Loading...

Monday, November 28, 2011

Windows Admin Interview Questions


WINDOWS ADMIN INTERVIEW QUESTIONS

1.    Describe how the DHCP lease is obtained. It’s a four-step process consisting of (a) IP request, (b) IP offer, (c) IP selection and (d) acknowledgement.
2.    I can’t seem to access the Internet, don’t have any access to the corporate network and on ipconfig my address is 169.254.*.*. What happened? The 169.254.*.* netmask is assigned to Windows machines running 98/2000/XP if the DHCP server is not available. The name for the technology is APIPA (Automatic Private Internet Protocol Addressing).
3.    We’ve installed a new Windows-based DHCP server, however, the users do not seem to be getting DHCP leases off of it. The server must be authorized first with the Active Directory.
4.    How can you force the client to give up the dhcp lease if you have access to the client PC? ipconfig /release
5.    What authentication options do Windows 2000 Servers have for remote clients? PAP, SPAP, CHAP, MS-CHAP and EAP.
6.    What are the networking protocol options for the Windows clients if for some reason you do not want to use TCP/IP? NWLink (Novell), NetBEUI, AppleTalk (Apple).
7.    What is data link layer in the OSI reference model responsible for? Data link layer is located above the physical layer, but below the network layer. Taking raw data bits and packaging them into frames. The network layer will be responsible for addressing the frames, while the physical layer is responsible for retrieving and sending raw data bits.
8.    What is binding order? The order by which the network protocols are used for client-server communications. The most frequently used protocols should be at the top.
9.    How do cryptography-based keys ensure the validity of data transferred across the network?  Each IP packet is assigned a checksum, so if the checksums do not match on both receiving and transmitting ends, the data was modified or corrupted.
10. Should we deploy IPSEC-based security or certificate-based security? They are really two different technologies. IPSec secures the TCP/IP communication and protects the integrity of the packets. Certificate-based security ensures the validity of authenticated clients and servers.
11. What is LMHOSTS file? It’s a file stored on a host machine that is used to resolve NetBIOS to specific IP addresses.
12. What’s the difference between forward lookup and reverse lookup in DNS? Forward lookup is name-to-address; the reverse lookup is address-to-name.
13. How can you recover a file encrypted using EFS? Use the domain recovery agent.

 

IIS QUESTIONS

This came in the mail from the reader who recently went through a job interview process. He didn’t mention the company name.
1.            How would you remotely administer IIS?
2.            What is RAID? What is it used for?
3.            How would you go about securing IIS and MS-SQL Server?

 

WINDOWS 2000 ADMINISTRATION QUESTIONS

1.            Explain hidden shares. Hidden or administrative shares are share names with a dollar sign ($) appended to their names. Administrative shares are usually created automatically for the root of each drive letter. They do not display in the network browse list.
2.            How do the permissions work in Windows 2000? What permissions does folder inherit from the parent? When you combine NTFS permissions based on users and their group memberships, the least restrictive permissions take precedence. However, explicit Deny entries always override Allow entries.
3.            Why can’t I encrypt a compressed file on Windows 2000? You can either compress it or encrypt it, but not both.
4.            If I rename an account, what must I do to make sure the renamed account has the same permissions as the original one? Nothing, it’s all maintained automatically.
5.            What’s the most powerful group on a Windows system? Administrators.
6.            What are the accessibility features in Windows 2000? StickyKeys, FilterKeys Narrator, Magnifier, and On-Screen Keyboard.
7.            Why can’t I get to the Fax Service Management console? You can only see it if a fax had been installed.
8.            What do I need to ensure before deploying an application via a Group Policy? Make sure it’s either an MSI file, or contains a ZAP file for Group Policy.
9.            How do you configure mandatory profiles? Rename ntuser.dat to ntuser.man
10.         I can’t get multiple displays to work in Windows 2000. Multiple displays have to use peripheral connection interface (PCI) or Accelerated Graphics Port (AGP) port devices to work properly with Windows 2000.
11.         What’s a maximum number of processors Win2k supports? 2
12.         I had some NTFS volumes under my Windows NT installation. What happened to NTFS after Win 2k installation? It got upgraded to NTFS 5.
13.         How do you convert a drive from FAT/FAT32 to NTFS from the command line? convert c: /fs:ntfs
14.         Explain APIPA. Auto Private IP Addressing (APIPA) takes effect on Windows 2000 Professional computers if no DHCP server can be contacted. APIPA assigns the computer an IP address within the range of 169.254.0.0 through 169.254.255.254 with a subnet mask of 255.255.0.0.
15.         How does Internet Connection Sharing work on Windows 2000? Internet Connection Sharing (ICS) uses the DHCP Allocator service to assign dynamic IP addresses to clients on the LAN within the range of 192.168.0.2 through 192.168.0.254. In addition, the DNS Proxy service becomes enabled when you implement ICS.

