networking

 

  • Networking Architecture
  • Networking APIs
  • Redirectors
  • NDIS
  • Binding
  • Network Services
  • Windows Filtering Platform

 

Module 9: Introduction to Windows 8

 

  • The Windows 8 Start Screen
  • Desktop vs. Metro apps
  • App Snapping
  • Charms
  • The Application Bar
  • Application lifecycle
  • The Windows Runtime
  • COM for WinRT
  • C++/CX
  • C# & .NET for Windows 8 Applications
  • Application binary interface
  • Asynchrony in Metro
  • Capabilities
  • Lab: writing simple metro apps

 

Optional Appendix – .NET Interoperability Mechanisms (Requires extra day)

 

  • Marshaling Type
  • The Marshal class
  • Platform Invoke
  • COM Interoperability
  • C++/CLI
  • The .NET Windows 7 API Code Pack Library
תגיות