The diagram below depicts the general architecture of the Windows operating syst
ID: 3876536 • Letter: T
Question
The diagram below depicts the general architecture of the Windows operating system Describe the purpose of four of the components shown in the diagram below Explain the difference between User Mode and Kernel Mode and discuss how these modes contribute to enhancing the operating system's security User Applications Win32 Subsystem User Mode System Win32 AP (Kernel32 dll,User32.dl,GD32.dll) Session Manager WinLogon Environment Functions NTOLL.DLL User Mode Kernel Mode Executive Services Kernel Mode System Process System Services Win32K SYS VO Manage Runtime Process Library Thread Manager Manager Functions Manager Cache Manager and ODject Digital File Systenn Kernel Hardware Device Drivers Graphics Hardware Abstraction Layer (HAL) Device DriversExplanation / Answer
1st Question :
Executive Services : Contains the base operating system services, such as memory management, process and thread management, security, I/O, and interprocess communication.
User Applications : An application, or an app is a type of software that allows you to perform specific tasks.When you open an application, it runs inside the operating system until you close it. Most of the time, you will have more than one application open at the same time, which is known as multi-tasking.It Can be one of five types: Win32, Posix, OS/2, Windows 3.1, or MSDOS.
User Mode System Processes :
It provide services such as the logon process, the session manager and the event logger.
Win 32 Sub System :
The Win32 environment subsystem can run 32-bit Windows applications. It contains the console as well as text window support, shutdown and hard-error handling for all other environment subsystems. It also supports Virtual DOS Machines (VDMs), which allow MS-DOS and 16-bit Windows (Win16) applications to run on Windows NT.
2nd Question :
User mode : mode where all user programs execute. It does not have access to RAM and hardware. The reason for this is because if all programs ran in kernel mode, they would be able to overwrite each other’s memory. If it needs to access any of these features , it makes a call to the underlying API. Each process started by windows except of system process runs in user mode.
Kernel mode : mode where all kernel programs execute (different drivers). It has access to every resource and underlying hardware. Any CPU instruction can be executed and every memory address can be accessed. This mode is reserved for drivers which operate on the lowest level.
The switch from user mode to kernel mode is not done automatically by CPU. CPU is interrupted by interrupts (timers, keyboard, I/O). When interrupt occurs, CPU stops executing the current running program, switch to kernel mode, executes interrupt handler. This handler saves the state of CPU, performs its operations, restore the state and returns to user mode.