This course is targeted at kernel software developers, support engineers and software QA engineers who have to regularly debug Windows kernel mode software.
It starts with the foundations required to be effective at kernel debugging like kernel internals concepts, key data structures used by drivers and debugger commands to examine the state and health of the system.
It then dives into various techniques and strategies that can be applied to perform triaging, fault isolation, analysis and root causing of crashes and hangs caused by kernel mode drivers.
Every topic in the course is accompanied by hands-on labs that involve extensive usage of the WinDBG/KD as well as other WDK tools.
These hands-on labs provide attendees with real life experience of live kernel debugging as well as crash and hang dump analysis.
NOTE : This course focuses on debugging kernel mode security software and does not cover debugging of hardware device drivers.
Attendees must have a solid understanding of operating system concepts and have a working knowledge of Windows.
This course does not require any programming knowledge.
Being able to use the kernel debugger effectively is critical to kernel mode software development.
The objective of this section is to learn about the kernel debugger, debugging symbols and debugger usage.
The objective of this section to discuss the architecture of the Windows kernel, key kernel mode components and core system mechanisms that are critical to kernel mode security software.
The objective of this section is to learn about the different synchronization primitives available in the Windows kernel, their usage scenarios and the advantages and disadvantages of each of them.
This objective of this section is to understand how the Windows kernel performs memory management for applications as well as for drivers.
This objective of this section is to understand how the Windows kernel dispatches I/O requests to device drivers, how device drivers handle I/O requests and the various data structures that are involved in processing I/O.
The objective of this section is to learn about the Windows kernel module development terminology, environment and the tool chain.