Download Course Flyer

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
Document related concepts
no text concepts found
Transcript 
UNDERSTANDING
OPERATING
SYSTEMS
UNDERSTANDING OPERATING SYSTEMS
LEARN HOW MODERN OPERATING SYSTEMS WORK.
Have you ever wondered what’s under the hood of a modern operating system? How does it work? How can I
make it better? What components are vulnerable to attacks? All of these questions and more can be answered
in our O/S Fundamentals class. This class gives you a firm understanding of the latest Operating Systems used
worldwide as well as advanced information that will help you immensely in our Malware and Exploitation courses.
Starting with the Microsoft O/S we teach registry management, memory management, process management, API
usage, dynamically linked libraries and much more. All week long we compare and contrast these components
to alternative operating systems such as: Solaris, Unix, Linux, and Mac OS. After attending this course students
will be fully equipped with the fundamentals of Operating System elements and how they are all interconnected.
ATTENDING STUDENTS WILL LEARN:
• User and Group Credentials and Light
Security Topics
• File Management, Memory Management,
Process Management
• Networking Management
• Command Shell Tools and Techniques
• Processor Fundamentals and Sharing
• Windows API, Windows Registry, and
Dynamically Linked Libraries
• Unix / Linux Shared Objects
WHO SHOULD ATTEND:
• CNO Analyst who have just started a
CNO career
• Exploitation Analysts needing operating
system knowledge before attending
exploitation courses
• Novice Malware Analysts requiring a
thorough understanding of how operating
systems work
COURSE DETAILS:
•
•
•
•
5 Days M-F
70% Labs, 30% Lecture teaching style
Laptops are provided during the class
Student will receive a link to download
student materials after the course
PREREQUISITES:
• Attending students should have a
thorough understanding of Microsoft
Windows
• Experience with VMWare software
although not required would be beneficial
COURSES THAT FOLLOW OPERATING
SYSTEM FUNDAMENTALS:
• Operating System Intrusion Analysis
• Windows Internals
DAY 1 AGENDA
OPERATING SYSTEMS OVERVIEW
•
•
•
•
•
•
•
•
•
Definition
Roles and Objectives
– Layers of Computer Systems
– OS Services
– User Interface
– Resource Management
Basic Concepts
– Interrupts
– Input and Output
Synchronous
Asynchronous
– Storage Mediums
– Caching
Evolution
– Serial Processing
– Simple Batch Systems
– Multi-programmed Batch Systems
– Time-Sharing Systems
Kernel Designs
– Kernel Definition and Responsibilities
– Monolithic Design
– Microkernel Design
– Mode Bit (User vs. Kernel Mode)
– Context Switching
Achievements
– Memory Management Schemes
– Execution Contexts
– Information Protection and Security
– Scheduling and Resource
Management
– Modular Structures
Modern O/S’s
– Multi-threading
– Symmetric Multi-Processing
– Distributed OS
– Object Oriented Designs
– Windows OS
– Architecture
– Layout
– Unix OS
– Architecture
– Layout
PROCESSES AND THREADS
• Process Creation and Termination Events
• Process Models and States
– Two State, Five State, Seven State Models
– Blocked and Ready Queues
– Suspended Processes
• Processes and Resources
– Process Image
– Process Control Block
• Context Switching
• Process Control
• OS Execution
• Process versus Thread
• Threading Benefits
• Thread Operations
– User Level Threads
– Kernel Level Threads
• Thread Implementation
DAY 2 AGENDA
PROCESSOR SCHEDULING
•
•
•
•
•
•
•
Reasons for Processor Scheduling
– Response Time
– Throughput
– Processor Efficiency
Types of Scheduling
– Short Term Scheduling
– Medium Term Scheduling
– Long Term Scheduling
Scheduling Models
– Preemptive
– Non-Preemptive
Scheduling Algorithms
– FCFS First Come First Served
– Round Robin
– Shortest Process Next
– Shortest Remaining Time
– Highest Response Ratio Next
– Feedback
– Fair Share Scheduling
Traditional Windows Scheduling
Traditional Unix Scheduling
Multiprocessor Scheduling
PROCESSOR DEADLOCK
•
•
•
•
•
Deadlock Definition
– Consumable versus Reusable
Resources
Conditions for Deadlock
– Mutual Exclusion
– Hold and Wait
– No Preemption
– Circular Wait
Deadlock Prevention
– Indirect Method
