Scribd Logo
Upload

Welcome to Scribd!

  • User Mode I. System Support Processes: de Leon - Dolliente - Gayeta - Rondilla It201 - Platform Technology - TP

    Uploaded by

    Cariza Dolliente
    27 views6 pages
    The document discusses the different components and processes that make up the user mode and kernel mode in an operating system. In user mode, it describes system support processes like the Service Control Manager and Lssas that manage services and security. It also discusses service processes like SVCHost and Spooler, as well as applications like Task Manager and Windows Explorer. Kernel mode contains system threads, a system service dispatcher, kernel-callable interfaces like the I/O Manager and File System Cache, and components like the Virtual Memory and Security Reference Monitor.

    Original Description:

    Original Title

    CASE_STUDY.docx

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document discusses the different components and processes that make up the user mode and kernel mode in an operating system. In user mode, it describes system support processes like the Service Control Manager and Lssas that manage services and security. It also discusses service processes like SVCHost and Spooler, as well as applications like Task Manager and Windows Explorer. Kernel mode contains system threads, a system service dispatcher, kernel-callable interfaces like the I/O Manager and File System Cache, and components like the Virtual Memory and Security Reference Monitor.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    27 views6 pages

    User Mode I. System Support Processes: de Leon - Dolliente - Gayeta - Rondilla It201 - Platform Technology - TP

    Uploaded by

    Cariza Dolliente
    The document discusses the different components and processes that make up the user mode and kernel mode in an operating system. In user mode, it describes system support processes like the Service Control Manager and Lssas that manage services and security. It also discusses service processes like SVCHost and Spooler, as well as applications like Task Manager and Windows Explorer. Kernel mode contains system threads, a system service dispatcher, kernel-callable interfaces like the I/O Manager and File System Cache, and components like the Virtual Memory and Security Reference Monitor.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    of 6

    USER MODE

    I. SYSTEM SUPPORT PROCESSES

     Service Control Manager

    - It is a special system process under the Windows NT family of


    operating systems, which starts, stops and interacts with Windows
    service processes.

     Lssas

    - Also known as Local Security Authority Subsystem Service. It is


    responsible for the enforcement of security policies within Microsoft's
    Operating Systems.

     Winlogon

    - A crucial process for a Windows system. It runs in the background


    and rarely interferes with normal functioning of the system.

     Session Manager

    - Allows you to save the current state of Firefox (history, text data,
    cookies) and return to that state at any later moment. All sessions are
    stored in the "sessions" folder inside your profile directory and can be
    moved around as any other file.

    II. SERVICE PROCESSES

     SVCHost.exe

    - It is a generic host process name for services that run from dynamic-
    link libraries.

     Winmgmt.exe

    DE LEON | DOLLIENTE | GAYETA | RONDILLA IT201 | PLATFORM TECHNOLOGY - TP


    - It is a core component of client management in Windows. This process
    initializes when the first client application connects, or runs
    continuously when management applications request its services.

     Spooler

    - The print spooler is a Windows service that manages all the print jobs
    which you send to your printer.

     Services.exe

    - Services and Controller app this process is the service management


    manager and is responsible for starting, stopping, and interacting with
    system processes. This process cannot be stopped by the task
    manager.

    III. APPLICATIONS

     Task Manager

    - Responsible for monitoring the program. You can also monitor and end
    system processes running in the background, which is helpful when
    you need to stop a spyware or virus from operating.

     Windows Explorer

    - The main function of Windows Explorer is to provide a graphic


    interface to navigate the hard drive and display the contents of the sub
    folders and folders used to organize files on the hard disk.

     User Application / Subsystem Dll’s

    - External applications usually downloaded or copied to install within the


    system. The role of the subsystem DLLs is to translate a documented

    DE LEON | DOLLIENTE | GAYETA | RONDILLA IT201 | PLATFORM TECHNOLOGY - TP


    function into the appropriate internal (and generally undocumented)
    native system service calls.

