Greetings. David Solomon, coauthor of Windows Internals, Fifth Edition, has more training opportunities coming up. And David’s company, David Solomon Expert Seminars, is offering 15% off for TechNet Flash recipients and TechNet Subscribers.

Windows OS Internals and Sysinternals Training

London October 18-22

San Francisco November 8-12

Topic Outline

1. Introduction

2. Investigating Windows Internals

  • Source code programs
  • Books and articles
  • Tools (Kernel Debugger, Sysinternals)

3. Kernel Architecture

  • Kernel evolution
  • Processes & Threads
  • Address Space Layouts
  • Kernel integrity mechanisms
  • Memory Protection Model
  • Multiprocessor support
  • Executive, Kernel, and HAL
  • Environment Subsystem model
  • Sessions

4. System Mechanisms

  • Boot & Startup Process
  • System Threads
  • Environment subsystems
  • Service & Svchost internals
  • System Service Dispatching
  • Interrupts & DPCs
  • Time Accounting
  • Kernel Synchronization
  • Object Manager
  • System Shutdown

5. Security

  • Security Ratings
  • Security Components
  • Authentication
  • Authorization
  • Auditing, Impersonation and Privileges
  • Mandatory Integrity Levels
  • User Account Control

6. Processes, Threads and Thread Scheduling

  • Process, thread and job data structures
  • Process startup and exit
  • Priority Spectrum
  • Thread scheduling algorithms
  • Priority Boosting

7. I/O System

  • I/O System Components
  • Types of Drivers
  • Driver Operation
  • Plug-and-Play Manager
  • Power Manager
  • Vista/Server 2008 Enhancements
  • Troubleshooting I/O Problems

8. Memory Management

  • Core Mechanisms
  • Virtual Address Translation
  • Working Set Management
  • File System Cache Manager
  • Physical Memory Management
  • Superfetch
  • Paging Files

9. Crash Dump Analysis

  • Why Windows crashes
  • What happens at the crash
  • Basic crash dump analysis
  • Harder dump analysis
  • System hangs

David Solomon Expert Seminars provides Windows OS Internals classes featuring the Sysinternals tools. Topics include kernel architecture, memory management, thread scheduling, interrupt processing, time accounting, and crash dump analysis. This knowledge will help you help you troubleshoot difficult system problems as well as understand the true meaning behind key system performance counters.