Module 5 bulk Flashcards
when Windows first boots up, what is the first non-kernel and user mode that starts up?
the Session Manager Subsystem, smss.exe
what is the smss.exe process in charge of?
some stuff that gets the OS to work. initializing the system environment, setting up system variables, starting core processes like winlogon.exe and csrss.exe.
what starts winlogon.exe?
smss.exe
what is the client server runtime subystem process in charge of?
csrss.exe is in charge of the GUI and command line console.
what process does Linux use as the first process?
Init
what does each new process in Windows need to tell the operating system that a new process needs to be made?
a parent
what do child processes in Windows inherit from parents?
variables, settings: environment
can linux processes operate independently of their parents?
no
what happens if you kill a parent process in Windows?
the child keeps running
how do you stop a process from running in Windows if you are most users?
click the x in the GUI
what command prompt utility can you use to end tasks in Windows? to find and end them.
taskkill
what is a common way to use taskkill to end tasks in Windows?
use an identification number.
what is PID?
process identification number
what is the format for taskkill to use PID to kill the task that you want to kill?
taskkill /pid PID#
how do you find the PID of a process you want to kill in Task Manager?
Task manager, by doing ctrl+alt+del and selecting task manager, and going to the details tab.
what is image name?
the exe name and extension without the file path to the exe. the name of the executable file.
in taskkill, what does “”“/s <computer””” specify?
the name or IP address of a remote computer. the default is the local computer
in taskkill, what does “”“/u <domain> \<username>""" do?</username></domain>
runs the command with the account permissions of the user who is specified by the username or by the domain/username. can be specified only if /s is specified. the default is permissions of the user who is logged into the computer issuing the command.
with taskkill, what does “”“/p <password>""" specify?</password>
the password of the user account that is specified in the /u parameter
in taskkill, what does /fi do?
applies a filter to select a set of tasks. can use * to specify all tasks or image names.
what does /pid do in taskkill?
specifies the process ID of the process to be terminated
what does /f do in taskkill?
specifies that processes by forcefully ended. Parameter is ignored for remote processes. all remote processes are forcefully ended.
what does /t do in taskkill?
ends the specified process and any child processes it started.
what does it mean for processes to have a parent child relationship?
the processes that are launched come from other processes. Linux.
in this command, what process is the parent process?
less /etc/some_file | grep Hello
the less command is the parent process to the grep process.
what is the PID of init?
1
what is the parent process of all other processes in Linux?
init
what happens when we finish processes in Linux?
they will terminate automatically and release all the resources they were using so they can be used for other processes.
what is one main difference between Windows and Linux processes?
the Linux processes cannot operate independently of parent processes (they have a parent-child relationship), and Windows processes can operate independently.
when we execute a program, what do we launch?
a process.
what type of process is a daemon process?
a background process.
what is the name of the process that starts up other processes needed to boot a Linux OS?
Init
what process in Windows OS handles running the GUI and command line console?
csrss.exe?
what can I think of processes as?
codes in motion
what runs process codes stored on the hard drive?
the OS.
what is the usual way of seeing process information on Windows?
taskmgr.exe
what key combo opens task mgr?
ctrl+shift+esc
what do you see in processes tab of task manager:
processes user is running and that the system is running.
what do the process manager page columns tell you?
what apps are running, user who launched it, CPU used, memory used, disk used,
how to kill a process in task manager
select the process, hit end task button in low right corner
where is the pid in task manger?
details menu.
what utility in command prompt shows all running processes? with pid and all.
tasklist.
what command in PowerShell will get a list of processes and their pids?
Get-Process
what does Get-Process do by default without parameters?
get all processes on the local computer.
what command can be used to view process in linux?
ps
what happens if you run ps -x?
system shows a snapshot of current processes running.
in ps, what is the terminal associated with a process?
TTY column
what column is the process status in Linux ps -x?
stat.
what do the letters mean in STAT?
R: running.
T: stopped
S: interruptible sleep
what does R mean in Linux for a process status?
running or waiting to run
stopped, suspended,
what does s mean in process status Linux?
task is waiting for an event to complete before it resumes.
what is the TIME column in ps -x?
the total cpu time the process has taken up
what is the command column in ps -x?
the name of the command we’re running.
what is the ps -ef command? Linux. what is -e used for? what is -f used for/
-e is used to get all processes, even from other users, -f is for full details about a process.
what is UID in linux? ps -ef
user id of the person who launched the process.
what is ppid in ps -ef?
the parent ID.
in ps -ef, what is C?
the number of children processes
in ps -ef, what is S?
the start time of the process
in ps -ef, what is TTY?
the terminal associated with the process
in ps -ef, what is TIME?
the total CPU time the process has taken up.
what is cmd in ps -ef?
the name of the command we are running
how can you find processes in the ps command?
grep
how do you use grep to find Chrome in the list of processes?