WHAT ARE THE DIFFERENCE IN WINDOWS NT SERVER, 2000SERVER AND 2003 SERVER AND NOW WIN SERVER2008
NT SAM database is a flat database. Where as in windows 2000 active directory database is a hierarchical database.
In Windows NT only PDC is having writable copy of SAM database but the BDC is only read only database. In case of
Windows 2000 both DC and ADC is having write copy of the database
Windows NT will not support FAT32 file system. Windows 2000 supports FAT32
Default authentication protocol in NT is NTLM (NT LAN manager). In windows 2000 default authentication protocol is Kerberos V5.
Windows 2000 depends and Integrated with DNS. NT user NetBIOS names
Active Directory can be backed up easily with System state data
Application Server mode is introduced in windows 2003
Possible to configure stub zones in windows 2003 DNS
Volume shadow copy services is introduced
Windows 2003 gives an option to replicate DNS data b/w all DNS servers in forest or All DNS servers in the domain.
PDC contains a write copy of SAM database where as BDC contains read only copy of SAM database. It is not possible to reset a password or create objects with out PDC in Windows NT.
There is no difference between in DC and ADC both contains write copy of AD. Both can also handles FSMO roles (If transfers from DC to ADC). It is just for identification.
Functionality wise there is no difference windows 2008 is fully script based software with more group policies and permissions win 2000 domain name can't change. But in 2003 server we can change.
In 2003 we can able to add more than 220 group policy but in 2000 it not possible.

54 SCREENING QUESTIONS FOR WINDOWS ADMIN
1.            What is Active Directory?
2.            What is LDAP?
3.            Can you connect Active Directory to other 3rd-party Directory Services? Name a few options.
4.            Where is the AD database held? What other folders are related to AD?
5.            What is the SYSVOL folder?
6.            Name the AD NCs and replication issues for each NC
7.            What are application partitions? When do I use them
8.            How do you create a new application partition
9.            How do you view replication properties for AD partitions and DCs?
10.         What is the Global Catalog?
11.         How do you view all the GCs in the forest?
12.         Why not make all DCs in a large forest as GCs?
13.         Trying to look at the Schema, how can I do that?
14.         What are the Support Tools? Why do I need them?
15.         What is LDP? What is REPLMON? What is ADSIEDIT? What is NETDOM? What is REPADMIN?
16.         What are sites? What are they used for?
17.         What’s the difference between a site link’s schedule and interval?
18.         What is the KCC?
19.         What is the ISTG? Who has that role by default?
20.         What are the requirements for installing AD on a new server?
21.         What can you do to promote a server to DC if you’re in a remote location with slow WAN link?
22.         How can you forcibly remove AD from a server, and what do you do later? • Can I get user passwords from the AD database?
23.         What tool would I use to try to grab security related packets from the wire?
24.         Name some OU design considerations.
25.         What is tombstone lifetime attribute?
26.         What do you do to install a new Windows 2003 DC in a Windows 2000 AD?
27.         What do you do to install a new Windows 2003 R2 DC in a Windows 2003 AD?
28.         How would you find all users that have not logged on since last month?
29.         What are the DS* commands?
30.         What’s the difference between LDIFDE and CSVDE? Usage considerations?
31.         What are the FSMO roles? Who has them by default? What happens when each one fails?
32.         What FSMO placement considerations do you know of?
33.         I want to look at the RID allocation table for a DC. What do I do?
34.         What’s the difference between transferring a FSMO role and seizing one? Which one should you NOT seize? Why?
35.         How do you configure a “stand-by operation master” for any of the roles?
36.         How do you backup AD?
37.         How do you restore AD?
38.         How do you change the DS Restore admin password?
39.         Why can’t you restore a DC that was backed up 4 months ago?
40.         What are GPOs?
41.         What is the order in which GPOs are applied?
42.         Name a few benefits of using GPMC.
43.         What are the GPC and the GPT? Where can I find them?
44.         What are GPO links? What special things can I do to them?
45.         What can I do to prevent inheritance from above?
46.         How can I override blocking of inheritance?
47.         How can you determine what GPO was and was not applied for a user? Name a few ways to do that.
48.         A user claims he did not receive a GPO, yet his user and computer accounts are in the right OU, and everyone else there gets the GPO. What will you look for?
49.         Name a few differences in Vista GPOs
50.         Name some GPO settings in the computer and user parts.
51.         What are administrative templates?
52.         What’s the difference between software publishing and assigning?
53.         Can I deploy non-MSI software with GPO?
54.         You want to standardize the desktop environments (wallpaper, My Documents, Start menu, printers etc.) on the computers in one department. How would you do that?