    IV. ENVIRONMENT SUBSYSTEMS

    It allows running of applications developed for the given platform (ex.


    Windows).

     POSIX

    - Stands for Portable Operating System Interface. Set of standards for


    Operating System designs with compatibility for different OS (EX.
    Linux, Unix, Windows). Differs OS design from application design.

     Win32

    - Used for developing and running 32-bit applications.

    V. Ntdll.dll

    - It is a file created by Microsoft that has a description of "NT Layer DLL"


    and is the file that contains NT kernel functions.

    KERNEL MODE

    I. SYSTEM THREADS

    - small units of process that occur inside the kernel

    II. SYSTEM SERVICE DISPATCHER

    - The dispatcher handles the routing requests and balances the load of
    user requests

    III. (KERNEL-MODE CALLABLE INTERFACES

     I/O Manager

    DE LEON | DOLLIENTE | GAYETA | RONDILLA IT201 | PLATFORM TECHNOLOGY - TP


    - Integrates various networking components, including the following: File
    system drivers Networking Protocols Network adapter card drivers.

     File System Cache

    - Holds data that was recently read from the disk, making it possible for
    subsequent requests to obtain data from cache rather than having to
    read it again from the disk.

     Object Manager

    - An object consists of a standard header and object-specific attributes.


    Because all objects have the same structure, there is a single object
    manager in windows that maintains all objects.

     Plug-and-Play Manager

    - Primary component involved in supporting the ability of Windows to


    recognize and adapt to changing hardware configurations. A user
    doesn’t need to understand the intricacies of hardware or manual
    configuration to install and remove devices.

     Power Manager

    - A computing device feature that allows users to control the amount of


    electrical power consumed by an underlying device, with minimal
    impact on performance. It enables the switching of devices in various
    power modes, each with different power usage characteristics related
    to device performance.

     Security Reference Monitor

    - A component of the Microsoft Windows NT executive running in kernel


    mode that acts like a security watchdog, enforcing security when
    applications try to access system resources.

    DE LEON | DOLLIENTE | GAYETA | RONDILLA IT201 | PLATFORM TECHNOLOGY - TP


     Virtual Memory

    - A memory management technique that is implemented using both


    hardware and software. It maps memory addresses used by a
    program, called virtual addresses, into physical addresses in computer
    memory. Main storage as seen by a process or task appears as a
    contiguous address space or collection of contiguous segments.

     Processes and Threads

    - Process is an executing instance of a program whereas Thread is the


    smallest unit of process. The process can be divided into multiple
    threads whereas Thread cannot be divided. It may also be considered
    as a task whereas Thread may be considered as a task lightweight
    process.

     Configuration Manager (Registry)

    - Provide support to project teams in configuring and base-lining project


    items. It also prepares configuration documentations and maintain
    Configuration Management (CM) database.

     Local Procedure Call

    - A high speed message based communication mechanism


    implemented in the NT kernel. LPC can be used for communication
    between two user mode processes, between a user mode process and
    a kernel mode driver or between two kernel mode drivers.

    IV. Win32 USER, GDI

    - contains user account information in the computer

    V. GRAPHICS DRIVERS

    DE LEON | DOLLIENTE | GAYETA | RONDILLA IT201 | PLATFORM TECHNOLOGY - TP


    - allows your computer system to use and control the installed graphics
    hardware (ex. video card)

    VI. DEVICE AND FILE SYSTEM DRIVERS

    - Applications necessary for an OS to use the different devices


    connected to the computer system (ex. printer, keyboard).

    VII. KERNEL

    - Center of the Operating System and acts as a bridge between


    applications, processes and hardware. It is also used for resource,
    hardware, and data management in the computer system.

    VIII. HARDWARE ABSTRACTION LAYER (HAL)

    - A layer of programming that allows a computer operating system to


    interact with a hardware device at a general or abstract level rather
    than at a detailed hardware level.

    DE LEON | DOLLIENTE | GAYETA | RONDILLA IT201 | PLATFORM TECHNOLOGY - TP

    You might also like