”"”ps -ef | grep Chrome”””
how do you view the files that correspond to processes?
ls -l /proc
how do you look at a process status? subdirectory
cat /proc/<pid>/status</pid>
what is the best command to use to look at processes and troubleshoot them?
ps -ef
what does ps do according to man?
report a snapshot of the current processes
what does ps do by default?
selects all processes with the same effective user ID as the current user and associated with the same terminal as the invoker.
what is BSD in Linux?
a family of os derived from berkeley unix. openbsd, freebsd, netbsd, dragonflybsd. not linux. haha. sorry.
what do you use in Windows to tell a process to quit at the system level?
a signal
what is a way to tell a process something has happened?
signal
how can you generate a signal?
with special characters on your keyboard, and other processes and software
what is one of the most common signals?
sigint
what does sigint stand for?
signal interrupt
what key combination can you use to send a signal to a process? in the command line
ctrl -c
what do signal names start with in Linux?
sig
in linux, what does sig int do? by default
interrupt a process, terminate the process that is interrupted. with ctrl -c
what does ctrl c show up as in the linux terminal?
^C, sometimes
what process management tool lets you restart or pause processes in Windows?
Process Explorer
what is a utility that Microsoft created to let IT support specialists, system admin, and other users look at running processes?
Process Explorer
what does process explorer show you when you first open it up?
a view of the currently active processes in the top window pane., list of files a selected process is using in the bottom window pane.
why do you want to see files a process is using?
so you can figure out what processes use a file, or if you want to see what a process is doing and how it works.
how do you use ctrl -f in process explorer?
to find stuff. may also use binocular button
how do you find notepad in process explorer?
ctrl f, notepad.exe
what does mui stand for?
multilingual user interface
where is notepad.exe nested?
under command.exe if it was a child of command.exe. the process explorer lists parent processes.
what happens if you right click on a process?
you get a list of options you can use to manage it.
what does kill process tree do?
kill the process and all of its descendants
what does restart do in process explorer?
stop and start the process again.
when you restart a process from the process explorer, what will the parent process be?
procexp.exe (process explorer)
what does the suspend option in process explorer do?
you can use it to suspend the process and maybe continue it later.
why would you suspend a process?
you can debug it, make it so it doesn’t consume the resources it did when it was active.
how can you resume a suspended process?
right click in process explorer on the process, click resume
what happens if you kill the csrss.exe process?
the session will be forcibly terminated, but not only that, you can really damage your computer.
in other words… this sounds like it would be funny. I kinda wanna do it. haha.
how do you run process explorer?
in the search bar next to the windows start menu, search procexe.exe
what is dll?
dynamic link library. the executable file in Windows that many programs can share to complete tasks.
what is dgbhelp.dll?
a dynamic link library that’s part of the Debug Help Library. dbg: debug. small programs larger programs can load when they need to analyse information about a file or running process.
what is sigterm?
termination signal
what does the kill command do without any flags?
sends a sigterm, termination signal, which will kill the process, while also giving it time to clean up the resources it was using.
what happens if you don’t give a process the opportunity to clean the files it is working on?
killing it can cause file corruption.
how do you use the kill command to kill a process in the command line?
””” kill <pid#> “”””
what is the sigkill signal?
a signal to kill processes with fire. haha.
what does sig term do?
tells process it can stop
what does sigkill do?
tells process it is time to die!!!
Kills without giving time to clean up.
what is the flag you add to the kill command which sends the SIGKILL signal?
-KILL “”” kill -KILL <pid> """</pid>
when do you use kill -KILL?
as a last resort to terminate a process
what signal can you send to put a process on pause?
send the SIGTSTP signal, the terminal stop signal. kill -TSTP pid#
what does -TSTP do?
with the kill command in the command line, it puts the process in suspension.
what do you run to see the status of processes?
ps -x
what keyboard combination sends the sigtstp signal?
ctrl z
what signal resumes execution of a process?
SIGCONT, kill -CONT
can you see a list of running processes in mobile devices?
no
what manages details of processes in android?
OS
How can you manage running mobile apps in Android?
how do you check which apps are running in iOS and Android?
open the app switcher.
what do you call apps you are using?
foreground appswha
what do you call apps you are not using that are running?
background
what happens with background apps?
basically, the OS will suspend them as soon as it can, as much as it can.
what will the OS of a mobile device occasionally do to a background app that is suspended?
wake it to allow it to do some work.
what happens when you are on the home screen of your device?
all of the apps are backgrounded. to save battery.
what apps can slow the device down and use up more battery?
apps that can’t be suspended because they work in the background or that are frozen.
what do you need to do with apps that misbehave?
close or uninstall them.
how do you close apps in a mobile device?
swipe up on it from the app switcher screen
what is one way you can troubleshoot a device for apps that are slowing it down?
close apps and test which ones are affecting the device. start with the one that is currently being used to see if that helps. Work backward through time, and work one app at a time to isolate. You should not have to do this often.