 

29 RESPONSES TO “54 SCREENING QUESTIONS FOR WINDOWS ADMIN”

Que.: What is Active Directory?
Ans. Active Directory is a Meta Data. Active Directory is a data base which stores a data base like your user information, computer information and also other network object info. It has capabilities to manage and administer the complete Network which connect with AD.
Que.: What is the Global Catalog?
Ans.: Global Catalog is a server which maintains the information about multiple domains with trust relationship agreement.
Que: What is Active Directory?
Ans: Active Directory service is an extensible and scalable directory service that enables you to manage network resources efficiently.
Q01: What is Active Directory?
Ans: Active Directory is directory service that stores information about objects on a network and makes this information available to users and network administrators.
Active Directory gives network users access to permitted resources anywhere on the network using a single logon process.
It provides network administrators with an intuitive, hierarchical view of the network and a single point of administration
3for all network objects.
Q; What is active directory?
Ans: active directory is a domain controller which is use to authenticate and administrate the group of computer, user, server etc. remotely. All the policies and security will be applicable on the client machine which one is join the domain. And all this policies and security is defined in active directory.
Q2: What is LDAP?
Ans2: LDAP (light weight directory access protocol) is an internet protocol which Email and other services is used to look up information from the server.
Q 18: What is KCC?
Ans 18: KCC (knowledge consistency checker) is used to generate replication topology for inter site replication and for intrasite replication. With in site replication traffic are done via remote procedure calls over ip, while between sites it is done through either RPC or SMTP.
Q 10: What is Global Catalog Server?
The global catalog is a distributed data repository that contains a searchable, partial representation of every object in every domain in a multidomain Active Directory forest. The global catalog is stored on domain controllers that have been designated as global catalog servers and is distributed through multimaster replication. Searches that are directed to the global catalog are faster because they do not involve referrals to different domain controllers.
Q; What is active directory?
Active directory is a domain controller which is use to authenticate and administrate the group of computer, user, server etc. remotely. All the policies and security will be applicable on the client machine which one is join the domain. And all this policies and security is defined in active directory.
Q 4: Where is the AD database held? What other folders are related to AD?
A 4: The AD data base is store in NTDS.DIT file
Q 5:  What is the SYSVOL folder?
A 5; The sysVOL folder stores the server’s copy of the domain’s public files. The contents such as group policy, users etc of the sysvol folder are replicated to all domain controllers in the domain.
Q 19: What is the ISTG? Who has that role by default?
A 19: Windows 2000 Domain controllers each create Active Directory Replication connection objects representing inbound replication from intra-site replication partners. For inter-site replication, one domain controller per site has the responsibility of evaluating the inter-site replication topology and creating Active Directory Replication Connection objects for appropriate bridgehead servers within its site. The domain controller in each site that owns this role is referred to as the Inter-Site Topology Generator (ISTG).
Q: 15 What is LDP? What is REPLMON? What is ADSIEDIT? What is NETDOM? What is REPADMIN?
A 15: LDP: Label Distribution Protocol (LDP) is often used to establish MPLS LSPs when traffic engineering is not required. It establishes LSPs that follow the existing IP routing, and is particularly well suited for establishing a full mesh of LSPs between all of the routers on the network.

