HBFITES Data Center, Collaboration, Security, Storage, Wireless, Telepresence Training +91-9886770046 info@hbfites.com

OSF - Operating System Fundamentals

Description

Have you ever wondered what's under the hood of a modern operating system? How does it work? How can I make it better? What components are vulnerable to attacks? All of these questions and more can be answered in our O/S Fundamentals class. This class gives you a firm understanding of the latest Operating Systems used worldwide as well as advanced information that will help you immensely in our Malware and Exploitation courses.

Starting with the Microsoft O/S we teach registry management, memory management, process management, API usage, dynamically linked libraries and much more. All week long we compare and contrast these components to alternative operating systems such as: Solaris, Unix, Linux, and Mac OS. After attending this course students will be fully equipped with the fundamentals of Operating System elements and how they are all interconnected.

Course Details:

  • 70% Labs, 30% Lecture using real-world network attack captures
  • Laptops are provided during the class
  • Students receive USB Flash drives of all student labs

Objectives

Attending students will learn:

  • User and Group Credentials and Light Security Topics
  • File Management, Memory Management, Process Management
  • Networking Management
  • Command Shell Tools and Techniques
  • Processor Fundamentals and Sharing
  • Windows API, Windows Registry, and Dynamically Linked Libraries
  • Unix / Linux Shared Objects

Prerequisites

You should possess knowledge of the following:

  • Attending students should have a thorough understanding of Microsoft Windows
  • Experience with VMWare software although not required would be beneficial

Who Should Attend

  • CNO Analyst who have just started a CNO career
  • Exploitation Analysts needing operating system knowledge before attending exploitation courses
  • Novice Malware Analysts requiring a thorough understanding of how operating systems work

Outline

Operating Systems Overview

  • Definition
  • Roles and Objectives
    • Layers of Computer Systems
    • OS Services
    • User Interface
    • Resource Management
  • Basic Concepts
    • Interrupts
    • Input and Output
      • Synchronous
      • Asynchronous
    • Storage Mediums
    • Caching
  • Evolution
    • Serial Processing
    • Simple Batch Systems
    • Multi-programmed Batch Systems
    • Time-Sharing Systems
  • Kernel Designs
    • Kernel Definition and Responsibilities
    • Monolithic Design
    • Microkernel Design
    • Mode Bit (User vs. Kernel Mode)
    • Context Switching
  • Achievements
    • Memory Management Schemes
    • Execution Contexts
    • Information Protection and Security
    • Scheduling and Resource Management
    • Modular Structures
  • Modern O/Ss
    • Multi-threading
    • Symmetric Multi-Processing
    • Distributed OS
    • Object Oriented Designs
    • Windows OS
    • Architecture
    • Layout
    • Unix OS
    • Architecture
    • Layout

Processes and Threads

  • Process Creation and Termination Events
  • Process Models and States
    • Two State, Five State, Seven State Models
    • Blocked and Ready Queues
    • Suspended Processes
  • Processes and Resources
    • Process Image
    • Process Control Block
  • Context Switching
  • Process Control
  • OS Execution
  • Process versus Thread
  • Threading Benefits
  • Thread Operations
    • User Level Threads
    • Kernel Level Threads
  • Thread Implementation

Processor Scheduling

  • Reasons for Processor Scheduling
    • Response Time
    • Throughput
    • Processor Efficiency
  • Types of Scheduling
    • Short Term Scheduling
    • Medium Term Scheduling
    • Long Term Scheduling
  • Scheduling Models
    • Preemptive
    • Non-Preemptive
  • Scheduling Algorithms
    • FCFS First Come First Served
    • Round Robin
    • Shortest Process Next
    • Shortest Remaining Time
    • Highest Response Ratio Next
    • Feedback
    • Fair Share Scheduling
  • Traditional Windows Scheduling
  • Traditional Unix Scheduling
  • Multiprocessor Scheduling

Processor Deadlock

  • Deadlock Definition
    • Consumable versus Reusable Resources
  • Conditions for Deadlock
    • Mutual Exclusion
    • Hold and Wait
    • No Preemption
    • Circular Wait
  • Deadlock Prevention
    • Indirect Method
    • Direct Method
  • Deadlock Avoidance
    • Process Initiation Denial
    • Resource Allocation Denial
  • Deadlock Detection

Input / Output

  • I/O Devices
    • Human Readable
    • Machine Readable
    • Communication
  • I/O Techniques
    • Programmed IO (PIO)
    • Interrupt Driven IO
    • Direct Memory Access (DMA)
  • OS Design Issues for I/O
  • I/O Buffering
    • Block Oriented versus Stream Oriented
    • Buffer Types
  • Disk Scheduling
    • First-In-First-Out
    • Shortest-Service-Time-First
    • SCAN, C-SCAN policies
  • RAID
    • Raid 0, 1, 2,3,4,5,6,10, 50, and 0+1
  • Disk Cache