what does the app switcher order show?
the most recently used to least recently used apps
when do you have to close an app for performance reasons?
the app is misbehaving.
what often uses more battery:
opening and closing an app
leaving an app open and running
opening and closing an app
what can you do if you discover a misbehaving app?
reset it by clearing its cache.
what do you do if your device is still sluggish after you close all of the apps?
restart the device
what happens if restarting the device is only a temporary fix for your issues?
dig deeper.
what can you see in battery health? (settings, battery, more, battery usage)
how fast battery has been used since last charge, which apps use the most battery
what can it mean if an app is using tons of battery?
it may not be working as it should or it may need a lot of battery to work.
how do you force an app to close in apple?
if unresponsive, go to app switcher, swipe up, kills process.
how to get to app switcher in iOS?
swipe up from bottom, hold, swipe left, right, tap app you want.
what kind of process does almost every android application run in?
its own Linux process
what is an application process’s memory determined by in Android?
the system, using a combination of the parts of the application that the system knows are running, how important they are, and how much system memory is available.
what can result in the system killing the application’s process while it is doing important work?
not using activity, service, and broadcastreceiver correctly
what kind of android process is required for what a user is currently doing?
foreground process
when are foreground processes killed?
if there is a bug with the BroadCast Receiver or another aspect, or if the memory is so low that not even these processes can run. Happens if the memory reaches a memory paging state, and process killing is then vital to keep the user interface responsive.
what kind of process is doing work a user is currently aware of, so killing it has a noticeable negative impact on user experience?
visible process
what kind of process can have activity visible to the user on-screen, but is not in the foreground? if the activity is displayed as a dialog that lets the previous activity be seen behind, for example.
visible process
what kind of process on a mobile device might be hosting a service the user is aware of, like a live wallpaper or input method service?
visible process
when are visible processes killed?
if doing so will keep foreground processes running.
what is process that holds a service which is not directly visible, but is generally doing things the user cares about like background network data upload or download?
service process.
when are service processes demoted?
if they have been running a long time
what can you do with service processes to allow them to run in a scheduled manner?
schedule through the AlarmManager
what kind of process is not currently needed, so the system can kill it at will when resources from it are needed elsewhere?
a cached process
what are the only processes normally killed in a normally behaving mobile device?
cached processes
when does a system kill all cached processes and start killing service processes?
critical situations
what should cached state apps do?
cease all work.
when can a process’ priority be increased?
if a process is bound to a higher process, it is classified as being as important as it is. Also, the process’ importance will be determined by the importance priority of its components to the user.
what is the amount of time a device runs before it needs to be recharged?
battery life
what is the amount of time a battery lasts until it needs to be replaced?
battery lifespan
how should an iPhone be stored?
at half charge when long-term stored, in room temp, out of direct sun exposure
what does it mean when your iPhone battery life starts decreasing?
the battery’s chemical age is diminishing the amount of charge it can hold.
what can happen when a battery in an iPhone chemically ages?
diminished charge hold, diminished performance, battery impedance
when can you temporarily increase an old battery’s impedance, making it provide insufficient power?
get it in a low charge, in the cold.
what happens when power is pulled from a battery with a higher level of impedance?
the voltage of the battery will drop to a greater degree
what happens when operations in a mobile device can’t be supported by the battery, due to a high level of impedance?
it will shut down to preserve the electrical components, which can seem unexpected.
when can a user get unexpected shutdowns related to battery?
low charge, high chemical age, colder temps
what will extreme performance management by an iPhone system sometimes look like?
long app launch time, low frame rate, dim backlight, low speaker volume, disabled flash, refreshing apps need reloaded on launch.
what is not affected by iPhone performance management?
cellular call quality, networking throughput performance, photo and video quality, GPS, Location accuracy, gyroscope, accelerometer, barometer, apple pay.
when are performance-management changes temporary for apple?
low battery state and cold temps
how do you improve device performance issues caused by chemical age?
replace the battery
what happens to device battery capacity when it ages?
gets smaller.
can you use a non-genuine apple battery for an iPhone?
yes. hah. But it will yell at you if you try to check battery health.
how do you look at system resources in Windows?
resource monitoring tool
where can you launch resource monitoring from?
start menu
what do you see in resource monitoring?
5 tabs of info. Overview of resources on the system, and information about resources. Process monitor info, data about resources consumed by processes,
where can you see resource monitoring information in process monitor?
right click on a process, properties, performance graph
what do you see in performance graph in process management process properties?
CPU, memory (private bytes), disk (i/O)
how do you get resource monitoring info in PowerShell?
Get-Process.
what do you get if you run Get-Process without options?
get information for each running process on system.
what is NPM(K)?
amount of non-paged memory the process is using in Kilobytes.
in Get-Process, how do you display only the top three processes using the most CPU?
Get-Process | Sort CPU -descending | Select -first 3 -Property ID,ProcessName,CPU