Replmon: Replmon displays information about Active Directory Replication.
ADSIEDIT: ADSIEdit is a Microsoft Management Console (MMC) snap-in that acts as a low-level editor for Active Directory. It is a Graphical User Interface (GUI) tool. Network administrators can use it for common administrative tasks such as adding, deleting, and moving objects with a directory service. The attributes for each object can be edited or deleted by using this tool. ADSIEdit uses the ADSI application programming interfaces (APIs) to access Active Directory. The following are the required files for using this tool: ADSIEDIT.DLL
ADSIEDIT.MSCNETDOM: NETDOM is a command-line tool that allows management of Windows domains and trust relationships. It is used for batch management of trusts, joining computers to domains, verifying trusts, and secure channels.
REPADMIN:
This command-line tool assists administrators in diagnosing replication problems between Windows domain controllers. Administrators can use Repadmin to view the replication topology (sometimes referred to as RepsFrom and RepsTo) as seen from the perspective of each domain controller. In addition, Repadmin can be used to manually create the replication topology (although in normal practice this should not be necessary), to force replication events between domain controllers, and to view both the replication metadata and up-to-datedness vectors.
Q 36: How to take the backup of AD?
A 36 : for taking backup of active directory you have to do this :
first go to START -> PROGRAM ->ACCESORIES -> SYSTEM TOOLS -> BACKUP
when the backup screen is flash then take the backup of SYSTEM STATE it will take the backup of all the necessary information about the system including AD backup , DNS ETC.
Q 37: how to restore the AD?
A 37: For this do the same as above in the question 36 but in place of backup you select the restore option and restore the system state.
Q 19: What is the ISTG? Who has that role by default?
A 19: Inter-Site Topology Generator (istg) is responsible for managing the inbound replication connection objects for all bridgehead servers in the site in which it is located. This domain controller is known as the Inter-Site Topology Generator (ISTG). The domain controller holding this role may not necessarily also is a bridgehead server.
Q 29: What are the DS* commands A 29: You really are spoilt for choice when it comes to scripting tools for creating Active Directory objects.  In addition to CSVDE, LDIFDE and VBScript, we now have the following DS commands: the da family built in utility DSmod - modify Active Directory attributesDSrm - to delete Active Directory objectsDSmove - to relocate objectsDSadd - create new accountsDSquery - to find objects that match your query attributesDSget - list the properties of an object
Q 30 :What’s the difference between LDIFDE and CSVDE? Usage considerations?
A 30 : CSVDE is a command that can be used to import and export objects to and from the AD into a CSV-formatted file. A CSV (Comma Separated Value) file is a file easily readable in Excel. I will not go to length into this powerful command, but I will show you some basic samples of how to import a large number of users into your AD. Of course, as with the DSADD command, CSVDE can do more than just import users. Consult your help file for more info.
Like CSVDE, LDIFDE is a command that can be used to import and export objects to and from the AD into a LDIF-formatted file. A LDIF (LDAP Data Interchange Format) file is a file easily readable in any text editor, however it is not readable in programs like Excel. The major difference between CSVDE and LDIFDE (besides the file format) is the fact that LDIFDE can be used to edit and delete existing AD objects (not just users), while CSVDE can only import and export objects.
Q 25 : What is tombstone lifetime attribute?
A 25 : The number of days before a deleted object is removed from the directory services. This assists in removing objects from replicated servers and preventing restores from reintroducing a deleted object. This value is in the Directory Service object in the configuration NIC.
You want to standardize the desktop environments (wallpaper, My Documents, Start menu, printers etc.) on the computers in one department. How would you do that? How it is possibal
 (20)What are the requirements for installing AD on a new server?
Ans:1)The Domain structure2)The Domain Name3)storage location of the database and log file4)Location of the shared system volume folder5)DNS config Methode6)DNS configuration
7. What are application partitions? When do I use them.
Ans: AN application diretcory partition is a directory partition that is replicated only to specific domain controller.Only domain controller running windows Server 2003 can host a replica of application directory partition.
Using an application directory partition provides redundany,availabiltiy or fault tolerance by replicating data to specific domain controller pr any set of domain controllers anywhere in the forest
Q:You want to standardize the desktop environments (wallpaper, My Documents, Start menu, printers etc.) on the computers in one department. How would you do that? How it is possibal.
Ans:Login on client as Domain Admin user change whatever you need add printers etc go to system-User profiles copy this user profile to any location by select Everyone in permitted to use after copy change ntuser.dat to ntuser.man and assgin this path under user profile
Q. 8. How do you create a new application partition
ANS:Use the DnsCmd command to create an application directory partition. To do this, use the following syntax:
DnsCmd ServerName /CreateDirectoryPartition FQDN of partition
Global catalog provides a central repository of domain information for the forest by storing partial replicas of all domain directory partitions. These partial replicas are distributed by multimaster replication to all global catalog servers in a forest.
Its also used in universal global membership.
How do you view all the GCs in the forest?
Ans: C:\>repadmin /showreps <domain_controller>
where domain_controller is the DC you want to query to determine whether it’s a GC. The output will include the text DSA Options: IS_GC if the DC is a GC. . . .
Trying to look at the Schema, how can I do that
Ans: type “adsiedit.msc” in run or command prompt
Q. Can you connect Active Directory to other 3rd-party Directory Services? Name a few options.
Ans. Yes, you can use dirXML or LDAP to connect to other directories In Novell you can use E-directory

