CIS 527

Lab 1 - Windows 10 Processes & Services

Process

• Any Program being Executed is a Process
• Processes Can Have Multiple Threads of Execution
• Consumes System Resources (RAM, CPU Time)

Process Information

• PID - Process Identifier
• Memory Usage
• Image Path - Location of Executable File
• Command Line - Options and Flags
• Ports - Networking Information
• Description

Service

• Program that Runs in the Background
• Managed by the Operating System, not the User
• Performs Important Functions Automatically
• Consumes System Resources

Pseudo Accounts

• LocalSystem - System-Level Tasks & Services
• LocalService - Fewer Permissions than LocalSystem
• NetworkService - Fewer Permissions than LocalService, but has Network Access

Service Host Process

svchost.exe

• Host Process for Many Services
• Conserve System Resources
• Targeted by Malware & Viruses

Next: Installing Software