Memory Management

  • Memory Management Overview
    • Real versus Virtual Memory
    • Why do Memory Management
    • Memory Management Requirements
      • Relocation
      • Protection
      • Sharing
      • Logical Organization
      • Physical Organization
    • Address Binding
    • MMU
    • Relocation Register
    • Dynamic Loading
    • Dynamic Linking
    • Overlays
    • Memory Fragmentation
  • Memory Management Techniques
    • Fixed Partitioning
    • Dynamic Partitioning
    • Buddy System
    • Simple Paging
    • Simple Segmentation
    • Virtual Memory
  • Swapping
  • Replacement Policies
    • Optimal
    • Least Recently Used
    • FIFO
    • Clock Policy
  • Translation Look-Aside Buffer
  • Page Size Theory
  • Page Cleaning Policies
  • Unix Memory Management
    • Linux Page Directory
    • Clock Policy
    • 2 Handed Clock Policy
  • Windows Memory Management
    • Paging
    • Available
    • Reserved
    • Committed

File Management Systems

  • File Types and Hierarchy (Record, Field, Data, Text)
  • File Operations
    • Copy, Move, List, Print, Load, Store, etc
  • File Directories
  • Logical View versus Physical View
  • File Access Methods
    • Sequential versus Random Access
    • Indexed Access
  • Physical File Storage
    • Contiguous
    • Non-contiguous
      • Linked
      • Indexed
    • Microsoft Dos FAT 12, 16, 32
    • Microsoft NTFS
    • Unix I-Nodes
  • Free Space Management
    • Bit Map Method
    • Linked List Method
  • Secondary Storage
    • Tape
    • CD-Rom and DVD-Rom
  • Tree Structures
    • Acyclic Directory Structures
    • Cycles
  • Hard Links versus Soft Links in Unix
  • Network File Access
    • FTP
    • NetBios / SMB
    • CIFS, SAMBA
    • NFS
  • Unix file protection bits
    • Owner, Group, Everyone protection bit masks

Security and Protection

  • Password Protection
    • Unix Shadow File
    • Windows SAM File
  • Threats to the OS
    • Trojan Horse, Back Doors, Worms, Viruses, Buffer Overflows, Boot Sector Viruses, Worms
  • Cryptography add-ons
  • Unix Security
    • Inet-D
    • NIS
    • NIS+
    • PAMs
  • Windows XP Security
    • User Accounts
    • Security Tokens
    • Executive Security Reference Monitor
    • Networking Domains
  • Windows Vista Security
    • Services Hardening
    • Windows Defender
    • IE 7, 8
    • Vista Firewall
    • Network Access Protection
    • Consent Prompting
    • Trusted Computing Module Support
    • Bit-Locker

Student Practical Demonstration:

      Students are given 47 tasks to complete using the knowledge, skills, and abilities taught from the 4 days of class.

 

    Areas challenged in Windows, Linux, Unix, and MAC include:
    • Process and Thread Management
    • Input / Output statistics
    • Memory Management observation and research
    • File and Directory Operations using the Command Shell
    • Reviewing Disk Allocation
    • User and Group Administration

Lab Outline

  • Day 1
    • Observing the User Mode / Kernel Mode Switch
    • VMWare and Operating System Familiarization
    • Observing Threads in Microsoft Word
    • Viewing and Modifying Processes and Threads in Windows, Linux, Solaris and Mac OS
  • Day 2
    • Processor Scheduling Worksheet
    • Visualizing Process Starvation
    • Adjusting Process Priorities in Windows and Linux
    • Observing Processor Deadlock
    • Simulating Processor Deadlock and Manual Intervention
    • Windows System Information Tool
    • Input / Output Worksheet
  • Day 3
    • Visually Observing Windows Memory Mapping
    • Windows Pre-Fetch Lab
    • Windows and Linux Page Fault Monitoring
    • Watching Windows Memory Management in Action
    • Watching Linux Memory Management in Action
  • Day 4
    • File and Directory Operations through the Command Shell (Windows and Unix)
    • Windows Alternate Data Streams
    • Dumping the Windows NTFS Master File Table
    • Observing and Navigating Windows Hard Disk Clusters
    • Linux I-Nodes
    • Windows and Unix User / Group Administration
    Day 5 Student Practical Demonstration:
        Students are given 47 tasks to complete using the knowledge, skills, and abilities taught from the 4 days of class.

      Areas challenged in Windows, Linux, Unix, and MAC include:
      • Process and Thread Management
      • Input / Output statistics
      • Memory Management observation and research
      • File and Directory Operations using the Command Shell
      • Reviewing Disk Allocation
      • User and Group Administration