PAGE FILE AND VIRTUAL MEMORY
Page File Is Storage Space For The Virtual Memory, Page File Uses Hard Disk Space As a Memory To Provide Memory Allocation..
DIFFERENCE BETWEEN DNS IN WINDOWS2000 & WINDOWS2003
We can rename or moved the domain name without rebulding in windows 2003 server,but in windows 2000 server, we can't do that.
Shadow copy feature available in windows2003 server but not in windows2000 server.A new tools to recover files.
There are 220 new group polices are added in windows2003 server over windows2000 server.
In windows2000 server support maximum 10 users access shared folders at a time through network, but windows2003 server no limitation.
Windows 2003 server includes IIS in it.

1.            Describe how the DHCP lease is obtained.
It’s a four-step process consisting of (a) IP request, (b) IP offer, © IP selection and (d) acknowledgement.
2.            I can’t seem to access the Internet, don’t have any access to the corporate network and on ipconfig my address is 169.254.*.*. What happened?
The 169.254.*.* netmask is assigned to Windows machines running 98/2000/XP if the DHCP server is not available. The name for the technology is APIPA (Automatic Private Internet Protocol Addressing).
3.            We’ve installed a new Windows-based DHCP server, however, the users do not seem to be getting DHCP leases off of it. The server must be authorized first with the Active Directory.
4.            How can you force the client to give up the dhcp lease if you have access to the client PC?
ipconfig /release
5.            What authentication options do Windows 2000 Servers have for remote clients?
PAP, SPAP, CHAP, MS-CHAP and EAP.
6.            What are the networking protocol options for the Windows clients if for some reason you do not want to use TCP/IP? NWLink (Novell), NetBEUI, AppleTalk (Apple).
7.            What is data link layer in the OSI reference model responsible for? Data link layer is located above the physical layer, but below the network layer.
Taking raw data bits and packaging them into frames. The network layer will be responsible for addressing the frames, while the physical layer is reponsible for retrieving and sending raw data bits.
8.            What is binding order?
The order by which the network protocols are used for client-server communications. The most frequently used protocols should be at the top.
9.            How do cryptography-based keys ensure the validity of data transferred across the network?
Each IP packet is assigned a checksum, so if the checksums do not match on both receiving and transmitting ends, the data was modified or corrupted.
10.         Should we deploy IPSEC-based security or certificate-based security?
They are really two different technologies. IPSec secures the TCP/IP communication and protects the integrity of the packets. Certificate-based security ensures the validity of authenticated clients and servers.
11.         What is LMHOSTS file?
It’s a file stored on a host machine that is used to resolve NetBIOS to specific IP addresses.
12.         What’s the difference between forward lookup and reverse lookup in DNS?
Forward lookup is name-to-address, the reverse lookup is address-to-name.
13.         How can you recover a file encrypted using EFS?
Use the domain recovery agent.