– Direct Method
Deadlock Avoidance
– Process Initiation Denial
– Resource Allocation Denial
Deadlock Detection
INPUT / OUTPUT
•
•
•
•
•
•
•
I/O Devices
– Human Readable
– Machine Readable
– Communication
I/O Techniques
– Programmed IO (PIO)
– Interrupt Driven IO
– Direct Memory Access (DMA)
OS Design Issues for I/O
I/O Buffering
– Block Oriented versus Stream
Oriented
– Buffer Types
Disk Scheduling
– First-In-First-Out
– Shortest-Service-Time-First
– SCAN, C-SCAN policies
RAID
– Raid 0, 1, 2,3,4,5,6,10, 50, and 0+1
Disk Cache
DAY 3 AGENDA
MEMORY MANAGEMENT
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Memory Management Overview
– Real versus Virtual Memory
– Why do Memory Management
– Memory Management Requirements
Relocation
Protection
Sharing
Logical Organization
Physical Organization
– Address Binding
– MMU
– Relocation Register
– Dynamic Loading
– Dynamic Linking
– Overlays
– Memory Fragmentation
Memory Management Techniques
– Fixed Partitioning
– Dynamic Partitioning
– Buddy System
– Simple Paging
– Simple Segmentation
– Virtual Memory
Swapping
Replacement Policies
– Optimal
– Least Recently Used
– FIFO
– Clock Policy
Translation Look-Aside Buffer
Page Size Theory
Page Cleaning Policies
Unix Memory Management
– Linux Page Directory
– Clock Policy
– 2 Handed Clock Policy
Windows Memory Management
– Paging
– Available
– Reserved
– Committed
DAY 4 AGENDA
FILE MANAGEMENT SYSTEMS
• File Types and Hierarchy (Record, Field, Data, Text)
• File Operations
– Copy, Move, List, Print, Load, Store, etc
• File Directories
• Logical View versus Physical View
• File Access Methods
– Sequential versus Random Access
– Indexed Access
• Physical File Storage
– Contiguous
– Non-contiguous
• Linked
• Indexed
– Microsoft Dos FAT 12, 16, 32
– Microsoft NTFS
– Unix I-Nodes
• Free Space Management
– Bit Map Method
– Linked List Method
• Secondary Storage
– Tape
– CD-Rom and DVD-Rom
• Tree Structures
– Acyaclic Directory Structures
– Cycles
• Hard Links versus Soft Links in Unix
• Network File Access
– FTP
– NetBios / SMB
– CIFS, SAMBA
– NFS
• Unix file protection bits
– Owner, Group, Everyone protection bit masks
Security and Protection
• Password Protection
– Unix Shadow File – Windows SAM File
DAY 5 AGENDA
DAY 4 AGENDA CONTINUED
• Threats to the OS
– Trojan Horse, Back Doors, Worms, Viruses,
• Buffer Overflows, Boot Sector Viruses, Worms Cryptography add-ons
• Unix Security
– Inet-D
– NIS
– NIS+
– PAM’s
• Windows XP Security
– User Accounts
– Security Tokens
– Executive Security Reference Monitor – Networking Domains
• Windows Vista Security
– Services Hardening
– Windows Defender
– IE 7, 8
– Vista Firewall
– Network Access Protection
– Consent Prompting
– Trusted Computing Module Support – Bit-Locker
STUDENT PRACTICAL DEMONSTRATION:
Students are given 47 tasks to complete using the
knowledge, skills, and abilities taught from the 4 days
of class. Areas challenged in Windows, Linux, Unix, and
MAC include:
•
•
•
•
Process and Thread Management
Input / Output statistics
Memory Management observation and research
File and Directory Operations using the
Command Shell
• Reviewing Disk Allocation
• User and Group Administration
COURSE LABS
Day 1
– Observing the User Mode / Kernel Mode Switch
– VMWare and Operating System Familiarization
– Observing Threads in Microsoft Word
– Viewing and Modifying Processes and Threads in Win dows, Linux, Solaris and Mac OS
Day 2
– Processor Scheduling Worksheet
– Visualizing Process Starvation
– Adjusting Process Priorities in Windows and Linux
– Observing Processor Deadlock
– Simulating Processor Deadlock and Manual Intervention
– Windows System Information Tool
– Input / Output Worksheet
Day 3
Day 4
– Visually Observing Windows Memory Mapping
– Windows Pre-Fetch Lab
– Windows and Linux Page Fault Monitoring
– Watching Windows Memory Management in Action
– Watching Linux Memory Management in Action
– File and Directory Operations through the Command Shell
(Windows and Unix)
– Windows Alternate Data Streams
– Dumping the Windows NTFS Master File Table
– Observing and Navigating Windows Hard Disk Clusters
– Linux I-Nodes
– Windows and Unix User / Group Administration
www.focal-point.com
Toll free: (800)-969-7770
Related documents