1.            How do you double-boot a Win 2003 server box? The Boot.ini file is set as read-only, system, and hidden to prevent unwanted editing. To change the Boot.ini timeout and default settings, use the System option in Control Panel from the Advanced tab and select Startup.
2.            What do you do if earlier application doesn’t run on Windows Server 2003? When an application that ran on an earlier legacy version of Windows cannot be loaded during the setup function or if it later malfunctions, you must run the compatibility mode function. This is accomplished by right-clicking the application or setup program and selecting Properties –> Compatibility –> selecting the previously supported operating system.
3.             If you uninstall Windows Server 2003, which operating systems can you revert to? Win ME, Win 98, 2000, XP. Note, however, that you cannot upgrade from ME and 98 to Windows Server 2003.
4.            How do you get to Internet Firewall settings? Start –> Control Panel –> Network and Internet Connections –> Network Connections.
5.            What are the Windows Server 2003 keyboard shortcuts? Winkey opens or closes the Start menu. Winkey + BREAK displays the System Properties dialog box. Winkey + TAB moves the focus to the next application in the taskbar. Winkey + SHIFT + TAB moves the focus to the previous application in the taskbar. Winkey + B moves the focus to the notification area. Winkey + D shows the desktop. Winkey + E opens Windows Explorer showing My Computer. Winkey + F opens the Search panel. Winkey + CTRL + F opens the Search panel with Search for Computers module selected. Winkey + F1 opens Help. Winkey + M minimizes all. Winkey + SHIFT+ M undoes minimization. Winkey + R opens Run dialog. Winkey + U opens the Utility Manager. Winkey + L locks the computer.
6.            What is Active Directory? Active Directory is a network-based object store and service that locates and manages resources, and makes these resources available to authorized users and groups. An underlying principle of the Active Directory is that everything is considered an object—people, servers, workstations, printers, documents, and devices. Each object has certain attributes and its own security access control list (ACL).
7.            Where are the Windows NT Primary Domain Controller (PDC) and its Backup Domain Controller (BDC) in Server 2003? The Active Directory replaces them. Now all domain controllers share a multimaster peer-to-peer read and write relationship that hosts copies of the Active Directory.
8.            How long does it take for security changes to be replicated among the domain controllers? Security-related modifications are replicated within a site immediately. These changes include account and individual user lockout policies, changes to password policies, changes to computer account passwords, and modifications to the Local Security Authority (LSA).
9.            What’s new in Windows Server 2003 regarding the DNS management? When DC promotion occurs with an existing forest, the Active Directory Installation Wizard contacts an existing DC to update the directory and replicate from the DC the required portions of the directory. If the wizard fails to locate a DC, it performs debugging and reports what caused the failure and how to fix the problem. In order to be located on a network, every DC must register in DNS DC locator DNS records. The Active Directory Installation Wizard verifies a proper configuration of the DNS infrastructure. All DNS configuration debugging and reporting activity is done with the Active Directory Installation Wizard.
10.         When should you create a forest? Organizations that operate on radically different bases may require separate trees with distinct namespaces. Unique trade or brand names often give rise to separate DNS identities. Organizations merge or are acquired and naming continuity is desired. Organizations form partnerships and joint ventures. While access to common resources is desired, a separately defined tree can enforce more direct administrative and security restrictions.
11.         How can you authenticate between forests? Four types of authentication are used across forests: (1) Kerberos and NTLM network logon for remote access to a server in another forest; (2) Kerberos and NTLM interactive logon for physical logon outside the user’s home forest; (3) Kerberos delegation to N-tier application in another forest; and (4) user principal name (UPN) credentials
12.         What snap-in administrative tools are available for Active Directory? Active Directory Domains and Trusts Manager, Active Directory Sites and Services Manager, Active Directory Users and Group Manager, Active Directory Replication (optional, available from the Resource Kit), Active Directory Schema Manager (optional, available from adminpak)
13.         What types of classes exist in Windows Server 2003 Active Directory?
1.                            Structural class. The structural class is important to the system administrator in that it is the only type from which new Active Directory objects are created. Structural classes are developed from either the modification of an existing structural type or the use of one or more abstract classes.
2.                            Abstract class. Abstract classes are so named because they take the form of templates that actually create other templates (abstracts) and structural and auxiliary classes. Think of abstract classes as frameworks for the defining objects.
3.                            Auxiliary class. The auxiliary class is a list of attributes. Rather than apply numerous attributes when creating a structural class, it provides a streamlined alternative by applying a combination of attributes with a single include action.
4.                            88 class. The 88 class includes object classes defined prior to 1993, when the 1988 X.500 specification was adopted. This type does not use the structural, abstract, and auxiliary definitions, nor is it in common use for the development of objects in Windows Server 2003 environments.
14.         How do you delete a lingering object? Windows Server 2003 provides a command called Repadmin that provides the ability to delete lingering objects in the Active Directory.
15.         What is Global Catalog? The Global Catalog authenticates network user logons and fields inquiries about objects across a forest or tree. Every domain has at least one GC that is hosted on a domain controller. In Windows 2000, there was typically one GC on every site in order to prevent user logon failures across the network.
16.         How is user account security established in Windows Server 2003? When an account is created, it is given a unique access number known as a security identifier (SID). Every group to which the user belongs has an associated SID. The user and related group SIDs together form the user account’s security token, which determines access levels to objects throughout the system and network. SIDs from the security token are mapped to the access control list (ACL) of any object the user attempts to access.
17.         If I delete a user and then create a new account with the same username and password, would the SID and permissions stay the same? No. If you delete a user account and attempt to recreate it with the same user name and password, the SID will be different.
18.         What do you do with secure sign-ons in an organization with many roaming users? Credential Management feature of Windows Server 2003 provides a consistent single sign-on experience for users. This can be useful for roaming users who move between computer systems. The Credential Management feature provides a secure store of user credentials that includes passwords and X.509 certificates.
19.         Anything special you should do when adding a user that has a Mac? “Save password as encrypted clear text” must be selected on User Properties Account Tab Options, since the Macs only store their passwords that way.
20.         What remote access options does Windows Server 2003 support? Dial-in, VPN, dial-in with callback.
21.         Where are the documents and settings for the roaming profile stored? All the documents and environmental settings for the roaming user are stored locally on the system, and, when the user logs off, all changes to the locally stored profile are copied to the shared server folder. Therefore, the first time a roaming user logs on to a new system the logon process may take some time, depending on how large his profile folder is.
22.         Where are the settings for all the users stored on a given machine? \Document and Settings\All Users
23.         What languages can you use for log-on scripts? JavaScipt, VBScript, DOS batch files (.com, .bat, or even .exe)
24.         What’s the difference between local, global and universal groups? Domain local groups assign access permissions to global domain groups for local domain resources. Global groups provide access to resources in other trusted domains. Universal groups grant access to resources in all trusted domains.
25.         I am trying to create a new universal user group. Why can’t I? Universal groups are allowed only in native-mode Windows Server 2003 environments. Native mode requires that all domain controllers be promoted to Windows Server 2003 Active Directory.
26.         What is LSDOU? It’s group policy inheritance model, where the policies are applied to Local machines, Sites, Domains and Organizational Units.
27.         Why doesn’t LSDOU work under Windows NT? If the NTConfig.pol file exist, it has the highest priority among the numerous policies.
28.         Where are group policies stored? %SystemRoot%System32\GroupPolicy
29.         What is GPT and GPC? Group policy template and group policy container.
30.         Where is GPT stored? %SystemRoot%\SYSVOL\sysvol\domainname\Policies\GUID
31.         You change the group policies, and now the computer and user settings are in conflict. Which one has the highest priority? The computer settings take priority.
32.         You want to set up remote installation procedure, but do not want the user to gain access over it. What do you do? gponame–> User Configuration–> Windows Settings–> Remote Installation Services–> Choice Options is your friend.
33.         What’s contained in administrative template conf.adm? Microsoft NetMeeting policies
34.         How can you restrict running certain applications on a machine? Via group policy, security settings for the group, then Software Restriction Policies.
35.         You need to automatically install an app, but MSI file is not available. What do you do? A .zap text file can be used to add applications using the Software Installer, rather than the Windows Installer.
36.         What’s the difference between Software Installer and Windows Installer? The former has fewer privileges and will probably require user intervention. Plus, it uses .zap files.
37.         What can be restricted on Windows Server 2003 that wasn’t there in previous products? Group Policy in Windows Server 2003 determines a users right to modify network and dial-up TCP/IP properties. Users may be selectively restricted from modifying their IP address and other network configuration parameters.
38.         How frequently is the client policy refreshed? 90 minutes give or take.
39.         Where is secedit? It’s now gpupdate.
40.         You want to create a new group policy but do not wish to inherit. Make sure you check Block inheritance among the options when creating the policy.
41.         What is “tattooing” the Registry? The user can view and modify user preferences that are not stored in maintained portions of the Registry. If the group policy is removed or changed, the user preference will persist in the Registry.
42.         How do you fight tattooing in NT/2000 installations? You can’t.
43.         How do you fight tattooing in 2003 installations? User Configuration - Administrative Templates - System - Group Policy - enable - Enforce Show Policies Only.

WHAT IS THE DIFFERENCE BETWEEN X86 AND I386 COMPUTER
X86 Is A Hardware Architecture Used By Intel Based CPU's While I386 Is The File Folder Resides In Windows Installation CD, Contains All The Necessary Windows Installation Files.
x86 refers to a popular set of instructions most commonly used in processors from Intel, AMD, VIA, and others.  It usually implies a binary compatibility with the 32-bit instruction set of the 80386 (a.k.a. i386).

i386 (as eluded to above) is the common name for the Intel386 (or 80386) based PCs.  It is sometimes emphasized as x86-32 (for 32-bit) and x86-64 (also called x64 - for 64-bit).

INTERRUPT "TRAP" WHAT IS THIS TRAP?
There are two hinderances to a process. Interrupt and trap.
Interrupt is when the process needs some I/O services whereas trap occurs due to some fault or exception in the code.
How does multithreading take place on a computer with a single CPU
The operating system's task scheduler allocates execution time to multiple tasks. Byquickly switching between executing tasks, it creates the impression that tasks executesequentially.
By quickly switching among executing tasks, it creates the impression that the tasks execute simultaneously. If it didn't switch among the tasks, they would execute sequentially.
multi-threading has two forms, theory and reality. In theory, multi-threading is suppose to be the same as "multi-tasking" which means do two different task at the same time. Not possible on a single CPU unless you consider GPU and ALU which generally we do not (consider them). In reality, multi-threading does more than create an illusion, it allows computers to shut down a program in infinite loop by creating another thread so CPU executes one iteration of the loop, switch to the kill thread and terminates the loop. Multi-tasking was suppose to do that but not as well handled.
Hyperthreading processors have more than one execution units but only one processor core, thats how multiple tasks are performed simultaneously
what is the difference between blocking and waiting state of process ?
I think blocking state of a process is that state when it reaches to that state cannot be regained, but in case of wating state it can go in blocked state or go in running state again. Overall blocked state will be starvation state of a process.
A "waiting" process has been loaded into main memory and is waiting execution on a CPU.
When a process is "blocked" on a resource (such as a file, a semaphore or a device), it will be removed from the CPU (as a blocked process cannot continue execution) and will be in the blocked state.
A blocking state is the state in which the process is waiting for some operation to get completed.It can be an I/O operaion,or some Inter-Process-communication. The process can not execute furthur without these signals.
A waiting state is the state in which the process is ready to run but the processor is not idle.
When the operation on the blocked process complete, it will move in to the waiting state.
A process is said to be in waiting state when it is queuing in the main memory for its turn to be executed. Whereas, the process enters a blocked state in case of any interrupt or due to unavailability of resources. If it is no more in execution for a long time , it is swapped out of main memory and called back when the requested resource is available.
Important point: A process cannot enter running state from blocked state. The process first has to go to the waiting state and then to running state.
I hope that answers the question.
WHAT IS SUPERSCOP?
A superscope is an administrative feature of DHCP servers running Windows Server 2003 that you can create and manage through the DHCP console. Using a superscope, you can group multiple scopes as a single administrative entity. With this feature, a DHCP server can:
Support DHCP clients on a single physical network segment (such as a single Ethernet LAN segment) where multiple logical IP networks are used. When more than one logical IP network is used on each physical subnet or network, such configurations are often called multinets.
Support remote DHCP clients located on the far side of DHCP and BOOTP relay agents (where the network on the far side of the relay agent uses multinets).

9 comments:

  1. Thanks a lot it was very handy and informative

    ReplyDelete
  2. really it is a very good data thanks alot,

    ReplyDelete
  3. Nice Collection..but Updates are required. i mean 2008 R2,2012

    ReplyDelete
  4. Very informative . it would be more usefull if there are any scenario based troubleshooting steps . Like if we get any error on server how to troubleshoot them.....

    ReplyDelete
  5. For TOP interview Q&A visit www.techiebird.com

    ReplyDelete
  6. It is genuinely unpredictable to analyze benefits of all endorsements as there are numerous classes yet we can't deny their importance in the relevant field of work. A vast part of the specialists are harmonized on the essentialness of being affirmed without any mistrust as it opens entryway towards triumph as it is not conceivable to click here enter to prestigious associations accepting that you are not Certified with your pertinent seller. Despite the most essential issue comes as an essential concern how to get accomplishment in these affirmations as none of them is so basic, consequently we have to profit benefits by a master teacher who could guide us, and astounding study material is likewise required. For this, we will prescribe you to get superb study material from Theexamcollection that will verify.

    ReplyDelete